Name: nt126004			Date: 11/20/2001


java version "1.4.0-beta3"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta3-b84)
Java HotSpot(TM) Client VM (build 1.4.0-beta3-b84, mixed mode)


I found that when I use TLS or SSL with JNDI and create multiple connections
one after another that it hangs. I've tested this on both Windows XP and on
Solaris 8 against an iPlanet Directory Server 5.0SP1 directory server as well
as an OpenLDAP directory server. I found that the problem seems to be slightly
more pronounced on Windows than on Solaris, but, that it happens on both
platforms. The following application demonstrates the problem. I noticed this
bug initially with JDK 1.3.1 using SSL. So, I don't think the problem has to
do specifically with using Start TLS. Also, if you comment out the start TLS
related lines (lines 44 and 46) in the following source code, the application
will work fine. Only when TLS is enabled does the problem occur.

Another thing to note is that I just noticed that the problem is intermittent.
I just ran it once and it worked fine. Then, I ran it again and it hung after
returning 2 entries. Then, ran it again and it hung after returning 3 entries.
The problem seems to be pretty random. Previously, I never noticed the problem
against iPlanet, only with OpenLDAP, but, now it does it with both. You may
need to up the counter value in the application to see the problem.

The following is an example invocation of the application. Note, if you want
to test the application, you can test it against ldap.uchicago.edu which is an
OpenLDAP directory server which is accessible on the Internet.

J:\JNDITLSConnectionTest>java JNDITLSConnectionTest ldap.uchicago.edu 389 "" ""
"ou=People, dc=uchicago, dc=edu" "(uid=jemiller)"

import java.security.*;
import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;

public class JNDITLSConnectionTest
{
	public static void main (String[] args)
	{
		try
		{
			if(args.length != 6)
			{
				System.err.println("Usage:
JNDITLSConnectionTest host port user password baseDN filter");
				
				System.exit(-1);
			}
				
			String host = args[0];
			
			int port = Integer.parseInt(args[1]);
			
			String user = args[2];
			
			String password = args[3];
			
			String baseDN = args[4];
			
			String filter = args[5];
			
			for(int i = 0; i < 10; ++i)
			{
				Hashtable h = new Hashtable();
		
				h.put
(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
		
				h.put(Context.PROVIDER_URL, "ldap://" + host
+ ":" + port);
			
				h.put("java.naming.ldap.version", "3");

				LdapContext lc = new InitialLdapContext(h,
null);
			
				StartTlsResponse stlsr = (StartTlsResponse)
lc.extendedOperation(new StartTlsRequest());
			
				stlsr.negotiate();
			
				lc.addToEnvironment
(Context.SECURITY_AUTHENTICATION, "simple");
			
				lc.addToEnvironment
(Context.SECURITY_PRINCIPAL, user);
			
				lc.addToEnvironment
(Context.SECURITY_CREDENTIALS, password);
			
				SearchControls sc = new SearchControls();
			
				sc.setSearchScope
(SearchControls.SUBTREE_SCOPE);
						
				NamingEnumeration ne = lc.search(baseDN,
filter, sc);
			
				while(ne.hasMore())
				{
					System.out.println((SearchResult)
ne.next());
				}
			
				lc.close();
			}
		}
		catch(Exception e)
		{
			e.printStackTrace();
			
			System.exit(-1);
		}
	}
}
(Review ID: 135318) 
======================================================================