Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13720

Public API method LDAPUtils.convertToLDAPURLs can not handle IPv6 literals

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 13.0.0, 13.5.0, 13.5.1, 13.5.2, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.5.0
    • Fix Version/s: 13.5.3, 6.5.0.1, 6.5.1, 14.1.2, 6.0.1, 7.0.0, 5.5.2
    • Component/s: other
    • Labels:
    • Sprint:
      AM Sustaining Sprint 57, AM Sustaining Sprint 58
    • Story Points:
      3
    • Needs backport:
      Yes
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      Yes
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      LDAPUtils.convertToLDAPURLs can not handle IPv6 literals as specified in https://tools.ietf.org/html/rfc4516#section-2 and https://tools.ietf.org/html/rfc3986#section-3.2.2

      How to reproduce the issue

      Find unit test attached.

      Expected behaviour
      IPv6 literals should be usable
      Current behaviour
      If IPv6 literals are used a wrong port / host for the LDAPURL object is returned
      

      Code analysis

      org.forgerock.openam.ldap.LDAPURL.java
      public static LDAPURL valueOf(String url) {
          Boolean isSSL = null;
          String host;
          int port;
          int firstIdx = url.indexOf(COLON_SLASH_SLASH);
          if (firstIdx != -1) {
              String scheme = url.substring(0, firstIdx);
              if (scheme.equalsIgnoreCase("ldaps")) {
                  isSSL = true;
              } else {
                  isSSL = false;
              }
          }
          int lastIdx = url.indexOf(SEPARATOR, firstIdx + 1);
          if (lastIdx != -1) {
              try {
                  port = Integer.parseInt(url.substring(lastIdx + 1));
              } catch (NumberFormatException nfe) {
                  port = DEFAULT_PORT;
              }
          } else {
              port = DEFAULT_PORT;
          }
          firstIdx = firstIdx == -1 ? 0 : firstIdx + COLON_SLASH_SLASH.length();
          lastIdx = lastIdx == -1 ? url.length() : lastIdx;
          host = url.substring(firstIdx, lastIdx);
          if (port < 1 || port > 65535) {
              port = DEFAULT_PORT;
          }
      
          return new LDAPURL(host, port, isSSL);
      }
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                lawrence.yarham Lawrence Yarham
                Reporter:
                bthalmayr Bernhard Thalmayr
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: