> ### Summary of the change > > The LDAP Naming Service Provider implementation's default settings are > changed to disallow deserialization and reconstruction of Java objects from > different LDAP attributes (RFC 2713). Currently, only the deserialization is > controlled by the `com.sun.jndi.ldap.object.trustSerialData` system property, > and it is allowed by default. > The change proposed here switches the default value of the` > com.sun.jndi.ldap.object.trustSerialData `system property to `"false"`, and > also extends its scope to cover the reconstruction of RMI remote objects from > the `javaRemoteLocation` LDAP attribute. > > CSR for this change can be viewed > [here](https://bugs.openjdk.org/browse/JDK-8290369). > > ### List of code changes > - Switch the default value of the 'com.sun.jndi.ldap.object.trustSerialData' > system property to "false". > > - Extend the scope of the property to also cover the reconstruction of RMI > remote objects from the deprecated 'javaRemoteLocation' LDAP attribute. > > - Document the support for `javaRemoteLocation` and the > `javaReferenceAddress` LDAP attributes in `java.naming`'s module-info. > > ### Test changes > - New `test/jdk/com/sun/jndi/ldap/objects/RemoteLocationAttributeTest.java` > test has been added to test that `com.sun.jndi.ldap.object.trustSerialData` > system property can be used to control reconstruction of RMI objects from the > `javaRemoteLocation` LDAP attribute. > > - `test/jdk/javax/naming/module/RunBasic.java` was modified to pass > `com.sun.jndi.ldap.object.trustSerialData=true` to the sub-tests that rely on > reconstruction/deserialization from LDAP attributes. > > - During the update for `test/jdk/javax/naming/module/RunBasic.java`, it was > spotted that sub-tests apps launched in separate processes were returning the > '0' exit value irrelevant to their execution status. All these sub-tests were > modified to throw an exception when failure is observed. It helps to ensure > that the exit value of launched process is not '0' for failed sub-tests. > > ### Testing > > `tier1`-`tier3` and JNDI regression/JCK tests not showing any failures > related to this change. > No failures observed for the modified regression tests.
Aleksei Efimov has updated the pull request incrementally with one additional commit since the last revision: Add run for the SP w/o value, formatting/wording updates ------------- Changes: - all: https://git.openjdk.org/jdk/pull/10228/files - new: https://git.openjdk.org/jdk/pull/10228/files/40868838..faec04e6 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=10228&range=01 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=10228&range=00-01 Stats: 7 lines in 2 files changed: 2 ins; 0 del; 5 mod Patch: https://git.openjdk.org/jdk/pull/10228.diff Fetch: git fetch https://git.openjdk.org/jdk pull/10228/head:pull/10228 PR: https://git.openjdk.org/jdk/pull/10228
