firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-02-02 10:40:38 +01:00
Code Issues

Fixed security issue - plain password remained in DPB

Browse Source
This commit is contained in:
alexpeshkoff 2013-04-11 13:35:37 +00:00
parent bd40a0b769
commit abf4beb433
3 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/remote/client/interface.cpp
View File

@ -655,7 +655,7 @@ namespace Remote {
static Rvnt* add_event(rem_port*);
static void add_other_params(rem_port*, ClumpletWriter&, const ParametersSet&);
static void add_working_directory(ClumpletWriter&, const PathName&);
static rem_port* analyze(ClntAuthBlock&, PathName&, bool, ClumpletReader&, PathName&, bool);
static rem_port* analyze(ClntAuthBlock&, PathName&, bool, ClumpletWriter&, PathName&, bool);
static rem_port* analyze_service(ClntAuthBlock&, PathName&, bool, ClumpletReader&, bool);
static void batch_gds_receive(rem_port*, struct rmtque *, USHORT);
static void batch_dsql_fetch(rem_port*, struct rmtque *, USHORT);
@ -5202,7 +5202,7 @@ static void authenticateStep0(ClntAuthBlock& wire)
static rem_port* analyze(ClntAuthBlock& cBlock,
PathName& file_name,
bool uv_flag,
ClumpletReader& dpb,
ClumpletWriter& dpb,
PathName& node_name,
bool loopback)
{
@ -7404,7 +7404,7 @@ static inline void makeUtfString(bool uft8Convert, Firebird::string& s)
ISC_unescape(s);
}
void ClntAuthBlock::loadClnt(Firebird::ClumpletReader& dpb, const ParametersSet* tags)
void ClntAuthBlock::loadClnt(Firebird::ClumpletWriter& dpb, const ParametersSet* tags)
{
bool uft8Convert = !dpb.find(isc_dpb_utf8_filename);
@ -7422,6 +7422,7 @@ void ClntAuthBlock::loadClnt(Firebird::ClumpletReader& dpb, const ParametersSet*
{
makeUtfString(uft8Convert, password);
dpb.getString(password);
dpb.deleteClumplet();
HANDSHAKE_DEBUG(fprintf(stderr, "Loaded from PB password = %s\n", password.c_str()));
}
else if (t == tags->encrypt_key)

2
src/remote/remote.cpp
View File

@ -1003,7 +1003,7 @@ bool REMOTE_legacy_auth(const char* nm, int p)
}
const char* legacyAuth = "LEGACY_AUTH";
if (fb_utils::stricmp(legacyAuth, nm) == 0 && p < PROTOCOL_VERSION11)
if (fb_utils::stricmp(legacyAuth, nm) == 0 && p < PROTOCOL_VERSION13)
{
return true;
}

2
src/remote/remote.h
View File

@ -663,7 +663,7 @@ public:
void extractDataFromPluginTo(Firebird::ClumpletWriter& dpb, const ParametersSet* tags, int protocol);
void extractDataFromPluginTo(CSTRING* to);
void extractDataFromPluginTo(P_AUTH_CONT* to);
void loadClnt(Firebird::ClumpletReader& dpb, const ParametersSet*);
void loadClnt(Firebird::ClumpletWriter& dpb, const ParametersSet*);
void extractDataFromPluginTo(Firebird::ClumpletWriter& user_id);
void resetClnt(const Firebird::PathName* fileName);
bool checkPluginName(Firebird::PathName& nameToCheck);