Re: [Firebird-devel] isc_usrname_too_long
On 1/14/22 20:30, Dimitry Sibiryakov wrote: Alex Peshkoff via Firebird-devel wrote 14.01.2022 18:08: Better mark set of isc_add/modify/delete_user() functions deprecated. That's the only place where subj is used. Taking into account that proper SRP routines for adding a new user requires client side to send to server the verifier only, I have a feeling that on contrary: this API should be reviewed and user management using SQL should be disabled unless connection is encrypted. Currently the SQL sent via unencrypted connection allows to sniff the password of the new user and to use it for connections while having of verifier don't allow that (though still let decrypt and see the user's traffic). I doubt we need any security related changes for people that use unencrypted connection. If one connects unencrypted that means that person does not care about security. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] isc_usrname_too_long
On 1/14/22 18:41, Dimitry Sibiryakov wrote: Hello All. Shouldn't subj text to be corrected? Also shouldn't it to be returned if user name received in DPB (after conversion into UTF-8) doesn't fit as well? Better mark set of isc_add/modify/delete_user() functions deprecated. That's the only place where subj is used. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] isc_usrname_too_long
Mark Rotteveel wrote 14.01.2022 17:21: Also when you use a DPB v2, it is wide, so accepts far larger values than you'll ever logically need for a user name. The only problem that fbclient doesn't use it during conversion from user-provided DPB into sent-to-server DPB and in server user name is limited to 63 characters anyway. (Though I'm not sure if it is ever checked there.) -- WBR, SD. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] isc_usrname_too_long
On 14-01-2022 17:10, Dimitry Sibiryakov wrote: Mark Rotteveel wrote 14.01.2022 17:06: Also shouldn't it to be returned if user name received in DPB (after conversion into UTF-8) doesn't fit as well? I'm not sure what you mean with that. Currently if someone put into DPB non-ASCII user name and during conversion into UTF-8 it doesn't fit 255 bytes the error "attempt to store %d bytes in a clumplet with maximum size 255 bytes" is thrown. Shouldn't the error to be a little more specific and comprehensive...? Personally, I don't think so, as I think that is messy to conflate logic for populating the DPB with selecting appropriate messages specific to the select DPB item. Also when you use a DPB v2, it is wide, so accepts far larger values than you'll ever logically need for a user name. Mark -- Mark Rotteveel Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] isc_usrname_too_long
Mark Rotteveel wrote 14.01.2022 17:06: Also shouldn't it to be returned if user name received in DPB (after conversion into UTF-8) doesn't fit as well? I'm not sure what you mean with that. Currently if someone put into DPB non-ASCII user name and during conversion into UTF-8 it doesn't fit 255 bytes the error "attempt to store %d bytes in a clumplet with maximum size 255 bytes" is thrown. Shouldn't the error to be a little more specific and comprehensive...? -- WBR, SD. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] isc_usrname_too_long
On 14-01-2022 16:41, Dimitry Sibiryakov wrote: Hello All. Shouldn't subj text to be corrected? I probably should. Also shouldn't it to be returned if user name received in DPB (after conversion into UTF-8) doesn't fit as well? I'm not sure what you mean with that. Mark -- Mark Rotteveel Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
[Firebird-devel] isc_usrname_too_long
Hello All. Shouldn't subj text to be corrected? Also shouldn't it to be returned if user name received in DPB (after conversion into UTF-8) doesn't fit as well? -- WBR, SD. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel