On 21-6-2018 14:07, Alex Peshkoff via Firebird-devel wrote:
I've forwarded this FYI to devel & admin.
[
http://tracker.firebirdsql.org/browse/CORE-5788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=33942#action_33942
]
Status of Srp256 plugin in FB3 & FB4.
In master branch Srp256 (with enhanced security) becomes single default
authentication plugin. That means that with default configuration
clients earlier than FB 3.0.4 will be not able to attach to FB4. This
should not be severe problem - hopefully most of clients will be
upgraded when FB4 is released.
In B3_0_Release default plugin is old Srp - I've decided not to break
compatibility with existing clients in point release. Hope that fits
requirements of most users. People who need enhanced security should
upgrade all clients to at least 3.0.4 and set
AuthServer=Srp256
in firebird.conf.
In all cases hashes stored in security database are fully compatible
between Srp & Srp256, i.e. security.db does not require any upgrade.
I have added support for this in Jaybird 3.0.5 and Jaybird 4.
Mark
--
Mark Rotteveel
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
