You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Sunitha Kambhampati (JIRA)" <de...@db.apache.org> on 2006/02/13 10:36:43 UTC

[jira] Commented: (DERBY-926) Protocol error when trying to connect with an unsupported security mechanism

    [ http://issues.apache.org/jira/browse/DERBY-926?page=comments#action_12366170 ] 

Sunitha Kambhampati commented on DERBY-926:
-------------------------------------------

Per the DDM manual , pg 52 for ACCSEC. 
The normal response to the ACCSEC command is 
ACCSECRD (SECMEC (value{value..})
"if the target server supports the SECMEC value requested by the source server, then a single value is returned for SECMEC and is identical to the secmec value send in the ACCSEC command.
but if the target server does not support the secmec requested by the source server, then only one or more values in SECMEC are returned. "

Currently in the network server, if the security mechanism is not supported, 3 SECMECs are sent with the supported security mechanisms. 
see : DRDAConnThread.writeACCSECRD.
.....
               writer.writeScalar2Bytes(CodePoint.SECMEC, CodePoint.SECMEC_USRIDPWD);
                writer.writeScalar2Bytes(CodePoint.SECMEC, CodePoint.SECMEC_EUSRIDPWD);
                writer.writeScalar2Bytes(CodePoint.SECMEC, CodePoint.SECMEC_USRIDONL);
 
This needs to be changed to send one SECMEC with a list of secmec values. 

> Protocol error when trying to connect with an unsupported security mechanism
> ----------------------------------------------------------------------------
>
>          Key: DERBY-926
>          URL: http://issues.apache.org/jira/browse/DERBY-926
>      Project: Derby
>         Type: Bug
>   Components: Network Client, Network Server
>     Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0, 10.1.2.1, 10.1.2.2, 10.2.0.0, 10.1.3.0, 10.1.2.3, 10.0.2.2
>  Environment: all
>     Reporter: Sunitha Kambhampati
>     Priority: Minor

>
> 1) Start network server on port
> 2) In ij, try to connect using the securityMechanism=12
>  ij(CONNECTION2)> connect 'testdb;create=true;securityMechanism=12;user=sa;password=p1';
> ERROR 58009: Execution failed due to a distribution protocol error that caused deallocation of the conversation.  A PROTOCOL Data Stream Syntax Error was detected.  Reason: 0x12

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira