db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sure...@apache.org
Subject svn commit: r421721 - in /db/derby/code/trunk/java: engine/org/apache/derby/iapi/store/raw/ engine/org/apache/derby/iapi/store/raw/log/ engine/org/apache/derby/iapi/store/raw/xact/ engine/org/apache/derby/impl/store/raw/ engine/org/apache/derby/impl/st...
Date Thu, 13 Jul 2006 22:45:41 GMT
Author: suresht
Date: Thu Jul 13 15:45:40 2006
New Revision: 421721

URL: http://svn.apache.org/viewvc?rev=421721&view=rev
Log:
DERBY -1156 (partial)
This patch adds some code required to support reconfigure(rencryption) of
an already existing encrypted database with a new password(secret key)
or an external user specified encryption key.

-- disables encryption/re-encryption of an existing database if there 
   are any global transaction in the prepared state after recovery. 

-- disables encryption/re-encryption of an existing database if database 
   is soft-upgraded to 10.2. 

-- Added a test that tests re-encryption of an encrypted database
   when global transaction are in the prepared state after recovery. 


Added:
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
  (with props)
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
  (with props)
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties
  (with props)
Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/RawStoreFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/log/LogFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/xact/TransactionFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/LogToFile.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/ReadOnly.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/TransactionTable.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/XactFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/loc/messages_en.properties
    db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/suites/encryptionAll.runall
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/copyfiles.ant

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/RawStoreFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/RawStoreFactory.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/RawStoreFactory.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/RawStoreFactory.java Thu
Jul 13 15:45:40 2006
@@ -100,6 +100,10 @@
 
 	/** Derby Store Minor Version (1) **/
 	public static final int DERBY_STORE_MINOR_VERSION_1    = 1;
+
+    /** Derby Store Minor Version (2) **/
+	public static final int DERBY_STORE_MINOR_VERSION_2    = 2;
+
 	/** Derby 10 Store Major version */
 	public static final int DERBY_STORE_MAJOR_VERSION_10   = 10;
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/log/LogFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/log/LogFactory.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/log/LogFactory.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/log/LogFactory.java Thu
Jul 13 15:45:40 2006
@@ -292,6 +292,26 @@
      */
     public  void setupLogEncryption() throws StandardException;
 
+    
+    /**
+     *  Check to see if a database has been upgraded to the required
+     *  level in order to use a store feature.
+     *
+     * @param requiredMajorVersion  required database Engine major version
+     * @param requiredMinorVersion  required database Engine minor version
+     * @param feature Non-null to throw an exception, null to return the 
+     *                state of the version match.
+     * @return <code> true </code> if the database has been upgraded to 
+     *         the required level, <code> false </code> otherwise.
+     * @exception  StandardException 
+     *             if the database is not at the require version 
+     *             when <code>feature</code> feature is 
+     *             not <code> null </code>. 
+     */
+	public boolean checkVersion(int requiredMajorVersion, 
+                                int requiredMinorVersion, 
+                                String feature) 
+        throws StandardException;
 
 }
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/xact/TransactionFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/xact/TransactionFactory.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/xact/TransactionFactory.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/store/raw/xact/TransactionFactory.java
Thu Jul 13 15:45:40 2006
@@ -268,6 +268,17 @@
 	*/
 	public boolean noActiveUpdateTransaction();
 
+
+    /**
+     * Check if there are any prepared transanctions.
+     *
+     * <P>MT - unsafe, called during boot, which is single threaded.
+     *
+     * @return   <tt>true</tt> if prepared transactions exist,
+     *			 <tt>false</tt> otherwise.
+     */
+	public boolean hasPreparedXact();
+
 	/**
 		Database creation finished
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java Thu Jul
13 15:45:40 2006
@@ -1354,6 +1354,9 @@
         throws StandardException 
     {
 
+        // check if the database can be encrypted.
+        canEncryptDatabase(reEncrypt);
+
         // check point the datase, so that encryption does not have
         // to encrypt the existing transactions logs. 
  
