directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DIRAPI-173) When using TLS and multiple binds, LdapNetworkConnection attempts to start TLS multiple times
Date Mon, 20 Jan 2014 16:55:29 GMT

     [ https://issues.apache.org/jira/browse/DIRAPI-173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kiran Ayyagari resolved DIRAPI-173.
-----------------------------------

       Resolution: Fixed
    Fix Version/s: 1.0.0-M21
         Assignee: Kiran Ayyagari

Applied a different fix than the one in the proposed patch cause connect() method is independent
of bind().
See http://svn.apache.org/r1559772

> When using TLS and multiple binds, LdapNetworkConnection attempts to start TLS multiple
times
> ---------------------------------------------------------------------------------------------
>
>                 Key: DIRAPI-173
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-173
>             Project: Directory Client API
>          Issue Type: Bug
>    Affects Versions: 1.0.0-M20
>         Environment: OpenLDAP 2.4.28
>            Reporter: David Carr
>            Assignee: Kiran Ayyagari
>             Fix For: 1.0.0-M21
>
>         Attachments: DIRAPI-173.patch
>
>
> As per RFC 4511, it's valid to send multiple bind requests in a session to change authentication.
 However, this doesn't appear to be working for me when connecting to OpenLDAP with TLS enabled.
> http://tools.ietf.org/html/rfc4511#section-4.2.1
> To reproduce, create a LdapConnectionConfig with useTls set to true, create a LdapNetworkConnection
using this config, and bind multiple times.  Each bind will result in startTls being called.
> In my environment, this results in an exception:
> {code}
> ERROR [2014-01-13 16:19:15,132] com.yammer.dropwizard.jersey.LoggingExceptionMapper:
Error handling a request: 9d18293abdadfe2a
> ! org.apache.directory.api.ldap.model.exception.LdapOperationException: TLS already started
> ! at org.apache.directory.ldap.client.api.LdapNetworkConnection.startTls(LdapNetworkConnection.java:3678)
~[vault-shadow.jar:0.1.0]
> ! at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1161)
~[vault-shadow.jar:0.1.0]
> ! at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076)
~[vault-shadow.jar:0.1.0]
> ! at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:121)
~[vault-shadow.jar:0.1.0]
> ! at org.apache.directory.ldap.client.api.LdapConnection$bind.call(Unknown Source) ~[na:na]
> ...
> {code}



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message