Changes to prepare for version 1.4.x beta

89dfa0e0 · Thomas Mueller · 279d0515 · 89dfa0e0 · 89dfa0e0 · 89dfa0e0
--- a/h2/src/docsrc/help/help.csv
+++ b/h2/src/docsrc/help/help.csv
@@ -1706,10 +1706,9 @@ CASE WHEN CNT<10 THEN 'Low' ELSE 'High' END
 "
 "Other Grammar","Cipher","
-{ AES | XTEA }
+AES
 ","
-Two algorithms are supported: AES (""AES-128"") and XTEA (using 32 rounds).
+Only the algorithm AES (""AES-128"") is supported currently.
-XTEA is a bit faster than AES in some environments, but AES is more secure.
 ","
 AES
 "
@@ -2914,7 +2913,7 @@ SIGN(VALUE)
 ENCRYPT(algorithmString, keyBytes, dataBytes)
 ","
 Encrypts data using a key.
-Supported algorithms are XTEA and AES.
+The supported algorithm is AES.
 The block size is 16 bytes.
 This method returns bytes.
 ","
@@ -2925,7 +2924,7 @@ CALL ENCRYPT('AES', '00', STRINGTOUTF8('Test'))
 DECRYPT(algorithmString, keyBytes, dataBytes)
 ","
 Decrypts data using a key.
-Supported algorithms are XTEA and AES.
+The supported algorithm is AES.
 The block size is 16 bytes.
 This method returns bytes.
 ","

--- a/h2/src/docsrc/html/advanced.html
+++ b/h2/src/docsrc/html/advanced.html
@@ -1274,11 +1274,7 @@ then the iteration count is not required at all.
 <h3>File Encryption</h3>
 <p>
-The database files can be encrypted using two different algorithms: AES-128 and
+The database files can be encrypted using the AES-128 algorithm.
-XTEA (using 32 rounds). The reasons for supporting XTEA is performance
-(XTEA is a bit faster as AES in some environments) and to have an alternative algorithm if AES is suddenly broken.
-Please note that the XTEA implementation used in this database only uses 32 rounds
-and not 64 rounds as recommended by its inventor (as of 2010, the best known attack is on 27 rounds).
 </p><p>
 When a user tries to connect to an encrypted database, the combination of
 <code>file@</code> and the file password is hashed using SHA-256. This hash value is
@@ -1290,8 +1286,8 @@ The combination of the file password hash and the salt value is hashed 1024 time
 using SHA-256. The reason for the iteration is to make it harder for an attacker to
 calculate hash values for common passwords.
 </p><p>
-The resulting hash value is used as the key for the block cipher algorithm
+The resulting hash value is used as the key for the block cipher algorithm. 
-(AES-128 or XTEA with 32 rounds). Then, an initialization vector (IV) key
+Then, an initialization vector (IV) key
 is calculated by hashing the key again using SHA-256.
 This is to make sure the IV is unknown to the attacker.
 The reason for using a secret IV is to protect against watermark attacks.
@@ -1299,7 +1295,7 @@ The reason for using a secret IV is to protect against watermark attacks.
 Before saving a block of data (each block is 8 bytes long), the following operations are executed:
 first, the IV is calculated by encrypting the block number with the IV key (using the same
 block cipher algorithm). This IV is combined with the plain text using XOR. The resulting data is
-encrypted using the AES-128 or XTEA algorithm.
+encrypted using the AES-128 algorithm.
 </p><p>
 When decrypting, the operation is done in reverse. First, the block is decrypted using the key,
 and then the IV is calculated combined with the decrypted text using XOR.
@@ -1315,7 +1311,7 @@ When he has write access, he can for example replace pieces of files with pieces
 and manipulate data like this.
 </p><p>
 File encryption slows down the performance of the database engine. Compared to unencrypted mode,
-database operations take about 2.2 times longer when using XTEA, and 2.5 times longer using AES (embedded mode).
+database operations take about 2.5 times longer using AES (embedded mode).
 </p>
 <h3>Wrong Password / User Name Delay</h3>
@@ -1717,11 +1713,6 @@ OR X = 2 OR X = 2 OR X = 2 OR X = 2 OR X = 2
        <a href="http://java.sun.com/products/jsse/">Java Secure Socket
        Extension (JSSE)</a></td>
    </tr>
-    <tr>
-        <td>XTEA</td>
-        <td>A block encryption algorithm. See also: <a
-            href="http://en.wikipedia.org/wiki/XTEA">Wikipedia: XTEA</a></td>
-    </tr>
 </table>
 <!-- [close] { --></div></td></tr></table><!-- } --><!-- analytics --></body></html>
--- a/h2/src/docsrc/html/changelog.html
+++ b/h2/src/docsrc/html/changelog.html
@@ -18,7 +18,8 @@ Change Log
 <h1>Change Log</h1>
 <h2>Next Version (unreleased)</h2>
-<ul><li>If a value of a result set was itself a result set, the result
+<ul><li>The stack trace of the exception "The object is already closed" is no longer logged by default.
+</li><li>If a value of a result set was itself a result set, the result
    could only be read once.
 </li><li>Column constraints are also visible in views (patch from Nicolas Fortin for H2GIS).
 </li><li>Granting a additional right to a role that already had a right for that table was not working.

