From a20b7d92b1fc0daa4624200c7c30531af3f2b758 Mon Sep 17 00:00:00 2001 From: Adriano dos Santos Fernandes Date: Sun, 26 Jan 2025 14:47:32 -0300 Subject: [PATCH 1/2] Remove legacy auth server. --- .../win32/BuildExecutableInstall.bat | 1 - builds/install/misc/firebird.conf | 2 - builds/posix/Makefile.in | 11 +- builds/posix/make.shared.variables | 6 - builds/win32/msvc15/Firebird.sln | 11 - builds/win32/msvc15/legacy_auth.vcxproj | 200 --------- .../win32/msvc15/legacy_auth.vcxproj.filters | 27 -- src/CMakeLists.txt | 11 - src/auth/SecurityDatabase/LegacyServer.cpp | 423 ------------------ src/auth/SecurityDatabase/LegacyServer.h | 38 -- src/jrd/version.h | 3 - src/remote/server/os/posix/inet_server.cpp | 1 - src/remote/server/os/win32/srvr_w32.cpp | 2 - 13 files changed, 2 insertions(+), 734 deletions(-) delete mode 100644 builds/win32/msvc15/legacy_auth.vcxproj delete mode 100644 builds/win32/msvc15/legacy_auth.vcxproj.filters delete mode 100644 src/auth/SecurityDatabase/LegacyServer.cpp delete mode 100644 src/auth/SecurityDatabase/LegacyServer.h diff --git a/builds/install/arch-specific/win32/BuildExecutableInstall.bat b/builds/install/arch-specific/win32/BuildExecutableInstall.bat index f53ad7e873d..7c26a30b2e3 100644 --- a/builds/install/arch-specific/win32/BuildExecutableInstall.bat +++ b/builds/install/arch-specific/win32/BuildExecutableInstall.bat @@ -254,7 +254,6 @@ set FBBUILD_INSTALL_IMAGES=%FB_ROOT_PATH%\builds\install_images copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\yvalve\fbclient.pdb %FB_OUTPUT_DIR%\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\engine\engine*.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\fbtrace\fbtrace.pdb %FB_OUTPUT_DIR%\plugins\ > nul - copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\legacy_auth\legacy_auth.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\legacy_usermanager\legacy_usermanager.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\srp\srp.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\udr_engine\udr_engine.pdb %FB_OUTPUT_DIR%\plugins\ > nul diff --git a/builds/install/misc/firebird.conf b/builds/install/misc/firebird.conf index 5221d6facb3..1fda3f12daf 100644 --- a/builds/install/misc/firebird.conf +++ b/builds/install/misc/firebird.conf @@ -507,8 +507,6 @@ # Make sure your keys are well encrypted before enabling this parameter. Take into # account that with AllowEncryptedSecurityDatabase=TRUE, unencrypted key transfer # may take place even when the security database is not encrypted. -# This feature is not supported by legacy authentication plugin - if you care -# about security please never use legacy authentication. # # Type: boolean # diff --git a/builds/posix/Makefile.in b/builds/posix/Makefile.in index e64fcc0f455..354252bcbd9 100644 --- a/builds/posix/Makefile.in +++ b/builds/posix/Makefile.in @@ -619,10 +619,9 @@ $(NBACKUP): $(NBACKUP_Objects) $(COMMON_LIB) # plugins - some of them are required to build examples, use separate entry for them # -.PHONY: udr legacy_user_management legacy_auth_server trace auth_debug udf_compat chacha profiler +.PHONY: udr legacy_user_management trace auth_debug udf_compat chacha profiler UDR_PLUGIN = $(call makePluginName,udr_engine) LEGACY_USER_MANAGER = $(call makePluginName,Legacy_UserManager) -LEGACY_AUTH_SERVER = $(call makePluginName,Legacy_Auth) SRP_USER_MANAGER = $(call makePluginName,Srp) FBTRACE = $(call makePluginName,fbtrace) AUTH_DEBUGGER = $(call makePluginName,Auth_Debug) @@ -636,7 +635,7 @@ ifeq ($(TARGET),Debug) BUILD_DEBUG:=auth_debug endif -plugins: udr legacy_user_management legacy_auth_server srp_user_management trace $(BUILD_DEBUG) udf_compat chacha profiler +plugins: udr legacy_user_management srp_user_management trace $(BUILD_DEBUG) udf_compat chacha profiler udr: $(UDR_PLUGIN) $(PLUGINS)/udr_engine.conf @@ -659,12 +658,6 @@ $(CHACHA): $(Chacha_Objects) $(COMMON_LIB) $(LINK_PLUGIN) $(call LIB_LINK_SONAME,$(notdir $@).0) -o $@ $^ $(LINK_PLUG_LIBS) $(FIREBIRD_LIBRARY_LINK)\ $(call LIB_LINK_DARWIN_INSTALL_NAME,plugins/libChaCha.$(SHRLIB_EXT)) -legacy_auth_server: $(LEGACY_AUTH_SERVER) - -$(LEGACY_AUTH_SERVER): $(LEGACY_AUTH_SERVER_Objects) $(COMMON_LIB) - $(LINK_PLUGIN) $(call LIB_LINK_SONAME,$(notdir $@).0) -o $@ $^ $(LINK_PLUG_LIBS) $(FIREBIRD_LIBRARY_LINK)\ - $(call LIB_LINK_DARWIN_INSTALL_NAME,plugins/libLegacy_Auth.$(SHRLIB_EXT)) - profiler: $(PROFILER) $(PROFILER): $(Profiler_Objects) $(COMMON_LIB) diff --git a/builds/posix/make.shared.variables b/builds/posix/make.shared.variables index 5074e5cf68b..58f65fedb18 100644 --- a/builds/posix/make.shared.variables +++ b/builds/posix/make.shared.variables @@ -190,12 +190,6 @@ LEGACY_USERS_MANAGE_Objects:= $(call makeObjects,auth/SecurityDatabase,LegacyMan AllObjects += $(LEGACY_USERS_MANAGE_Objects) -# Legacy authentication on server -LEGACY_AUTH_SERVER_Objects:= $(call makeObjects,auth/SecurityDatabase,LegacyServer.cpp) $(SecDbCache) - -AllObjects += $(LEGACY_AUTH_SERVER_Objects) - - # SRP-based users management in security database SRP_USERS_MANAGE_Objects:= $(call dirObjects,auth/SecureRemotePassword/manage) \ $(call dirObjects,auth/SecureRemotePassword) diff --git a/builds/win32/msvc15/Firebird.sln b/builds/win32/msvc15/Firebird.sln index a622aa6ac0c..b634593348c 100644 --- a/builds/win32/msvc15/Firebird.sln +++ b/builds/win32/msvc15/Firebird.sln @@ -76,8 +76,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "legacy_usermanager", "legac EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "srp", "srp.vcxproj", "{BD00D28E-6667-414E-A4B1-6BEFC07ADB42}" EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "legacy_auth", "legacy_auth.vcxproj", "{062BD3C7-2D01-44F6-8D79-070F688C559F}" -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udf_compat", "udf_compat.vcxproj", "{6794EB8C-6425-422D-A3B0-14EED54C0E98}" EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "chacha", "chacha.vcxproj", "{F2E1A852-5A4B-4162-9DA8-0363805FCFD0}" @@ -351,14 +349,6 @@ Global {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Release|Win32.Build.0 = Release|Win32 {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Release|x64.ActiveCfg = Release|x64 {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Release|x64.Build.0 = Release|x64 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Debug|Win32.ActiveCfg = Debug|Win32 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Debug|Win32.Build.0 = Debug|Win32 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Debug|x64.ActiveCfg = Debug|x64 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Debug|x64.Build.0 = Debug|x64 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Release|Win32.ActiveCfg = Release|Win32 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Release|Win32.Build.0 = Release|Win32 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Release|x64.ActiveCfg = Release|x64 - {062BD3C7-2D01-44F6-8D79-070F688C559F}.Release|x64.Build.0 = Release|x64 {6794EB8C-6425-422D-A3B0-14EED54C0E98}.Debug|Win32.ActiveCfg = Debug|Win32 {6794EB8C-6425-422D-A3B0-14EED54C0E98}.Debug|Win32.Build.0 = Debug|Win32 {6794EB8C-6425-422D-A3B0-14EED54C0E98}.Debug|x64.ActiveCfg = Debug|x64 @@ -458,7 +448,6 @@ Global {4FE03933-98CD-4879-A135-FD9430087A6B} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {D836FBF5-071E-4E04-8D63-C7EB6701B296} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {BD00D28E-6667-414E-A4B1-6BEFC07ADB42} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} - {062BD3C7-2D01-44F6-8D79-070F688C559F} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {6794EB8C-6425-422D-A3B0-14EED54C0E98} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {F2E1A852-5A4B-4162-9DA8-0363805FCFD0} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {B32D1B09-8161-451E-8D20-D30F26094EC0} = {DA5015E4-8349-4DAB-A1E5-18BDBDDA3022} diff --git a/builds/win32/msvc15/legacy_auth.vcxproj b/builds/win32/msvc15/legacy_auth.vcxproj deleted file mode 100644 index ada7c6d7dd4..00000000000 --- a/builds/win32/msvc15/legacy_auth.vcxproj +++ /dev/null @@ -1,200 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - {062BD3C7-2D01-44F6-8D79-070F688C559F} - 10.0.17763.0 - 10.0 - 10.0 - - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <_ProjectFileVersion>10.0.30319.1 - true - false - false - false - AllRules.ruleset - - - AllRules.ruleset - - - AllRules.ruleset - - - AllRules.ruleset - - - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - - - - Disabled - WIN32;_DEBUG;DEV_BUILD;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - EditAndContinue - - - false - - - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - - - false - - - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - X64 - - - Disabled - WIN32;_DEBUG;DEV_BUILD;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - false - - - MachineX64 - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - X64 - - - WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - - - false - - - MachineX64 - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - - - - - - - {15605f44-bffd-444f-ad4c-55dc9d704465} - false - - - {4fe03933-98cd-4879-a135-fd9430087a6b} - - - - - - - - - - \ No newline at end of file diff --git a/builds/win32/msvc15/legacy_auth.vcxproj.filters b/builds/win32/msvc15/legacy_auth.vcxproj.filters deleted file mode 100644 index 2502900a3fa..00000000000 --- a/builds/win32/msvc15/legacy_auth.vcxproj.filters +++ /dev/null @@ -1,27 +0,0 @@ - - - - - - - - {7b6c8954-96af-468f-a901-f3c81597d183} - - - {4c5e0fa9-7842-465d-9364-753bfb267c3d} - - - - - Resource files - - - - - AUTH files - - - AUTH files - - - \ No newline at end of file diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 13059dc5ebe..287b1b07595 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -572,17 +572,6 @@ set_output_directory (srp plugins) set_exported_symbols (srp fbplugin) -######################################## -# SHARED LIBRARY legacy_auth -######################################## - -add_library (legacy_auth SHARED auth/SecurityDatabase/LegacyServer.cpp ${VERSION_RC}) -target_link_libraries (legacy_auth common yvalve) -set_target_properties (legacy_auth PROPERTIES OUTPUT_NAME Legacy_Auth) -set_output_directory (legacy_auth plugins) -set_exported_symbols (legacy_auth fbplugin) - - ################################################################################ # # EXECUTABLES diff --git a/src/auth/SecurityDatabase/LegacyServer.cpp b/src/auth/SecurityDatabase/LegacyServer.cpp deleted file mode 100644 index 03715e96157..00000000000 --- a/src/auth/SecurityDatabase/LegacyServer.cpp +++ /dev/null @@ -1,423 +0,0 @@ -/* - * PROGRAM: JRD Access Method - * MODULE: LegacyServer.cpp - * DESCRIPTION: User information database access - * - * The contents of this file are subject to the Interbase Public - * License Version 1.0 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy - * of the License at http://www.Inprise.com/IPL.html - * - * Software distributed under the License is distributed on an - * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express - * or implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code was created by Inprise Corporation - * and its predecessors. Portions created by Inprise Corporation are - * Copyright (C) Inprise Corporation. - * - * All Rights Reserved. - * Contributor(s): ______________________________________. - * - * 2003.02.02 Dmitry Yemanov: Implemented cached security database connection - */ - -#include "firebird.h" - -#include "ibase.h" -#include "iberror.h" -#include "firebird/Interface.h" - -#include "../auth/SecurityDatabase/LegacyServer.h" -#include "../auth/SecurityDatabase/LegacyHash.h" -#include "../auth/SecDbCache.h" -#include "../remote/remot_proto.h" -#include "../jrd/constants.h" -#include "../common/enc_proto.h" -#include "../common/status.h" -#include "../common/classes/init.h" -#include "../common/classes/ClumpletWriter.h" - -#include - -#define PLUG_MODULE 1 - -using namespace Firebird; - -namespace { - -// BLR to search database for user name record - -const UCHAR PWD_REQUEST[] = -{ - blr_version5, - blr_begin, - blr_message, 1, 4, 0, - blr_long, 0, - blr_long, 0, - blr_short, 0, - blr_text, BLR_WORD(Auth::MAX_LEGACY_PASSWORD_LENGTH + 2), - blr_message, 0, 1, 0, - blr_cstring, 129, 0, - blr_receive, 0, - blr_begin, - blr_for, - blr_rse, 1, - blr_relation, 9, 'P', 'L', 'G', '$', 'U', 'S', 'E', 'R', 'S', 0, - blr_first, - blr_literal, blr_short, 0, 1, 0, - blr_boolean, - blr_eql, - blr_field, 0, 13, 'P', 'L', 'G', '$', 'U', 'S', 'E', 'R', '_', 'N', 'A', 'M', 'E', - blr_parameter, 0, 0, 0, - blr_end, - blr_send, 1, - blr_begin, - blr_assignment, - blr_field, 0, 7, 'P', 'L', 'G', '$', 'G', 'I', 'D', - blr_parameter, 1, 0, 0, - blr_assignment, - blr_field, 0, 7, 'P', 'L', 'G', '$', 'U', 'I', 'D', - blr_parameter, 1, 1, 0, - blr_assignment, - blr_literal, blr_short, 0, 1, 0, - blr_parameter, 1, 2, 0, - blr_assignment, - blr_field, 0, 10, 'P', 'L', 'G', '$', 'P', 'A', 'S', 'S', 'W', 'D', - blr_parameter, 1, 3, 0, - blr_end, - blr_send, 1, - blr_assignment, - blr_literal, blr_short, 0, 0, 0, - blr_parameter, 1, 2, 0, - blr_end, - blr_end, - blr_eoc -}; - -// Returns data in the following format - -struct user_record -{ - SLONG gid; - SLONG uid; - SSHORT flag; - SCHAR password[Auth::MAX_LEGACY_PASSWORD_LENGTH + 2]; -}; - -typedef char user_name[129]; - -// Transaction parameter buffer - -const UCHAR TPB[4] = -{ - isc_tpb_version1, - isc_tpb_read, - isc_tpb_concurrency, - isc_tpb_wait -}; - -} // anonymous namespace - -namespace Auth { - -GlobalPtr instances; - - -class SecurityDatabaseServer final : - public StdPlugin > -{ -public: - explicit SecurityDatabaseServer(IPluginConfig* p) - : iParameter(p) - { } - - // IServer implementation - int authenticate(CheckStatusWrapper* status, IServerBlock* sBlock, - IWriter* writerInterface); - void