search

acciduck / jscep

Automatically exported from code.google.com/p/jscep
MIT License
0 stars 0 forks source link

When GetCACapabilities fails with IOException, the whole enrolment fails #55

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Use Windows 2003 with MSCEP as RA+CA server, .NET 2.0.50727 - 
C:/Windows/System32/certsrv/mscep/MSCEP.dll version 5.131.3790.1053
2. Try to enrol (client sends out a GetCACapabilities message)
3. The server truncates the connection and the JSCEP Client fails with an 
IOException

What is the expected output? What do you see instead?
I would expect the client to ignore the connection failure and assume default, 
basic CA/RA capabilities. It's crashing, instead.

What version of the product are you using? On what operating system?
Latest version as of 17 Oct 2011: api and client-1.2 released 30th May 2011.

Please provide any additional information below.
Not sure if this behaviour from the server is allowed by the latest SCEP draft 
and there might be a fix for the Microsoft server service, but a fault-tolerant 
client would be more robust.
Basically the only required change would be a try-catch block in Client.java, 
in the getCaCapabilities() method: I just wrapped the
"caps = trans.sendRequest(req);" in a try-catch(IOException ioe)
{ caps = new Capabilities(); // Ignore errors and use defaults } and it could 
enrol.

Original issue reported on code.google.com by mda...@ubq.thrupoint.net on 17 Oct 2011 at 1:37

GoogleCodeExporter commented 8 years ago

Original comment by da...@grant.org.uk on 2 Nov 2011 at 8:52

GoogleCodeExporter commented 8 years ago 
We are still using a custom version of JScep because of this. We'd like to 
switch to the official one. If you need to verify the fix, I can probably do it 
quickly, before 25th November, once it's released/pre-released.

Original comment by mda...@ubq.thrupoint.net on 2 Nov 2011 at 10:56

GoogleCodeExporter commented 8 years ago 
Issue 55 and Issue 56 are duplicates.

Original comment by nirmaljp...@gmail.com on 27 Nov 2011 at 11:22

GoogleCodeExporter commented 8 years ago 
This issue was closed by revision r1330.

Original comment by da...@grant.org.uk on 19 Jan 2012 at 8:18

GoogleCodeExporter commented 8 years ago

Original comment by da...@grant.org.uk on 22 Mar 2012 at 8:43

GoogleCodeExporter commented 8 years ago

Original comment by da...@grant.org.uk on 21 Aug 2012 at 11:58