On 03/01/12 20:17, Adriano dos Santos Fernandes wrote:
> On 01/03/2012 12:29, Dimitry Sibiryakov wrote:
>
>>     Because password encryption method is going to be changed in 3.0, isn't 
>> it too late to
>> suggest to convert password into UTF-8 before encryption?
>>     Imagine two user environments on Linux, one has locale win1251 and 
>> another utf-8.
>> Password, containing non-Latin symbols, created in one environment will not 
>> be able to be
>> used in the other.
>> 01.03.2012 16:27, Alex Peshkoff wrote:
>>> That's nightmare:-)
>>> But something like KOI-8 is quite possible.
>>     Even more possible win1251 in Windows GUI vs cp866 in console.
>>
>
>> Convert password/user name into UTF-8 before encryption to allow 
>> safety using of non-ascii symbols in environments with different 
>> locales. There is one problem, though: isql executing script with 
>> encoding different from current locale.
>
> What exactly you mean?
>
> I understand a problem, but please talk about the solution you're 
> proposing. What is the moment(s) a password should be converted, and 
> from what to UTF8?

A password should be converted to UTF8 by remote redirector. From what
it should be converted is obvious - from OS locale. It also should be
converted to UTF-8 before using it to build password hash. In case when
password is sent from client using services it should be converted from
OS locale. What about conversion from SQL commands - I can't answer at
once, will be glad to know your advice.


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to