Srp256 authentication stopped working after upgrading Firebird SQL Server to version 3.0.10

[luronumen]

ACTUAL RESULT

• Srp256 authentication stopped working after upgrading Firebird SQL Server to version 3.0.10:

• This issue did not happen with Firebird SQL Server version 3.0.9!

EXPECTED RESULT

• Srp256 authentication should work in Firebird SQL Server version 3.0.10 as it did in Firebird SQL Server version 3.0.9

IMPORTANT NOTES

• This issue does not happen if Srp256 authentication is done using FlameRobin (fbclient.dll)
• This issue does not happen using Win_Sspi authentication

STEPS TO REPRODUCE THIS ISSUE

• On Firebird SQL Server version 3.0.9 check that the Srp256 authentication is working perfectly
• Update Firebird SQL Server to version 3.0.10: Verify that Srp256 authentication stopped working after upgrading Firebird SQL Server to version 3.0.10

ENVIRONMENT SETUP

ConnectionString
var fbConnectionStringBuilder = new FbConnectionStringBuilder
{
Pooling = true,
ServerType = FbServerType.Default,
DataSource = "CINMOTO.MOT.COM",
Database = "MOTOROBOT_CIN",
UserID = "My UserID",
Password = "My Password",
Charset = "WIN1252",
Role = "RDB$ADMIN"
};

firebird.conf
#SETUP
UserManager = Srp, Legacy_UserManager
WireCrypt = Enabled
#PERFORMANCE
DefaultDbCachePages = 50K
FileSystemCacheThreshold = 999M
LockHashSlots = 49999
LockMemSize = 30M
TempBlockSize = 2M
TempCacheLimit = 1024M
#SECURITY
DatabaseAccess = None

databases.conf
MOTOROBOT_CIN = D:\APPLICATIONS\LURONUMEN\DB\MOTOROBOT_CIN.FDB
{
AuthServer = Srp256, Win_Sspi
SecurityDatabase = MOTOROBOT_CIN
UserManager = Srp
}

[luronumen]

Hi @cincuranet

I debugged this issue better and I believe I have identified the issue:

1. Install the Firebird SQL Server 3.0.9
2. Create a Database from it
3. Create a user in this database using the following command:
   CREATE OR ALTER USER "CINMOTO\WLM070" SET PASSWORD '123456' USING PLUGIN SRP
4. Try to connect with this database using CINMOTO\wlm070 user: PASS!
5. Try to connect with this database using CINMOTO\WLM070 user: PASS!
6. Update the firebird to Firebird SQL Server 3.0.10
7. Try to connect with this database using CINMOTO\wlm070 user: FAIL!
8. Try to connect with this database using CINMOTO\WLM070 user: PASS!

CONCLUSION
The System.Security.Principal.WindowsIdentity.GetCurrent().Name C# .net method always return the current user as CINMOTO\wlm070 and until the Firebird SQL Server 3.0.9 the CINMOTO\wlm070 and CINMOTO\WLM070 are the same user.
I believe that the issue Wrong detection of must-be-delimited user names #7106 fixed on Firebird SQL Server 3.0.10 has changed this behavior.
I reading the firebird documentation 13.2.1. CREATE USER saw that: The username argument must follow the rules for Firebird regular identifiers: Delimited identifiers are case-sensitive in all contexts
In other works, There was a bug in firebird until the Firebird SQL Server 3.0.9 that allowed me to log into the system using the CINMOTO\wlm070 user even though I registered the "CINMOTO\WLM070" user in the database.
When I replaced System.Security.Principal.WindowsIdentity.GetCurrent().Name by System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToUpper() in my source code I got to login without any issue.
So, In my option this is not a Firebird ADO.NET provide issue. Does it make sense for you too?

Thanks in advance,
Luciano

[cincuranet]

Makes sense. And great job finding the issue (and I'm also happy it's not issue in the provider :)).