Srp user manager sporadically creates users which can not attach
----------------------------------------------------------------
Key: CORE-6038
URL: http://tracker.firebirdsql.org/browse/CORE-6038
Project: Firebird Core
Issue Type: Bug
Components: Engine
Affects Versions: 3.0.4
Environment: Ubuntu 18.10 x86_64, Cent OS 6/7 x86_64
Reporter: Artyom Smirnov
To reproduce this bug enough to create user/try to login/drop user many times.
I digged into Srp manager and found it happen with some "magic" salts. For
example: AE7A9732FB795098A4ECE3CE28BD01C4363E870F9AD399AFBEE2CBC6FBB30580
If you try to set this constant salt in SrpManagement.cpp all newly created
users will be unable to authenticate (SrpServer.cpp: SrpServer::authenticate
"if (clientProof == serverProof)" always false).
Reproducing script:
#!/bin/bash
BIN=/opt/firebird/bin/
DBPATH=/tmp/test
DB=localhost:$DBPATH
cat << EOF > /tmp/prepare
create database '$DB' user sysdba password 'masterkey';
drop user test;
EOF
cat << EOF > /tmp/sql
connect '$DB' user sysdba password 'masterkey';
create user test password 'test';
connect '$DB' user test password 'test';
connect '$DB' user sysdba password 'masterkey';
drop user test;
EOF
rm $DBPATH
$BIN/isql -i /tmp/prepare
set -e
while true; do
$BIN/isql -b -i /tmp/sql
done
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
