Late last week, a customer discovered an obscure issue in MQ Message Encryption (MQME) with the ExcludeQueue keyword on an MQPUT1 API call.
I have since fixed it but here is what I mean by obscure:
– If the user has wild-carded their protected queue setup i.e. ‘TEST.*’
– And then set the ExcludeQueue keyword value to ‘TEST.FRED’ because they want all ‘TEST.*’ queues to have their messages encrypted EXCEPT for queue ‘TEST.FRED’
– There was a bug in MQME that it did not successfully handle the values for ExcludeQueue keyword on an MQPUT1 API call.
– Hence, the messages for queue ‘TEST.FRED’ would be encrypted.
– And this only happened for MQPUT1 API calls – MQPUT API calls were correctly handled.
This is an obscure but supported setup. Most customers either explicitly set the queue name for a protect queue (i.e. ‘TEST.BARNEY’) or they wildcard it (i.e. TEST.*) but they generally don’t wildcard the protected queues then exclude a single queue. Note: The user could actually exclude queues with a wildcard.
This too is a supported setup:
– Have protect queues of ‘TEST.*’
– And exclude queues of ‘TEST.FRED.*’
– Or the user could exclude queues for ‘TEST.FRED.*’ and ‘TEST.WILMA.*’
Hence, any queue listed in the ExcludeQueue would NOT have their messages encrypted.
If anyone would like to test out the latest release then send the email to support@capitalware.com
Regards,
Roger Lacroix
Capitalware Inc.