Manfred Baedke created OAK-9519:
-----------------------------------
Summary: TlsGuardingConnection doesn't do a TLS handshake on
reused connections
Key: OAK-9519
URL: https://issues.apache.org/jira/browse/OAK-9519
Project: Jackrabbit Oak
Issue Type: Bug
Components: auth-ldap
Affects Versions: 1.22.6
Reporter: Manfred Baedke
Assignee: Manfred Baedke
With Oak 1.22.6, org.apache.directory.api.api-all received a major version
update. With the previous version, the method LdapNetworkConnection#startTls()
failed when called more than once on the same connection. As a workaround we
used the derived class TlsGuardingConnection which prevented this. With the new
version, not only LdapNetworkConnection#startTls() may be called multiple
times, but also has to be called when a connection from the pool is reused.
TlsGuardingConnection doesn't do this, which results in insecure connections.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
