> How does the protocol for the database encryption callback work? If I
> look at the implementation in Firebird ADO.net, it just tries and keep
> sending the same key in a while loop until Firebird responds with
> something other than op_crypt_key_callback, which seems a bit weird.
It does. Bu
Hi. And sorry for my english.
Can code that uses firebird api assumes that all public structures in all
platforms has a packing value (#pragma pack(x)) of:
- 8 for 32-bit libraries
- 16 for 64-bit libraries
?
--
Check o
Hi. And sorry for my english.
Can code that uses firebird api assumes that all public structures in all
platforms has a packing value (#pragma pack(x)) of:
- 8 for 32-bit libraries
- 16 for 64-bit libraries
?
--
Check o
12.04.2018 17:51, Alex Peshkoff via Firebird-devel wrote:
Other question: how does this work with named keys? Is it still a responsibility from
the server-side plugin to communicate this in a implementation specific way?
Yes.
A little problem here: when key holder plugin can call callback i
On 04/12/18 18:20, Mark Rotteveel wrote:
On 12-4-2018 16:51, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 16:51, Mark Rotteveel wrote:
On 12-4-2018 15:31, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 15:18, Mark Rotteveel wrote:
How does the protocol for the database encryption c
On 12-4-2018 16:51, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 16:51, Mark Rotteveel wrote:
On 12-4-2018 15:31, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 15:18, Mark Rotteveel wrote:
How does the protocol for the database encryption callback work? If
I look at the implementa
12.04.2018 16:51, Alex Peshkoff via Firebird-devel wrote:
For example - KeyHolder has a private key of RSA pair, client software - a public one.
Before sending something over the wire it's encrypted with public RSA, to decrypt it
private part of pair is needed. Servers that do not have right pri
On 04/12/18 16:51, Mark Rotteveel wrote:
On 12-4-2018 15:31, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 15:18, Mark Rotteveel wrote:
How does the protocol for the database encryption callback work? If
I look at the implementation in Firebird ADO.net, it just tries and
keep sending the
So the only solution is disabling external UDF libraries from being loaded
by changing configuration from UdfAccess=Restrict to UdfAccess=None
On Thu, Apr 12, 2018 at 2:34 PM, Alex Peshkoff via Firebird-devel <
firebird-devel@lists.sourceforge.net> wrote:
> On 04/12/18 10:37, marius adrian popa w
On 12-4-2018 15:31, Alex Peshkoff via Firebird-devel wrote:
On 04/12/18 15:18, Mark Rotteveel wrote:
How does the protocol for the database encryption callback work? If I
look at the implementation in Firebird ADO.net, it just tries and keep
sending the same key in a while loop until Firebird r
12.04.2018 15:31, Alex Peshkoff via Firebird-devel wrote:
In native API it's provider-specific - after getting an instance of provider one (who
needs to use database encryption) should pass callback interface to that provider.
Not provider, but dispatcher. You still cannot predict what provid
On 04/12/18 15:18, Mark Rotteveel wrote:
How does the protocol for the database encryption callback work? If I
look at the implementation in Firebird ADO.net, it just tries and keep
sending the same key in a while loop until Firebird responds with
something other than op_crypt_key_callback, whi
How does the protocol for the database encryption callback work? If I
look at the implementation in Firebird ADO.net, it just tries and keep
sending the same key in a while loop until Firebird responds with
something other than op_crypt_key_callback, which seems a bit weird.
So what is in the
On 04/12/18 10:37, marius adrian popa wrote:
https://www.tenable.com/security/research/tra-2017-36
That's fixed in FB4 - loading UDFs is denied by default configuration,
use of them is deprecated, replacement is UDRs which are nt affected by
mentioned vulnerability.
In FB3 one should be sysdb
https://www.tenable.com/security/research/tra-2017-36
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdotFirebird-Devel mailing list, web interface
15 matches
Mail list logo
