Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 17565 invoked from network); 19 Mar 2008 23:18:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 Mar 2008 23:18:17 -0000 Received: (qmail 57476 invoked by uid 500); 19 Mar 2008 23:18:14 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 57446 invoked by uid 500); 19 Mar 2008 23:18:14 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 57436 invoked by uid 99); 19 Mar 2008 23:18:14 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Mar 2008 16:18:14 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Mar 2008 23:17:44 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 57F87234C0A7 for ; Wed, 19 Mar 2008 16:16:26 -0700 (PDT) Message-ID: <770876135.1205968586359.JavaMail.jira@brutus> Date: Wed, 19 Mar 2008 16:16:26 -0700 (PDT) From: "Martin Zaun (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-3537) Invalid use shutdown authentication checks in NetworkServerControlImpl.directShutdown() In-Reply-To: <1708882271.1205465364289.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-3537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12580607#action_12580607 ] Martin Zaun commented on DERBY-3537: ------------------------------------ Not 100% sure I understand your suggestion, but I think you mean changing a) method NetworkServerControlImpl.directShutdownInternal() from private to package access, b) ClientThread to call parent.directShutdownInternal() instead of parent.directShutdown(). This would circumvent both checks, authentication and authorization (once it's enabled), for a shutdown from ClientThread in case of an SSLException. I don't think method NetworkServerControlImpl.directShutdown() can be made package-local, since it's also invoked via reflection java.engine.org.apache.derby.iapi.jdbc.DRDAServerStarter.java. > Invalid use shutdown authentication checks in NetworkServerControlImpl.directShutdown() > ---------------------------------------------------------------------------------------- > > Key: DERBY-3537 > URL: https://issues.apache.org/jira/browse/DERBY-3537 > Project: Derby > Issue Type: Bug > Components: Network Server > Reporter: Daniel John Debrunner > Priority: Minor > > If ClientThread hits an SSLException exception it will call NetworkServerControlImpl.directShutdown(). > DERBY-2109 added privilege checking to directShutdown() that includes authentication. > I can't see how this call by ClientThread can be valid. Authentication is not required to start the network server, thus a NetworkServerControl with no user,password may be used and thus passed onto directShutdown() failing authentication and then failing to perform the failed shutdown? > I think the error was adding the privilege check in DERBY-2109, it looks like this method is for use only within the network server (actually this is the only use of it), maybe the correct security mechanism would have been to make the method package private? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.