Skip to content

Commit

Permalink
8325579: Inconsistent behavior in com.sun.jndi.ldap.Connection::creat…
Browse files Browse the repository at this point in the history
…eSocket

Reviewed-by: mbaesken
Backport-of: 32bf1f4169fd07291d608323c143832ad48e531e
  • Loading branch information
RealCLanger authored and lutkerd committed May 14, 2024
1 parent 917a2fa commit 90dc8d4
Show file tree
Hide file tree
Showing 3 changed files with 212 additions and 116 deletions.
51 changes: 28 additions & 23 deletions src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -120,17 +120,15 @@
public final class Connection implements Runnable {

private static final boolean debug = false;
private static final int dump = 0; // > 0 r, > 1 rw


final private Thread worker; // Initialized in constructor

private boolean v3 = true; // Set in setV3()
private boolean v3 = true; // Set in setV3()

final public String host; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket
final public int port; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket
public final String host; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket
public final int port; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket

private boolean bound = false; // Set in setBound()

Expand Down Expand Up @@ -319,30 +317,37 @@ private SocketFactory getSocketFactory(String socketFactoryName) throws Exceptio
}

private Socket createConnectionSocket(String host, int port, SocketFactory factory,
int connectTimeout) throws Exception {
int connectTimeout) throws IOException {
Socket socket = null;

// if timeout is supplied, try to use unconnected socket for connecting with timeout
if (connectTimeout > 0) {
// create unconnected socket and then connect it if timeout
// is supplied
InetSocketAddress endpoint =
createInetSocketAddress(host, port);
// unconnected socket
socket = factory.createSocket();
// connect socket with a timeout
socket.connect(endpoint, connectTimeout);
if (debug) {
System.err.println("Connection: creating socket with " +
"a connect timeout");
System.err.println("Connection: creating socket with a connect timeout");
}
try {
// unconnected socket
socket = factory.createSocket();
} catch (IOException e) {
// unconnected socket is likely not supported by the SocketFactory
if (debug) {
System.err.println("Connection: unconnected socket not supported by SocketFactory");
}
}
if (socket != null) {
InetSocketAddress endpoint = createInetSocketAddress(host, port);
// connect socket with a timeout
socket.connect(endpoint, connectTimeout);
}
}

// either no timeout was supplied or unconnected socket did not work
if (socket == null) {
// create connected socket
socket = factory.createSocket(host, port);
if (debug) {
System.err.println("Connection: creating connected socket with" +
" no connect timeout");
System.err.println("Connection: creating connected socket with no connect timeout");
}
socket = factory.createSocket(host, port);
}
return socket;
}
Expand All @@ -351,7 +356,7 @@ private Socket createConnectionSocket(String host, int port, SocketFactory facto
// the SSL handshake following socket connection as part of the timeout.
// So explicitly set a socket read timeout, trigger the SSL handshake,
// then reset the timeout.
private void initialSSLHandshake(SSLSocket sslSocket , int connectTimeout) throws Exception {
private void initialSSLHandshake(SSLSocket sslSocket, int connectTimeout) throws Exception {

if (!IS_HOSTNAME_VERIFICATION_DISABLED) {
SSLParameters param = sslSocket.getSSLParameters();
Expand Down
24 changes: 18 additions & 6 deletions src/java.naming/share/classes/module-info.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -36,21 +36,33 @@
* The following implementation specific properties are supported by the
* default LDAP Naming Service Provider implementation in the JDK:
* <ul>
* <li>{@code java.naming.ldap.factory.socket}:
* <br>The value of this environment property specifies the fully
* qualified class name of the socket factory used by the LDAP provider.
* This class must implement the {@link javax.net.SocketFactory} abstract class
* and provide an implementation of the static "getDefault()" method that
* returns an instance of the socket factory. By default the environment
* property is not set.
* </li>
* <li>{@code com.sun.jndi.ldap.connect.timeout}:
* <br>The value of this property is the string representation
* of an integer representing the connection timeout in
* milliseconds. If the LDAP provider cannot establish a
* connection within that period, it aborts the connection attempt.
* <br>The value of this environment property is the string representation
* of an integer specifying the connection timeout in milliseconds.
* If the LDAP provider cannot establish a connection within that period,
* it aborts the connection attempt.
* The integer should be greater than zero. An integer less than
* or equal to zero means to use the network protocol's (i.e., TCP's)
* timeout value.
* <br> If this property is not specified, the default is to wait
* for the connection to be established or until the underlying
* network times out.
* <br> If a custom socket factory is provided via environment property
* {@code java.naming.ldap.factory.socket} and unconnected sockets
* are not supported, the specified timeout is ignored
* and the provider behaves as if no connection timeout was set.
* </li>
* <li>{@code com.sun.jndi.ldap.read.timeout}:
* <br>The value of this property is the string representation
* of an integer representing the read timeout in milliseconds
* of an integer specifying the read timeout in milliseconds
* for LDAP operations. If the LDAP provider cannot get a LDAP
* response within that period, it aborts the read attempt. The
* integer should be greater than zero. An integer less than or
Expand Down
Loading

0 comments on commit 90dc8d4

Please sign in to comment.