@@ -1419,6 +1422,49 @@
             newDecryptionEngine = null;   
             newEncryptionEngine = null;
             transaction.close(); 
+        }
+    }
+
+
+    /**
+     * checks if the database is in the right state to (re)encrypt it.
+     *
+     * @param  reEncrypt true if the database getting encrypted 
+     *                   with new password/key.
+     * @exception  StandardException  
+     *             if there is global transaction in the prepared state or
+     *             if the database is not at the version 10.2 or above, this
+     *             feature is not supported.  
+     */
+    private void canEncryptDatabase(boolean reEncrypt) 
+        throws StandardException 
+    {
+
+        String feature = (reEncrypt ? 
+                          "newBootPassword/newEncryptionKey attribute" : 
+                          "dataEncryption attribute on an existing database");
+
+        // check if the database version is at 10.2 or above.
+        // encrytpion or re-encryption of the database 
+        // is supported  only in version 10.2 or above. 
+		logFactory.checkVersion(
+                       RawStoreFactory.DERBY_STORE_MAJOR_VERSION_10, 
+                       RawStoreFactory.DERBY_STORE_MINOR_VERSION_2, 
+                       feature);
+
+        // database can not be (re)encrypted if there 
+        // are any global transactions in the prepared state 
+        // after the recovery. The reason for this restriction 
+        // is that any transaction log before the encryption can not 
+        // be read once database is reconfigure with new encryption 
+        // key.
+        if (xactFactory.hasPreparedXact()) {
+            if(reEncrypt) 
+                throw StandardException.newException(
+                       SQLState.REENCRYPTION_PREPARED_XACT_EXIST);
+            else 
+                throw StandardException.newException(
+                       SQLState.ENCRYPTION_PREPARED_XACT_EXIST);
         }
     }
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/LogToFile.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/LogToFile.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/LogToFile.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/LogToFile.java Thu
Jul 13 15:45:40 2006
@@ -4114,6 +4114,48 @@
 		return false;
 	}
 
+
+    /**
+     *  Check to see if a database has been upgraded to the required
+     *  level in order to use a store feature.
+     *
+     * @param requiredMajorVersion  required database Engine major version
+     * @param requiredMinorVersion  required database Engine minor version
+     * @param feature Non-null to throw an exception, null to return the 
+     *                state of the version match.
+     * @return <code> true </code> if the database has been upgraded to 
+     *         the required level, <code> false </code> otherwise.
+     * @exception  StandardException 
+     *             if the database is not at the require version 
+     *             when <code>feature</code> feature is 
+     *             not <code> null </code>. 
+     */
+	public boolean checkVersion(int requiredMajorVersion, 
+                                int requiredMinorVersion, 
+                                String feature) throws StandardException 
+    {
+        
+        boolean isRequiredVersion = 
+            checkVersion(requiredMajorVersion, requiredMinorVersion);
+
+        // if the database is not at the required version , throw exception 
+        // if the feature is non-null . 
+        if (!isRequiredVersion && feature != null) 
+        {
+            throw StandardException.newException(
+                  SQLState.LANG_STATEMENT_UPGRADE_REQUIRED, feature,
+                  ProductVersionHolder.simpleVersionString(onDiskMajorVersion, 
+                                                           onDiskMinorVersion, 
+                                                           onDiskBeta),
+                  ProductVersionHolder.simpleVersionString(requiredMajorVersion, 
+                                                           requiredMinorVersion, 
+                                                           false));
+        }
+
+        return isRequiredVersion;
+    }
+
+
 	/*
 	** Sending information to the user without throwing exception.
 	** There are times when unusual external or system related things happen in

