directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Bayliss (JIRA)" <>
Subject [jira] [Updated] (DIRSERVER-1743) ReplicationConsumerImpl fails to connect when startTLS is enabled
Date Thu, 16 Aug 2012 20:57:38 GMT


Paul Bayliss updated DIRSERVER-1743:

    Attachment: ReplicationConsumerImpl.diff

svn diff
> ReplicationConsumerImpl fails to connect when startTLS is enabled
> -----------------------------------------------------------------
>                 Key: DIRSERVER-1743
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ldap
>    Affects Versions: 2.0.0-M7
>         Environment: All
>            Reporter: Paul Bayliss
>              Labels: patch
>         Attachments: ReplicationConsumerImpl.diff
> When running syncrepl client (ReplicationConsumerImpl) with startTLS enabled the first
connection attempt fails with the the exception below. This occurs because there is no TCP
connection established when the LDAP Start TLS extended request is attempted.
> 16:42:04,349 | ERROR | Thread-24 | ReplicationConsumerImpl[249] Failed to bind with the
given bindDN and credentials
> Cannot connect
on the server, the connection is null
> 	at[]
> 	at[]
> 	at[]
> 	at[]
> 	at$[]
> 	at[:1.6.0_33]
> Subsequent connection attempts fail if confidentiality is enabled as the ReplicationConsumerImpl
connect() code bypasses the startTLS if the LdapNetworkConnection has already been created.
This results in the following exception.
> 16:42:09,452 | WARN  | Thread-24 | ReplicationConsumerImpl[244] 
Confidentiality (TLS secured connection) is required.
> 	at[]
> 	at[]
> 	at[]
> 	at[]
> 	at[]
> 	at$[]
> 	at[:1.6.0_33]
> A fix to both exceptions is to ensure that the LDAPNetworkConnection startTls() call
is preceeded with a call to LDAPNetworkConnection connect() and and also ensure that if startTLS
 is enabled, the calls to connect() and startTls() are made for each ReplicationConsumerImpl
connection attempt.
> I will attach an svn diff of the fix that works within my development environment.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message