mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 1a097a | patch | commitdiff
neil_a_wilson
26.14.2006 ce6bc8b4d5c49fee3bbf2feea0e4577b43d46ec7
refs
author neil_a_wilson <neil_a_wilson@localhost>
Tuesday, September 26, 2006 01:14 +0200
committer neil_a_wilson <neil_a_wilson@localhost>
Tuesday, September 26, 2006 01:14 +0200
commitce6bc8b4d5c49fee3bbf2feea0e4577b43d46ec7
tree 3eef0e3455c736d7e22ac1a1f255587c1b85a7d4 tree | zip | gz
parent 1a097ac1105eee52e8a3fb5158d04b0e95f73bb8 view | diff 
Fix a problem in the StartTLS extended operation processing that could cause
problems with clients due to a race condition.  Previously, the success
response was sent to the client before TLS negotiation was started (because the
StartTLS response must be sent in the clear), and it was possible that if a
client was able to receive that response and send a subsequent TLS-protected
request before the was able to begin the TLS negotiation, then the server would
try to handle the client request as if it were in the clear and would not be
able to decode it.  The server now prepares to perform the TLS negotiation
before sending the response to the client to eliminate that race condition.

OpenDS Issue Number:  725
6 files modified
223 ■■■■ changed files
opendj-sdk/opends/src/server/org/opends/server/core/ExtendedOperation.java 17 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/extensions/StartTLSExtendedOperation.java 33 ●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/extensions/TLSCapableConnection.java 18 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/messages/ExtensionsMessages.java 15 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/messages/ProtocolMessages.java 17 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java 123 ●●●● diff | view | raw | blame | history