--- a/h2/src/docsrc/html/features.html
+++ b/h2/src/docsrc/html/features.html
@@ -103,7 +103,7 @@ Features
 </li><li>Cost based optimizer, using a genetic algorithm for complex queries, zero-administration
 </li><li>Scrollable and updatable result set support, large result set, external result sorting,
    functions can return a result set
-</li><li>Encrypted database (AES or XTEA), SHA-256 password encryption, encryption functions, SSL
+</li><li>Encrypted database (AES), SHA-256 password encryption, encryption functions, SSL
 </li></ul>
 <h3>SQL Support</h3>
@@ -130,7 +130,7 @@ Features
    (even when using insecure connections; this only applies to the TCP server and not to the H2 Console however;
    it also doesn't apply if you set the password in the database URL)
 </li><li>All database files (including script files that can be used to backup data) can be
-encrypted using AES-128 and XTEA encryption algorithms
+encrypted using the AES-128 encryption algorithm
 </li><li>The remote JDBC driver supports TCP/IP connections over SSL/TLS
 </li><li>The built-in web server supports connections over SSL/TLS
 </li><li>Passwords can be sent to the database using char arrays instead of Strings
@@ -497,16 +497,16 @@ This is achieved using different database URLs. Settings in the URLs are not cas
 <tr>
    <td><a href="#file_encryption">Using encrypted files</a></td>
    <td class="notranslate">
-        jdbc:h2:&lt;url&gt;;CIPHER=[AES|XTEA]<br />
+        jdbc:h2:&lt;url&gt;;CIPHER=AES<br />
        jdbc:h2:ssl://localhost/~/test;CIPHER=AES<br />
-        jdbc:h2:file:~/secure;CIPHER=XTEA<br />
+        jdbc:h2:file:~/secure;CIPHER=AES<br />
    </td>
 </tr>
 <tr>
    <td><a href="#database_file_locking">File locking methods</a></td>
    <td class="notranslate">
        jdbc:h2:&lt;url&gt;;FILE_LOCK={FILE|SOCKET|NO}<br />
-        jdbc:h2:file:~/private;CIPHER=XTEA;FILE_LOCK=SOCKET<br />
+        jdbc:h2:file:~/private;CIPHER=AES;FILE_LOCK=SOCKET<br />
    </td>
 </tr>
 <tr>
@@ -641,7 +641,7 @@ To keep the content of an in-memory database as long as the virtual machine is a
 <h2 id="file_encryption">Database Files Encryption</h2>
 <p>
-The database files can be encrypted. Two encryption algorithms are supported: AES and XTEA.
+The database files can be encrypted. Two encryption algorithm AES is supported.
 To use file encryption, you need to specify the encryption algorithm (the 'cipher')
 and the file password (in addition to the user password) when connecting to the database.
 </p>

