# HG changeset patch # User weijun # Date 1490930663 -28800 # Node ID 1fac9185cc2db6cd02cebb6ccc4d7e3d9ed20449 # Parent b9015c99d2dd0485cdc2ba9443bafb0154950bc8 8176067: Proper directory lookup processing Reviewed-by: ahgross, mullan, vinnie diff -r b9015c99d2dd -r 1fac9185cc2d jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapClient.java --- a/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapClient.java Thu Mar 30 01:59:20 2017 +0000 +++ b/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapClient.java Fri Mar 31 11:24:23 2017 +0800 @@ -1234,6 +1234,7 @@ static final int LDAP_REF_FOLLOW = 0x01; // follow referrals static final int LDAP_REF_THROW = 0x02; // throw referral ex. static final int LDAP_REF_IGNORE = 0x03; // ignore referrals + static final int LDAP_REF_FOLLOW_SCHEME = 0x04; // follow referrals of the same scheme static final String LDAP_URL = "ldap://"; // LDAPv3 static final String LDAPS_URL = "ldaps://"; // LDAPv3 diff -r b9015c99d2dd -r 1fac9185cc2d jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtx.java --- a/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtx.java Thu Mar 30 01:59:20 2017 +0000 +++ b/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtx.java Fri Mar 31 11:24:23 2017 +0800 @@ -2414,6 +2414,9 @@ // First determine the referral mode if (ref != null) { switch (ref) { + case "follow-scheme": + handleReferrals = LdapClient.LDAP_REF_FOLLOW_SCHEME; + break; case "follow": handleReferrals = LdapClient.LDAP_REF_FOLLOW; break; @@ -2979,8 +2982,23 @@ r = new LdapReferralException(resolvedName, resolvedObj, remainName, msg, envprops, fullDN, handleReferrals, reqCtls); // only one set of URLs is present - r.setReferralInfo(res.referrals == null ? null : - res.referrals.elementAt(0), false); + Vector refs; + if (res.referrals == null) { + refs = null; + } else if (handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME) { + refs = new Vector<>(); + for (String s : res.referrals.elementAt(0)) { + if (s.startsWith("ldap:")) { + refs.add(s); + } + } + if (refs.isEmpty()) { + refs = null; + } + } else { + refs = res.referrals.elementAt(0); + } + r.setReferralInfo(refs, false); if (hopCount > 1) { r.setHopCount(hopCount); diff -r b9015c99d2dd -r 1fac9185cc2d jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapReferralException.java --- a/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapReferralException.java Thu Mar 30 01:59:20 2017 +0000 +++ b/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapReferralException.java Fri Mar 31 11:24:23 2017 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -117,7 +117,8 @@ // If following referral, request controls are passed to referral ctx this.reqCtls = - (handleReferrals == LdapClient.LDAP_REF_FOLLOW ? reqCtls : null); + (handleReferrals == LdapClient.LDAP_REF_FOLLOW || + handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME ? reqCtls : null); } /** diff -r b9015c99d2dd -r 1fac9185cc2d jdk/src/java.naming/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreImpl.java --- a/jdk/src/java.naming/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreImpl.java Thu Mar 30 01:59:20 2017 +0000 +++ b/jdk/src/java.naming/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreImpl.java Fri Mar 31 11:24:23 2017 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -186,7 +186,7 @@ */ Hashtable currentEnv = ctx.getEnvironment(); if (currentEnv.get(Context.REFERRAL) == null) { - ctx.addToEnvironment(Context.REFERRAL, "follow"); + ctx.addToEnvironment(Context.REFERRAL, "follow-scheme"); } } catch (NamingException e) { if (debug != null) {