You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Chris Trobridge (JIRA)" <ji...@apache.org> on 2008/03/12 17:52:46 UTC
[jira] Created: (DIRSERVER-1146) Requests of usercertificate;binary
are not supported
Requests of usercertificate;binary are not supported
----------------------------------------------------
Key: DIRSERVER-1146
URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
Project: Directory ApacheDS
Issue Type: Bug
Components: ldap
Affects Versions: 1.5.1
Reporter: Chris Trobridge
ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
RFC4523 states certificates must be transferred using the ;binary transfer option.
In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12709408#action_12709408 ]
Emmanuel Lecharny commented on DIRSERVER-1198:
----------------------------------------------
Almost impossible to fix without reviewing the whole Entry manipulation system. The first case can be fix (allowing values above 0x80), as it's a simple check in the decoder, but the second case impact the changeLog system, as we need to manipulate ClientEntry in the LDIF revertor. ClientEntry don't have any knowledge currently about options or AttributeType, so it's very difficult to fix it.
We will have to postpone this to a later version, I'm afraid ...
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.5
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12709429#action_12709429 ]
Emmanuel Lecharny commented on DIRSERVER-1198:
----------------------------------------------
Partial fix :
http://svn.apache.org/viewvc?rev=774815&view=rev
It solves the first case (values > 0x7F in the attribute)
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.5
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Stefan Seelmann (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612484#action_12612484 ]
Stefan Seelmann commented on DIRSERVER-1198:
--------------------------------------------
Moved back to Server. I found two more bugs:
1st)
There is a problem when writing ;binary values greater than 0x80. The following test write four bytes 0x80, 0x81, 0x82, 0x83 when reading it from the server I get 12 bytes.
/**
* Add a new ;binary attribute with bytes greater than 0x80
* to a person entry.
* Test for DIRSERVER-1146
*
* @throws NamingException
*/
public void testAddNewBinaryAttributeValue0x80() throws NamingException
{
// Add a ;binary attribute with high-bytes
byte[] newValue = new byte[]{(byte)0x80, (byte)0x81, (byte)0x82, (byte)0x83};
Attributes attrs = new AttributesImpl( "userCertificate;binary", newValue );
ctx.modifyAttributes( RDN_TORI_AMOS, DirContext.ADD_ATTRIBUTE, attrs );
// Verify, that attribute value is added
attrs = ctx.getAttributes( RDN_TORI_AMOS );
Attribute attr = attrs.get( "userCertificate" );
assertNotNull( attr );
assertTrue( attr.contains( newValue ) );
byte[] certificate = (byte[])attr.get();
assertTrue( Arrays.equals( newValue, certificate ) );
assertEquals( 1, attr.size() );
}
2nd)
Reading the entry and requesting userCertificate;binary (including the ;binary) doesn't work
/**
* Retrieve a ;binary attribute from a person entry.
* Test for DIRSERVER-1146
*
* @throws NamingException
*/
public void testRetrieveEntryWithBinaryAttributeValue() throws NamingException
{
// Add a ;binary attribute
byte[] newValue = new byte[]{0x00, 0x01, 0x02, 0x03};
Attributes attrs = new AttributesImpl( "userCertificate;binary", newValue );
ctx.modifyAttributes( RDN_TORI_AMOS, DirContext.ADD_ATTRIBUTE, attrs );
// Search entry an request ;binary attribute
SearchControls sctls = new SearchControls();
sctls.setSearchScope(SearchControls.OBJECT_SCOPE);
sctls.setReturningAttributes( new String[]{ "userCertificate;binary" } );
String filter = "(objectClass=*)";
String base = RDN_TORI_AMOS;
// Test that ;binary attribute is present
NamingEnumeration<SearchResult> enm = ctx.search( base, filter, sctls);
assertTrue(enm.hasMore());
while (enm.hasMore()) {
SearchResult sr = enm.next();
attrs = sr.getAttributes();
Attribute attr = attrs.get("userCertificate;binary");
assertNotNull(attr);
assertTrue( attr.contains( newValue ) );
byte[] certificate = (byte[])attr.get();
assertTrue( Arrays.equals( newValue, certificate ) );
assertEquals( 1, attr.size() );
}
}
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1198) Requests of usercertificate;binary
are not supported
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Karasulu updated DIRSERVER-1198:
-------------------------------------
Fix Version/s: (was: 1.5.4)
1.5.7
Handle this in 1.5.7 where we confront issue of tags.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.7
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Stefan Seelmann (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Seelmann reopened DIRSERVER-1198:
----------------------------------------
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Chris Trobridge (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12606813#action_12606813 ]
Chris Trobridge commented on DIRSERVER-1146:
--------------------------------------------
My initial testing suggests that I can use Apache Directory Studio to import ldif files with attributes named with the ";binary" suffix but I haven't managed to retrieve the attributes correctly. The retrieved attributes aren't valid certificates.
Browsing in studio looks it like they're corrupt, eg all my certificates start with repears of "30 ef bf bd" and there are way more "ef bf bd" sequences in the data than I'd expect. However, the data is the expected length.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1198) Requests of usercertificate;binary
are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1198:
-----------------------------------------
Fix Version/s: (was: 1.5.3)
1.5.4
Postponed to 1.5.4.
