[
https://issues.apache.org/jira/browse/DERBY-5969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rick Hillegas updated DERBY-5969:
---------------------------------
Attachment: derby-5969-01-aa-warnEncryptionOnBootedDB.diff
Attaching derby-5969-01-aa-warnEncryptionOnBootedDB.diff. This patch raises a
SQLWarning if you attempt to change the encryption on an already booted
database. The warning tells you that the encryption state was not changed and
that you need to shutdown the database before attempting the operation. Tests
passed cleanly for me.
A warning is now raised if you set one of the following attributes while
connecting to an already booted database:
dataEncryption
newBootPassword
newEncryptionKey
decryptDatabase
My original plan was to raise an exception in these situations. The Reference
Manual is quite clear that dataEncryption=true is supposed to be used to change
the encryption state of a database. However, I decided that some applications
may set dataEncryption=true every time that they connect to an encrypted
database--in previous releases that attribute has been treated as a NOP if the
database is already booted. So I downgraded the exception to a warning. I
suppose that we could still raise an exception for the other attributes (I
don't imagine anyone sets those attributes unless they really mean to change
the encryption state of the database). But it seemed cleaner to me to have one
SQLState for this condition and to treat all of the cases the same way.
After committing this patch, we will want to modify the user guides to clarify
the following point:
o If you are changing the encryption state of the database, be sure to check
for SQLWarnings after the change. The change succeeded only if there were no
SQLWarnings or SQLExceptions.
We should probably add a release note too just in case applications are
checking for SQLWarnings after connecting to an already booted database with
dataEncryption=true.
Touches the following files:
------------------
M java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java
M java/engine/org/apache/derby/loc/messages.xml
M java/shared/org/apache/derby/shared/common/reference/SQLState.java
Raise new warning.
------------------
M
java/testing/org/apache/derbyTesting/functionTests/tests/store/DecryptDatabaseTest.java
M java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java
New tests to verify that the warning is raised.
------------------
M java/testing/org/apache/derbyTesting/functionTests/master/URLCheck.out
Adjust a test canon.
> Re-encryption and un-encryption silently fail if the database is already
> booted.
> --------------------------------------------------------------------------------
>
> Key: DERBY-5969
> URL: https://issues.apache.org/jira/browse/DERBY-5969
> Project: Derby
> Issue Type: Bug
> Components: Services
> Affects Versions: 10.10.0.0
> Reporter: Rick Hillegas
> Attachments: derby-5969-01-aa-warnEncryptionOnBootedDB.diff
>
>
> If the database is already booted, then the DBO's attempt to re-encrypt or
> un-encrypt the database will silently fail. It will appear to the DBO that
> the re(un)encryption succeeded but in fact the database will not be changed.
> Derby should raise an error if the database is already booted when the DBO
> attempts re(un)encryption.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