setDbCryptCallback(CheckStatusWrapper*, ICryptKeyCallback*) { } // ignore - -private: - RefPtr iParameter; -}; - - -class SecurityDatabase : public VSecDb -{ -public: - bool lookup(void* inMsg, void* outMsg) override; - - bool test() override - { - return fb_ping(status, &lookup_db) == FB_SUCCESS; - } - - // This 2 are needed to satisfy temporarily different calling requirements - static int shutdown(const int, const int, void*) - { - return instances->shutdown(); - } - static void cleanup() - { - instances->shutdown(); - } - - SecurityDatabase(const char* secDbName) - : lookup_db(0), lookup_req(0) - { - prepare(secDbName); - } - -private: - ISC_STATUS_ARRAY status; - - isc_db_handle lookup_db; - isc_req_handle lookup_req; - - ~SecurityDatabase(); - - void prepare(const char* secDbName); - void checkStatus(const char* callName, ISC_STATUS userError = isc_psw_db_error); -}; - -/****************************************************************************** - * - * Private interface - */ - -SecurityDatabase::~SecurityDatabase() -{ - // One can get 'invalid object' errors here cause provider - // may get unloaded before authentication plugin - - if (lookup_req) - { - isc_release_request(status, &lookup_req); - if (status[1] != isc_bad_req_handle) - checkStatus("isc_release_request", 0); - } - - if (lookup_db) - { - isc_detach_database(status, &lookup_db); - if (status[1] != isc_bad_db_handle) - checkStatus("isc_detach_database", 0); - } -} - - -void SecurityDatabase::prepare(const char* secureDbName) -{ - if (lookup_db) - { - return; - } - -#ifndef PLUG_MODULE - fb_shutdown_callback(status, shutdown, fb_shut_preproviders, 0); -#endif - - lookup_db = lookup_req = 0; - - // Perhaps build up a dpb - ClumpletWriter dpb(ClumpletReader::dpbList, MAX_DPB_SIZE); - - // Attachment is for the security database - dpb.insertByte(isc_dpb_sec_attach, TRUE); - - // Attach as SYSDBA - dpb.insertString(isc_dpb_trusted_auth, DBA_USER_NAME, fb_strlen(DBA_USER_NAME)); - - // Do not use loopback provider - dpb.insertString(isc_dpb_config, ParsedList::getNonLoopbackProviders(secureDbName)); - - isc_db_handle tempHandle = 0; - isc_attach_database(status, 0, secureDbName, &tempHandle, - dpb.getBufferLength(), reinterpret_cast(dpb.getBuffer())); - checkStatus("isc_attach_database", isc_psw_attach); - lookup_db = tempHandle; - - isc_compile_request(status, &lookup_db, &lookup_req, sizeof(PWD_REQUEST), - reinterpret_cast(PWD_REQUEST)); - if (status[1]) - { - ISC_STATUS_ARRAY localStatus; - // ignore status returned in order to keep first error - isc_detach_database(localStatus, &lookup_db); - } - - checkStatus("isc_compile_request", isc_psw_attach); -} - -void SecurityDatabase::checkStatus(const char* callName, ISC_STATUS userError) -{ - if (status[1] == 0) - return; - - // suppress throwing errors from destructor which passes userError == 0 - if (!userError) - return; - - Arg::Gds secDbError(userError); - - string message; - message.printf("Error in %s() API call when working with legacy security database", callName); - secDbError << Arg::Gds(isc_random) << message; - - secDbError << Arg::StatusVector(status); - secDbError.raise(); -} - -bool SecurityDatabase::lookup(void* inMsg, void* outMsg) -{ - isc_tr_handle lookup_trans = 0; - - isc_start_transaction(status, &lookup_trans, 1, &lookup_db, sizeof(TPB), TPB); - checkStatus("isc_start_transaction", isc_psw_start_trans); - - isc_start_and_send(status, &lookup_req, &lookup_trans, 0, sizeof(user_name), inMsg, 0); - checkStatus("isc_start_and_send"); - - bool found = false; - while (true) - { - user_record* user = static_cast(outMsg); - isc_receive(status, &lookup_req, 1, sizeof(user_record), user, 0); - checkStatus("isc_receive"); - - if (!user->flag || status[1]) - break; - - found = true; - } - - isc_rollback_transaction(status, &lookup_trans); - checkStatus("isc_rollback_transaction"); - - return found; -} - - -/****************************************************************************** - * - * Public interface - */ - -int SecurityDatabaseServer::authenticate(CheckStatusWrapper* status, IServerBlock* sBlock, - IWriter* authBlock) -{ - status->init(); - - try - { - const char* user = sBlock->getLogin(); - if (!user) - { - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer (nologin) %d\n", IAuth::AUTH_CONTINUE)); - return IAuth::AUTH_CONTINUE; - } - string login(user); - - unsigned length; - const unsigned char* data = sBlock->getData(&length); - if (!(data && length)) - { - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer (nopw) %d\n", IAuth::AUTH_MORE_DATA)); - return IAuth::AUTH_MORE_DATA; - } - - bool found = false; - char pw1[MAX_LEGACY_PASSWORD_LENGTH + 1]; - PathName secureDbName; - { // instance scope - // Get database block from cache - CachedSecurityDatabase::Instance instance; - instances->getInstance(iParameter, instance); - - secureDbName = instance->secureDbName; - if (!instance->secDb) - instance->secDb = FB_NEW SecurityDatabase(instance->secureDbName); - - user_name uname; // user name buffer - login.copyTo(uname, sizeof uname); - user_record user_block; // user record - found = instance->secDb->lookup(uname, &user_block); - fb_utils::copy_terminate(pw1, user_block.password, MAX_LEGACY_PASSWORD_LENGTH + 1); - } - if (!found) - { - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer (badlogin) %d\n", IAuth::AUTH_CONTINUE)); - return IAuth::AUTH_CONTINUE; - } - - string storedHash(pw1, MAX_LEGACY_PASSWORD_LENGTH); - storedHash.rtrim(); - storedHash.recalculate_length(); - - string passwordEnc; - passwordEnc.assign(data, length); - - string newHash; - LegacyHash::hash(newHash, login, passwordEnc, storedHash); - if (newHash != storedHash) - { - bool legacyHash = Config::getLegacyHash(); - if (legacyHash) - { - newHash.resize(MAX_LEGACY_PASSWORD_LENGTH + 2); - ENC_crypt(newHash.begin(), newHash.length(), passwordEnc.c_str(), LEGACY_PASSWORD_SALT); - newHash.recalculate_length(); - newHash.erase(0, 2); - legacyHash = newHash == storedHash; - } - if (!legacyHash) - { - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer (badpw) %d\n", IAuth::AUTH_CONTINUE)); - return IAuth::AUTH_CONTINUE; - } - } - - FbLocalStatus s; - authBlock->add(&s, login.c_str()); - check(&s); - authBlock->setDb(&s, secureDbName.c_str()); - check(&s); - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer (OK) %d\n", IAuth::AUTH_SUCCESS)); - return IAuth::AUTH_SUCCESS; - } - catch (const Exception& ex) - { - ex.stuffException(status); - HANDSHAKE_DEBUG(fprintf(stderr, "LegacyServer: exception status:\n")); - HANDSHAKE_DEBUG(isc_print_status(status->getErrors())); - HANDSHAKE_DEBUG(isc_print_status(status->getWarnings())); - return IAuth::AUTH_FAILED; - } -} - -namespace { - SimpleFactory factory; -} - -void registerLegacyServer(IPluginManager* iPlugin) -{ - iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_SERVER, - "Legacy_Auth", &factory); -} - -} // namespace Auth - - -#ifdef PLUG_MODULE - -extern "C" FB_DLL_EXPORT void FB_PLUGIN_ENTRY_POINT(IMaster* master) -{ - CachedMasterInterface::set(master); - - getUnloadDetector()->setCleanup(Auth::SecurityDatabase::cleanup); - Auth::registerLegacyServer(PluginManagerInterfacePtr()); - getUnloadDetector()->registerMe(); -} - -#endif // PLUG_MODULE diff --git a/src/auth/SecurityDatabase/LegacyServer.h b/src/auth/SecurityDatabase/LegacyServer.h deleted file mode 100644 index 43f7f306dee..00000000000 --- a/src/auth/SecurityDatabase/LegacyServer.