db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-4328) The Developer's Guide falsely claims that you can use SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY to change the boot password on an encrypted database.
Date Tue, 18 Aug 2009 19:54:14 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4328?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12744671#action_12744671
] 

Rick Hillegas commented on DERBY-4328:
--------------------------------------

I think that you cannot escape the semicolons in the connection url. That is, components of
the connection url simply can't have semicolons in them. This creates another problem for
using SYSCS_UTIL.SYSCS_CHANGE_BOOT_PASSWORD. Using that procedure, you can set the boot password
to be an illegal password with an embedded semicolon. You then can't boot the database. The
following script shows this behavior:

connect 'jdbc:derby:memory:encdbcbc_128;create=true;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thursday';
create table t1(i1 int);
insert into t1 values ( 1);
select * from t1;
call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', 'Thursday , Thurs;day');
disconnect;
connect 'jdbc:derby:memory:encdbcbc_128;shutdown=true';

-- fails
connect 'jdbc:derby:memory:encdbcbc_128;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thurs;day';


> The Developer's Guide falsely claims that you can use SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY
to change the boot password on an encrypted database.
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-4328
>                 URL: https://issues.apache.org/jira/browse/DERBY-4328
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>            Reporter: Rick Hillegas
>            Assignee: Rick Hillegas
>             Fix For: 10.5.3.0
>
>         Attachments: derby-4328-01-aa-removeFalseReencryptionClaim.diff
>
>
> This claim is made in the section titled 'Changing the boot password'. If you try to
run the example, you get this error:
> CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY( 'bootPassword', 'Thursday' , 'Saturday');
> ERROR 42Y03: 'SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY' is not recognized as a function
or procedure.
> The correct way to change the boot password is documented earlier on in the section titled
'Encrypting databases with a new boot password'. We should remove the section titled 'Changing
the boot password'.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message