On 09/01/2016 01:39 PM, Jiří Činčura wrote: > Looks like I moved somewhere. In op_connect+op_accept I send as plugin > Win_Sspi and I send the client token. Then I get back response as > op_accept_data, there I find the auth data from server and I can use > there to create client authentication data. > > In protocol <13 this was sent to server using op_trusted_auth. But looks > like that's no longer the case. I tried sending using > isc_dpb_specific_auth_data, as in Srp, but that's not giving me what I > expect. I get either "Your user name and password are not defined. Ask > your database administrator to set up a Firebird login." or "unavailable > database" depending on what magic I'm doing, while isql (or protocol 12) > gives me expected "Login name too long (33 characters, maximum allowed > 31)". > > Can anybody explain what should happen after op_accept_data in protocol > 13 with SSPI? Something right there or later in op_attach. >
No matter of what plugin is used op_accept_data in addition to op_accept may (or may not) contain name(s) of a key(s) that may be used for data encryption. Particular for SSPI which does not provide encryption keys op_accept_data does not differ from op_accept. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
