mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server-legacy/src/main/java/org/opends/server/api/ClientConnection.java
@@ -93,11 +93,18 @@ protected AtomicBoolean saslBindInProgress; /** * Indicates if a bind or start TLS request is currently in progress * on this client connection. If so, then no further socket reads * will occur until the request completes. * Indicates if a bind request is currently in progress on this client * connection. If so, then no further socket reads will occur until the * request completes. */ protected AtomicBoolean bindOrStartTLSInProgress; protected AtomicBoolean bindInProgress; /** * Indicates if a Start TLS request is currently in progress on this client * connection. If so, then no further socket reads will occur until the * request completes. */ protected AtomicBoolean startTLSInProgress; /** * Indicates whether any necessary finalization work has been done for this @@ -139,7 +146,8 @@ authenticationInfo = new AuthenticationInfo(); saslAuthState = null; saslBindInProgress = new AtomicBoolean(false); bindOrStartTLSInProgress = new AtomicBoolean(false); bindInProgress = new AtomicBoolean(false); startTLSInProgress = new AtomicBoolean(false); sizeLimit = DirectoryServer.getSizeLimit(); timeLimit = DirectoryServer.getTimeLimit(); idleTimeLimit = DirectoryServer.getIdleTimeLimit(); @@ -1545,9 +1553,20 @@ * the socket again. This must be called after processing each * bind request in a multistage SASL bind. */ public void finishBindOrStartTLS() public void finishBind() { bindOrStartTLSInProgress.set(false); bindInProgress.set(false); } /** * Indicates a bind or start TLS request processing is finished * and the client connection may start processing data read from * the socket again. This must be called after processing each * bind request in a multistage SASL bind. */ public void finishStartTLS() { startTLSInProgress.set(false); } /** opendj-server-legacy/src/main/java/org/opends/server/core/BindOperationBasis.java
@@ -588,7 +588,7 @@ { clientConnection.finishSaslBind(); } clientConnection.finishBindOrStartTLS(); clientConnection.finishBind(); invokePostResponsePlugins(workflowExecuted); } opendj-server-legacy/src/main/java/org/opends/server/core/ExtendedOperationBasis.java
@@ -424,7 +424,7 @@ if(requestOID.equals(OID_START_TLS_REQUEST)) { clientConnection.finishBindOrStartTLS(); clientConnection.finishStartTLS(); } // Invoke the post-response extended plugins. opendj-server-legacy/src/main/java/org/opends/server/protocols/ldap/LDAPClientConnection.java
@@ -1537,7 +1537,7 @@ */ int processDataRead() { if (bindOrStartTLSInProgress.get()) if (bindInProgress.get() || startTLSInProgress.get()) { // We should wait for the bind or startTLS to finish before // reading any more data off the socket. @@ -1618,12 +1618,17 @@ // terminated. try { if(bindOrStartTLSInProgress.get() || (saslBindInProgress.get() && message.getProtocolOpType() != OP_TYPE_BIND_REQUEST)) if (bindInProgress.get()) { throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, ERR_ENQUEUE_BIND_IN_PROGRESS.get()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, ERR_ENQUEUE_BIND_IN_PROGRESS.get()); } else if (startTLSInProgress.get()) { throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, ERR_ENQUEUE_STARTTLS_IN_PROGRESS.get()); } else if (saslBindInProgress.get() && message.getProtocolOpType() != OP_TYPE_BIND_REQUEST) { throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, ERR_ENQUEUE_SASLBIND_IN_PROGRESS.get()); } boolean result; @@ -1636,7 +1641,7 @@ result = processAddRequest(message, opControls); return result; case OP_TYPE_BIND_REQUEST: bindOrStartTLSInProgress.set(true); bindInProgress.set(true); if(message.getBindRequestProtocolOp(). getAuthenticationType() == AuthenticationType.SASL) { @@ -1645,7 +1650,7 @@ result = processBindRequest(message, opControls); if(!result) { bindOrStartTLSInProgress.set(false); bindInProgress.set(false); if(message.getBindRequestProtocolOp(). getAuthenticationType() == AuthenticationType.SASL) { @@ -1663,14 +1668,14 @@ if(message.getExtendedRequestProtocolOp().getOID().equals( OID_START_TLS_REQUEST)) { bindOrStartTLSInProgress.set(true); startTLSInProgress.set(true); } result = processExtendedRequest(message, opControls); if(!result && message.getExtendedRequestProtocolOp().getOID().equals( OID_START_TLS_REQUEST)) { bindOrStartTLSInProgress.set(false); startTLSInProgress.set(false); } return result; case OP_TYPE_MODIFY_REQUEST: @@ -2594,18 +2599,27 @@ /** {@inheritDoc} */ @Override public void finishBindOrStartTLS() public void finishBind() { if (this.saslPendingProvider != null) { enableSASL(); } super.finishBind(); } /** {@inheritDoc} */ @Override public void finishStartTLS() { if(this.tlsPendingProvider != null) { enableTLS(); } if (this.saslPendingProvider != null) { enableSASL(); } super.finishBindOrStartTLS(); super.finishStartTLS(); } } opendj-server-legacy/src/messages/org/opends/messages/core.properties
@@ -881,6 +881,12 @@ ERR_ENQUEUE_BIND_IN_PROGRESS_501=A bind operation is currently in \ progress on the associated client connection. No other requests may be made \ on this client connection until the bind processing has completed ERR_ENQUEUE_STARTTLS_IN_PROGRESS_752=A StartTLS operation is currently in \ progress on the associated client connection. No other requests may be made \ on this client connection until the StartTLS processing has completed ERR_ENQUEUE_SASLBIND_IN_PROGRESS_753=A SASL bind operation is currently in \ progress on the associated client connection. No other requests may be made \ on this client connection until the SASL bind processing has completed ERR_ENQUEUE_MUST_CHANGE_PASSWORD_502=%s must change their password \ before it will be allowed to request any other operations ERR_PWPSTATE_CANNOT_DECODE_SUBENTRY_VALUE_AS_DN_504=An error occurred \