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * PROGRAM: JRD Access Method - * MODULE: LegacyServer.h - * DESCRIPTION: User information database name - * - * The contents of this file are subject to the Interbase Public - * License Version 1.0 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy - * of the License at http://www.Inprise.com/IPL.html - * - * Software distributed under the License is distributed on an - * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express - * or implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code was created by Inprise Corporation - * and its predecessors. Portions created by Inprise Corporation are - * Copyright (C) Inprise Corporation. - * - * All Rights Reserved. - * Contributor(s): ______________________________________. - * - * 2002.10.29 Sean Leyne - Removed obsolete "Netware" port - * 2003.02.02 Dmitry Yemanov: Implemented cached security database connection - */ - -#ifndef AUTH_LEGACY_SERVER_H -#define AUTH_LEGACY_SERVER_H - -#include "firebird/Interface.h" - -namespace Auth { - -void registerLegacyServer(Firebird::IPluginManager* iPlugin); - -} // namespace Auth - -#endif // AUTH_LEGACY_SERVER_H diff --git a/src/jrd/version.h b/src/jrd/version.h index 094ffef206a..4e7c0a839a1 100644 --- a/src/jrd/version.h +++ b/src/jrd/version.h @@ -90,9 +90,6 @@ #elif defined RC_TARGET_isql #define VER_FILEDESC "Interactive Query tool" -#elif defined RC_TARGET_legacy_auth -#define VER_FILEDESC "Legacy Auth plugin" - #elif defined RC_TARGET_legacy_usermanager #define VER_FILEDESC "Legacy User Manager plugin" diff --git a/src/remote/server/os/posix/inet_server.cpp b/src/remote/server/os/posix/inet_server.cpp index 1266f28763a..8d234cd70b7 100644 --- a/src/remote/server/os/posix/inet_server.cpp +++ b/src/remote/server/os/posix/inet_server.cpp @@ -92,7 +92,6 @@ #include "firebird/Interface.h" #include "../common/classes/ImplementHelper.h" -#include "../auth/SecurityDatabase/LegacyServer.h" #include "../auth/trusted/AuthSspi.h" #include "../auth/SecureRemotePassword/server/SrpServer.h" diff --git a/src/remote/server/os/win32/srvr_w32.cpp b/src/remote/server/os/win32/srvr_w32.cpp index 6650fcc000e..e7dcd658981 100644 --- a/src/remote/server/os/win32/srvr_w32.cpp +++ b/src/remote/server/os/win32/srvr_w32.cpp @@ -113,7 +113,6 @@ #include "../common/os/os_utils.h" #include "../common/status.h" #include "../auth/trusted/AuthSspi.h" -#include "../auth/SecurityDatabase/LegacyServer.h" #include "../auth/SecureRemotePassword/server/SrpServer.h" @@ -269,7 +268,6 @@ int WINAPI WinMain(HINSTANCE hThisInst, HINSTANCE /*hPrevInst*/, LPSTR lpszArgs, { // scope for interface ptr PluginManagerInterfacePtr pi; - //Auth::registerLegacyServer(pi); Auth::registerSrpServer(pi); #ifdef TRUSTED_AUTH Auth::registerTrustedServer(pi); From a4c8d1467105063a38e148047eb7c178d6be8aeb Mon Sep 17 00:00:00 2001 From: Adriano dos Santos Fernandes Date: Sun, 26 Jan 2025 15:04:56 -0300 Subject: [PATCH 2/2] Remove legacy user manager. --- .../win32/BuildExecutableInstall.bat | 1 - builds/install/misc/firebird.conf | 3 +- builds/posix/Makefile.in | 11 +- builds/posix/make.shared.variables | 6 - builds/win32/msvc15/Firebird.sln | 14 - .../win32/msvc15/legacy_usermanager.vcxproj | 203 ----- .../msvc15/legacy_usermanager.vcxproj.filters | 38 - builds/win32/preprocess.bat | 1 - src/CMakeLists.txt | 17 - .../SecurityDatabase/LegacyManagement.epp | 771 ------------------ src/auth/SecurityDatabase/LegacyManagement.h | 57 -- src/jrd/version.h | 3 - 12 files changed, 3 insertions(+), 1122 deletions(-) delete mode 100644 builds/win32/msvc15/legacy_usermanager.vcxproj delete mode 100644 builds/win32/msvc15/legacy_usermanager.vcxproj.filters delete mode 100644 src/auth/SecurityDatabase/LegacyManagement.epp delete mode 100644 src/auth/SecurityDatabase/LegacyManagement.h diff --git a/builds/install/arch-specific/win32/BuildExecutableInstall.bat b/builds/install/arch-specific/win32/BuildExecutableInstall.bat index 7c26a30b2e3..b3167db504f 100644 --- a/builds/install/arch-specific/win32/BuildExecutableInstall.bat +++ b/builds/install/arch-specific/win32/BuildExecutableInstall.bat @@ -254,7 +254,6 @@ set FBBUILD_INSTALL_IMAGES=%FB_ROOT_PATH%\builds\install_images copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\yvalve\fbclient.pdb %FB_OUTPUT_DIR%\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\engine\engine*.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\fbtrace\fbtrace.pdb %FB_OUTPUT_DIR%\plugins\ > nul - copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\legacy_usermanager\legacy_usermanager.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\srp\srp.pdb %FB_OUTPUT_DIR%\plugins\ > nul copy %FB_TEMP_DIR%\%FBBUILD_BUILDTYPE%\udr_engine\udr_engine.pdb %FB_OUTPUT_DIR%\plugins\ > nul ) diff --git a/builds/install/misc/firebird.conf b/builds/install/misc/firebird.conf index 1fda3f12daf..22f7f635982 100644 --- a/builds/install/misc/firebird.conf +++ b/builds/install/misc/firebird.conf @@ -444,8 +444,7 @@ # ---------------------------- # UserManager sets the plugins used to work with the security database. If more than -# one plugin is given, the first plugin from the list is used by default. If you -# need to manage legacy logins using legacy tools set it to Legacy_UserManager. +# one plugin is given, the first plugin from the list is used by default. # Other managers may be chosen in create/alter/drop user commands. # # Per-database configurable. diff --git a/builds/posix/Makefile.in b/builds/posix/Makefile.in index 354252bcbd9..7b84b5d382a 100644 --- a/builds/posix/Makefile.in +++ b/builds/posix/Makefile.in @@ -619,9 +619,8 @@ $(NBACKUP): $(NBACKUP_Objects) $(COMMON_LIB) # plugins - some of them are required to build examples, use separate entry for them # -.PHONY: udr legacy_user_management trace auth_debug udf_compat chacha profiler +.PHONY: udr trace auth_debug udf_compat chacha profiler UDR_PLUGIN = $(call makePluginName,udr_engine) -LEGACY_USER_MANAGER = $(call makePluginName,Legacy_UserManager) SRP_USER_MANAGER = $(call makePluginName,Srp) FBTRACE = $(call makePluginName,fbtrace) AUTH_DEBUGGER = $(call makePluginName,Auth_Debug) @@ -635,7 +634,7 @@ ifeq ($(TARGET),Debug) BUILD_DEBUG:=auth_debug endif -plugins: udr legacy_user_management srp_user_management trace $(BUILD_DEBUG) udf_compat chacha profiler +plugins: udr srp_user_management trace $(BUILD_DEBUG) udf_compat chacha profiler udr: $(UDR_PLUGIN) $(PLUGINS)/udr_engine.conf @@ -646,12 +645,6 @@ $(UDR_PLUGIN): $(UDRENG_Objects) $(COMMON_LIB) $(LINK_UDRENG) $(call LIB_LINK_SONAME,$(notdir $@).0) -o $@ $^ $(LINK_UDRENG_LIBS) $(FIREBIRD_LIBRARY_LINK)\ $(call LIB_LINK_DARWIN_INSTALL_NAME,plugins/libudr_engine.