On 05/14/18 12:52, Dimitry Sibiryakov wrote:
14.05.2018 11:42, Alex Peshkoff via Firebird-devel wrote:

Returning to your cases:
a) ICryptKeyCallback::callback() returned zero because application key not needed

Well written key holder will not try to talk to client at all if it already has a key...

  No matter how key holder is written: it has no idea which crypt plugin and database it is loaded for at the point when keyCallback is called. There is no information to decide if it has needed key or the key it has is not for this database.


If key holder is expected to work with both types of keys secrtainly it should try to talk to client. One written only for use of non-client keys should not. Wjat a problem?


c) Key plugin is refused by application as a fake one.

It's normal error from server's POV. I'm even not sure is it good idea to notify fake plugin that it's attack was detected ;-)

  Ok, but how can application inform server that this key holder is wrong?


Return empty reply.


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to