[jira] Updated: (DERBY-2811) Specifying -h 0.0.0.0 with default security manager bars clients from connecting from any host

Rick Hillegas (JIRA) Wed, 13 Jun 2007 17:45:53 -0700

     [ 
https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Rick Hillegas updated DERBY-2811:
---------------------------------

    Attachment: derby-2811-01.diff

Attaching a patch for this problem: derby-2811-01.diff. Dag, could you take a 
gander at this? I will run tests later tonight. Touches the following files:

M      java/drda/org/apache/derby/drda/NetworkServerControl.java

The special 0.0.0.0 Derby wildcard is translated into the * wildcard for poking 
into the system properties so that the vm can substitute * into the host 
variable in the default policy.

M      
java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java

Added a test case for host 0.0.0.0.

M      java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java

Modified this decorator so that it can handle this edge case. Added some more 
defensive logic in places where exceptions were being silently swallowed. I 
noticed test hangs when running the new test case against a server without the 
changes to NetworkServerControl. After adding the defensive code, the tests 
don't hang anymore in that situation and SecureServerTest runs cleanly with the 
changes to NetworkServerControl. However, we should think more about how to 
handle unexpected ping errors in this decorator.


> Specifying -h 0.0.0.0 with default security manager bars clients from 
> connecting from any host
> ----------------------------------------------------------------------------------------------
>
>                 Key: DERBY-2811
>                 URL: https://issues.apache.org/jira/browse/DERBY-2811
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>    Affects Versions: 10.3.0.0
>            Reporter: Dag H. Wanvik
>            Assignee: Rick Hillegas
>         Attachments: derby-2811-01.diff
>
>
> The default policy file installed has this stanza:
>   :
>   permission java.net.SocketPermission "${derby.drda.host}:*", "accept"; 
>   :
> Normally, specifying -h 0.0.0.0 to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DERBY-2811) Specifying -h 0.0.0.0 with default security manager bars clients from connecting from any host

Reply via email to