On 12/20/11 11:43, Dmitry Yemanov wrote:
> 19.12.2011 20:58, Alex Peshkoff wrote:
>> From security POV it's absolutely clear that we should use SRP as
>> default authentication plugin and should not mention legacy
>> authentication in default list of plugins on server. (This means that
>> people m
20.12.2011 10:30, Alex Peshkoff wrote:
> Returning to that useful idea - the problem is that when the warning can
> be returned password was already passed to the net in legacy unsafe
> form. That's not too big problem if this is password for FB<3. The worst
> case is when user mixed two servers a
19.12.2011 20:58, Alex Peshkoff wrote:
>
> From security POV it's absolutely clear that we should use SRP as
> default authentication plugin and should not mention legacy
> authentication in default list of plugins on server. (This means that
> people must upgrade clients, but this does not look li
On 12/19/11 21:43, Dimitry Sibiryakov wrote:
> 19.12.2011 17:58, Alex Peshkoff wrote:
>> but here security problem
>> comes. User will not know, does he work with new server (using secure
>> channel) or with old one (insecure channel).
>Make isc_attach_database() to return warning if insecure
On 12/19/11 21:43, Dimitry Sibiryakov wrote:
> 19.12.2011 17:58, Alex Peshkoff wrote:
>> but here security problem
>> comes. User will not know, does he work with new server (using secure
>> channel) or with old one (insecure channel).
>Make isc_attach_database() to return warning if insecure
"arithmetic exception, numeric overflow, or string truncation" with embedded
firebird, java program and char(1) datatype
Key: CORE-3701
URL: h
19.12.2011 17:58, Alex Peshkoff wrote:
> but here security problem
> comes. User will not know, does he work with new server (using secure
> channel) or with old one (insecure channel).
Make isc_attach_database() to return warning if insecure channel is used.
--
SY, SD.
--
Hi, all!
I'm ready to commit secure remote passwords and related changes to svn.
But before I'd like to know your mind regarding default settings for
secure plugins. SRP provides a very reliable way to authenticate user by
password, being resistant to a lot of attacks, including man in the
middle
-=| Tony Whyman, 19.12.2011 11:48:37 + |=-
> dpkg-shlibdeps: warning: symbol ucnv_fromUChars_3_8 used by
> debian/firebird2.5-server-common/usr/lib/firebird/2.5/plugins/libfbtrace.so
> found in none of the libraries.
My reading of this is that libfbtrace.so has an external symbol
defined, but
Alex,
On closer inspection, this might just be an artifact of the Debian build
process.
Both the include file and the icu libraries are version 3.8 - hence no
problem here. However, running ldd on libfbtrace.so does not list any
libicu* library. On the other hand, a strings command on libfbtrace.
It is a thin interface layer that performs the transformations necessary
to convert from RM/Cobol calling sequence to C calling sequence.
On 12/17/11 1:49 AM, Helen Borrie wrote:
At 07:20 PM 17/12/2011, Dmitry Yemanov wrote:
17.12.2011 8:34, Helen Borrie wrote:
fbrmclib.dll in the v.2.5.n \b
On 12/19/11 17:08, Tony Whyman wrote:
> Oops - a typo - meant kernel 2.6.24!
>> glibc 2.7 is OK, what about kernel 2.4.24 - not sure, I've started
>> development with 2.6.27
>> Does kernel 2.4 support NPTL correctly?
That should be sooner of all OK. But telling true I'd prefer something
newer - i
Oops - a typo - meant kernel 2.6.24!
> glibc 2.7 is OK, what about kernel 2.4.24 - not sure, I've started
> development with 2.6.27
> Does kernel 2.4 support NPTL correctly?
>
>
--
Learn Windows Azure Live! Tuesday, Dec 1
On 12/19/11 15:48, Tony Whyman wrote:
> I am responsible for some servers that are still running the LTS Release
> Ubuntu 8.04 and which I want to upgrade to Firebird 2.5.1, preferable
> using a Debian package rather than building each one from source - the
> production servers don't normally have
I am responsible for some servers that are still running the LTS Release
Ubuntu 8.04 and which I want to upgrade to Firebird 2.5.1, preferable
using a Debian package rather than building each one from source - the
production servers don't normally have all the build tools anyway.
This seems to wor
Hi *,
I’m happy to bring you early Christmas gift packed as ADO.NET provider
for Firebird version 2.7. This version brings important bug fixes [1]
and logging improvements [2].
This release wouldn’t be possible without support of people/companies
using provider actively. Big thanks to them.
You
16 matches
Mail list logo