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/ReadOnly.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/ReadOnly.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/ReadOnly.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/log/ReadOnly.java Thu
Jul 13 15:45:40 2006
@@ -371,4 +371,32 @@
     public void setupLogEncryption() throws StandardException {
         // nothing to do for a read-only database. 
     }
+
+    /**
+     *  Check to see if a database has been upgraded to the required
+     *  level in order to use a store feature.
+     *
+     * This method is generally used to prevent writes to 
+     * data/log file by a particular store feature until the 
+     * database is upgraded to the required version. 
+     * In read-only database writes are not allowed, so nothing to do
+     * for this method in this implementation of the log factory.
+     *
+     * @param requiredMajorVersion  required database Engine major version
+     * @param requiredMinorVersion  required database Engine minor version
+     * @param feature Non-null to throw an exception, null to return the 
+     *                state of the version match.
+     *
+     * @exception  StandardException 
+     *             not implemented exception is thrown
+     */
+	public boolean checkVersion(int requiredMajorVersion, 
+                                int requiredMinorVersion, 
+                                String feature) 
+        throws StandardException
+    {
+        // nothing to do for read only databases; 
+        throw StandardException.newException(
+                  SQLState.STORE_FEATURE_NOT_IMPLEMENTED);
+    }
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/TransactionTable.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/TransactionTable.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/TransactionTable.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/TransactionTable.java
Thu Jul 13 15:45:40 2006
@@ -542,24 +542,62 @@
 	}
 
 	/**
-		Is there a prepared transaction in the transaction table.
+       Is there a prepared transaction that are recovered 
+       durring the recovery in the transaction table.
 
-		<P>MT - unsafe, caller is recovery, which is single threaded.
-	*/
-	public boolean hasPreparedRecoveredXact()
-	{
-		for (Enumeration e = trans.elements(); e.hasMoreElements(); )
-		{
-			TransactionTableEntry ent = (TransactionTableEntry) e.nextElement();
+       <P>MT - unsafe, caller is recovery, which is single threaded.
+    */
+    public boolean hasPreparedRecoveredXact()
+    {
+        return hasPreparedXact(true);
+    }
 
-			if (ent != null && ent.isRecovery() && 
-				(ent.getTransactionStatus() & Xact.END_PREPARED) != 0)
+
+    /**
+       Is there a prepared transaction in the transaction table.
+       <P>MT - unsafe, called during boot, which is single threaded.
+    */
+    public boolean hasPreparedXact()
+    {
+        return hasPreparedXact(false);
+    }
+
+    /**
+     * Is there a prepared transaction in the transaction table.
+     * 
+     * <P>MT - unsafe, caller is recovery/at boot, which is single threaded.
+     *
+     * @param recovered  <code> true </code> to search  for transaction 
+     *                  that are in prepared during recovery.  
+     *                  recovered tranaction. 
+     *                  <code> false > to search for just prepared 
+     *                  transactons. 
+     * @return         <code> true if there is a prepared transaction and
+     *                  recovered when <code> recovered </code> argument is 
+     *                  <code> true </code>
+     */
+
+    private boolean hasPreparedXact(boolean recovered)
+    {
+        for (Enumeration e = trans.elements(); e.hasMoreElements(); )
+        {
+            TransactionTableEntry ent = (TransactionTableEntry) e.nextElement();
+
+            if (ent != null && 
+                (ent.getTransactionStatus() & Xact.END_PREPARED) != 0)
             {
-				return true;
+                if (recovered) {
+                    if(ent.isRecovery())
+                        return true;
+                } else {
+                    return true;
+                }
             }
-		}
-		return false;
-	}
+        }
+        return false;
+    }
+
+
 
 
 	/**

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/XactFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/XactFactory.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/XactFactory.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/xact/XactFactory.java
Thu Jul 13 15:45:40 2006
@@ -822,6 +822,26 @@
 		return (ttab.hasActiveUpdateTransaction() == false);
 	}
 
+
+    /**
+     * Check if there are any prepared transanctions in the 
+     * transaction table. 
+     *
+     * Caller must be aware that if there is no other mechanism to stop
+     * transactions from starting and ending, then this information is
+     * outdated as soon as it is reported.
+     *
+     * @return     <tt>true</tt> if there are prepared 
+     *              transactions in the transaction table,
+     *              <tt>false</tt> otherwise.
+     */
+	public boolean hasPreparedXact()
+	{
+		return (ttab.hasPreparedXact());
+	}
+
+
+
 	/*
 		remove the transaction Id an return false iff the transaction is found
 		in the table and it doesn't need exclusion from quiesce state

