Skip to content

Commit

Permalink
8297955: LDAP CertStore should use LdapName and not String for DNs
Browse files Browse the repository at this point in the history
8224768: Test ActalisCA.java fails

Backport-of: df9aad018a769a27221cb29e4e66465e5d98ba94
  • Loading branch information
GoeLin committed May 3, 2023
1 parent 65a02da commit 96adf07
Show file tree
Hide file tree
Showing 3 changed files with 173 additions and 200 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -44,6 +44,7 @@
import javax.naming.CommunicationException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
import javax.security.auth.x500.X500Principal;

import com.sun.jndi.ldap.LdapReferralException;
Expand Down Expand Up @@ -218,16 +219,23 @@ private void createInitialDirContext(String server, int port)
*/
private class LDAPRequest {

private final String name;
private final LdapName name;
private Map<String, byte[][]> valueMap;
private final List<String> requestedAttributes;

LDAPRequest(String name) throws CertStoreException {
this.name = checkName(name);
try {
// Convert DN to an LdapName so that it is not treated as a
// composite name by JNDI. In JNDI, using a string name is
// equivalent to calling new CompositeName(stringName).
this.name = new LdapName(name);
} catch (InvalidNameException ine) {
throw new CertStoreException("Invalid name: " + name, ine);
}
requestedAttributes = new ArrayList<>(5);
}

private String checkName(String name) throws CertStoreException {
private static String checkName(String name) throws CertStoreException {
if (name == null) {
throw new CertStoreException("Name absent");
}
Expand Down Expand Up @@ -321,6 +329,9 @@ private Map<String, byte[][]> getValueMap() throws NamingException {
if (newDn != null && newDn.charAt(0) == '/') {
newDn = newDn.substring(1);
}
// In JNDI, it is not possible to use an LdapName for
// the referral DN, so we must validate the syntax of
// the string DN.
checkName(newDn);
} catch (Exception e) {
throw new NamingException("Cannot follow referral to "
Expand Down Expand Up @@ -371,7 +382,7 @@ private void cacheAttribute(String attrId, byte[][] values) {
* or does not contain any values, a zero length byte array is
* returned. NOTE that it is assumed that all values are byte arrays.
*/
private byte[][] getAttributeValues(Attribute attr)
private static byte[][] getAttributeValues(Attribute attr)
throws NamingException {
byte[][] values;
if (attr == null) {
Expand Down
2 changes: 0 additions & 2 deletions test/jdk/ProblemList.txt
Original file line number Diff line number Diff line change
Expand Up @@ -646,8 +646,6 @@ sun/security/provider/KeyStore/DKSTest.sh 8180266 windows-

sun/security/pkcs11/KeyStore/SecretKeysBasic.java 8209398 generic-all

security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java 8224768 generic-all

sun/security/smartcardio/TestChannel.java 8039280 generic-all
sun/security/smartcardio/TestConnect.java 8039280 generic-all
sun/security/smartcardio/TestConnectAgain.java 8039280 generic-all
Expand Down
Loading

1 comment on commit 96adf07

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.