db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1404947 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/jdbc/ engine/org/apache/derby/loc/ shared/org/apache/derby/shared/common/reference/ testing/org/apache/derbyTesting/functionTests/master/ testing/org/apache/derbyTesting/...
Date Fri, 02 Nov 2012 12:30:48 GMT
Author: rhillegas
Date: Fri Nov  2 12:30:47 2012
New Revision: 1404947

URL: http://svn.apache.org/viewvc?rev=1404947&view=rev
Log:
DERBY-5969: Raise a SQLWarning if someone attempts to change the encryption state of an already
booted database.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java
    db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
    db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java Fri Nov
 2 12:30:47 2012
@@ -251,6 +251,13 @@ public class EmbedConnection implements 
 			// see if database is already booted
 			Database database = (Database) Monitor.findService(Property.DATABASE_MODULE, tr.getDBName());
 
+            // encryption, re-encryption and decryption are not allowed on an already booted
database.
+            // see DERBY-5969.
+            if ( (database != null) && isCryptoBoot( info ) )
+            {
+                addWarning( SQLWarningFactory.newSQLWarning( SQLState.AUTH_ENCRYPT_ALREADY_BOOTED
) );
+            }
+
 			// See if user wants to create a new database.
 			boolean	createBoot = createBoot(info);	
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml Fri Nov  2 12:30:47
2012
@@ -235,6 +235,11 @@ Guide.
                 <arg>databaseName</arg>
             </msg>
 
+            <msg>
+                <name>01J17</name>
+                <text>You cannot encrypt, re-encrypt, or decrypt a database which is
already booted. You must shutdown the database before attempting these operations.</text>
+            </msg>
+
         </family>
 
         <family>

Modified: db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
(original)
+++ db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
Fri Nov  2 12:30:47 2012
@@ -1730,6 +1730,7 @@ public interface SQLState {
 	String SQL_AUTHORIZATION_WITH_NO_AUTHENTICATION = "01J14";
 	String PASSWORD_EXPIRES_SOON = "01J15";
 	String DBO_PASSWORD_EXPIRES_SOON = "01J16";
+    String AUTH_ENCRYPT_ALREADY_BOOTED = "01J17";
 
     String CURSOR_OPERATION_CONFLICT = "01001";
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out
Fri Nov  2 12:30:47 2012
@@ -16,6 +16,7 @@ ij> --
 --
 -- Use a valid attribute, but do not display message.
 connect 'jdbc:derby:wombat;dataEncryption=true';
+WARNING 01J17: You cannot encrypt, re-encrypt, or decrypt a database which is already booted.
You must shutdown the database before attempting these operations.
 ij(CONNECTION1)> -- Find an unknown attribute.
 connect 'jdbc:derby:wombat;unknown=x';
 URL Attribute [unknown=x]

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java
Fri Nov  2 12:30:47 2012
@@ -51,6 +51,7 @@ public class DecryptDatabaseTest
 
     private static final String TABLE = "DECRYPTTABLE";
     private static final String BOOTPW = "Thursday";
+    private static final String ALREADY_BOOTED = "01J17";
     /** Current encryption algorithm, used when re-encrypting during set up. */
     private static String encryptionAlgorithm;
 
@@ -207,6 +208,15 @@ public class DecryptDatabaseTest
     public void testDecryptOnBootedDatabase()
             throws SQLException {
         getConnection();
+
+        // These connection attempts should succeed but raise a warning
+        // that encryption change is not possible while the database is booted.
+        println( "Test warning " + ALREADY_BOOTED );
+        vetChangeWarning( connect( false, BOOTPW, "dataEncryption=true" ) );
+        vetChangeWarning( connect( false, BOOTPW, "newBootPassword=foo" ) );
+        vetChangeWarning( connect( false, BOOTPW, "newEncryptionKey=foo" ) );
+        vetChangeWarning( connect( false, BOOTPW, "decryptDatabase=true" ) );
+        
         // Connect to decrypt the database. We expect this to fail since the
         // database is already booted. In this case fail means ignored...
         connect(true, BOOTPW, null).close();
@@ -218,6 +228,13 @@ public class DecryptDatabaseTest
             assertSQLState("XBM06", sqle);
         }
     }
+    private void    vetChangeWarning( Connection conn )
+        throws SQLException
+    {
+        assertWarning( conn, ALREADY_BOOTED );
+        conn.close();
+    }
+
 
     /**
      * Tests that asking to decrypt an un-encrypted doesn't fail.

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java?rev=1404947&r1=1404946&r2=1404947&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java Fri
Nov  2 12:30:47 2012
@@ -887,6 +887,27 @@ public abstract class BaseJDBCTestCase
     }
 
     /**
+     * Assert that a warning is chained to the connection.
+     *
+     * @param conn  the connection
+     * @param expected the expected SQLState of the warning
+     */
+    public static void assertWarning( Connection conn, String expected )
+        throws SQLException
+    {
+        SQLWarning  firstWarning = conn.getWarnings();
+        assertNotNull( firstWarning );
+
+        for ( SQLWarning warning = firstWarning; warning != null; warning = warning.getNextWarning()
)
+        {
+            if ( expected.equals( warning.getSQLState() ) ) { return; }
+        }
+
+        fail( "Expected to see a SQLWarning with the SQLState " + expected );
+    }
+
+
+    /**
      * Assert that SQLState is as expected.
      *
      * @param expected the expected SQLState.



Mime
View raw message