On 03/01/12 20:17, Adriano dos Santos Fernandes wrote: > On 01/03/2012 12:29, Dimitry Sibiryakov wrote: > >> Because password encryption method is going to be changed in 3.0, isn't >> it too late to >> suggest to convert password into UTF-8 before encryption? >> Imagine two user environments on Linux, one has locale win1251 and >> another utf-8. >> Password, containing non-Latin symbols, created in one environment will not >> be able to be >> used in the other. >> 01.03.2012 16:27, Alex Peshkoff wrote: >>> That's nightmare:-) >>> But something like KOI-8 is quite possible. >> Even more possible win1251 in Windows GUI vs cp866 in console. >> > >> Convert password/user name into UTF-8 before encryption to allow >> safety using of non-ascii symbols in environments with different >> locales. There is one problem, though: isql executing script with >> encoding different from current locale. > > What exactly you mean? > > I understand a problem, but please talk about the solution you're > proposing. What is the moment(s) a password should be converted, and > from what to UTF8?
A password should be converted to UTF8 by remote redirector. From what it should be converted is obvious - from OS locale. It also should be converted to UTF-8 before using it to build password hash. In case when password is sent from client using services it should be converted from OS locale. What about conversion from SQL commands - I can't answer at once, will be glad to know your advice. ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
