mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 1f478d | patch | commitdiff
neil_a_wilson
26.14.2006 f2bcf31dabb8f69261b0b829fc989e9ba5323ee6
refs
author neil_a_wilson <neil_a_wilson@localhost>
Tuesday, September 26, 2006 01:14 +0200
committer neil_a_wilson <neil_a_wilson@localhost>
Tuesday, September 26, 2006 01:14 +0200
commitf2bcf31dabb8f69261b0b829fc989e9ba5323ee6
tree 9512ea826aabbe91ec965eca88440a226f8e7830 tree | zip | gz
parent 1f478df7f79c73ceff274daa28fe9a985ba8d5a0 view | diff 
Fix a problem in the StartTLS extended operation processing that could cause
problems with clients due to a race condition.  Previously, the success
response was sent to the client before TLS negotiation was started (because the
StartTLS response must be sent in the clear), and it was possible that if a
client was able to receive that response and send a subsequent TLS-protected
request before the was able to begin the TLS negotiation, then the server would
try to handle the client request as if it were in the clear and would not be
able to decode it.  The server now prepares to perform the TLS negotiation
before sending the response to the client to eliminate that race condition.

OpenDS Issue Number:  725
6 files modified
223 ■■■■ changed files
opends/src/server/org/opends/server/core/ExtendedOperation.java 17 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/extensions/StartTLSExtendedOperation.java 33 ●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/extensions/TLSCapableConnection.java 18 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/messages/ExtensionsMessages.java 15 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/messages/ProtocolMessages.java 17 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java 123 ●●●● diff | view | raw | blame | history