Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Windows Trusted Authentication (Win_Sspi) exception on Client PC when Firebird Server is version 3.0.5 [DNET941] #863

Closed
firebird-automations opened this issue Jun 15, 2020 · 12 comments

Comments

@firebird-automations
Copy link

Submitted by: @luronumen

Duplicates DNET936

Attachments:
LOGIN_ERROR.png

ACTUAL RESULT:
Windows Trusted Authentication (Win_Sspi) exception on Client PC when Firebird Server is version 3.0.5 (See LOGIN_ERROR.png picture attached):
- 335544382 - Invalid clumplet buffer structure: buffer end before end of clumplet - clumplet too long

EXPECTED RESULT:
No Windows Trusted Authentication (Win_Sspi) exception should be happen on Client PC when Firebird Server is version 3.0.5

STEPS TO REPRODUCE THE ISSUE:
- Try to connect a Firebird 3.0.5 Database Server from a client PC using Windows Trusted Authentication (Win_Sspi)

IMPORTANT NOTES:
- This issue does NOT happen when Firebird server version is 2.5.9;
- If the .NET application (FirebirdSql.Data.FirebirdClient 7.5.0) is installed on the same PC where Firebird 3.0.5 is installed (Server), the .NET application can authenticate via Windows Trusted Authentication (Win_Sspi) without any issue;
- The issue is only reproducible if the .NET application is installed on a client PC;
- The .NET application authentication via user/password (Srp) works perfectly on both the server PC and the client PC;
- The Windows Trusted Authentication (Win_Sspi) using the native Firebird 3.0.5 (fbclient.dll - FlameRobin) library is working perfectly on both the server PC and the client PC;
- The issue is the same described in the following Firebird FAQ: http://www.firebirdfaq.org/faq320/

ENVIRONMENT SETUP
===firebird.conf===
#⁠SETUP
AuthClient = Legacy_Auth, Srp, Win_Sspi
AuthServer = Legacy_Auth, Srp, Win_Sspi
ServerMode = Super
UserManager = Legacy_UserManager, Srp
WireCrypt = Enabled
#⁠PERFORMANCE
DefaultDbCachePages = 30K
FileSystemCacheThreshold = 2M
LockHashSlots = 30011
LockMemSize = 15M
RemoteServicePort = 3050
TempBlockSize = 2M
TempCacheLimit = 3000M
#⁠SECURITY
DatabaseAccess = None
SecurityDatabase = $(dir_secDb)/security3.fdb

Database Page Size: 8192

=== http://ADO.NET Connection String ===
var fbConnectionStringBuilder = new FbConnectionStringBuilder
{
Pooling = true,
ServerType = FbServerType.Default,
DataSource = Properties.Settings.Default.Server,
Database = Properties.Settings.Default.Database,
Charset = "WIN1252",
Role = "RDB$ADMIN"
};

@firebird-automations
Copy link
Author

Modified by: @luronumen

Attachment: LOGIN_ERROR.png [ 13440 ]

@firebird-automations
Copy link
Author

Commented by: @luronumen

Hi Jiri Cincura

This is the same issue of the DNET936.
Would you know if there is any relationship between this bug and the CORE6329 bug introduced in Firebird 3.0.5 and fixed in Firebird 3.0.6?

Best Regards,
Luciano

@firebird-automations
Copy link
Author

Modified by: @cincuranet

Link: This issue relate to DNET936 [ DNET936 ]

@firebird-automations
Copy link
Author

Commented by: @cincuranet

It's related to DNET936, not exactly the same, as far as I can tell from your description.

The CORE6329 seems to be unrelated.

@firebird-automations
Copy link
Author

Commented by: @luronumen

Hi Jiri Cincura

I just retested this issue in Firebird 3.0.6, released yesterday, and the issue is still reproducible. That is, this bug is NOT related to the CORE6329 bug fixed in Firebird 3.0.6.

Other than that, I just retested this issue using an old version of the http://ADO.NET provider (v5.5.0 - Wednesday, October 5, 2016) and the issue IS also reproducible on it, that is, this is an old issue and it was NOT introduced recently by any update of the http://ADO.NET provider.

Anyway, this issue is blocking the use of the Firebird 3.0 Windows Trusted Authentication (Win_Sspi) in .NET applications :(

Best regards,
Luciano

@firebird-automations
Copy link
Author

Commented by: @luronumen

Hi Jiri Cincura,

Any news about this issue? Did you have a chance to evaluate the proposed solution in the DNET936 issue? Could you generate a FirebirdSql.Data.FirebirdClient.dll with the solution proposed in the DNET936 issue so that I can confirm that it is the same issue that I described here?

I am sorry on insisting in this case but the reason for so much insistence is because this issue is blocking the migration of the .NET systems of the company to from Firebird 2.5 to 3.0.

I thank you in advance for making possible the use of Firebird by .NET systems!

Best Regards,
Luciano

@firebird-automations
Copy link
Author

Commented by: @cincuranet

Haven't looked at the DNET936 yet. I'll try to find some time and run the whole tests suite with this change.

@firebird-automations
Copy link
Author

Commented by: @luronumen

Thank you very much Jiri Cincura!

This bug is really blocking the use Windows Trusted Authentication of .NET applications with Firebird 3.0.x and I am hoping that you will be able to fix this bug in time for the next version of http://ADO.NET provider.

Thanks again!

@firebird-automations
Copy link
Author

Modified by: @cincuranet

Link: This issue duplicates DNET936 [ DNET936 ]

@firebird-automations
Copy link
Author

Modified by: @cincuranet

status: Open [ 1 ] => Closed [ 6 ]

resolution: Duplicate [ 3 ]

@firebird-automations
Copy link
Author

Modified by: @cincuranet

Link: This issue relate to DNET936 [ DNET936 ] =>

@firebird-automations
Copy link
Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants