The following changes were made between the 4.0.13 and 4.0.14 releases:
- Fixed an issue in which LDAP URLs with consecutive percent-encoded bytes were not decoded correctly.
- Fixed an issue that could cause the LDAP SDK to incorrectly handle data read from a server when the communication is protected with SASL integrity or confidentiality.Thanks to Boris Danilovich for reporting this problem and identifying the cause.
- Fixed an issue that prevented the searchrate tool from running if neither a base DN pattern nor an LDAP URL pattern was provided.
- Improved the logic that the LDAP SDK uses when choosing the cipher suites to offer when establishing a TLS-secured connection. Weaker suites are disabled, and the enabled suites are prioritized so that those offering forward secrecy and the strongest encryption are preferred.
- Added a new FullLDAPInterface interface that extends LDAPInterface and adds support for close, bind, and processExtendedOperation methods. The existing LDAPConnection, AbstractConnectionPool, and InMemoryDirectoryServer classes have been updated to implement this interface rather than its LDAPInterface superclass.
- Added a new non-final MockableLDAPConnection class that makes it easier to mock an LDAPConnection instance. It implements FullLDAPInterface and wraps a provided LDAPConnection instance. If you create a MockableLDAPConnection subclass, then you may override any of the FullLDAPInterface methods to implement your own behavior. Any non-overridden methods will simply invoke the corresponding method on the provided LDAPConnection instance.
- Fixed a minor typo in the ldapsearch usage information.