You fix looks good. Thanks.
On 02/03/2010 01:03, Max (Weijun) Wang wrote: > Hi Vinnie > > Turns out it's not related to LDAP at all. Just a small coding error, already > confirmed by customer. Please take a review: > > http://cr.openjdk.java.net/~weijun/6923681/webrev.00 > > Bug is: > > http://bugs.sun.com/view_bug.do?bug_id=6923681 > > No reg test. Trivial code update. > > Why hasn't Findbugs noticed it? > > Thanks > Max > > On Feb 9, 2010, at 5:32 PM, Vincent Ryan wrote: > >> This is an interesting one Max. Our LDAP provider already supports LDAP >> server >> discovery (ldap:///). Do you have the offending certificates? >> >> >> On 09/02/2010 09:12, [email protected] wrote: >>> >>> *Change Request ID*: 6923681 >>> >>> *Synopsis*: Jarsigner crashes during timestamping >>> >>> === *Description* >>> ============================================================ >>> FULL PRODUCT VERSION : >>> java version "1.6.0_18" >>> Java(TM) SE Runtime Environment (build 1.6.0_18-b07) >>> Java HotSpot(TM) Client VM (build 16.0-b13, mixed mode, sharing) >>> >>> ADDITIONAL OS VERSION INFORMATION : >>> Microsoft Windows XP [Version 5.1.2600] >>> >>> A DESCRIPTION OF THE PROBLEM : >>> When timestamping a java-jar, the jarsigner crashes with a >>> NullPointerexception. >>> >>> The issuing CA of the TSA-certificate has multiple revocation list >>> distribution points. Two of the distribution points start with ldap and do >>> not contain servernames >>> >>> URL=ldap:///CN=MY-CA,CN=AAAAAA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=ad,DC=oenb,DC=co,DC=at?certificateRevocationList?base?objectClass=cRLDistributionPoint. >>> >>> We assume that the absence of the servername is the reason for jarsigner to >>> crash with the null-pointer exception. >>> >>> This is the Windows default behaviour when creating certificates. >>> >>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>> Create a Microsoft Windows CA, which has ldap distribution points but no >>> servernames listed. >>> >>> Issue a timestamping-certificate from this windows ca. Then try to >>> timestamp some jar with this server. >>> >>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>> EXPECTED - >>> jarsigner should handle the revocation list distribution points correctly. >>> If at least one distribution point can be reached (like >>> http://xxxx/xxx.crl, the jar should be timestamped correctly. >>> ACTUAL - >>> jarsigner crashes. >>> >>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>> jarsigner error: java.lang.NullPointerException >>> >>> REPRODUCIBILITY : >>> This bug can be reproduced always. >>> >>> ---------- BEGIN SOURCE ---------- >>> n/a, just timestamp an arbitrary jar using jarsigned >>> ---------- END SOURCE ---------- >>> >>> CUSTOMER SUBMITTED WORKAROUND : >>> create an AD-CA that includes servernames in all revocation list >>> distribution points >>> >>> *** (#1 of 1): 2010-02-05 09:31:33 GMT+00:00 [email protected] >
