Skip to content

Commit

Permalink
8325579: Inconsistent behavior in com.sun.jndi.ldap.Connection::creat…
Browse files Browse the repository at this point in the history
…eSocket

Reviewed-by: dfuchs, aefimov
  • Loading branch information
RealCLanger committed Mar 25, 2024
1 parent 70a15c7 commit 907e30f
Show file tree
Hide file tree
Showing 3 changed files with 210 additions and 115 deletions.
47 changes: 26 additions & 21 deletions src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -122,17 +122,15 @@
public final class Connection implements Runnable {

private static final boolean debug = false;
private static final int dump = 0; // > 0 r, > 1 rw


private final Thread worker; // Initialized in constructor

private boolean v3 = true; // Set in setV3()
private boolean v3 = true; // Set in setV3()

public final String host; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket
// used by StartTlsResponse when creating an SSL socket
public final int port; // used by LdapClient for generating exception messages
// used by StartTlsResponse when creating an SSL socket
// used by StartTlsResponse when creating an SSL socket

private boolean bound = false; // Set in setBound()

Expand Down Expand Up @@ -324,30 +322,37 @@ private SocketFactory getSocketFactory(String socketFactoryName) throws Exceptio
}

private Socket createConnectionSocket(String host, int port, SocketFactory factory,
int connectTimeout) throws Exception {
int connectTimeout) throws IOException {
Socket socket = null;

// if timeout is supplied, try to use unconnected socket for connecting with timeout
if (connectTimeout > 0) {
// create unconnected socket and then connect it if timeout
// is supplied
InetSocketAddress endpoint =
createInetSocketAddress(host, port);
// unconnected socket
socket = factory.createSocket();
// connect socket with a timeout
socket.connect(endpoint, connectTimeout);
if (debug) {
System.err.println("Connection: creating socket with " +
"a connect timeout");
System.err.println("Connection: creating socket with a connect timeout");
}
try {
// unconnected socket
socket = factory.createSocket();
} catch (IOException e) {
// unconnected socket is likely not supported by the SocketFactory
if (debug) {
System.err.println("Connection: unconnected socket not supported by SocketFactory");
}
}
if (socket != null) {
InetSocketAddress endpoint = createInetSocketAddress(host, port);
// connect socket with a timeout
socket.connect(endpoint, connectTimeout);
}
}

// either no timeout was supplied or unconnected socket did not work
if (socket == null) {
// create connected socket
socket = factory.createSocket(host, port);
if (debug) {
System.err.println("Connection: creating connected socket with" +
" no connect timeout");
System.err.println("Connection: creating connected socket with no connect timeout");
}
socket = factory.createSocket(host, port);
}
return socket;
}
Expand All @@ -356,7 +361,7 @@ private Socket createConnectionSocket(String host, int port, SocketFactory facto
// the SSL handshake following socket connection as part of the timeout.
// So explicitly set a socket read timeout, trigger the SSL handshake,
// then reset the timeout.
private void initialSSLHandshake(SSLSocket sslSocket , int connectTimeout) throws Exception {
private void initialSSLHandshake(SSLSocket sslSocket, int connectTimeout) throws Exception {

if (!IS_HOSTNAME_VERIFICATION_DISABLED) {
SSLParameters param = sslSocket.getSSLParameters();
Expand Down
24 changes: 18 additions & 6 deletions src/java.naming/share/classes/module-info.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -36,21 +36,33 @@
* The following implementation specific environment properties are supported by the
* default LDAP Naming Service Provider implementation in the JDK:
* <ul>
* <li>{@code java.naming.ldap.factory.socket}:
* <br>The value of this environment property specifies the fully
* qualified class name of the socket factory used by the LDAP provider.
* This class must implement the {@link javax.net.SocketFactory} abstract class
* and provide an implementation of the static "getDefault()" method that
* returns an instance of the socket factory. By default the environment
* property is not set.
* </li>
* <li>{@code com.sun.jndi.ldap.connect.timeout}:
* <br>The value of this property is the string representation
* of an integer representing the connection timeout in
* milliseconds. If the LDAP provider cannot establish a
* connection within that period, it aborts the connection attempt.
* <br>The value of this environment property is the string representation
* of an integer specifying the connection timeout in milliseconds.
* If the LDAP provider cannot establish a connection within that period,
* it aborts the connection attempt.
* The integer should be greater than zero. An integer less than
* or equal to zero means to use the network protocol's (i.e., TCP's)
* timeout value.
* <br> If this property is not specified, the default is to wait
* for the connection to be established or until the underlying
* network times out.
* <br> If a custom socket factory is provided via environment property
* {@code java.naming.ldap.factory.socket} and unconnected sockets
* are not supported, the specified timeout is ignored
* and the provider behaves as if no connection timeout was set.
* </li>
* <li>{@code com.sun.jndi.ldap.read.timeout}:
* <br>The value of this property is the string representation
* of an integer representing the read timeout in milliseconds
* of an integer specifying the read timeout in milliseconds
* for LDAP operations. If the LDAP provider cannot get a LDAP
* response within that period, it aborts the read attempt. The
* integer should be greater than zero. An integer less than or
Expand Down
Loading

3 comments on commit 907e30f

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RealCLanger
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/backport jdk22u

@openjdk
Copy link

@openjdk openjdk bot commented on 907e30f Mar 25, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RealCLanger the backport was successfully created on the branch backport-RealCLanger-907e30ff in my personal fork of openjdk/jdk22u. To create a pull request with this backport targeting openjdk/jdk22u:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 907e30ff from the openjdk/jdk repository.

The commit being backported was authored by Christoph Langer on 25 Mar 2024 and was reviewed by Daniel Fuchs and Aleksei Efimov.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk22u:

$ git fetch https://github.com/openjdk-bots/jdk22u.git backport-RealCLanger-907e30ff:backport-RealCLanger-907e30ff
$ git checkout backport-RealCLanger-907e30ff
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk22u.git backport-RealCLanger-907e30ff

Please sign in to comment.