This is a summary of the IRC discussion Kathey M. and I had today.
Posting it on derby-dev to record it - Thanks again for your time and
help Kathey.
<kmarsden> francois: Did you
want to talk about DERBY-528? We can talk here on #derby and then
summarize to the list.
<FrancoisOrsini> I'm going to post some details as you've asked
<kmarsden> The big question
for me is that I want to make sure this doesn't cause any new upgrade
order restrictions
<FrancoisOrsini> It should not with the current changes
<kmarsden> 10.1 /10.2
servers/clients need to continue to work together without change. Even
if it is that the DERBY-528 fix exposes an existing but, it needs to be
resolved before DERBY-528 goes in.
<kmarsden> Does that make sense?
<FrancoisOrsini> Absolutely
<kmarsden> Oh sorry, then I am confused about your original question
<FrancoisOrsini> ok - let me explain
<kmarsden> not question, statement about the incompatibility.
<FrancoisOrsini> The current
changes as they have been posted do not cause 10.1 /10.2
servers/clients connection(s) to fail - all compatibility tests are
passing
<kmarsden> ok. You made a code change then to do that from your original patch?
<FrancoisOrsini> Yes I did
<FrancoisOrsini> I have
backed out the default upgraded secmec to use as SECMEC_USRSSBPWD
(password substitute)
<FrancoisOrsini> Because we
can't process on the client the list of SecMec's returned from a server
which does not support this new SecMec (SECMEC_USRSSBPWD)
<FrancoisOrsini> For instance, 10.2 <--> 10.1
<kmarsden> I see I really missed that from your patch update description.
<FrancoisOrsini> If I could
parse that list on the client side, then SECMEC_USRSSBPWD could be used
as a default upgraded secmec after SECMEC_EUSRIDPWD for instance
<FrancoisOrsini> Yes, sorry my description was not clear
<FrancoisOrsini> Hence why I entered http://issues.apache.org/jira/browse/DERBY-1517
<kmarsden> Then after the fix for DERBY-1517 you will be able to reenable?
<FrancoisOrsini> Yep
<FrancoisOrsini> and It was working great until I ran the full compatibility tests
<FrancoisOrsini> I had run
lots of tests w/ SECMEC_USRSSBPWD so I know it had been working fine,
except when going 10.2 --> 10.1
<kmarsden> I understand. I
was wondering if you could post a summary of the changes that the
DERBY-528 patch makes in some detail to make it a little easier to
review.
<FrancoisOrsini> Yes am writing it now
<FrancoisOrsini> But Derby-1517 is tricky
<kmarsden> Excellent. I will wait for that and then review.
<FrancoisOrsini> The server version is not returned from a ACCSECRD :(
<kmarsden> Right. I was worried about that. It is too early right?
<FrancoisOrsini> I have to
recheck again but I did not see it - Yes it is too early as you
mentioned in the notes
<FrancoisOrsini> But then am
trying to see if I could still parse the list returned today, instead
of the array (as the specs mentioned)
<kmarsden> good. It would be good to upgrade the default.
<FrancoisOrsini> Absolutely - This was my original intention and changes
<FrancoisOrsini> This security mechanism implementation has ben a challenging one
<kmarsden> Thanks for taking
it on. On the coding format. The only place I saw the indentation not
matching the surrounding code was BasicAuthenticationServiceImpl with a
visual diff.
<FrancoisOrsini> Due to the
fact, well, there is no way to decrypt a substituted (hashed) password
:)
<FrancoisOrsini> Ok - I'm going to look at these and address them
<kmarsden> It is awful that we don't have a coding standard
<FrancoisOrsini> Yeah and
then it is hard to copy code that does not look standard when you need
to put new changes - am always tempted to fix code around but then it
is confusing the review
<FrancoisOrsini> Need to ask you something about db2jcc
<FrancoisOrsini> what is 2.6 and 2.8 under master\DerbyNet
<kmarsden> Someone will
eventually get sick of it and pick up DERBY-1363. every new developer
gets bitten by that bug.
<kmarsden> Yes. They are JCC versions. What JCC version are you using?
<FrancoisOrsini> Am using 2.4
<kmarsden> OK. When you post
your summary comment. Just add that JCC 2.6, 2.8 also need to be
updated and ask if someone with access can update the masters.
<kmarsden> I can probably do it as part of my review.
<FrancoisOrsini> ok I will ask
<FrancoisOrsini> Thanks for your time Kathey
<kmarsden> Thank you Francois.
Cheers,
--francois
