[jira] [Updated] (DERBY-6764) analyze impact of poodle security alert on Derby client - server ssl support

Mamta A. Satoor (JIRA) Fri, 21 Nov 2014 15:25:36 -0800

     [ 
https://issues.apache.org/jira/browse/DERBY-6764?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Mamta A. Satoor updated DERBY-6764:
-----------------------------------
    Attachment: DERBY6764_10_8_backport_patch1_diff.txt

I tried backporting this jira to 10.8 but I am getting following error very 
early on when I try to junit suite(also, had to make hand change for the 
backport to work because there is no String.contains(..) method in jk1.4 so I 
changed the backport code to use String.indexOf(...)>=0 but that should not 
cause any problems). I am trying to run junit suite with IBM jdk1.6
(emb)derbynet.PrepareStatementTest.testBasicPrepare used 65 ms .
(emb)derbynet.PrepareStatementTest.testParameterTypes used 89 ms .
(emb)derbynet.PrepareStatementTest.testBigTable used 1155 ms .
(emb)derbynet.PrepareStatementTest.testBigDecimalSetObject used 58 ms .
(emb)derbynet.PrepareStatementTest.testBigDecimalSetObjectWithScale used 20 ms .
(emb)derbynet.PrepareStatementTest.testVaryingClientParameterTypeBatch used 22 
ms .
(emb)derbynet.PrepareStatementTest.testSmallBigDecimal used 26 ms .
(emb)derbynet.PrepareStatementTest.testManyPreparedStatements used 147 ms .
(emb)derbynet.PrepareStatementTest.testInvalidTimestamp used 26 ms .
(emb)derbynet.PrepareStatementTest.testSplitQRYDTABlock used 300 ms .
(emb)derbynet.PrepareStatementTest.testExcpetionWithBigParameter used 50 ms .
(emb)derbynet.PrepareStatementTest.testLargeReplies used 73 ms .
(emb)derbynet.PrepareStatementTest.testAlternatingLobValuesAndNull used 80 ms .
(emb)derbynet.PrepareStatementTest.testLargeBatch used 3602 ms .
(emb)derbynet.PrepareStatementTest.testDSSLength used 91 ms .
(emb)derbynet.PrepareStatementTest.testVariationOfSetObject used 42 ms .
(emb)derbynet.PrepareStatementTest.testLargeParameters_a used 28 ms .
(emb)derbynet.PrepareStatementTest.testLargeParameters_b used 43 ms .
(emb)derbynet.PrepareStatementTest.testDerby3230 used 26 ms .
(emb)derbynet.PrepareStatementTest.testReadBlobCloseToMaxDssLength used 13 ms .
(emb)derbynet.PrepareStatementTest.testLongColumn used 21 ms 
EEEEEEEEEESTART-SPAWNED:SpawnedNetworkServer STANDARD OUTPUT: exit code=1
Fri Nov 21 13:55:01 PST 2014 : Security manager installed using the Basic 
server security policy.
Fri Nov 21 13:55:02 PST 2014 : Access denied ("java.net.SocketPermission" 
"localhost:1527" "listen,resolve")
java.security.AccessControlException: Access denied 
("java.net.SocketPermission" "localhost:1527" "listen,resolve")
        at java.security.AccessController.throwACE(AccessController.java:100)
        at 
java.security.AccessController.checkPermission(AccessController.java:174)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:562)
        at java.lang.SecurityManager.checkListen(SecurityManager.java:1147)
        at java.net.ServerSocket.bind(ServerSocket.java:442)
        at java.net.ServerSocket.<init>(ServerSocket.java:256)
        at 
javax.net.DefaultServerSocketFactory.createServerSocket(ServerSocketFactory.java:6)
        at 
org.apache.derby.impl.drda.NetworkServerControlImpl.createServerSocket(NetworkServerControlImpl.java:674)
        at 
org.apache.derby.impl.drda.NetworkServerControlImpl.access$000(NetworkServerControlImpl.java:95)
        at 
org.apache.derby.impl.drda.NetworkServerControlImpl$1.run(NetworkServerControlImpl.java:724)
        at 
java.security.AccessController.doPrivileged(AccessController.java:330)
        at 
org.apache.derby.impl.drda.NetworkServerControlImpl.blockingStart(NetworkServerControlImpl.java:719)
        at 
org.apache.derby.impl.drda.NetworkServerControlImpl.executeWork(NetworkServerControlImpl.java:2250)
        at 
org.apache.derby.drda.NetworkServerControl.main(NetworkServerControl.java:331)
END-SPAWNED  :SpawnedNetworkServer STANDARD OUTPUT:
F

> analyze impact of poodle security alert on Derby client - server ssl support
> ----------------------------------------------------------------------------
>
>                 Key: DERBY-6764
>                 URL: https://issues.apache.org/jira/browse/DERBY-6764
>             Project: Derby
>          Issue Type: Task
>    Affects Versions: 10.10.2.0, 10.11.1.1, 10.12.0.0
>            Reporter: Myrna van Lunteren
>            Assignee: Mamta A. Satoor
>             Fix For: 10.10.2.1, 10.11.1.3, 10.12.0.0
>
>         Attachments: DERBY6764_10_8_backport_patch1_diff.txt, 
> DERBY6764_backport10_11_patch1_diff.txt, DERBY6764_patch1_diff.txt, 
> DERBY6764_patch1_stat.txt
>
>
> Recently, a security weakness was found in SSLv3, POODLE: SSLv3 vulnerability 
> (CVE-2014-3566)
> Derby supports ssl between the client and network server.
> We should investigate this and decide if we need to change our product, e.g. 
> to eliminate support for SSL in favor of its successor TLS.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (DERBY-6764) analyze impact of poodle security alert on Derby client - server ssl support

Reply via email to