[jira] [Updated] (DIRAPI-173) When using TLS and multiple binds, LdapNetworkConnection attempts to start TLS multiple times

Mon, 13 Jan 2014 09:50:05 -0800 

     [ 
https://issues.apache.org/jira/browse/DIRAPI-173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

David Carr updated DIRAPI-173:
------------------------------

    Attachment: DIRAPI-173.patch

Attached patch appears to fix the issue for me.  It moves the startTls call 
from bindAsync (which is called for each bind) to the end of connect (which is 
only reached if it's actually necessary to initialize a new connection).

> When using TLS and multiple binds, LdapNetworkConnection attempts to start 
> TLS multiple times
> ---------------------------------------------------------------------------------------------
>
>                 Key: DIRAPI-173
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-173
>             Project: Directory Client API
>          Issue Type: Bug
>    Affects Versions: 1.0.0-M20
>         Environment: OpenLDAP 2.4.28
>            Reporter: David Carr
>         Attachments: DIRAPI-173.patch
>
>
> As per RFC 4511, it's valid to send multiple bind requests in a session to 
> change authentication.  However, this doesn't appear to be working for me 
> when connecting to OpenLDAP with TLS enabled.
> http://tools.ietf.org/html/rfc4511#section-4.2.1
> To reproduce, create a LdapConnectionConfig with useTls set to true, create a 
> LdapNetworkConnection using this config, and bind multiple times.  Each bind 
> will result in startTls being called.
> In my environment, this results in an exception:
> {code}
> ERROR [2014-01-13 16:19:15,132] 
> com.yammer.dropwizard.jersey.LoggingExceptionMapper: Error handling a 
> request: 9d18293abdadfe2a
> ! org.apache.directory.api.ldap.model.exception.LdapOperationException: TLS 
> already started
> ! at 
> org.apache.directory.ldap.client.api.LdapNetworkConnection.startTls(LdapNetworkConnection.java:3678)
>  ~[vault-shadow.jar:0.1.0]
> ! at 
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1161)
>  ~[vault-shadow.jar:0.1.0]
> ! at 
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076)
>  ~[vault-shadow.jar:0.1.0]
> ! at 
> org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:121)
>  ~[vault-shadow.jar:0.1.0]
> ! at org.apache.directory.ldap.client.api.LdapConnection$bind.call(Unknown 
> Source) ~[na:na]
> ...
> {code}



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to