$(SHRLIB_EXT)) -legacy_user_management: $(LEGACY_USER_MANAGER) - -$(LEGACY_USER_MANAGER): $(LEGACY_USERS_MANAGE_Objects) $(COMMON_LIB) - $(LINK_PLUGIN) $(call LIB_LINK_SONAME,$(notdir $@).0) -o $@ $^ $(LINK_PLUG_LIBS) $(RE2LIB) $(FIREBIRD_LIBRARY_LINK)\ - $(call LIB_LINK_DARWIN_INSTALL_NAME,plugins/libLegacy_UserManager.$(SHRLIB_EXT)) - chacha: $(CHACHA) $(CHACHA): $(Chacha_Objects) $(COMMON_LIB) diff --git a/builds/posix/make.shared.variables b/builds/posix/make.shared.variables index 58f65fedb18..c5ce723dfbd 100644 --- a/builds/posix/make.shared.variables +++ b/builds/posix/make.shared.variables @@ -184,12 +184,6 @@ ISQL_Test_Objects:= $(call dirObjects,isql/tests) AllObjects += $(ISQL_Objects) $(ISQL_Test_Objects) -# Legacy users management in security database -LEGACY_USERS_MANAGE_Objects:= $(call makeObjects,auth/SecurityDatabase,LegacyManagement.epp) - -AllObjects += $(LEGACY_USERS_MANAGE_Objects) - - # SRP-based users management in security database SRP_USERS_MANAGE_Objects:= $(call dirObjects,auth/SecureRemotePassword/manage) \ $(call dirObjects,auth/SecureRemotePassword) diff --git a/builds/win32/msvc15/Firebird.sln b/builds/win32/msvc15/Firebird.sln index b634593348c..522ae33c50d 100644 --- a/builds/win32/msvc15/Firebird.sln +++ b/builds/win32/msvc15/Firebird.sln @@ -31,9 +31,6 @@ EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gpre", "gpre.vcxproj", "{D84F0839-28A4-40B2-B5F4-F5E1E7F48FD0}" EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gsec", "gsec.vcxproj", "{7043CC61-DEC1-4C6B-86B9-0E911D1094C9}" - ProjectSection(ProjectDependencies) = postProject - {D836FBF5-071E-4E04-8D63-C7EB6701B296} = {D836FBF5-071E-4E04-8D63-C7EB6701B296} - EndProjectSection EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gsplit", "gsplit.vcxproj", "{B7F22B7F-9937-4874-9A8B-6AB4E36E74A5}" EndProject @@ -72,8 +69,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gpre_common", "gpre_common. EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "yvalve", "yvalve.vcxproj", "{4FE03933-98CD-4879-A135-FD9430087A6B}" EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "legacy_usermanager", "legacy_usermanager.vcxproj", "{D836FBF5-071E-4E04-8D63-C7EB6701B296}" -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "srp", "srp.vcxproj", "{BD00D28E-6667-414E-A4B1-6BEFC07ADB42}" EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udf_compat", "udf_compat.vcxproj", "{6794EB8C-6425-422D-A3B0-14EED54C0E98}" @@ -333,14 +328,6 @@ Global {4FE03933-98CD-4879-A135-FD9430087A6B}.Release|Win32.Build.0 = Release|Win32 {4FE03933-98CD-4879-A135-FD9430087A6B}.Release|x64.ActiveCfg = Release|x64 {4FE03933-98CD-4879-A135-FD9430087A6B}.Release|x64.Build.0 = Release|x64 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Debug|Win32.ActiveCfg = Debug|Win32 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Debug|Win32.Build.0 = Debug|Win32 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Debug|x64.ActiveCfg = Debug|x64 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Debug|x64.Build.0 = Debug|x64 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Release|Win32.ActiveCfg = Release|Win32 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Release|Win32.Build.0 = Release|Win32 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Release|x64.ActiveCfg = Release|x64 - {D836FBF5-071E-4E04-8D63-C7EB6701B296}.Release|x64.Build.0 = Release|x64 {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Debug|Win32.ActiveCfg = Debug|Win32 {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Debug|Win32.Build.0 = Debug|Win32 {BD00D28E-6667-414E-A4B1-6BEFC07ADB42}.Debug|x64.ActiveCfg = Debug|x64 @@ -446,7 +433,6 @@ Global {20DEBF08-EF0A-4C94-ADEB-FE9BBA14588B} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {2925B855-5975-44AE-BB00-1217A2A4E511} = {DA5015E4-8349-4DAB-A1E5-18BDBDDA3022} {4FE03933-98CD-4879-A135-FD9430087A6B} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} - {D836FBF5-071E-4E04-8D63-C7EB6701B296} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {BD00D28E-6667-414E-A4B1-6BEFC07ADB42} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {6794EB8C-6425-422D-A3B0-14EED54C0E98} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} {F2E1A852-5A4B-4162-9DA8-0363805FCFD0} = {5A1544E3-A87E-4F78-B197-528C12A64C7D} diff --git a/builds/win32/msvc15/legacy_usermanager.vcxproj b/builds/win32/msvc15/legacy_usermanager.vcxproj deleted file mode 100644 index 24a806667ac..00000000000 --- a/builds/win32/msvc15/legacy_usermanager.vcxproj +++ /dev/null @@ -1,203 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - {D836FBF5-071E-4E04-8D63-C7EB6701B296} - 10.0.17763.0 - 10.0 - 10.0 - - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - DynamicLibrary - MultiByte - v141 - v142 - v143 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <_ProjectFileVersion>10.0.30319.1 - true - false - false - false - AllRules.ruleset - - - AllRules.ruleset - - - AllRules.ruleset - - - AllRules.ruleset - - - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - ..\..\..\temp\$(PlatformName)\$(Configuration)\firebird\plugins\ - - - - Disabled - WIN32;_DEBUG;DEV_BUILD;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - EditAndContinue - - - false - - - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - - - false - - - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - X64 - - - Disabled - WIN32;_DEBUG;DEV_BUILD;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - false - - - MachineX64 - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - X64 - - - WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) - - - - - false - - - MachineX64 - ..