directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSTUDIO-1015) Question about the closing of TLS connection in Apache Directory Studio
Date Thu, 26 Feb 2015 14:10:04 GMT

    [ https://issues.apache.org/jira/browse/DIRSTUDIO-1015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14338418#comment-14338418
] 

Emmanuel Lecharny commented on DIRSTUDIO-1015:
----------------------------------------------

You can close the TLS connection without closing the underlying connection, and send some
more (uncrypted) requests. You can also brutally close the whole connection, which will close
the TLS connection :

https://www.ietf.org/rfc/rfc2830.txt

" 4.2.  Abrupt Closure

   Either the client or server MAY abruptly close the entire LDAP
   association and any TLS connection established on it by dropping the
   underlying TCP connection. A server MAY beforehand send the client a
   Notice of Disconnection [LDAPv3] in this case."

One more thing : the default for Studio is not to use JNDI. We default to the LDAP API.


> Question about the closing of TLS connection in Apache Directory Studio
> -----------------------------------------------------------------------
>
>                 Key: DIRSTUDIO-1015
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1015
>             Project: Directory Studio
>          Issue Type: Question
>            Reporter: alexander todorov
>
> Hi, 
> I am looking in the sources of Apache Directory Studio and I have a question.
> In the class 
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper
> I see that in the method disconnect, the connection is closed only by invoking of context.close()
(context is of type InitialLdapContext).
> My question is:
> In case of using of StartTLS  extension why don’t you call StartTlsResponse.close()
prior to context.close() ? 
> StartTlsResponse.close() sends the TLS alert -  close_notify.
> Is it safe not to call StartTlsResponse.close() ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message