Modified: db/derby/code/trunk/java/engine/org/apache/derby/loc/messages_en.properties
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/loc/messages_en.properties?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/loc/messages_en.properties (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/loc/messages_en.properties Thu Jul 13
15:45:40 2006
@@ -87,6 +87,9 @@
 XBCXL.S=The verification process for the encryption key was not successful. This could have
been caused by an error when accessing the appropriate file to do the verification process.
 See next exception for details.  
 XBCXM.S=The length of the external encryption key must be an even number.
 XBCXN.S=The external encryption key contains one or more illegal characters. Allowed characters
for a hexadecimal number are 0-9, a-f and A-F.
+XBCXO.S= Cannot encrypt the database when there is a global transaction in the prepared state.
+XBCXP.S= Cannot re-encrypt the database with a new boot password or an external encryption
key when there is a global transaction in the prepared state.
+
 
 #../java/com/ibm/db2j/impl/BasicServices/CacheService/Generic/messages.properties
 

Modified: db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
(original)
+++ db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
Thu Jul 13 15:45:40 2006
@@ -222,7 +222,9 @@
     String ENCRYPTION_UNABLE_KEY_VERIFICATION  = "XBCXL.S";
     String ENCRYPTION_INVALID_EXKEY_LENGTH          = "XBCXM.S";
     String ENCRYPTION_ILLEGAL_EXKEY_CHARS           = "XBCXN.S";
-        
+    String ENCRYPTION_PREPARED_XACT_EXIST   =  "XBCXO.S";
+    String REENCRYPTION_PREPARED_XACT_EXIST =  "XBCXP.S";
+
 	/*
 	** Cache Service
 	*/

Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out?rev=421721&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
(added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
Thu Jul 13 15:45:40 2006
@@ -0,0 +1,138 @@
+ij> -- This script tests  configuring an un-encrypted database 
+-- for encryption and re-encryption of an encrypted database.
+-- with new enryption key/password.
+-- if there are any global transactions in the prepared state after
+-- recovery; encrypion/re-encryption of a database should fail. 
+disconnect;
+ij> xa_datasource 'wombat_en' create;
+ij> xa_connect ;
+ij> xa_start xa_noflags 0;
+ij> xa_getconnection;
+ij> create table foo (a int);
+0 rows inserted/updated/deleted
+ij> insert into foo values (0);
+1 row inserted/updated/deleted
+ij> insert into foo values (1);
+1 row inserted/updated/deleted
+ij> select * from foo;
+A          
+-----------
+0          
+1          
+ij> xa_end xa_success 0;
+ij> xa_commit xa_1phase 0;
+ij> -- prepare transaction and shutdown
+xa_start xa_noflags 1;
+ij> insert into foo values (2);
+1 row inserted/updated/deleted
+ij> insert into foo values (3);
+1 row inserted/updated/deleted
+ij> xa_end xa_success 1;
+ij> -- prepare the global tx
+xa_prepare 1;
+ij> -- shutdown the database
+disconnect;
+ij> connect 'jdbc:derby:;shutdown=true';
+ERROR XJ015: Derby system shutdown.
+ij> -- configure the database for encrypion with an external encryption key.
+-- this should fail because of the global transacton in the prepared state.
+connect 'jdbc:derby:wombat_en;dataEncryption=true;encryptionKey=6162636465666768';
+ERROR XJ040: Failed to start database 'wombat_en', see the next exception for details.
+ERROR XBCXO: Cannot encrypt the database when there is a global transaction in the prepared
state.
+ij> ---attempt to configure the database for encrypion with a boot password.
+-- this should fail because of the global transacton in 
+-- the prepared state.
+connect 'jdbc:derby:wombat_en;dataEncryption=true;bootPassword=xyz1234abc';
+ERROR XJ040: Failed to start database 'wombat_en', see the next exception for details.
+ERROR XBCXO: Cannot encrypt the database when there is a global transaction in the prepared
state.
+ij> -- now reboot the db and commit the transaction in the prepapred state. 
+xa_datasource 'wombat_en';
+ij> xa_connect ;
+ij> xa_start xa_noflags 2;
+ij> xa_getconnection;
+ij> insert into foo values (4);
+1 row inserted/updated/deleted
+ij> xa_recover xa_startrscan;
+Recovered 1 in doubt transactions
+Transaction 1 : (1,FILTERED,FILTERED)
+ij> xa_commit xa_2phase 1;
+ij> select * from foo;
+A          
+-----------
+0          
+1          
+2          
+3          
+4          
+ij> xa_end xa_success 2;
+ij> xa_commit xa_1phase 2;
+ij> -- shutdown the database
+disconnect;
+ij> connect 'jdbc:derby:;shutdown=true';
+ERROR XJ015: Derby system shutdown.
+ij> --- configure the database for encrypion with a boot password.
+--- this should pass.
+connect 'jdbc:derby:wombat_en;dataEncryption=true;bootPassword=xyz1234abc';
+ij> disconnect;
+ij> xa_datasource 'wombat_en';
+ij> xa_connect ;
+ij> xa_start xa_noflags 3;
+ij> xa_getconnection;
+ij> insert into foo values (5);
+1 row inserted/updated/deleted
+ij> xa_end xa_success 3;
+ij> -- prepare the global tx
+xa_prepare 3;
+ij> -- shutdown the database
+disconnect;
+ij> connect 'jdbc:derby:;shutdown=true';
+ERROR XJ015: Derby system shutdown.
+ij> -- attempt to reconfigure the database with a new password. 
+-- this should fail because of the global transaction in the prepared state
+-- after recovery.
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
+ERROR XJ040: Failed to start database 'wombat_en', see the next exception for details.
+ERROR XBCXP: Cannot re-encrypt the database with a new boot password or an external encryption
key when there is a global transaction in the prepared state.
+ij> -- now reboot the db and commit the transaction in the prepared state. 
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc';
+ij> disconnect;
+ij> xa_datasource 'wombat_en';
+ij> xa_connect ;
+ij> xa_start xa_noflags 4;
+ij> xa_getconnection;
+ij> insert into foo values (6);
+1 row inserted/updated/deleted
+ij> xa_recover xa_startrscan;
+Recovered 1 in doubt transactions
+Transaction 1 : (3,FILTERED,FILTERED)
+ij> xa_commit xa_2phase 3;
+ij> select * from foo;
+A          
+-----------
+0          
+1          
+2          
+3          
+4          
+5          
+6          
+ij> xa_end xa_success 4;
+ij> xa_commit xa_1phase 4;
+ij> -- shutdown the database
+disconnect;
+ij> connect 'jdbc:derby:;shutdown=true';
+ERROR XJ015: Derby system shutdown.
+ij> --- re-encrypt the database with a new password. 
+--- this should pass. 
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
+ij> select * from foo ;
+A          
+-----------
+0          
+1          
+2          
+3          
+4          
+5          
+6          
+ij> 

Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/suites/encryptionAll.runall
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/suites/encryptionAll.runall?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/suites/encryptionAll.runall
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/suites/encryptionAll.runall
Thu Jul 13 15:45:40 2006
@@ -2,3 +2,4 @@
 store/encryptParams.sql
 store/encryptionKey.sql
 store/encryptDatabaseTest1.sql
+store/encryptDatabaseTest2.sql

