[
https://issues.apache.org/jira/browse/OAK-9519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Manfred Baedke updated OAK-9519:
--------------------------------
Fix Version/s: 1.6.22
> TlsGuardingConnection doesn't do a TLS handshake on reused connections
> ----------------------------------------------------------------------
>
> Key: OAK-9519
> URL: https://issues.apache.org/jira/browse/OAK-9519
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: auth-ldap
> Affects Versions: 1.22.6
> Reporter: Manfred Baedke
> Assignee: Manfred Baedke
> Priority: Major
> Labels: candidate_oak_1_6
> Fix For: 1.8.25, 1.42.0, 1.6.22, 1.22.9
>
> Attachments: OAK-9519.patch
>
>
> With Oak 1.22.6, org.apache.directory.api.api-all received a major version
> update. With the previous version, the method
> LdapNetworkConnection#startTls() failed when called more than once on the
> same connection. As a workaround we used the derived class
> TlsGuardingConnection which prevented this. With the new version, not only
> LdapNetworkConnection#startTls() may be called multiple times, but also has
> to be called when a connection from the pool is reused. TlsGuardingConnection
> doesn't do this, which results in insecure connections.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
