Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0036909 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | major | sometimes | 2017-09-21 12:25 | 2017-09-27 16:03 | |||
| Reporter | javietxe | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | 3.0PR17Q4 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | d05376400994 | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | caristu | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0036909: SERQA 3303 Error decrypting password | |||||||
| Description | Sometimes trying to decipher the password taken from the database, we get an error with the stacktrace included in the file CipherError.txt. The stacktrace is taken from the logs of production in BUT | |||||||
| Steps To Reproduce | Execute attached ConcurrentCrypto test case which uses encryption and decryption concurrently by 4 threads 10 times each. Error ratio is typically 20%-50%. | |||||||
| Proposed Solution | The problem is caused because a single instance of javax.crypto.Cipher is being used concurrently. Cipher is not thread-safe so it must be ensured same instance is not in use concurrently [1]. [1] https://stackoverflow.com/a/6957496/2834815 [^] | |||||||
| Tags | No tags attached. | |||||||
| Attached Files |  CipherError.txt [^] (9,652 bytes) 2017-09-21 12:25 [Show Content]
 StringWsClient.java [^] (3,006 bytes) 2017-09-21 12:26 WsClient.java [^] (4,335 bytes) 2017-09-21 12:26 ConcurrentCrypto.java [^] (2,097 bytes) 2017-09-21 16:55 | |||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0099477) hgbot (developer) 2017-09-22 12:16 |
Repository: erp/devel/pi Changeset: e61b4971479955b2edd9d83f5f4fd4f559b974ed Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Fri Sep 22 11:53:37 2017 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/e61b4971479955b2edd9d83f5f4fd4f559b974ed [^] related to bug 36909: added test cases which prove that using CryptoUtility methods concurrently fail --- M src-test/src/org/openbravo/test/AllAntTaskTests.java A src-test/src/org/openbravo/test/system/CryptoUtilities.java --- |
|
(0099478) hgbot (developer) 2017-09-22 12:16 |
Repository: erp/devel/pi Changeset: d0537640099463a01b733f59f32eadb90ddc31e9 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Fri Sep 22 11:56:54 2017 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/d0537640099463a01b733f59f32eadb90ddc31e9 [^] fixed bug 36909: encryption/decryption utils were not thread safe They could fail when used concurrently because they were sharing an static instance of a no-thread-safe javax.crypto.Cipher. Fixed by creating a new Cipher instance whenver it's required to be used. --- M src-core/src/org/openbravo/utils/CryptoUtility.java --- |
|
(0099549) hudsonbot (developer) 2017-09-25 14:30 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/d8fd6d1ecc14 [^] Maturity status: Test |
|
(0099550) hudsonbot (developer) 2017-09-25 14:30 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/d8fd6d1ecc14 [^] Maturity status: Test |
|
(0099618) hgbot (developer) 2017-09-27 10:13 |
Repository: erp/devel/pi Changeset: 9d9df9af05c4b7da05415888d49277a4116b78b1 Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Wed Sep 27 09:54:45 2017 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/9d9df9af05c4b7da05415888d49277a4116b78b1 [^] related to issue 36909: minor code review improvements - Created new private TRANSFORMATION constant - Moved the array designator from the variable to the type --- M src-core/src/org/openbravo/utils/CryptoUtility.java --- |
|
(0099619) caristu (developer) 2017-09-27 10:14 |
Code reviewed + tested OK. |
|
(0099634) hudsonbot (developer) 2017-09-27 16:03 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/a2ee31f89feb [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2017-09-21 12:25 | javietxe | New Issue | |
| 2017-09-21 12:25 | javietxe | Assigned To | => platform |
| 2017-09-21 12:25 | javietxe | File Added: CipherError.txt | |
| 2017-09-21 12:25 | javietxe | Modules | => Core |
| 2017-09-21 12:25 | javietxe | Resolution time | => 1506549600 |
| 2017-09-21 12:25 | javietxe | Triggers an Emergency Pack | => No |
| 2017-09-21 12:26 | javietxe | File Added: StringWsClient.java | |
| 2017-09-21 12:26 | javietxe | File Added: WsClient.java | |
| 2017-09-21 12:28 | javietxe | Steps to Reproduce Updated | View Revisions |
| 2017-09-21 16:35 | alostale | Relationship added | blocks 0034664 |
| 2017-09-21 16:55 | alostale | File Added: ConcurrentCrypto.java | |
| 2017-09-21 17:05 | alostale | Steps to Reproduce Updated | View Revisions |
| 2017-09-21 17:05 | alostale | Proposed Solution updated | |
| 2017-09-22 12:10 | alostale | Assigned To | platform => alostale |
| 2017-09-22 12:10 | alostale | Review Assigned To | => caristu |
| 2017-09-22 12:10 | alostale | Summary | SERQA 3303 Error decripting password => SERQA 3303 Error decrypting password |
| 2017-09-22 12:16 | hgbot | Checkin | |
| 2017-09-22 12:16 | hgbot | Note Added: 0099477 | |
| 2017-09-22 12:16 | hgbot | Checkin | |
| 2017-09-22 12:16 | hgbot | Note Added: 0099478 | |
| 2017-09-22 12:16 | hgbot | Status | new => resolved |
| 2017-09-22 12:16 | hgbot | Resolution | open => fixed |
| 2017-09-22 12:16 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/d0537640099463a01b733f59f32eadb90ddc31e9 [^] |
| 2017-09-25 14:30 | hudsonbot | Checkin | |
| 2017-09-25 14:30 | hudsonbot | Note Added: 0099549 | |
| 2017-09-25 14:30 | hudsonbot | Checkin | |
| 2017-09-25 14:30 | hudsonbot | Note Added: 0099550 | |
| 2017-09-27 10:13 | hgbot | Checkin | |
| 2017-09-27 10:13 | hgbot | Note Added: 0099618 | |
| 2017-09-27 10:14 | caristu | Note Added: 0099619 | |
| 2017-09-27 10:14 | caristu | Status | resolved => closed |
| 2017-09-27 10:14 | caristu | Fixed in Version | => 3.0PR17Q4 |
| 2017-09-27 16:03 | hudsonbot | Checkin | |
| 2017-09-27 16:03 | hudsonbot | Note Added: 0099634 | |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |