From a6118d2c726313283f1cc2d69b14d1bd18c9e7d2 Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Fri, 05 Sep 2025 05:54:18 +0000
Subject: [PATCH] Merge branch 'master' into update-jdk-11
---
opendj-server-legacy/src/test/java/org/opends/server/protocols/ldap/TestLDAPConnectionHandler.java | 4 +
opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPConnectionHandlerConfiguration.xml | 6 +
opendj-server-legacy/src/test/java/org/opends/server/core/GroupManagerTestCase.java | 54 ++++++++++++++++++
opendj-server-legacy/src/main/java/org/opends/server/core/GroupManager.java | 59 +++++++------------
opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPConnectionHandlerConfiguration.xml | 4 +
5 files changed, 89 insertions(+), 38 deletions(-)
diff --git a/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPConnectionHandlerConfiguration.xml b/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPConnectionHandlerConfiguration.xml
index 07c047f..c6d3fe5 100644
--- a/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPConnectionHandlerConfiguration.xml
+++ b/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPConnectionHandlerConfiguration.xml
@@ -13,6 +13,7 @@
information: "Portions Copyright [year] [name of copyright owner]".
Portions copyright 2013-2016 ForgeRock AS.
+ Portions copyright 2025 3A Systems, LLC
! -->
<adm:managed-object name="http-connection-handler"
plural-name="http-connection-handlers"
@@ -225,7 +226,10 @@
they send extremely large requests to the server causing it to
attempt to allocate large amounts of memory.
</adm:description>
- <adm:default-behavior>
+ <adm:requires-admin-action>
+ <adm:component-restart />
+ </adm:requires-admin-action>
+ <adm:default-behavior>
<adm:defined>
<adm:value>5 megabytes</adm:value>
</adm:defined>
diff --git a/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPConnectionHandlerConfiguration.xml b/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPConnectionHandlerConfiguration.xml
index 5b9d489..f84d0c9 100644
--- a/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPConnectionHandlerConfiguration.xml
+++ b/opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPConnectionHandlerConfiguration.xml
@@ -14,6 +14,7 @@
Copyright 2007-2009 Sun Microsystems, Inc.
Portions copyright 2011-2016 ForgeRock AS.
+ Portions copyright 2025 3A Systems, LLC
! -->
<adm:managed-object name="ldap-connection-handler"
plural-name="ldap-connection-handlers"
@@ -311,6 +312,9 @@
send extremely large requests to the server causing it to
attempt to allocate large amounts of memory.
</adm:description>
+ <adm:requires-admin-action>
+ <adm:component-restart />
+ </adm:requires-admin-action>
<adm:default-behavior>
<adm:defined>
<adm:value>5 megabytes</adm:value>
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/core/GroupManager.java b/opendj-server-legacy/src/main/java/org/opends/server/core/GroupManager.java
index fc1ca49..458a6ab 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/core/GroupManager.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/core/GroupManager.java
@@ -13,6 +13,7 @@
*
* Copyright 2007-2010 Sun Microsystems, Inc.
* Portions Copyright 2011-2016 ForgeRock AS.
+ * Portions Copyright 2025 3A Systems,LLC.
*/
package org.opends.server.core;
@@ -726,48 +727,34 @@
return;
}
+ Group<?> group =null;
lock.readLock().lock();
- try
- {
- if (!groupInstances.containsKey(oldEntry.getName()))
- {
- // If the modified entry is not in any group instance, it's probably
- // not a group, exit fast
- return;
- }
+ try{
+ group = groupInstances.get(oldEntry.getName());
}
finally
{
- lock.readLock().unlock();
+ lock.readLock().unlock();
}
-
- lock.writeLock().lock();
- try
- {
- Group<?> group = groupInstances.get(oldEntry.getName());
- if (group != null)
- {
- if (!oldEntry.getName().equals(newEntry.getName())
- || !group.mayAlterMemberList()
- || updatesObjectClass(modifications))
- {
- groupInstances.remove(oldEntry.getName());
- // This updates the refreshToken
- createAndRegisterGroup(newEntry);
+ if (group!=null) {
+ try {
+ if (!oldEntry.getName().equals(newEntry.getName())
+ || !group.mayAlterMemberList()
+ || updatesObjectClass(modifications)) {
+ lock.writeLock().lock();
+ try {
+ groupInstances.remove(oldEntry.getName());
+ // This updates the refreshToken
+ createAndRegisterGroup(newEntry);
+ } finally {
+ lock.writeLock().unlock();
+ }
+ } else {
+ group.updateMembers(modifications);
+ }
+ } catch (UnsupportedOperationException | DirectoryException e) {
+ logger.traceException(e);
}
- else
- {
- group.updateMembers(modifications);
- }
- }
- }
- catch (UnsupportedOperationException | DirectoryException e)
- {
- logger.traceException(e);
- }
- finally
- {
- lock.writeLock().unlock();
}
}
diff --git a/opendj-server-legacy/src/test/java/org/opends/server/core/GroupManagerTestCase.java b/opendj-server-legacy/src/test/java/org/opends/server/core/GroupManagerTestCase.java
index 140f825..a4449fc 100644
--- a/opendj-server-legacy/src/test/java/org/opends/server/core/GroupManagerTestCase.java
+++ b/opendj-server-legacy/src/test/java/org/opends/server/core/GroupManagerTestCase.java
@@ -13,12 +13,17 @@
*
* Copyright 2008-2010 Sun Microsystems, Inc.
* Portions Copyright 2011-2016 ForgeRock AS.
+ * Portions Copyright 2025 3A Systems, LLC
*/
package org.opends.server.core;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.ResultCode;
@@ -2292,6 +2297,55 @@
TestCaseUtils.clearBackend("userRoot");
}
+ @Test
+ public void test_issue_535() throws Exception {
+ TestCaseUtils.clearBackend("userRoot", "dc=example,dc=com");
+ TestCaseUtils.addEntries(
+ "dn: ou=Users,dc=example,dc=com",
+ "objectClass: organizationalUnit",
+ "objectClass: top",
+ "ou: Users",
+ "",
+ "dn: ou=Groups,dc=example,dc=com",
+ "objectClass: organizationalUnit",
+ "objectClass: top",
+ "ou: Groups",
+ "",
+ "dn: cn=Test User,ou=Users,dc=example,dc=com",
+ "objectClass: inetOrgPerson",
+ "objectClass: organizationalPerson",
+ "objectClass: person",
+ "objectClass: top",
+ "uid: testuser",
+ "cn: Test User",
+ "sn: User",
+ "userPassword: password123",
+ "",
+ "dn: cn=Level1,ou=Groups,dc=example,dc=com",
+ "objectClass: groupOfNames",
+ "objectClass: top",
+ "cn: Level1",
+ "member: cn=Test User,ou=Users,dc=example,dc=com",
+ "",
+ "dn: cn=Level2,ou=Groups,dc=example,dc=com",
+ "objectClass: groupOfNames",
+ "objectClass: top",
+ "cn: Level2",
+ "member: cn=Level1,ou=Groups,dc=example,dc=com",
+ ""
+ );
+ ExecutorService executor = Executors.newFixedThreadPool(100);
+ for (int i = 0; i < 10000; i++) {
+ executor.submit(() -> {
+ final ModifyRequest modifyRequest = newModifyRequest(DN.valueOf("cn=Level2,ou=Groups,dc=example,dc=com"));
+ modifyRequest.addModification(REPLACE, "member", "cn=Test User,ou=Users,dc=example,dc=com");
+ ModifyOperation modifyOperation = getRootConnection().processModify(modifyRequest);
+ assertEquals(modifyOperation.getResultCode(), ResultCode.SUCCESS);
+ });
+ }
+ executor.shutdown();
+ assertTrue(executor.awaitTermination(1, TimeUnit.MINUTES));
+ }
/**
* Adds nested group entries.
*
diff --git a/opendj-server-legacy/src/test/java/org/opends/server/protocols/ldap/TestLDAPConnectionHandler.java b/opendj-server-legacy/src/test/java/org/opends/server/protocols/ldap/TestLDAPConnectionHandler.java
index fc43c03..c0a6467 100644
--- a/opendj-server-legacy/src/test/java/org/opends/server/protocols/ldap/TestLDAPConnectionHandler.java
+++ b/opendj-server-legacy/src/test/java/org/opends/server/protocols/ldap/TestLDAPConnectionHandler.java
@@ -13,6 +13,7 @@
*
* Copyright 2006-2009 Sun Microsystems, Inc.
* Portions Copyright 2012-2016 ForgeRock AS.
+ * Portions Copyright 2025 3A Systems, LLC.
*/
package org.opends.server.protocols.ldap;
@@ -85,7 +86,7 @@
"ds-cfg-use-tcp-no-delay: true",
"ds-cfg-allow-tcp-reuse-address: true",
"ds-cfg-send-rejection-notice: true",
- "ds-cfg-max-request-size: 5 megabytes",
+ "ds-cfg-max-request-size: 10 megabytes",
"ds-cfg-num-request-handlers: 2",
"ds-cfg-allow-start-tls: false",
"ds-cfg-use-ssl: false",
@@ -105,6 +106,7 @@
Collection<String> cips = LDAPConnHandler.getEnabledSSLCipherSuites();
Collection<String> protos = LDAPConnHandler.getEnabledSSLProtocols();
int maxReqSize = LDAPConnHandler.getMaxRequestSize();
+ assertEquals(maxReqSize,10*1000*1000);
String shutListName=LDAPConnHandler.getShutdownListenerName();
SSLClientAuthPolicy policy = LDAPConnHandler.getSSLClientAuthPolicy();
Collection<ClientConnection> cons=LDAPConnHandler.getClientConnections();
--
Gitblit v1.10.0