[Firebird-checkins] SF.net SVN: firebird:[57931] firebird/trunk/src/remote

[<ale...@us...>]

Revision: 57931
          http://sourceforge.net/p/firebird/code/57931
Author:   alexpeshkoff
Date:     2013-04-11 13:35:37 +0000 (Thu, 11 Apr 2013)
Log Message:
-----------
Fixed security issue - plain password remained in DPB

Modified Paths:
--------------
    firebird/trunk/src/remote/client/interface.cpp
    firebird/trunk/src/remote/remote.cpp
    firebird/trunk/src/remote/remote.h

Modified: firebird/trunk/src/remote/client/interface.cpp
===================================================================
--- firebird/trunk/src/remote/client/interface.cpp	2013-04-11 11:40:23 UTC (rev 57930)
+++ firebird/trunk/src/remote/client/interface.cpp	2013-04-11 13:35:37 UTC (rev 57931)
@@ -655,7 +655,7 @@
 static Rvnt* add_event(rem_port*);
 static void add_other_params(rem_port*, ClumpletWriter&, const ParametersSet&);
 static void add_working_directory(ClumpletWriter&, const PathName&);
-static rem_port* analyze(ClntAuthBlock&, PathName&, bool, ClumpletReader&, PathName&, bool);
+static rem_port* analyze(ClntAuthBlock&, PathName&, bool, ClumpletWriter&, PathName&, bool);
 static rem_port* analyze_service(ClntAuthBlock&, PathName&, bool, ClumpletReader&, bool);
 static void batch_gds_receive(rem_port*, struct rmtque *, USHORT);
 static void batch_dsql_fetch(rem_port*, struct rmtque *, USHORT);
@@ -5202,7 +5202,7 @@
 static rem_port* analyze(ClntAuthBlock& cBlock,
 						 PathName& file_name,
 						 bool uv_flag,
-						 ClumpletReader& dpb,
+						 ClumpletWriter& dpb,
 						 PathName& node_name,
 						 bool loopback)
 {
@@ -7404,7 +7404,7 @@
 	ISC_unescape(s);
 }
 
-void ClntAuthBlock::loadClnt(Firebird::ClumpletReader& dpb, const ParametersSet* tags)
+void ClntAuthBlock::loadClnt(Firebird::ClumpletWriter& dpb, const ParametersSet* tags)
 {
 	bool uft8Convert = !dpb.find(isc_dpb_utf8_filename);
 
@@ -7422,6 +7422,7 @@
 		{
 			makeUtfString(uft8Convert, password);
 			dpb.getString(password);
+			dpb.deleteClumplet();
 			HANDSHAKE_DEBUG(fprintf(stderr, "Loaded from PB password = %s\n", password.c_str()));
 		}
 		else if (t == tags->encrypt_key)

Modified: firebird/trunk/src/remote/remote.cpp
===================================================================
--- firebird/trunk/src/remote/remote.cpp	2013-04-11 11:40:23 UTC (rev 57930)
+++ firebird/trunk/src/remote/remote.cpp	2013-04-11 13:35:37 UTC (rev 57931)
@@ -1003,7 +1003,7 @@
 	}
 
 	const char* legacyAuth = "LEGACY_AUTH";
-	if (fb_utils::stricmp(legacyAuth, nm) == 0 && p < PROTOCOL_VERSION11)
+	if (fb_utils::stricmp(legacyAuth, nm) == 0 && p < PROTOCOL_VERSION13)
 	{
 		return true;
 	}

Modified: firebird/trunk/src/remote/remote.h
===================================================================
--- firebird/trunk/src/remote/remote.h	2013-04-11 11:40:23 UTC (rev 57930)
+++ firebird/trunk/src/remote/remote.h	2013-04-11 13:35:37 UTC (rev 57931)
@@ -663,7 +663,7 @@
 	void extractDataFromPluginTo(Firebird::ClumpletWriter& dpb, const ParametersSet* tags, int protocol);
 	void extractDataFromPluginTo(CSTRING* to);
 	void extractDataFromPluginTo(P_AUTH_CONT* to);
-	void loadClnt(Firebird::ClumpletReader& dpb, const ParametersSet*);
+	void loadClnt(Firebird::ClumpletWriter& dpb, const ParametersSet*);
 	void extractDataFromPluginTo(Firebird::ClumpletWriter& user_id);
 	void resetClnt(const Firebird::PathName* fileName);
 	bool checkPluginName(Firebird::PathName& nameToCheck);

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.