db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Zaun (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-3537) Invalid use shutdown authentication checks in NetworkServerControlImpl.directShutdown()
Date Fri, 21 Mar 2008 22:25:24 GMT

     [ https://issues.apache.org/jira/browse/DERBY-3537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Martin Zaun updated DERBY-3537:

    Attachment: DERBY-3537-01.diff

> ... especially since the code that started the server is the code that is calling this
shutdown and a user/password is not required for startup.

Convinced.  Please, find attached a patch:
- NetworServerControlImpl.directShutdownInternal() changed from private to package access
- ClientThread changed to call directShutdownInternal() circumventing any authentication/authorization

The junit tests succeeded.  A few derbayall tests failed because of unexpected output due
to a debugging println() I'd overlooked (posted -01 patch is clean). Will run derbyall on
posted patch again next week but really don't expect any difference.

> Invalid use shutdown authentication checks in NetworkServerControlImpl.directShutdown()

> ----------------------------------------------------------------------------------------
>                 Key: DERBY-3537
>                 URL: https://issues.apache.org/jira/browse/DERBY-3537
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>            Reporter: Daniel John Debrunner
>            Priority: Minor
>         Attachments: DERBY-3537-01.diff, DERBY-3537-01.stat
> If ClientThread hits an SSLException exception it will call NetworkServerControlImpl.directShutdown().
> DERBY-2109 added privilege checking to directShutdown() that includes authentication.
> I can't see how this call by ClientThread can be valid. Authentication is not required
to start the network server, thus a NetworkServerControl with no user,password may be used
and thus passed onto directShutdown() failing authentication and then failing to perform the
failed shutdown?
> I think the error was adding the privilege check in DERBY-2109, it looks like this method
is for use only within the network server (actually this is the only use of it), maybe the
correct security mechanism would have been to make the method package private?

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message