Backported CORE-6203: "Error reading data from the connection" is rai…

…sed sometimes when using non-default authentication plugin
FirebirdSQL · Dec 6, 2019 · 176ab0e · 176ab0e
1 parent f165f6f
commit 176ab0e
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 12 deletions.
diff --git a/src/remote/client/interface.cpp b/src/remote/client/interface.cpp
@@ -7745,7 +7745,8 @@ Firebird::ICryptKey* ClntAuthBlock::newKey(CheckStatusWrapper* status)
 		InternalCryptKey* k = FB_NEW InternalCryptKey;
 
 		fb_assert(plugins.hasData());
-		k->t = plugins.name();
+		k->keyName = plugins.name();
+		WIRECRYPT_DEBUG(fprintf(stderr, "Cli: newkey %s\n", k->keyName.c_str());)
 		cryptKeys.add(k);
 
 		return k;
@@ -7759,7 +7760,7 @@ Firebird::ICryptKey* ClntAuthBlock::newKey(CheckStatusWrapper* status)
 
 void ClntAuthBlock::tryNewKeys(rem_port* port)
 {
-	for (unsigned k = 0; k < cryptKeys.getCount(); ++k)
+	for (unsigned k = cryptKeys.getCount(); k--; )
 	{
 		if (port->tryNewKey(cryptKeys[k]))
 		{

diff --git a/src/remote/remote.cpp b/src/remote/remote.cpp
@@ -1192,7 +1192,7 @@ bool rem_port::tryKeyType(const KnownServerKey& srvKey, InternalCryptKey* cryptK
 		return true;
 	}
 
-	if (srvKey.type != cryptKey->t)
+	if (srvKey.type != cryptKey->keyName)
 	{
 		return false;
 	}
@@ -1234,7 +1234,7 @@ bool rem_port::tryKeyType(const KnownServerKey& srvKey, InternalCryptKey* cryptK
 				// therefore sent packet will be not encrypted
 				PACKET crypt;
 				crypt.p_operation = op_crypt;
-				setCStr(crypt.p_crypt.p_key, cryptKey->t.c_str());
+				setCStr(crypt.p_crypt.p_key, cryptKey->keyName.c_str());
 				setCStr(crypt.p_crypt.p_plugin, p.c_str());
 				send(&crypt);
 
@@ -1291,7 +1291,8 @@ Firebird::ICryptKey* SrvAuthBlock::newKey(Firebird::CheckStatusWrapper* status)
 	{
 		InternalCryptKey* k = FB_NEW InternalCryptKey;
 
-		k->t = pluginName.c_str();
+		k->keyName = pluginName.c_str();
+		WIRECRYPT_DEBUG(fprintf(stderr, "Srv: newkey %s\n", k->keyName.c_str());)
 		port->port_crypt_keys.push(k);
 		newKeys.push(k);
 
@@ -1624,7 +1625,7 @@ void InternalCryptKey::setSymmetric(Firebird::CheckStatusWrapper* status, const
 	try
 	{
 		if (type)
-			t = type;
+			keyName = type;
 		encrypt.set(keyLength, key);
 		decrypt.clear();
 	}
@@ -1641,7 +1642,7 @@ void InternalCryptKey::setAsymmetric(Firebird::CheckStatusWrapper* status, const
 	try
 	{
 		if (type)
-			t = type;
+			keyName = type;
 		encrypt.set(encryptKeyLength, encryptKey);
 		decrypt.set(decryptKeyLength, decryptKey);
 	}

diff --git a/src/remote/remote.h b/src/remote/remote.h
@@ -661,7 +661,7 @@ class InternalCryptKey FB_FINAL :
 {
 public:
 	InternalCryptKey()
-		: t(getPool())
+		: keyName(getPool())
 	{ }
 
 	// ICryptKey implementation
@@ -696,7 +696,7 @@ class InternalCryptKey FB_FINAL :
 	};
 
 	Key encrypt, decrypt;
-	Firebird::PathName t;
+	Firebird::PathName keyName;
 };
 
 

diff --git a/src/remote/server/server.cpp b/src/remote/server/server.cpp
@@ -5714,7 +5714,7 @@ void rem_port::start_crypt(P_CRYPT * crypt, PACKET* sendL)
 		PathName keyName(crypt->p_key.cstr_address, crypt->p_key.cstr_length);
 		for (unsigned k = 0; k < port_crypt_keys.getCount(); ++k)
 		{
-			if (keyName == port_crypt_keys[k]->t)
+			if (keyName == port_crypt_keys[k]->keyName)
 			{
 				key = port_crypt_keys[k];
 				break;
@@ -5764,7 +5764,7 @@ void rem_port::start_crypt(P_CRYPT * crypt, PACKET* sendL)
 		port_crypt_complete = true;
 
 		send_response(sendL, 0, 0, &st, false);
-		WIRECRYPT_DEBUG(fprintf(stderr, "Installed cipher %s\n", cp.name()));
+		WIRECRYPT_DEBUG(fprintf(stderr, "Srv: Installed cipher %s\n", cp.name()));
 	}
 	catch (const Exception& ex)
 	{
@@ -6726,7 +6726,7 @@ bool SrvAuthBlock::extractNewKeys(CSTRING* to, ULONG flags)
 	{
 		for (unsigned n = 0; n < newKeys.getCount(); ++n)
 		{
-			const PathName& t = newKeys[n]->t;
+			const PathName& t = newKeys[n]->keyName;
 			PathName plugins = knownCryptKeyTypes()[t];
 			if (plugins.hasData())
 			{