> [webrev.zip](https://github.com/user-attachments/files/22605072/webrev.zip) > NPE thrown from SASL GSSAPI impl when TLS is used with QOP auth-int against > Active Directory. > > When the exception is triggered, LDAP Connection will do "clean-up" operation > and output stream get flushed and closed the context while GssKrb5Client is > still wrapping the message, and tried to send the abandoned info to the > client at line > https://github.com/openjdk/jdk/blob/master/src/jdk.security.jgss/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java#L140. > That's the reason to throw NPE. > > The change is going to close socket and output stream in LdapClient.java. It > would allow SASL client code to send the abandoned request to client; then > dispose GSS context. This will avoid NPE to thrown at line 140 of > GssKrb5Base.java. > > No test file is attached for this MR since it needs Sasl LDAP server with > security setup. Attached the updated webrev for the reference.
Weibing Xiao has updated the pull request incrementally with one additional commit since the last revision: add new method to handle connection cleaning ------------- Changes: - all: https://git.openjdk.org/jdk/pull/26566/files - new: https://git.openjdk.org/jdk/pull/26566/files/4dd20668..c69d484b Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=26566&range=05 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=26566&range=04-05 Stats: 41 lines in 2 files changed: 19 ins; 20 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/26566.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/26566/head:pull/26566 PR: https://git.openjdk.org/jdk/pull/26566
