You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2006/08/03 07:42:06 UTC
svn commit: r428245 - in /directory/trunks/apacheds:
protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java
server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java
Author: akarasulu
Date: Wed Aug 2 22:42:05 2006
New Revision: 428245
URL: http://svn.apache.org/viewvc?rev=428245&view=rev
Log:
DIRSERVER-632 fix to only use LDAPv3 for binds
Added:
directory/trunks/apacheds/server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java
Modified:
directory/trunks/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java
Modified: directory/trunks/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java?rev=428245&r1=428244&r2=428245&view=diff
==============================================================================
--- directory/trunks/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java (original)
+++ directory/trunks/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java Wed Aug 2 22:42:05 2006
@@ -61,8 +61,15 @@
LdapContext ctx;
BindRequest req = ( BindRequest ) request;
LdapResult result = req.getResultResponse().getLdapResult();
- Hashtable env = SessionRegistry.getSingleton().getEnvironmentByCopy();
-
+
+ if ( !req.getVersion3() )
+ {
+ result.setResultCode( ResultCodeEnum.PROTOCOLERROR );
+ result.setErrorMessage( "Only LDAP v3 is supported" );
+ session.write( req.getResultResponse() );
+ return;
+ }
+
// if the bind request is not simple then we freak: no strong auth yet
if ( !req.isSimple() )
{
@@ -73,6 +80,7 @@
}
// clone the environment first then add the required security settings
+ Hashtable env = SessionRegistry.getSingleton().getEnvironmentByCopy();
byte[] creds = req.getCredentials();
env.put( Context.SECURITY_PRINCIPAL, req.getName() );
env.put( Context.SECURITY_CREDENTIALS, creds );
Added: directory/trunks/apacheds/server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java?rev=428245&view=auto
==============================================================================
--- directory/trunks/apacheds/server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java (added)
+++ directory/trunks/apacheds/server-unit/src/test/java/org/apache/directory/server/IllegalLDAPVersionBindITest.java Wed Aug 2 22:42:05 2006
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.directory.server;
+
+
+import netscape.ldap.LDAPConnection;
+import netscape.ldap.LDAPException;
+
+import org.apache.directory.server.unit.AbstractServerTest;
+
+
+/**
+ * If one tries to connect with an illegal LDAP protocol version,
+ * no error occurs but should. This is for
+ * <a href="http://issues.apache.org/jira/browse/DIRSERVER-632">DIRSERVER-632</a>.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: $
+ */
+public class IllegalLDAPVersionBindITest extends AbstractServerTest
+{
+ static final String HOST = "localhost";
+ static final String USER = "uid=admin,ou=system";
+ static final String PASSWORD = "secret";
+
+ private LDAPConnection con = null;
+
+
+ public void testConnectWithIllegalLDAPVersion() throws LDAPException
+ {
+ int LDAP_VERSION = 4; // illegal
+
+ try
+ {
+ con = new LDAPConnection();
+ con.connect( LDAP_VERSION, HOST, port, USER, PASSWORD );
+ fail( "try to connect with illegal version number should fail" );
+ }
+ catch ( LDAPException e )
+ {
+ assertEquals( "statuscode", LDAPException.PROTOCOL_ERROR, e.getLDAPResultCode() );
+ }
+ finally
+ {
+ if ( con.isConnected() )
+ {
+ con.disconnect();
+ }
+ }
+ }
+}