Issue Details (XML | Word | Printable)

Key: DERBY-236
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Minor Minor
Assignee: Sunitha Kambhampati
Reporter: Sunitha Kambhampati
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Derby

Sane Mode and in our test environment, bootPassword gets written out in plain text to service.properties

Created: 27/Apr/05 01:51 AM   Updated: 05/Jun/05 01:45 AM
Return to search
Component/s: Store
Affects Version/s: 10.1.1.0
Fix Version/s: 10.1.1.0

Time Tracking:
Not Specified

Environment: All

Resolution Date: 14/May/05 02:37 AM


 Description  « Hide
In org.apache.derby.impl.store.RawStore

in boot(), if we run a test using our testharness and with sane jars, the boot password gets written out to service.properties in plain text. This is incorrect, should not happen even for a sane and test harness combination..


Code :-
if (SanityManager.DEBUG)
{
if (!databaseEncrypted)
{
// check for system property if running under sanity - this
// gives more test coverage for those that that hard code
// connection URL in the test or somehow go thru the test
// harness in a strange way.
String testEncryption =
PropertyUtil.getSystemProperty("testDataEncryption");

if (testEncryption != null)
{
properties.put(Attribute.DATA_ENCRYPTION, "true");
properties.put(Attribute.BOOT_PASSWORD, testEncryption);
databaseEncrypted = true;
                    }
}
}

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Sunitha Kambhampati made changes - 27/Apr/05 01:52 AM
Field Original Value New Value
Priority Major [ 3 ] Minor [ 4 ]
Sunitha Kambhampati made changes - 10/May/05 01:49 AM
Assignee Sunitha Kambhampati [ skambha ]
[ Permlink | « Hide ]
Sunitha Kambhampati added a comment - 14/May/05 02:37 AM
changes checked in as svn 169913

1. removed sanity debug code in RawStore to not write bootpassword in plain text into the service.properties
2. currently the test harness does not seem to pass on the encryption related properties to the MultiTest and with change in #1, encryption wont be used for stress.multi. So changes made to RunTest to pass on the encryption, testEncryptionAlgorithm values to the MultiTest harness. Also changed mtTestCase to recognize the encryption properties and modify the database url to use for the MultiTest.
-- ran derbyall on jdk142 with no failures
-- verified that encryption run for stress.multi was running ok, by adding keepfiles=true to encryptionAll.properties and checking the service.properties for all the databases created as part of this encryptionAll testrun.

Sunitha Kambhampati made changes - 14/May/05 02:37 AM
Status Open [ 1 ] Resolved [ 5 ]
Resolution Fixed [ 1 ]
Sunitha Kambhampati made changes - 05/Jun/05 01:45 AM
Status Resolved [ 5 ] Closed [ 6 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators