RFR: 8259707: LDAP channel binding does not work with StartTLS extension
Daniel Fuchs
dfuchs at openjdk.java.net
Wed Jan 20 14:44:50 UTC 2021
On Thu, 14 Jan 2021 19:28:27 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> Please review a small patch to enable LDAP TLS Channel Binding with StartTLS Extension.
> Test from the bug report and jtreg javax/naming tests are passed.
That look reasonable to me. But what would happen if at some point after performing some LDAP operations, you called StartTLSResponse::close and then after some more time you tried to again create a StartTLSRequest on the same context? Would that work - or would you be using a possibly obsolete channel binding obtained from the first upgrade?
-------------
PR: https://git.openjdk.java.net/jdk/pull/2085
More information about the core-libs-dev
mailing list