05.03.2017 10:56, Mark Rotteveel wrote: > On 4-3-2017 22:52, Vlad Khorsun wrote: >> 04.03.2017 18:36, Mark Rotteveel wrote: >>> I have some problems with using legacy authentication with Firebird 4: >>> >>> * Using the default existing legacy sysdba/masterke works >>> * Creating a new user with the Legacy_UserManager (create user ... >>> password '...' using plugin Legacy_UserManager) or with gsec >>> (Legacy_UserManager is the first in the list), and trying to login leads >>> to an authentication failure >>> * Using gsec to alter the password of the legacy sysdba and then trying >>> to login leads to an authentication failure (even if I changed to >>> masterke or masterkey) >> > >>> The above seems to suggest that the Legacy_UserManager is broken when >>> hashing passwords. Is that a known issue? >> >> Issue seems new for (at least to me). The reason is that hash of encrypted >> passwords is stored with trailing zero's now (guess it was due to recently >> introduced support of BINARY chars). See below:
... >> I'll commit a fix to ignore that trailing zero's when hashes is compared. > > Thanks, do you want me to create a ticket? As you wish, fix was committed yesterday. >>> Also curious: initializing the security database for Srp adds two Srp >>> SYSDBA accounts (but it might always have done that). >> >> I think you mixed two SYSDBA accounts created by different plugins. >> See below (security4.fdb just copied from gen\dbs\security.fdb) : > > I have done some more digging. I can reproduce it with gsec if I use: > > add sysdba -pw masterkey -admin yes > > not if I use > > add sysdba -pw masterkey > > Similar if I use in ISQL: > > create user sysdba password 'masterkey' grant admin role; > > not if I use > > create user sysdba password 'masterkey'; Thanks, I'll look at it a bit later Regards, Vlad ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
