db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mamta A. Satoor (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-6764) analyze impact of poodle security alert on Derby client - server ssl support
Date Fri, 21 Nov 2014 23:24:36 GMT

     [ https://issues.apache.org/jira/browse/DERBY-6764?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mamta A. Satoor updated DERBY-6764:
-----------------------------------
    Attachment: DERBY6764_10_8_backport_patch1_diff.txt

I tried backporting this jira to 10.8 but I am getting following error very early on when
I try to junit suite(also, had to make hand change for the backport to work because there
is no String.contains(..) method in jk1.4 so I changed the backport code to use String.indexOf(...)>=0
but that should not cause any problems). I am trying to run junit suite with IBM jdk1.6
(emb)derbynet.PrepareStatementTest.testBasicPrepare used 65 ms .
(emb)derbynet.PrepareStatementTest.testParameterTypes used 89 ms .
(emb)derbynet.PrepareStatementTest.testBigTable used 1155 ms .
(emb)derbynet.PrepareStatementTest.testBigDecimalSetObject used 58 ms .
(emb)derbynet.PrepareStatementTest.testBigDecimalSetObjectWithScale used 20 ms .
(emb)derbynet.PrepareStatementTest.testVaryingClientParameterTypeBatch used 22 ms .
(emb)derbynet.PrepareStatementTest.testSmallBigDecimal used 26 ms .
(emb)derbynet.PrepareStatementTest.testManyPreparedStatements used 147 ms .
(emb)derbynet.PrepareStatementTest.testInvalidTimestamp used 26 ms .
(emb)derbynet.PrepareStatementTest.testSplitQRYDTABlock used 300 ms .
(emb)derbynet.PrepareStatementTest.testExcpetionWithBigParameter used 50 ms .
(emb)derbynet.PrepareStatementTest.testLargeReplies used 73 ms .
(emb)derbynet.PrepareStatementTest.testAlternatingLobValuesAndNull used 80 ms .
(emb)derbynet.PrepareStatementTest.testLargeBatch used 3602 ms .
(emb)derbynet.PrepareStatementTest.testDSSLength used 91 ms .
(emb)derbynet.PrepareStatementTest.testVariationOfSetObject used 42 ms .
(emb)derbynet.PrepareStatementTest.testLargeParameters_a used 28 ms .
(emb)derbynet.PrepareStatementTest.testLargeParameters_b used 43 ms .
(emb)derbynet.PrepareStatementTest.testDerby3230 used 26 ms .
(emb)derbynet.PrepareStatementTest.testReadBlobCloseToMaxDssLength used 13 ms .
(emb)derbynet.PrepareStatementTest.testLongColumn used 21 ms EEEEEEEEEESTART-SPAWNED:SpawnedNetworkServer
STANDARD OUTPUT: exit code=1
Fri Nov 21 13:55:01 PST 2014 : Security manager installed using the Basic server security
policy.
Fri Nov 21 13:55:02 PST 2014 : Access denied ("java.net.SocketPermission" "localhost:1527"
"listen,resolve")
java.security.AccessControlException: Access denied ("java.net.SocketPermission" "localhost:1527"
"listen,resolve")
	at java.security.AccessController.throwACE(AccessController.java:100)
	at java.security.AccessController.checkPermission(AccessController.java:174)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:562)
	at java.lang.SecurityManager.checkListen(SecurityManager.java:1147)
	at java.net.ServerSocket.bind(ServerSocket.java:442)
	at java.net.ServerSocket.<init>(ServerSocket.java:256)
	at javax.net.DefaultServerSocketFactory.createServerSocket(ServerSocketFactory.java:6)
	at org.apache.derby.impl.drda.NetworkServerControlImpl.createServerSocket(NetworkServerControlImpl.java:674)
	at org.apache.derby.impl.drda.NetworkServerControlImpl.access$000(NetworkServerControlImpl.java:95)
	at org.apache.derby.impl.drda.NetworkServerControlImpl$1.run(NetworkServerControlImpl.java:724)
	at java.security.AccessController.doPrivileged(AccessController.java:330)
	at org.apache.derby.impl.drda.NetworkServerControlImpl.blockingStart(NetworkServerControlImpl.java:719)
	at org.apache.derby.impl.drda.NetworkServerControlImpl.executeWork(NetworkServerControlImpl.java:2250)
	at org.apache.derby.drda.NetworkServerControl.main(NetworkServerControl.java:331)
END-SPAWNED  :SpawnedNetworkServer STANDARD OUTPUT:
F

> analyze impact of poodle security alert on Derby client - server ssl support
> ----------------------------------------------------------------------------
>
>                 Key: DERBY-6764
>                 URL: https://issues.apache.org/jira/browse/DERBY-6764
>             Project: Derby
>          Issue Type: Task
>    Affects Versions: 10.10.2.0, 10.11.1.1, 10.12.0.0
>            Reporter: Myrna van Lunteren
>            Assignee: Mamta A. Satoor
>             Fix For: 10.10.2.1, 10.11.1.3, 10.12.0.0
>
>         Attachments: DERBY6764_10_8_backport_patch1_diff.txt, DERBY6764_backport10_11_patch1_diff.txt,
DERBY6764_patch1_diff.txt, DERBY6764_patch1_stat.txt
>
>
> Recently, a security weakness was found in SSLv3, POODLE: SSLv3 vulnerability (CVE-2014-3566)
> Derby supports ssl between the client and network server.
> We should investigate this and decide if we need to change our product, e.g. to eliminate
support for SSL in favor of its successor TLS.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message