[ 
https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12612484#action_12612484
 ] 

Stefan Seelmann commented on DIRSERVER-1198:
--------------------------------------------

Moved back to Server. I found two more bugs:


1st)
There is a problem when writing ;binary values greater than 0x80. The following 
test write four bytes 0x80, 0x81, 0x82, 0x83 when reading it from the server I 
get 12 bytes.

    /**
     * Add a new ;binary attribute with bytes greater than 0x80
     * to a person entry.
     * Test for DIRSERVER-1146
     * 
     * @throws NamingException
     */
    public void testAddNewBinaryAttributeValue0x80() throws NamingException
    {
        // Add a ;binary attribute with high-bytes 
        byte[] newValue = new byte[]{(byte)0x80, (byte)0x81, (byte)0x82, 
(byte)0x83};
        Attributes attrs = new AttributesImpl( "userCertificate;binary", 
newValue );
        ctx.modifyAttributes( RDN_TORI_AMOS, DirContext.ADD_ATTRIBUTE, attrs );
        
        // Verify, that attribute value is added
        attrs = ctx.getAttributes( RDN_TORI_AMOS );
        Attribute attr = attrs.get( "userCertificate" );
        assertNotNull( attr );
        assertTrue( attr.contains( newValue ) );
        byte[] certificate = (byte[])attr.get();
        assertTrue( Arrays.equals( newValue, certificate ) );
        assertEquals( 1, attr.size() );
    }



2nd)
Reading the entry and requesting userCertificate;binary (including the ;binary) 
doesn't work

    /**
     * Retrieve a ;binary attribute from a person entry.
     * Test for DIRSERVER-1146
     * 
     * @throws NamingException
     */
    public void testRetrieveEntryWithBinaryAttributeValue() throws 
NamingException
    {
        // Add a ;binary attribute
        byte[] newValue = new byte[]{0x00, 0x01, 0x02, 0x03};
        Attributes attrs = new AttributesImpl( "userCertificate;binary", 
newValue );
        ctx.modifyAttributes( RDN_TORI_AMOS, DirContext.ADD_ATTRIBUTE, attrs );
        
        // Search entry an request ;binary attribute
        SearchControls sctls = new SearchControls();
        sctls.setSearchScope(SearchControls.OBJECT_SCOPE);
        sctls.setReturningAttributes( new String[]{ "userCertificate;binary" } 
);
        String filter = "(objectClass=*)";
        String base = RDN_TORI_AMOS;
        
        // Test that ;binary attribute is present
        NamingEnumeration<SearchResult> enm = ctx.search( base, filter, sctls);
        assertTrue(enm.hasMore());
        while (enm.hasMore()) {
            SearchResult sr = enm.next();
            attrs = sr.getAttributes();
            Attribute attr = attrs.get("userCertificate;binary");
            assertNotNull(attr);
            assertTrue( attr.contains( newValue ) );
            byte[] certificate = (byte[])attr.get();
            assertTrue( Arrays.equals( newValue, certificate ) );
            assertEquals( 1, attr.size() );
        }
    }



> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
>                 Key: DIRSERVER-1198
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
>             Project: Directory ApacheDS
>          Issue Type: Bug
>            Reporter: Chris Trobridge
>            Assignee: Emmanuel Lecharny
>             Fix For: 1.5.3
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary 
> transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer 
> option.
> In practice we have clients in the field that are making requests both with 
> and without the option so we'd need support for both methods to be able to 
> consider deploying ApacheDS.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to