You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Stefan Zoerner (JIRA)" <ji...@apache.org> on 2006/06/05 12:25:32 UTC
[jira] Created: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
If one tries to connect with an illegal LDAP protocol version, no error occurs
------------------------------------------------------------------------------
Key: DIRSERVER-632
URL: http://issues.apache.org/jira/browse/DIRSERVER-632
Project: Directory ApacheDS
Type: Bug
Versions: 1.0-RC3
Environment: Sun ONE Directory SDK for Java 4.1
ApacheDS 1.0 RC 3
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
Microsoft Windows XP version 5.1 Service Pack 1
Reporter: Stefan Zoerner
Priority: Minor
If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=comments#action_12425606 ]
Stefan Zoerner commented on DIRSERVER-632:
------------------------------------------
Thanks Alex! I can confirm that this issue does not occur in my environment anymore (I tested the current 1.0 branch).
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Assigned To: Alex Karasulu
> Priority: Minor
> Fix For: 1.1.0, 1.0-RC4
>
> Attachments: DIRSERVER-632.log, IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Assigned: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Alex Karasulu reassigned DIRSERVER-632:
---------------------------------------
Assignee: Alex Karasulu
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Assigned To: Alex Karasulu
> Priority: Minor
> Attachments: DIRSERVER-632.log, IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Assigned: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Stefan Zoerner reassigned DIRSERVER-632:
----------------------------------------
Assignee: (was: Stefan Zoerner)
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Priority: Minor
> Attachments: DIRSERVER-632.log, IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Stefan Zoerner updated DIRSERVER-632:
-------------------------------------
Attachment: IllegalLDAPVersionBindTest.java
Test case which fails, but shouldn't, as far as I understand the RFC.
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Type: Bug
> Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Priority: Minor
> Attachments: IllegalLDAPVersionBindTest.java
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Stefan Zoerner reassigned DIRSERVER-632:
----------------------------------------
Assignee: Stefan Zoerner
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Assigned To: Stefan Zoerner
> Priority: Minor
> Attachments: IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Alex Karasulu closed DIRSERVER-632.
-----------------------------------
Fix Version/s: 1.1.0
1.0-RC4
Resolution: Fixed
Fixed. Had to move decision making code up from codec into the BindHandler.
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Assigned To: Alex Karasulu
> Priority: Minor
> Fix For: 1.1.0, 1.0-RC4
>
> Attachments: DIRSERVER-632.log, IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DIRSERVER-632) If one tries to connect with an
illegal LDAP protocol version, no error occurs
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-632?page=all ]
Stefan Zoerner updated DIRSERVER-632:
-------------------------------------
Attachment: DIRSERVER-632.log
Here is a server log for this issue. The strange thing is that a protocolError occurs internally, but the client hangs nevertheless. Here is the result created:
[21:19:48] DEBUG [org.apache.directory.shared.ldap.codec.TwixEncoder] - Encoding
this LdapMessage : LdapMessage
message Id : 0
Extended Response
Ldap Result
Result code : (2) protocolError
Matched DN : ''
Error message : 'The server will disconnect!'
Response name :'1.3.6.1.4.1.1466.20036'
Response :'[B@186d484'
Any ideas? Has it to to with this LDAP_NOTICE_DISCONNECT response, which my client does not understand?
> If one tries to connect with an illegal LDAP protocol version, no error occurs
> ------------------------------------------------------------------------------
>
> Key: DIRSERVER-632
> URL: http://issues.apache.org/jira/browse/DIRSERVER-632
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0-RC3
> Environment: Sun ONE Directory SDK for Java 4.1
> ApacheDS 1.0 RC 3
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
> Microsoft Windows XP version 5.1 Service Pack 1
> Reporter: Stefan Zoerner
> Assigned To: Stefan Zoerner
> Priority: Minor
> Attachments: DIRSERVER-632.log, IllegalLDAPVersionBindTest.java
>
>
> If one tries to connect to an LDAP server with a wrong version number (e.g. 4 instead of 2 or 3), it is expected that a protocol error occurs. See RFC 2251, 4.2.3, "Bind Response" for details.
> This is not the case with ApacheDS, the client seems to hang instead, if you use version=4.
> Unfortunately, I was not able to create this situation with JNDI, because its LDAP Provider does not allow this operation. You can specify the version via environment (key "java.naming.ldap.version", but for an illegal value it throws an exception on the client side and does not seem to call the server at all.
> Therefore I have created a JUnit test case with Sun ONE Directory SDK for Java. Netscape SDK (now Mozilla SDK, http://www.mozilla.org/directory/), will probably do as well. Please let me know, if you have any problem to reproduce the problem.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira