Bump unboundid-ldapsdk from 5.1.3 to 6.0.7

[dependabot]

Bumps unboundid-ldapsdk from 5.1.3 to 6.0.7.

Release notes

Sourced from unboundid-ldapsdk's releases.

UnboundID LDAP SDK for Java 6.0.7

We have just released version 6.0.7 of the UnboundID LDAP SDK for Java. It is available for download from GitHub and SourceForge, and it is available in the Maven Central Repository. You can find the release notes at https://docs.ldap.com/ldap-sdk/docs/release-notes.html, but here’s a summary of the changes included in this version:

• We fixed a bug in the SearchResultEntry.equals method that could prevent a SearchResultEntry from matching other types of Entry objects.

• We fixed a bug in the Entry.applyModifications method that could cause it to fail with a NOT_ALLOWED_ON_RDN result if the provided entry was missing one or more of the attribute values used in its RDN.

• We fixed a bug in the argument parser’s support for mutually dependent arguments with a set containing more than two arguments. Previously, the constraint would have been satisfied if at least two of the arguments were provided, rather than requiring all of them to be provided.

• We added JSONObject methods for retrieving fields by name using case-insensitive matching (by default, JSON field names are treated in a case-sensitive manner). Because it is possible that a JSON object will have multiple fields with the same name when using case-insensitive matching, there are a few options for indicating how such conflicts should be handled, including only returning the first match, returning a map with all matching fields, or throwing an exception if there are multiple matches.

• We updated the set of LDAP-related specifications to include the latest version of the draft-schmaus-kitten-sasl-ht proposal.

UnboundID LDAP SDK for Java 6.0.6

We have just released version 6.0.6 of the UnboundID LDAP SDK for Java. It is available for download from GitHub and SourceForge, and it is available in the Maven Central Repository. You can find the release notes at https://docs.ldap.com/ldap-sdk/docs/release-notes.html, but here’s a summary of the changes included in this version:

General Updates

• We fixed an issue that could cause request failures when closing a connection operating in asynchronous mode with outstanding operations.

• We fixed an issue that could interfere with the ability to get a default SSLContext on Java 17 when running in FIPS 140-2-compliant mode.

• We updated LDAPConnectionOptions to add support for a new system property that can enable certificate hostname verification by default without any code changes.

• We updated the LDAP command-line tool framework to add a new --verifyCertificateHostnames argument to enable hostname verification when performing TLS negotiation.

• We improved the class-level Javadoc documentation for the SSLUtil class to provide a better overview of TLS protocol versions, TLS cipher suites, key managers, trust managers, and certificate hostname verification, and to provide better examples that illustrate best practices for establishing secure connections.

• We fixed an issue in the JNDI compatibility support for controls, as well as extended requests and responses. Even though the implementation was based on the JNDI documentation, it appears that at least OpenJDK implementations do not abide by that documentation. The LDAP SDK is now compatible with the observed behavior rather than the documentation, although a system property can be used to revert to the former behavior.

• We updated the SearchRequest class to add constructors that allow you to provide the search base DN with a DN object (as an alternative to existing constructors that allow you to specify it as a String).

• We fixed an issue in the command-line tool framework in which an Error (for example, OutOfMemoryError) could cause the tool to report a NullPointerException rather than information about the underlying error.

• We fixed an issue in the IA5 argument value validator that could allow it to accept argument values with non-ASCII characters.

• We fixed an issue in the DNS hostname argument value validator that could prevent it from properly validating the last component of a fully qualified domain name, or the only component of an unqualified name.

• We updated the identify-references-to-missing-entries tool to provide an option to generate an LDIF file with changes that can be used to remove identified references.

• We updated the SelfSignedCertificateGenerator class to perform better validation for the subject alternative DNS names that it includes in a certificate.

• We updated the manage-certificates generate-self-signed-certificate command to rename the --replace-existing-certificate argument to be --use-existing-key-pair. The former argument name still works, but it is hidden from the usage.

• We included a native-image/resource-config.json file in the LDAP SDK jar file manifest, which can be used by the GraalVM native-image tool to ensure that appropriate resource files are included in the resulting image.

Updates Specific to Use With the Ping Identity Directory Server

• We updated the summarize-access-log tool to report on many more things, including the most common IP addresses for failed bind attempts, the most consecutive failed binds, information about work queue wait times, information about request and response controls, the number of components in search filters, and search filters that may indicate injection attempts.

... (truncated)

Changelog

Sourced from unboundid-ldapsdk's changelog.

          <div align="right">

${TARGET="offline"} LDAP SDK Home Page ${TARGET="offline"} Product Information

          <h2>Release Notes</h2>
      &lt;h3&gt;Version 6.0.8&lt;/h3&gt;
  &amp;lt;p&amp;gt;
    The following changes were made between the 6.0.7 and 6.0.8 releases:
  &amp;lt;/p&amp;gt;

  &amp;lt;ul&amp;gt;
    &amp;lt;li&amp;gt;
      Added support for encrypted PKCS [#8](https://github.com/pingidentity/ldapsdk/issues/8) private keys.  Private keys can now be
      formatted in encrypted PEM when provided with an encryption password and a set
      of encryption properties, and the PKCS [#8](https://github.com/pingidentity/ldapsdk/issues/8) PEM file reader can read encrypted
      private keys when provided with the encryption password.  The
      manage-certificates export-private-key command has been updated to support
      writing an encrypted representation of the private key in either PEM or DER
      form, and manage-certificates import-certificate has been updated to support
      obtaining the private key when it is encrypted form.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;
  &amp;lt;/ul&amp;gt;

  &amp;lt;p&amp;gt;&amp;lt;/p&amp;gt;



  &amp;lt;h3&amp;gt;Version 6.0.7&amp;lt;/h3&amp;gt;

  &amp;lt;p&amp;gt;
    The following changes were made between the 6.0.6 and 6.0.7 releases:
  &amp;lt;/p&amp;gt;

  &amp;lt;ul&amp;gt;
    &amp;lt;li&amp;gt;
      Fixed a bug in the SearchResultEntry.equals method that could prevent a
      SearchResultEntry object (which is a subclass of Entry) from being considered
      equal to an Entry that is not a SearchResultEntry.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Fixed an issue with the Entry.applyModifications method in which it could fail
      with a NOT_ALLOWED_ON_RDN result if the provided entry was missing one or more
      attribute values used in its RDN.

... (truncated)

Commits

• 76bbe43 Fix an issue with mutually dependent arguments
• 017fff2 Add draft-schmaus-kitten-sasl-ht-09
• 3ae2f6d Fix a bug in SearchResultEntry.equals
• dd0bf0e Allow getting JSON fields case insensitively
• fa5b17f Fix an issue with Entry.applyModifications
• a2aa563 Add draft-schmaus-kitten-sasl-ht-08
• 307fad3 Post-6.0.6 release updates
• b8c6c46 Update the LDAP SDK release notes
• 3321398 Include resource-config.json in the jar manifest
• 46c0162 More updates to summarize-access-log
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)