You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ba...@apache.org on 2021/09/28 13:40:14 UTC
[jackrabbit-oak] branch 1.22 updated: OAK-9519:
TlsGuardingConnection doesn't do a TLS handshake on reused connections
This is an automated email from the ASF dual-hosted git repository.
baedke pushed a commit to branch 1.22
in repository https://gitbox.apache.org/repos/asf/jackrabbit-oak.git
The following commit(s) were added to refs/heads/1.22 by this push:
new 6c31c03 OAK-9519: TlsGuardingConnection doesn't do a TLS handshake on reused connections
6c31c03 is described below
commit 6c31c03656a17061a688df4516bcd1f2a45c3157
Author: Manfred Baedke <ma...@greenbytes.de>
AuthorDate: Thu Sep 23 00:26:04 2021 +0200
OAK-9519: TlsGuardingConnection doesn't do a TLS handshake on reused connections
Removed redundant legacy workaround that doesn't work with org.apache.directory.api.api-all-2.0.1.
---
.../impl/PoolableUnboundConnectionFactory.java | 28 +---------------------
1 file changed, 1 insertion(+), 27 deletions(-)
diff --git a/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactory.java b/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactory.java
index bd783a7..87f03f2 100644
--- a/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactory.java
+++ b/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactory.java
@@ -96,9 +96,7 @@ public class PoolableUnboundConnectionFactory extends BasePooledObjectFactory<Ld
* {@inheritDoc}
*/
public LdapConnection create() throws LdapException {
- LdapNetworkConnection connection = config.isUseTls()
- ? new TlsGuardingConnection(config)
- : new LdapNetworkConnection(config);
+ LdapNetworkConnection connection = new LdapNetworkConnection(config);
connection.connect();
log.debug("creating new connection: {}", connection);
return connection;
@@ -124,28 +122,4 @@ public class PoolableUnboundConnectionFactory extends BasePooledObjectFactory<Ld
log.debug("validating connection {}: {}", connection, valid);
return valid;
}
-
- /**
- * internal helper class that guards the original ldap connection from starting TLS if already started..
- * this is to ensure that pooled connections can be 'bind()' several times.
- *
- * @see org.apache.directory.ldap.client.api.LdapNetworkConnection#bindAsync(org.apache.directory.api.ldap.model.message.BindRequest)
- */
- private static final class TlsGuardingConnection extends LdapNetworkConnection {
-
- private boolean tlsStarted;
-
- private TlsGuardingConnection(LdapConnectionConfig config) {
- super(config);
- }
-
- @Override
- public void startTls() throws LdapException {
- if (tlsStarted) {
- return;
- }
- super.startTls();
- tlsStarted = true;
- }
- }
}