--- a/h2/src/docsrc/html/roadmap.html
+++ b/h2/src/docsrc/html/roadmap.html
@@ -24,6 +24,7 @@ See also <a href="build.html#providing_patches">Providing Patches</a>.
 <h2>Version 1.5.x: Planned Changes</h2>
 <ul><li>Replace file password hash with file encryption key; validate encryption key when connecting.
+</li><li>Remove the encryption algorithm XTEA.
 </li></ul>
 <h2>Version 1.4.x: Planned Changes</h2>
@@ -31,16 +32,15 @@ See also <a href="build.html#providing_patches">Providing Patches</a>.
 </li><li>Enable the new storage format for dates (system property "h2.storeLocalTime").
    Document time literals: between minus 2 million and 2 million hours with nanosecond resolution.
 </li><li>Remove the old connection pool logic (system property "h2.fastConnectionPool").
-</li><li>Enable "h2.modifyOnWrite".
+</li><li>Disable implicit relative paths (system property "h2.implicitRelativePath").
 </li><li>Enable Mode.supportOffsetFetch by default, so that "select 1 fetch first 1 row only" works.
+</li><li>Whether byte arrays should be sorted in unsigned mode
+    (old behavior: x'99' is smaller than x'09').
+    (System property "h2.sortBinaryUnsigned", Mode.binaryUnsigned).
 </li><li>The default user name should be an empty string and not "sa".
 </li><li>Deprecate Csv.getInstance() (use the public constructor instead).
-</li><li>Move ErrorCode class to org.h2.api.
-</li><li>Deprecate the encryption algorithm XTEA.
-</li><li>Sort order for byte arrays: currently x'99' is smaller than x'09', which is unexpected. Change if possible.
 </li><li>Remove support for the old-style outer join syntax using "(+)" because it is buggy.
 </li><li>Change license to MPL 2.0.
-</li><li>Not allow relative database URLs like jdbc:h2:test; instead, require using jdbc:h2:./test.
 </li><li>Document that FILE_LOCK=SERIALIZED is not supported with the MVStore mode.
 </li></ul>

--- a/h2/src/main/org/h2/api/ErrorCode.java
+++ b/h2/src/main/org/h2/api/ErrorCode.java
--- a/h2/src/main/org/h2/command/Command.java
+++ b/h2/src/main/org/h2/command/Command.java
@@ -8,7 +8,8 @@ package org.h2.command;
 import java.sql.SQLException;
 import java.util.ArrayList;
-import org.h2.constant.ErrorCode;
+import org.h2.api.ErrorCode;
 import org.h2.engine.Constants;
 import org.h2.engine.Database;
 import org.h2.engine.Session;

--- a/h2/src/main/org/h2/command/CommandRemote.java
+++ b/h2/src/main/org/h2/command/CommandRemote.java
@@ -8,8 +8,8 @@ package org.h2.command;
 import java.io.IOException;
 import java.util.ArrayList;
-import org.h2.constant.SysProperties;
 import org.h2.engine.SessionRemote;
+import org.h2.engine.SysProperties;
 import org.h2.expression.ParameterInterface;
 import org.h2.expression.ParameterRemote;
 import org.h2.message.DbException;

--- a/h2/src/main/org/h2/command/Parser.java
+++ b/h2/src/main/org/h2/command/Parser.java
@@ -15,6 +15,8 @@ import java.nio.charset.Charset;
 import java.text.Collator;
 import java.util.ArrayList;
 import java.util.HashSet;
+import org.h2.api.ErrorCode;
 import org.h2.api.Trigger;
 import org.h2.command.ddl.AlterIndexRename;
 import org.h2.command.ddl.AlterSchemaRename;
@@ -80,7 +82,6 @@ import org.h2.command.dml.Set;
 import org.h2.command.dml.SetTypes;
 import org.h2.command.dml.TransactionCommand;
 import org.h2.command.dml.Update;
-import org.h2.constant.ErrorCode;
 import org.h2.constraint.ConstraintReferential;
 import org.h2.engine.Constants;
 import org.h2.engine.Database;
@@ -180,7 +181,7 @@ public class Parser {
    private final Database database;
    private final Session session;
    /**
-     * @see org.h2.constant.DbSettings#databaseToUpper
+     * @see org.h2.engine.DbSettings#databaseToUpper
     */
    private final boolean identifiersToUpper;

--- a/h2/src/main/org/h2/command/Prepared.java
+++ b/h2/src/main/org/h2/command/Prepared.java
@@ -8,7 +8,7 @@ package org.h2.command;
 import java.util.ArrayList;
 import org.h2.api.DatabaseEventListener;
-import org.h2.constant.ErrorCode;
+import org.h2.api.ErrorCode;
 import org.h2.engine.Database;
 import org.h2.engine.Session;
 import org.h2.expression.Expression;