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/copyfiles.ant
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/copyfiles.ant?rev=421721&r1=421720&r2=421721&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/copyfiles.ant
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/copyfiles.ant
Thu Jul 13 15:45:40 2006
@@ -58,6 +58,8 @@
 encryptDatabase_app.properties
 encryptDatabaseTest1.sql
 encryptDatabaseTest1_app.properties
+encryptDatabaseTest2.sql
+encryptDatabaseTest2_app.properties
 encryptParams.sql
 encryptParams_app.properties
 encryptionKey.sql

Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql?rev=421721&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
(added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
Thu Jul 13 15:45:40 2006
@@ -0,0 +1,107 @@
+-- This script tests  configuring an un-encrypted database 
+-- for encryption and re-encryption of an encrypted database.
+-- with new enryption key/password.
+
+
+-- if there are any global transactions in the prepared state after
+-- recovery; encrypion/re-encryption of a database should fail. 
+
+disconnect;
+xa_datasource 'wombat_en' create;
+xa_connect ;
+xa_start xa_noflags 0;
+xa_getconnection;
+create table foo (a int);
+insert into foo values (0);
+insert into foo values (1);
+select * from foo;
+xa_end xa_success 0;
+xa_commit xa_1phase 0;
+
+-- prepare transaction and shutdown
+xa_start xa_noflags 1;
+insert into foo values (2);
+insert into foo values (3);
+xa_end xa_success 1;
+
+-- prepare the global tx
+xa_prepare 1;
+
+
+-- shutdown the database
+disconnect;
+connect 'jdbc:derby:;shutdown=true';
+
+
+-- configure the database for encrypion with an external encryption key.
+-- this should fail because of the global transacton in the prepared state.
+ 
+connect 'jdbc:derby:wombat_en;dataEncryption=true;encryptionKey=6162636465666768';
+
+---attempt to configure the database for encrypion with a boot password.
+-- this should fail because of the global transacton in 
+-- the prepared state.
+
+connect 'jdbc:derby:wombat_en;dataEncryption=true;bootPassword=xyz1234abc';
+
+-- now reboot the db and commit the transaction in the prepapred state. 
+xa_datasource 'wombat_en';
+xa_connect ;
+xa_start xa_noflags 2;
+xa_getconnection;
+insert into foo values (4);
+xa_recover xa_startrscan;
+xa_commit xa_2phase 1;
+select * from foo;
+xa_end xa_success 2;
+xa_commit xa_1phase 2;
+
+-- shutdown the database
+disconnect;
+connect 'jdbc:derby:;shutdown=true';
+
+--- configure the database for encrypion with a boot password.
+--- this should pass.
+connect 'jdbc:derby:wombat_en;dataEncryption=true;bootPassword=xyz1234abc';
+disconnect;
+xa_datasource 'wombat_en';
+xa_connect ;
+xa_start xa_noflags 3;
+xa_getconnection;
+insert into foo values (5);
+xa_end xa_success 3;
+
+-- prepare the global tx
+xa_prepare 3;
+
+-- shutdown the database
+disconnect;
+connect 'jdbc:derby:;shutdown=true';
+
+-- attempt to reconfigure the database with a new password. 
+-- this should fail because of the global transaction in the prepared state
+-- after recovery.
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
+
+-- now reboot the db and commit the transaction in the prepared state. 
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc';
+disconnect;
+xa_datasource 'wombat_en';
+xa_connect ;
+xa_start xa_noflags 4;
+xa_getconnection;
+insert into foo values (6);
+xa_recover xa_startrscan;
+xa_commit xa_2phase 3;
+select * from foo;
+xa_end xa_success 4;
+xa_commit xa_1phase 4;
+
+-- shutdown the database
+disconnect;
+connect 'jdbc:derby:;shutdown=true';
+
+--- re-encrypt the database with a new password. 
+--- this should pass. 
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
+select * from foo ;

Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties?rev=421721&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties
(added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties
Thu Jul 13 15:45:40 2006
@@ -0,0 +1,4 @@
+usedefaults=true
+# Temporarily disabling the securiy manager for  this  new test
+# related to DERBY-1156 (reencrypt database ) work in progress. 
+noSecurityManager=true

Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2_app.properties
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message