\defs\plugin.def - Windows - mpr.lib;%(AdditionalDependencies) - - - - - - - - - - - - {15605f44-bffd-444f-ad4c-55dc9d704465} - false - - - {4fe03933-98cd-4879-a135-fd9430087a6b} - - - - - - - - - - - - \ No newline at end of file diff --git a/builds/win32/msvc15/legacy_usermanager.vcxproj.filters b/builds/win32/msvc15/legacy_usermanager.vcxproj.filters deleted file mode 100644 index df0166bb7d9..00000000000 --- a/builds/win32/msvc15/legacy_usermanager.vcxproj.filters +++ /dev/null @@ -1,38 +0,0 @@ - - - - - {f5abfba7-e5fe-444a-8f3a-71613bd06b14} - - - {4d7668b6-d659-4684-ac32-6285d87a8977} - - - {65cc725f-d68d-46a8-b9fd-1a442c5aa8bb} - - - {a4bf3426-2fd1-4474-8dcf-41acdd200b1a} - - - - - Resource files - - - - - GPRE epp - - - - - - headers - - - - - GPRE cpp - - - \ No newline at end of file diff --git a/builds/win32/preprocess.bat b/builds/win32/preprocess.bat index 049959f8ac4..b45ed120bf7 100644 --- a/builds/win32/preprocess.bat +++ b/builds/win32/preprocess.bat @@ -73,7 +73,6 @@ goto :EOF :MASTER_PROCESS @set GPRE=%FB_BIN_DIR%\gpre @for %%i in (alice_meta) do @call :PREPROCESS alice %%i -@for %%i in (LegacyManagement) do @call :PREPROCESS auth/SecurityDatabase %%i @for %%i in (backup, restore, OdsDetection) do @call :PREPROCESS burp %%i -ocxx -m @for %%i in (metd) do @call :PREPROCESS dsql %%i -gds_cxx @for %%i in (DdlNodes, PackageNodes) do @call :PREPROCESS dsql %%i -gds_cxx diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 287b1b07595..70c0f4411e9 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -58,7 +58,6 @@ set(epp_boot_gds_files jrd/Function.epp ) set(epp_master_files - auth/SecurityDatabase/LegacyManagement.epp msgs/build_file.epp misc/codes.epp ) @@ -532,22 +531,6 @@ set_exported_symbols (ib_util ib_util) set_output_directory_unix (ib_util lib) -######################################## -# SHARED LIBRARY legacy_usermanager -######################################## - -set(legacy_usermanager_generated_src - auth/SecurityDatabase/LegacyManagement.epp -) -add_epp_suffix(legacy_usermanager_generated_src master) - -add_library (legacy_usermanager SHARED ${legacy_usermanager_generated_src_master} auth/SecurityDatabase/LegacyManagement.h ${VERSION_RC}) -target_link_libraries (legacy_usermanager common yvalve) -set_target_properties (legacy_usermanager PROPERTIES OUTPUT_NAME Legacy_UserManager) -set_output_directory (legacy_usermanager plugins) -set_exported_symbols (legacy_usermanager fbplugin) - - ######################################## # SHARED LIBRARY udr_engine ######################################## diff --git a/src/auth/SecurityDatabase/LegacyManagement.epp b/src/auth/SecurityDatabase/LegacyManagement.epp deleted file mode 100644 index 80cbc070dc0..00000000000 --- a/src/auth/SecurityDatabase/LegacyManagement.epp +++ /dev/null @@ -1,771 +0,0 @@ -/* - * PROGRAM: Security data base manager - * MODULE: security.epp - * DESCRIPTION: Security routines - * - * The contents of this file are subject to the Interbase Public - * License Version 1.0 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy - * of the License at http://www.Inprise.com/IPL.html - * - * Software distributed under the License is distributed on an - * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express - * or implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code was created by Inprise Corporation - * and its predecessors. Portions created by Inprise Corporation are - * Copyright (C) Inprise Corporation. - * - * All Rights Reserved. - * Contributor(s): ______________________________________. - */ - -#include "firebird.h" -#include "../common/classes/alloc.h" -#include -#include -#include -#include -#include "ibase.h" -#include "../auth/SecurityDatabase/LegacyHash.h" -#include "../common/enc_proto.h" -#include "../yvalve/gds_proto.h" -#include "../common/isc_proto.h" -#include "../utilities/gsec/gsec.h" -#include "../common/utils_proto.h" -#include "../common/classes/init.h" -#include "../common/classes/UserBlob.h" -#include "../common/config/config_file.h" -#include "../auth/SecurityDatabase/LegacyManagement.h" -#include "../common/classes/ImplementHelper.h" -#include "../common/classes/ClumpletWriter.h" -#include "../common/StatusHolder.h" -#include "../common/security.h" -#include "../common/classes/ParsedList.h" -#include "firebird/Interface.h" - -// Here we use version-independent symbolic link (or copy) of actual database -DATABASE database = STATIC FILENAME "security.fdb"; - -static Firebird::GlobalPtr execLineMutex; // protects various gpre generated structures - -static bool grantRevokeAdmin(ISC_STATUS* isc_status, FB_API_HANDLE database, FB_API_HANDLE trans, - Firebird::IUser* user) -{ - if (!user->admin()->entered()) - { - return true; - } - - Firebird::string userName(user->userName()->get()); - for (unsigned i = 0; i < userName.length(); ++i) - { - if (userName[i] == '"') - { - userName.insert(i++, 1, '"'); - } - } - - Firebird::string sql; - sql.printf((user->admin()->get() ? "GRANT %s TO \"%s\"" : "REVOKE %s FROM \"%s\""), - ADMIN_ROLE, userName.c_str()); - isc_dsql_execute_immediate(isc_status, &database, &trans, sql.length(), sql.c_str(), SQL_DIALECT_V6, NULL); - - if (isc_status[1] && user->admin()->get() == 0) - { - isc_req_handle request = 0; - - FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) R IN RDB$USER_PRIVILEGES - WITH R.RDB$USER EQ user->userName()->get() - AND R.RDB$RELATION_NAME EQ 'RDB$ADMIN' - AND R.RDB$PRIVILEGE EQ 'M' - sql.printf("REVOKE " ADMIN_ROLE " FROM \"%s\" GRANTED BY \"%s\"", - userName.c_str(), R.RDB$GRANTOR); - END_FOR - - if (request) - { - ISC_STATUS_ARRAY s; - if (isc_release_request(s, &request) != FB_SUCCESS) - { - return false; - } - } - - isc_dsql_execute_immediate(isc_status, &database, &trans, sql.length(), sql.c_str(), SQL_DIALECT_V6, NULL); - } - - return isc_status[1] == 0; -} - - -static Firebird::GlobalPtr keys; - -namespace Auth { - -SecurityDatabaseManagement::SecurityDatabaseManagement(Firebird::IPluginConfig* par) - : database(0), transaction(0) -{ - Firebird::LocalStatus s; - Firebird::CheckStatusWrapper statusWrapper(&s); - config.assignRefNoIncr(par->getFirebirdConf(&statusWrapper)); - check(&s); -} - -void SecurityDatabaseManagement::start(Firebird::CheckStatusWrapper* st, Firebird::ILogonInfo* logonInfo) -{ - try - { - st->init(); - - unsigned int secDbKey = keys->getKey(config, "SecurityDatabase"); - const char* secDbName = config->asString(secDbKey); - if (!(secDbName && secDbName[0])) - { - Firebird::Arg::Gds(isc_secdb_name).raise(); - } - - Firebird::ClumpletWriter dpb(Firebird::ClumpletReader::dpbList, MAX_DPB_SIZE); - dpb.insertByte(isc_dpb_sec_attach, TRUE); - dpb.insertString(isc_dpb_config, Firebird::ParsedList::getNonLoopbackProviders(secDbName)); - - unsigned int authBlockSize; - const unsigned char* authBlock = logonInfo->authBlock(&authBlockSize); - - if (authBlockSize) - dpb.insertBytes(isc_dpb_auth_block, authBlock, authBlockSize); - else - { - const char* logon = logonInfo->name(); - if (logon && logon[0]) - dpb.insertString(isc_dpb_trusted_auth, logon, fb_strlen(logon)); - } - - const char* role = logonInfo->role(); - if (role && role[0]) - dpb.insertString(isc_dpb_sql_role_name, role, fb_strlen(role)); - - ISC_STATUS_ARRAY status; - if (isc_attach_database(status, 0, secDbName, &database, - dpb.getBufferLength(), reinterpret_cast(dpb.getBuffer()))) - { - Firebird::status_exception::raise(status); - } - - if (isc_start_transaction(status, &transaction, 1, &database, 0, NULL)) - { - Firebird::status_exception::raise(status); - } - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(st); - } -} - -void SecurityDatabaseManagement::commit(Firebird::CheckStatusWrapper* st) -{ - try - { - st->init(); - - ISC_STATUS_ARRAY status; - if (transaction) - { - if (isc_commit_transaction(status, &transaction)) - { - Firebird::status_exception::raise(status); - } - } - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(st); - } -} - -void