Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0044832
TypeCategorySeverityReproducibilityDate SubmittedLast Update
feature request[Openbravo ERP] A. Platformmajorhave not tried2020-08-17 16:402020-08-28 12:08
ReportershuehnerView Statuspublic 
Assigned Tocberner 
PrioritynormalResolutionfixedFixed in VersionPR20Q4
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget VersionPR20Q4
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0044832: Support SCRAM authentication with PostgreSQL database by updating jdbc driver to version supporting it

DescriptionPostgreSQL 11 added new form of password authentication (database passwords themselves) called SCRAM-SHA-256
https://www.postgresql.org/docs/11/auth-password.html [^]

Trying this with current master again PostgreSQL 12

fails with
org.postgresql.util.PSQLException: SCRAM authentication is not supported by this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" vesions)
Steps To ReproduceConfigure PostgreSQL i.e. 12 with following change
password_encryption = scram-sha-256

After that change change the 'postgres' user password to save it inside postgres with the new system active.

Now run 'ant create.database' with this postgres and see following error:

/home/huehner/ob/branches/pi_scram_pg/src-db/database/build-create.xml:104: org.postgresql.util.PSQLException: SCRAM authentication is not supported by this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" vesions)
Proposed SolutionUpdate jdbc driver to the latest version available and test that above feature works properly.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0044905 closedcberner Openbravo ERP Update postgres driver to support scram encryption in backoffice-test 
related to defect 0044906 closedcberner Retail Modules Update PostgreSQL driver to support SCRAM encryption in mobile-test 

-  Notes
(0122103)
shuehner (administrator)
2020-08-17 16:41

Note that while we already have 42.2.2 in core since 38269 we used '.jre7' version of the jar file which apparently is not good enough.
(0122181)
hgbot (developer)
2020-08-19 14:46

Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/125 [^]
(0122346)
hgbot (developer)
2020-08-25 11:18

Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/125 [^]
(0122347)
hgbot (developer)
2020-08-25 11:18

Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 08236f77d7d1d46744cafd19395e4733bff24bcd
Author: Cristian Berner <cristian.berner@openbravo.com>
Date: 2020-08-25T08:58:03+00:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/08236f77d7d1d46744cafd19395e4733bff24bcd [^]

Fixes ISSUE-44832: Update postgresql driver to support scram password encrypt

Postgresql version >= 42.2.x is needed to support scram-sha-256 postgres
password encryption. This exists since postgres 11 and it requires
updating the client driver. Note, jre7 42.2.2 version didn't have this
feature included.

This updated driver also fixes several security issues and vulnerabilities.

Updated postgresql driver 42.2.2.jre7 -> 42.2.16

---
A lib/runtime/postgresql-42.2.16.jar
M build.xml
M legal/Licensing.txt
R lib/runtime/postgresql-42.2.2.jre7.jar
---
(0122420)
hgbot (developer)
2020-08-28 12:08

Repository: https://gitlab.com/openbravo/tools/platform/dependencies [^]
Changeset: 5c949c7cb52736383b2fc0c1450d95ce74ef48ae
Author: Carlos Aristu <carlos.aristu@openbravo.com>
Date: 2020-08-28T12:08:11+02:00
URL: https://gitlab.com/openbravo/tools/platform/dependencies/-/commit/5c949c7cb52736383b2fc0c1450d95ce74ef48ae [^]

ISSUE-44832: Update PostgreSQL jdbc to 42.2.16

---
M build.gradle
---

- Issue History
Date Modified Username Field Change
2020-08-17 16:40 shuehner New Issue
2020-08-17 16:40 shuehner Assigned To => cberner
2020-08-17 16:40 shuehner Modules => Core
2020-08-17 16:40 shuehner Triggers an Emergency Pack => No
2020-08-17 16:41 shuehner Note Added: 0122103
2020-08-19 14:46 hgbot Note Added: 0122181
2020-08-20 11:22 cberner Status new => scheduled
2020-08-20 11:23 cberner Review Assigned To => caristu
2020-08-25 11:18 hgbot Note Added: 0122346
2020-08-25 11:18 hgbot Resolution open => fixed
2020-08-25 11:18 hgbot Status scheduled => closed
2020-08-25 11:18 hgbot Fixed in Version => PR20Q4
2020-08-25 11:18 hgbot Note Added: 0122347
2020-08-27 08:23 cberner Relationship added related to 0044905
2020-08-27 08:34 cberner Relationship added related to 0044906
2020-08-28 12:08 hgbot Note Added: 0122420


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker