Menu
▾
▴
[Firebird-checkins] SF.net SVN: firebird:[62522] firebird/trunk/src/remote
|
From: <hv...@us...> - 2015-11-09 13:26:54
|
Revision: 62522
http://sourceforge.net/p/firebird/code/62522
Author: hvlad
Date: 2015-11-09 13:26:52 +0000 (Mon, 09 Nov 2015)
Log Message:
-----------
Fixed bug CORE-4998 : Both client and server could not close connection after failed authentification
Modified Paths:
--------------
firebird/trunk/src/remote/client/interface.cpp
firebird/trunk/src/remote/server/server.cpp
Modified: firebird/trunk/src/remote/client/interface.cpp
===================================================================
--- firebird/trunk/src/remote/client/interface.cpp 2015-11-09 09:52:24 UTC (rev 62521)
+++ firebird/trunk/src/remote/client/interface.cpp 2015-11-09 13:26:52 UTC (rev 62522)
@@ -5526,7 +5526,15 @@
if (!port)
Arg::Gds(isc_unavailable).raise();
- secureAuthentication(cBlock, port);
+ try
+ {
+ secureAuthentication(cBlock, port);
+ }
+ catch (const Exception&)
+ {
+ disconnect(port);
+ throw;
+ }
return port;
}
@@ -5905,12 +5913,14 @@
PACKET* packet = &rdb->rdb_packet;
// Deliver the pending deferred packets
-
- for (rem_que_packet* p = port->port_deferred_packets->begin();
- p < port->port_deferred_packets->end(); p++)
+ if (port->port_deferred_packets)
{
- if (!p->sent) {
- port->send(&p->packet);
+ for (rem_que_packet* p = port->port_deferred_packets->begin();
+ p < port->port_deferred_packets->end(); p++)
+ {
+ if (!p->sent) {
+ port->send(&p->packet);
+ }
}
}
Modified: firebird/trunk/src/remote/server/server.cpp
===================================================================
--- firebird/trunk/src/remote/server/server.cpp 2015-11-09 09:52:24 UTC (rev 62521)
+++ firebird/trunk/src/remote/server/server.cpp 2015-11-09 13:26:52 UTC (rev 62522)
@@ -936,8 +936,7 @@
static void append_request_next(server_req_t*, server_req_t**);
static void attach_database(rem_port*, P_OP, P_ATCH*, PACKET*);
static void attach_service(rem_port*, P_ATCH*, PACKET*);
-static void trusted_auth(rem_port*, const P_TRAU*, PACKET*);
-static void continue_authentication(rem_port*, const p_auth_continue*, PACKET*);
+static bool continue_authentication(rem_port*, PACKET*, PACKET*);
static void aux_request(rem_port*, /*P_REQ*,*/ PACKET*);
static bool bad_port_context(IStatus*, IReferenceCounted*, const ISC_STATUS);
@@ -4179,11 +4178,9 @@
break;
case op_trusted_auth: // PROTOCOL < 13
- trusted_auth(port, &receive->p_trau, sendL);
- break;
-
case op_cont_auth: // PROTOCOL >= 13
- continue_authentication(port, &receive->p_auth_cont, sendL);
+ if (!continue_authentication(port, sendL, receive))
+ return false;
break;
case op_update_account_info:
@@ -4435,69 +4432,62 @@
}
-static void trusted_auth(rem_port* port, const P_TRAU* p_trau, PACKET* send)
+static bool continue_authentication(rem_port* port, PACKET* send, PACKET* receive)
{
/**************************************
*
- * t r u s t e d _ a u t h
+ * c o n t i n u e _ a u t h e n t i c a t i o n
*
**************************************
*
* Functional description
- * Server side of trusted auth handshake.
+ * Server side of multi-hop auth handshake.
+ * Returns false if auth failed and port was disconnected.
*
**************************************/
ServerAuthBase* sa = port->port_srv_auth;
- if (! sa)
+ if (!sa)
{
send_error(port, send, isc_unavailable);
}
-
- if (port->port_protocol < PROTOCOL_VERSION11 || port->port_protocol >= PROTOCOL_VERSION13)
+ else if (port->port_protocol < PROTOCOL_VERSION11 ||
+ receive->p_operation == op_trusted_auth && port->port_protocol >= PROTOCOL_VERSION13 ||
+ receive->p_operation == op_cont_auth && port->port_protocol < PROTOCOL_VERSION13)
{
send_error(port, send, (Arg::Gds(isc_random) << "Operation not supported for network protocol"));
}
+ else try
+ {
+ if (receive->p_operation == op_trusted_auth)
+ {
+ HANDSHAKE_DEBUG(fprintf(stderr, "Srv: trusted_auth\n"));
+ port->port_srv_auth_block->setDataForPlugin(receive->p_trau.p_trau_data);
+ }
+ else if (receive->p_operation == op_cont_auth)
+ {
+ HANDSHAKE_DEBUG(fprintf(stderr, "Srv: continue_authentication\n"));
+ port->port_srv_auth_block->setDataForPlugin(&receive->p_auth_cont);
+ }
- HANDSHAKE_DEBUG(fprintf(stderr, "Srv: trusted_auth\n"));
- port->port_srv_auth_block->setDataForPlugin(p_trau->p_trau_data);
- if (sa->authenticate(send, ServerAuth::CONT_AUTH))
- {
- delete sa;
- port->port_srv_auth = NULL;
+ if (sa->authenticate(send, ServerAuth::CONT_AUTH))
+ {
+ delete sa;
+ port->port_srv_auth = NULL;
+ }
+ return true;
}
-}
-
-
-static void continue_authentication(rem_port* port, const p_auth_continue* p_auth_c, PACKET* send)
-{
-/**************************************
- *
- * c o n t i n u e _ a u t h e n t i c a t i o n
- *
- **************************************
- *
- * Functional description
- * Server side of multi-hop auth handshake.
- *
- **************************************/
- ServerAuthBase* sa = port->port_srv_auth;
- if (! sa)
+ catch (const Exception& ex)
{
- send_error(port, send, isc_unavailable);
- }
+ LocalStatus ls;
+ CheckStatusWrapper status_vector(&ls);
+ ex.stuffException(&status_vector);
- if (port->port_protocol < PROTOCOL_VERSION13)
- {
- send_error(port, send, (Arg::Gds(isc_random) << "Operation not supported for network protocol"));
+ port->send_response(send, 0, 0, &status_vector, false);
}
- HANDSHAKE_DEBUG(fprintf(stderr, "Srv: continue_authentication\n"));
- port->port_srv_auth_block->setDataForPlugin(p_auth_c);
- if (sa->authenticate(send, ServerAuth::CONT_AUTH))
- {
- delete sa;
- port->port_srv_auth = NULL;
- }
+ port->disconnect(send, receive);
+
+ return false;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
