db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernt M. Johnsen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2796) Obscure error messages when using SSL in various combinations
Date Thu, 14 Jun 2007 09:06:26 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12504608
] 

Bernt M. Johnsen commented on DERBY-2796:
-----------------------------------------

Suggestion: 

I'll try and get rid of the SSLException stack trace and change the two obscure error messages
to e.g.:

ERROR 58009: A network protocol error was encountered and the connection has been terminated:
A PROTOCOL Data Stream Syntax Error was detected. Reason: 0x3. Plaintext connection to an
SSL enabled server?

and

Invalid reply header from network server: Invalid string . Plaintext connection to an SSL
enabled server?

-------------------------------------------------------
There is also another case: If you run an ssl-enabled client against a plaintext server, you
will get the following on the server console output:

Execution failed because of a Distributed Protocol Error:  DRDA_Proto_SYNTAXRM; CODPNT arg
 = 0; Error Code Value = 3
org.apache.derby.impl.drda.DRDAProtocolException: Execution failed because of a Distributed
Protocol Error:  DRDA_Proto_SYNTAXRM; CODPNT arg  = 0; Error Code Value = 3
        at org.apache.derby.impl.drda.DRDAConnThread.throwSyntaxrm(DRDAConnThread.java:468)
        at org.apache.derby.impl.drda.DDMReader.readDssHeader(DDMReader.java:348)
        at org.apache.derby.impl.drda.DRDAConnThread.exchangeServerAttributes(DRDAConnThread.java:1024)
        at org.apache.derby.impl.drda.DRDAConnThread.sessionInitialState(DRDAConnThread.java:618)
        at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:264)

The text "Execution failed because of a Distributed Protocol Error:  DRDA_Proto_SYNTAXRM;
CODPNT arg  = 0; Error Code Value = 3"

should be changed to "Execution failed because of a Distributed Protocol Error:  DRDA_Proto_SYNTAXRM;
CODPNT arg  = 0; Error Code Value = 3. SSL connection attempt to plaintext server?
--------------------------------------------------
An finally: The docs should state that a plaintext server or client has no way to know whether
the ther side is an SSL enabled derby client/server or some prgram using a totally different
protocol, and thus the error messages you get might seem a bit awkward.


> Obscure error messages when using SSL in various combinations
> -------------------------------------------------------------
>
>                 Key: DERBY-2796
>                 URL: https://issues.apache.org/jira/browse/DERBY-2796
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 10.3.0.0
>            Reporter: Rick Hillegas
>            Assignee: Bernt M. Johnsen
>             Fix For: 10.3.0.0
>
>         Attachments: ssltest.html
>
>
> I ran clients with various ssl configurations on their urls and startup options against
servers with various ssl configurations. I will attach an html file recording my results.
I feel that many of the error conditions raised diagnostics which were too obscure to be helpful.
I think this will be burdensome to tech support.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message