On Tue, 2 Sep 2025 15:28:00 GMT, Weibing Xiao <wx...@openjdk.org> wrote:
>> [webrev.zip](https://github.com/user-attachments/files/21517501/webrev.zip) >> NPE thrown from SASL GSSAPI impl on Java 11+ when TLS is used with QOP >> auth-int against Active Directory. >> >> When the exception is triggered, LDAP Connection will do "clean-up" >> operation and output stream get flushed and closed the context while >> GssKrb5Client is still wrapping the message and SaslOuput Stream is writing >> the content of the buffer; and at the time GSSContext is disposed and it is >> null. That's the reason to throw NPE. >> >> 1) Check if the context is null or not; then wrap the NPE. The change is >> done in GssKrb5Base.java >> >> No test file is attached for this MR since it needs Sasl LDAP server with >> security setup. Attached webrev for the reference. > > Weibing Xiao has updated the pull request incrementally with two additional > commits since the last revision: > > - remove unused code > - removed the commented out code Yes. I traced the call. GSSKrb5Base::dispose was called after LDAPClient::close got call and context got closed. BTW, I will be out of office for two weeks starting next Monday. I will check review comment after coming backing. ------------- PR Comment: https://git.openjdk.org/jdk/pull/26566#issuecomment-3275176138
