[
https://issues.apache.org/jira/browse/DERBY-2796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12505280
]
Dag H. Wanvik commented on DERBY-2796:
--------------------------------------
The patch looks good to me; the hint in the error messages will be
indeed helpful to understand what's going on if the user has
misconfigured.
I notice that you had to remove localized versions of J131 "A PROTOCOL
Data Stream Syntax Error was detected. Reason: 0x{0}." since this is
now extended. For these locales this message will then fall back to
English.
I did not run any tests to verify these changes.
Nits:
* NetworkServerControlImpl
- Modified lines > 80
- Spurious blank diffs (lines 2288-2290)
I see you have updated the user docs and releaseNote.html of
DERBY-2108 accordingly, good! Some small comments on the latter:
> Summary of Change - SSL/TLS implemented for client/server
> communication.
I would make the title more descriptive:
"Summary of Change - Encryption of data traffic between client and
server is now supported via SSL/TLS."
or some such.
> Rationale for Change - The messages had to be extended due to more
> failure scenarios when connecting a client to a Derby server.
I think this is the rationale for the changed error messages, not for
the issue's feature change which is introduction of SSL support.
I think the rationale here would be something like:
"Encryption of data traffic between client and server is a desired
security feature for Derby."
Another change not mentioned is that localized versions of J131 will
now fall back to English. You may want to add that, perhaps.
> Obscure error messages when using SSL in various combinations
> -------------------------------------------------------------
>
> Key: DERBY-2796
> URL: https://issues.apache.org/jira/browse/DERBY-2796
> Project: Derby
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.3.0.0
> Reporter: Rick Hillegas
> Assignee: Bernt M. Johnsen
> Fix For: 10.3.0.0
>
> Attachments: DERBY-2796-code-v2.diff, DERBY-2796-code-v2.stat,
> DERBY-2796-code.diff, DERBY-2796-code.stat, DERBY-2796-docs.diff,
> DERBY-2796-docs.stat, DERBY-2796-docs.zip, DERBY-2796-fix-sslexception.diff,
> DERBY-2796-fix-sslexception.stat, ssltest.html
>
>
> I ran clients with various ssl configurations on their urls and startup
> options against servers with various ssl configurations. I will attach an
> html file recording my results. I feel that many of the error conditions
> raised diagnostics which were too obscure to be helpful. I think this will be
> burdensome to tech support.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