A fix has been applied to allow certificates with bytes above 0x7F, so the initial problem (DIRSERVER-1197) should now be fixed
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.4
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1198) Requests of usercertificate;binary
are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1198:
-----------------------------------------
Fix Version/s: (was: 1.5.7)
1.5.5
Let's see if we can fix that before 1.5.5, as we have missed the opportunity to release last week.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.5
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Rihards Gailums (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12698431#action_12698431 ]
Rihards Gailums commented on DIRSERVER-1198:
--------------------------------------------
This issue seems to affect all versions of Mozilla Thunderbird like 2.0.0.21 till latest nightly build 3.0
When trying to send S/MIME encrypted e-mail, it send usercertificate;binary request ,but get usercertificate=., as result fail to find certificate.
I would say this is major and urgent problem to resolve.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.7
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12578054#action_12578054 ]
Emmanuel Lecharny commented on DIRSERVER-1146:
----------------------------------------------
We have added some partial support of ';binary' option for attributes, it will be available in 1.5.2 (expected in march)
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny reassigned DIRSERVER-1146:
--------------------------------------------
Assignee: Emmanuel Lecharny
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1198) Requests of usercertificate;binary
are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1198:
-----------------------------------------
Fix Version/s: (was: 1.5.5)
2.0.0-RC1
Postponed to 2.0.0-RC1
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 2.0.0-RC1
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSTUDIO-351) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSTUDIO-351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612218#action_12612218 ]
Emmanuel Lecharny commented on DIRSTUDIO-351:
---------------------------------------------
Moved to Studio to check that it's not an issue with the way Studio handles ;binary values
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSTUDIO-351
> URL: https://issues.apache.org/jira/browse/DIRSTUDIO-351
> Project: Directory Studio
> Issue Type: Bug
> Affects Versions: 1.1.0
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.2.0
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-1198.
------------------------------------------
Resolution: Fixed
Both tests has been added and now work.
However, I have modified the test in order to have it working : when checking for the userCertificate in the returned entry, I have removed the ';binary' postfix as JNDI isn't able to handle this option.
This is not perfect, but at least, one can search for "userCertificate;binary" and get back the attribute value.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 2.0.0-RC1
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12606189#action_12606189 ]
Alex Karasulu commented on DIRSERVER-1146:
------------------------------------------
Did we fix this? I thought we had something in already. Can I get a status on this?
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-1146.
------------------------------------------
Resolution: Fixed
The following test demonstrates that the userCertificate;binary attribute is working on the server, and that the certificate is not modified.
There may be a bug in Studio, however.
public void testAddNewBinaryAttributeValue() throws NamingException
{
// Add a binary attribute
byte[] newValue = new byte[]{0x00, 0x01, 0x02, 0x03};
Attributes attrs = new AttributesImpl( "userCertificate;binary", newValue );
ctx.modifyAttributes( RDN_TORI_AMOS, DirContext.ADD_ATTRIBUTE, attrs );
// Verify, that attribute value is added
attrs = ctx.getAttributes( RDN_TORI_AMOS );
Attribute attr = attrs.get( "userCertificate" );
assertNotNull( attr );
assertTrue( attr.contains( newValue ) );
byte[] certificate = (byte[])attr.get();
assertTrue( Arrays.equals( newValue, certificate ) );
assertEquals( 1, attr.size() );
}
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1146) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12606825#action_12606825 ]
Emmanuel Lecharny commented on DIRSERVER-1146:
----------------------------------------------
Do you mean that if you store a valid certificate, and get it back, it has been modified ?
Can you attach a valid certificate that we can test the procedure ?
Another possibility s that Studio messes wit the certificate. We have to check that.
I will check if we have a unit test for certificate storing, and if not, I will add one.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1146) Requests of usercertificate;binary
are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1146:
-----------------------------------------
Fix Version/s: (was: 1.5.2)
1.5.3
Will be partially available in 1.5.2, but the definitive fix is due for the next version.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612553#action_12612553 ]
Emmanuel Lecharny commented on DIRSERVER-1198:
----------------------------------------------
I can make the first test working easily, but not the second.
In fact, I can get the entry to be found, and returned, but the Attribute attr = attrs.get("userCertificate;binary") call won't work,
as the entry come back with "userCertificate" without the ";binary" string into it.
I don't see easy ay to fix it, unless we decide to support attribute options, which will be a huge modification.
How urgent is this ?
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1198) Requests of
usercertificate;binary are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612562#action_12612562 ]
Emmanuel Lecharny commented on DIRSERVER-1198:
----------------------------------------------
In order to correctly handle these cases, we have to support attributeType options, like binary.
All what have done until now is to hack the code. Let' fix this in 1.5.4.
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1198
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1146) Requests of usercertificate;binary
are not supported
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1146:
-----------------------------------------
Fix Version/s: 1.5.2
> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
> Key: DIRSERVER-1146
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1146
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.1
> Reporter: Chris Trobridge
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.2
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer option.
> In practice we have clients in the field that are making requests both with and without the option so we'd need support for both methods to be able to consider deploying ApacheDS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.