SecurityDatabaseManagement::rollback(Firebird::CheckStatusWrapper* st) -{ - try - { - st->init(); - - ISC_STATUS_ARRAY status; - if (transaction) - { - if (isc_rollback_transaction(status, &transaction)) - { - Firebird::status_exception::raise(status); - } - } - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(st); - } -} - -int SecurityDatabaseManagement::release() -{ - if (--refCounter == 0) - { - ISC_STATUS_ARRAY status; - if (transaction) - isc_rollback_transaction(status, &transaction); - if (database) - isc_detach_database(status, &database); - - delete this; - return 0; - } - - return 1; -} - -#define STR_STORE(to, from) fb_utils::copy_terminate(to, from, sizeof(to)) -#define STR_VSTORE(to, from) string2vary(&to, from, sizeof(to)) -static void string2vary(void* to, Firebird::string& from, size_t to_size) -{ - size_t len = MIN(to_size - sizeof(USHORT), from.size()); - paramvary* v = reinterpret_cast(to); - v->vary_length = len; - memcpy(v->vary_string, from.c_str(), len); -} - - -int SecurityDatabaseManagement::execute(Firebird::CheckStatusWrapper* st, Firebird::IUser* user, - Firebird::IListUsers* callback) -{ -/************************************* - * - * S E C U R I T Y _ e x e c _ l i n e - * - ************************************** - * - * Functional description - * Process a command line for the security data base manager. - * This is used to add and delete users from the user information - * database (security2.fdb). It also displays information - * about current users and allows modification of current - * users' parameters. - * Returns 0 on success, otherwise returns a Gsec message number - * and the status vector containing the error info. - * The syntax is: - * - * Adding a new user: - * - * gsec -add [ ... ] -- command line - * add [ ... ] -- interactive - * - * Deleting a current user: - * - * gsec -delete -- command line - * delete -- interactive - * - * Displaying all current users: - * - * gsec -display -- command line - * display -- interactive - * - * Displaying one user: - * - * gsec -display -- command line - * display -- interactive - * - * Modifying a user's parameters: - * - * gsec -modify [ ... ] -- command line - * modify [ ... ] -- interactive - * - * Get help: - * - * gsec -help -- command line - * ? -- interactive - * help -- interactive - * - * Quit interactive session: - * - * quit -- interactive - * - * where can be one of: - * - * -uid - * -gid - * -fname - * -mname - * -lname - * - **************************************/ - int ret = 0; - - try - { - ISC_STATUS_ARRAY isc_status; - fb_utils::init_status(isc_status); - st->init(); - - Firebird::MutexLockGuard guard(execLineMutex, FB_FUNCTION); - - SCHAR encrypted1[MAX_LEGACY_PASSWORD_LENGTH + 2]; - Firebird::string encrypted2; - bool found; - - // check for non-printable characters in user name - for (const TEXT* p = user->userName()->get(); *p; p++) - { - if (!isprint(*p)) - { - return GsecMsg75; // Add special error message for this case ? - } - } - - isc_req_handle request = 0; - isc_req_handle request2 = 0; - - switch (user->operation()) - { - case Firebird::IUser::OP_USER_DROP_MAP: - case Firebird::IUser::OP_USER_SET_MAP: - { - Firebird::string sql; - sql.printf("ALTER ROLE " ADMIN_ROLE " %s AUTO ADMIN MAPPING", - user->operation() == Firebird::IUser::OP_USER_SET_MAP ? "SET" : "DROP"); - isc_dsql_execute_immediate(isc_status, &database, &transaction, sql.length(), sql.c_str(), 1, NULL); - if (isc_status[1] != 0) - { - ret = GsecMsg97; - } - } - break; - - case Firebird::IUser::OP_USER_ADD: - // this checks the "entered" flags for each parameter (except the name) - // and makes all non-entered parameters null valued - - STORE (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS USING - STR_STORE(U.PLG$USER_NAME, user->userName()->get()); - - U.PLG$UID.NULL = ISC_TRUE; - U.PLG$GID.NULL = ISC_TRUE; - U.PLG$GROUP_NAME.NULL = ISC_TRUE; - if (user->attributes()->entered()) - { - ConfigFile attr(ConfigFile::USE_TEXT, user->attributes()->get()); - const ConfigFile::Parameter* p; - - if ((p = attr.findParameter("uid")) && p->value.hasData()) - { - U.PLG$UID = p->asInteger(); - U.PLG$UID.NULL = ISC_FALSE; - } - - if ((p = attr.findParameter("gid")) && p->value.hasData()) - { - U.PLG$GID = p->asInteger(); - U.PLG$GID.NULL = ISC_FALSE; - } - - if ((p = attr.findParameter("groupName")) && p->value.hasData()) - { - STR_STORE(U.PLG$GROUP_NAME, p->value.c_str()); - U.PLG$GROUP_NAME.NULL = ISC_FALSE; - } - } - - if (user->password()->entered()) - { - ENC_crypt(encrypted1, sizeof encrypted1, user->password()->get(), LEGACY_PASSWORD_SALT); - LegacyHash::hash(encrypted2, user->userName()->get(), &encrypted1[2]); - STR_VSTORE(U.PLG$PASSWD, encrypted2); - U.PLG$PASSWD.NULL = ISC_FALSE; - } - else - U.PLG$PASSWD.NULL = ISC_TRUE; - if (user->firstName()->entered()) - { - STR_STORE(U.PLG$FIRST_NAME, user->firstName()->get()); - U.PLG$FIRST_NAME.NULL = ISC_FALSE; - } - else - U.PLG$FIRST_NAME.NULL = ISC_TRUE; - if (user->middleName()->entered()) - { - STR_STORE(U.PLG$MIDDLE_NAME, user->middleName()->get()); - U.PLG$MIDDLE_NAME.NULL = ISC_FALSE; - } - else - U.PLG$MIDDLE_NAME.NULL = ISC_TRUE; - if (user->lastName()->entered()) - { - STR_STORE(U.PLG$LAST_NAME, user->lastName()->get()); - U.PLG$LAST_NAME.NULL = ISC_FALSE; - } - else - U.PLG$LAST_NAME.NULL = ISC_TRUE; - END_STORE - ON_ERROR - ret = GsecMsg19; // gsec - add record error - END_ERROR; - if (ret == 0 && !grantRevokeAdmin(isc_status, database, transaction, user)) - { - ret = GsecMsg19; // gsec - add record error - } - break; - - case Firebird::IUser::OP_USER_MODIFY: - // this updates an existing record, replacing all fields that are - // entered, and for those that were specified but not entered, it - // changes the current value to the null value - - found = false; - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS - WITH U.PLG$USER_NAME EQ user->userName()->get() - { - found = true; - MODIFY U USING - if (user->attributes()->entered()) - { - U.PLG$UID.NULL = ISC_TRUE; - U.PLG$GID.NULL = ISC_TRUE; - U.PLG$GROUP_NAME.NULL = ISC_TRUE; - - ConfigFile attr(ConfigFile::USE_TEXT, user->attributes()->get()); - const ConfigFile::Parameter* p; - - if ((p = attr.findParameter("uid")) && p->value.hasData()) - { - U.PLG$UID = p->asInteger(); - U.PLG$UID.NULL = ISC_FALSE; - } - - if ((p = attr.findParameter("gid")) && p->value.hasData()) - { - U.PLG$GID = p->asInteger(); - U.PLG$GID.NULL = ISC_FALSE; - } - - if ((p = attr.findParameter("groupName")) && p->value.hasData()) - { - STR_STORE(U.PLG$GROUP_NAME, p->value.c_str()); - U.PLG$GROUP_NAME.NULL = ISC_FALSE; - } - } - else if (user->attributes()->specified()) - { - U.PLG$UID.NULL = ISC_TRUE; - U.PLG$GID.NULL = ISC_TRUE; - U.PLG$GROUP_NAME.NULL = ISC_TRUE; - } - - if (user->password()->entered()) - { - ENC_crypt(encrypted1, sizeof