On 17-9-2018 14:58, Alex Peshkoff via Firebird-devel wrote:
On 09/17/18 15:45, Mark Rotteveel wrote:
On 16-9-2018 17:28, Mark Rotteveel wrote:
I think you should probably post this to the Firebird .net provider
mailing list. The problem seems to be that case-sensitive user names
need to be correctly supported by the client.
And in the case of Firebird.net provider (and Jaybird for that
matter), for example the SRP implementation will always upper case
the username, which makes the SRP proof for a case sensitive user
name fail.
The thing that needs to be addressed here that - in my opinion- this
is a problem that is caused by lack of proper low-level documentation.
Exactly how are case sensitive usernames supposed to be handled? I
have done some searching in the Firebird sources, and I'm not sure if
I found all relevant parts, but as far as I can tell:
- isc_dpb_user_name : pass username in double quotes from client to
server (and same for spb)
- CNCT_login : pass username in double quotes
- SRP client: If enclosed in double quotes: strip quotes and use as
is, if enclosed in single quotes, strip quotes and uppercase, if
unquoted, uppercase.
Is this correct? Or are am I missing something?
Actual job is done by fb_utils::dpbItemUpper. This function has one
'funny' feature - in almost all cases (exception is support of dialect-1
roles) this function should be invoked for each dpb item once & only
once. And itr's not invoked by SRP plugin (you call it SRP client?) -
that's done for all plugins when preparing client authentication block
for plugins, it's ClntAuthBlock::loadClnt function. Except call to this
function username is always passed 'as is' - if it was in double quotes
it remains such, it's never uppercased except in dpbItemUpper.
That doesn't really answer my question as to me that authentication
related code is a tangle that I always get lost in.
Lets rephrase my question. Assuming I have created a user using
create user "CaseSensitive" password 'password' using plugin Srp;
Exactly which value must I pass from server to client (assuming the wire
protocol, not any transformations fbclient does on its own) in:
1. CNCT_login: CaseSensitive or "CaseSensitive"
2. isc_dpb_user_name: CaseSensitive or "CaseSensitive"
and exactly what must I use in the SRP client proof: CaseSensitive or
"CaseSensitive".
Mark
--
Mark Rotteveel
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