encrypted1, user->password()->get(), LEGACY_PASSWORD_SALT); - LegacyHash::hash(encrypted2, user->userName()->get(), &encrypted1[2]); - STR_VSTORE(U.PLG$PASSWD, encrypted2); - U.PLG$PASSWD.NULL = ISC_FALSE; - } - else if (user->password()->specified()) - U.PLG$PASSWD.NULL = ISC_TRUE; - - if (user->firstName()->entered()) - { - STR_STORE(U.PLG$FIRST_NAME, user->firstName()->get()); - U.PLG$FIRST_NAME.NULL = ISC_FALSE; - } - else if (user->firstName()->specified()) - U.PLG$FIRST_NAME.NULL = ISC_TRUE; - - if (user->middleName()->entered()) - { - STR_STORE(U.PLG$MIDDLE_NAME, user->middleName()->get()); - U.PLG$MIDDLE_NAME.NULL = ISC_FALSE; - } - else if (user->middleName()->specified()) - U.PLG$MIDDLE_NAME.NULL = ISC_TRUE; - - if (user->lastName()->entered()) - { - STR_STORE(U.PLG$LAST_NAME, user->lastName()->get()); - U.PLG$LAST_NAME.NULL = ISC_FALSE; - } - else if (user->lastName()->specified()) - U.PLG$LAST_NAME.NULL = ISC_TRUE; - END_MODIFY - ON_ERROR - ret = GsecMsg20; - END_ERROR; - } - END_FOR - ON_ERROR - ret = GsecMsg21; - END_ERROR; - - if (!ret && !found) - ret = GsecMsg22; - - if (ret == 0 && !grantRevokeAdmin(isc_status, database, transaction, user)) - { - ret = GsecMsg21; - } - break; - - case Firebird::IUser::OP_USER_DELETE: - // looks up the specified user record and deletes it - - found = false; - // Do not allow SYSDBA user to be deleted - if (!fb_utils::stricmp(user->userName()->get(), DBA_USER_NAME)) - ret = GsecMsg23; - else - { - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS - WITH U.PLG$USER_NAME EQ user->userName()->get() - { - found = true; - ERASE U - ON_ERROR - ret = GsecMsg23; // gsec - delete record error - END_ERROR; - } - END_FOR - ON_ERROR - ret = GsecMsg24; // gsec - find/delete record error - END_ERROR; - } - - if (!ret && !found) - ret = GsecMsg22; // gsec - record not found for user: - - user->admin()->set(st, 0); - check(st); - user->admin()->setEntered(st, 1); - check(st); - if (ret == 0 && !grantRevokeAdmin(isc_status, database, transaction, user)) - { - ret = GsecMsg24; - } - break; - - case Firebird::IUser::OP_USER_DISPLAY: - // gets either the desired record, or all records, and displays them - - found = false; - if (!user->userName()->entered()) - { - Firebird::LocalStatus s2; - Firebird::CheckStatusWrapper statusWrapper2(&s2); - Firebird::CheckStatusWrapper* s = st; - - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS - try - { - { - Firebird::string attr, a1, a2, a3; - - if (!U.PLG$UID.NULL) - a1.printf("Uid=%d\n", U.PLG$UID); - - if (!U.PLG$GID.NULL) - a2.printf("Gid=%d\n", U.PLG$GID); - - if (!U.PLG$GROUP_NAME.NULL) - a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME); - - attr = a1 + a2 + a3; - user->attributes()->set(s, attr.c_str()); - check(s); - user->attributes()->setEntered(s, attr.hasData() ? 1 : 0); - check(s); - } - - user->userName()->set(s, U.PLG$USER_NAME); - check(s); - user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1); - check(s); - user->password()->set(s, ""); - check(s); - user->password()->setEntered(s, 0); - check(s); - user->firstName()->set(s, U.PLG$FIRST_NAME); - check(s); - user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1); - check(s); - user->middleName()->set(s, U.PLG$MIDDLE_NAME); - check(s); - user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1); - check(s); - user->lastName()->set(s, U.PLG$LAST_NAME); - check(s); - user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1); - check(s); - - user->admin()->set(s, 0); - check(s); - user->admin()->setEntered(s, 1); - check(s); - - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2) - P IN RDB$USER_PRIVILEGES - WITH P.RDB$USER EQ U.PLG$USER_NAME AND - P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND - P.RDB$PRIVILEGE EQ 'M' - { - user->admin()->set(s, 1); - } - END_FOR - check(s); - - callback->list(s, user); - check(s); - - found = true; - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(s); - s = &statusWrapper2; - } - END_FOR - ON_ERROR - ret = GsecMsg28; // gsec - find/display record error - END_ERROR; - - // real error raise - out of gpre's FOR loop - check(st); - } - else - { - Firebird::string attr, a1, a2, a3; - Firebird::LocalStatus s2; - Firebird::CheckStatusWrapper statusWrapper2(&s2); - Firebird::CheckStatusWrapper* s = st; - - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS - WITH U.PLG$USER_NAME EQ user->userName()->get() - - try - { - if (!U.PLG$UID.NULL) - a1.printf("Uid=%d\n", U.PLG$UID); - - if (!U.PLG$GID.NULL) - a2.printf("Gid=%d\n", U.PLG$GID); - - if (!U.PLG$GROUP_NAME.NULL) - a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME); - - attr = a1 + a2 + a3; - user->attributes()->set(s, attr.c_str()); - check(s); - user->attributes()->setEntered(s, attr.hasData() ? 1 : 0); - check(s); - - user->userName()->set(s, U.PLG$USER_NAME); - check(s); - user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1); - check(s); - user->password()->set(s, ""); - check(s); - user->password()->setEntered(s, 0); - check(s); - user->firstName()->set(s, U.PLG$FIRST_NAME); - check(s); - user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1); - check(s); - user->middleName()->set(s, U.PLG$MIDDLE_NAME); - check(s); - user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1); - check(s); - user->lastName()->set(s, U.PLG$LAST_NAME); - check(s); - user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1); - check(s); - - user->admin()->set(s, 0); - check(s); - user->admin()->setEntered(s, 1); - check(s); - - FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2) - P IN RDB$USER_PRIVILEGES - WITH P.RDB$USER EQ U.PLG$USER_NAME AND - P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND - P.RDB$PRIVILEGE EQ 'M' - { - user->admin()->set(s, 1); - } - END_FOR - check(s); - - callback->list(s, user); - check(s); - - found = true; - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(s); - s = &statusWrapper2; - } - END_FOR - ON_ERROR - ret = GsecMsg28; // gsec - find/display record error - END_ERROR; - - // real error raise - out of gpre's FOR loop - check(st); - } - break; - - default: - ret = GsecMsg16; // gsec - error in switch specifications - break; - } - - if (request) - { - ISC_STATUS_ARRAY s; - if (isc_release_request(s, &request) != FB_SUCCESS) - { - if (! ret) - { - ret = GsecMsg94; // error releasing request in security database - } - } - } - - if (request2) - { - ISC_STATUS_ARRAY s; - if (isc_release_request(s, &request2) != FB_SUCCESS) - { - if (! ret) - { - ret = GsecMsg94; // error releasing request in security database - } - } - } - - fb_utils::setIStatus(st, isc_status); - } - catch (const Firebird::Exception& ex) - { - ex.stuffException(st); - } - - return ret; -} - -} // namespace Auth - -// register plugin -static Firebird::SimpleFactory factory; - -extern "C" FB_DLL_EXPORT void FB_PLUGIN_ENTRY_POINT(Firebird::IMaster* master) -{ - Firebird::CachedMasterInterface::set(master); - Firebird::PluginManagerInterfacePtr()->registerPluginFactory( - Firebird::IPluginManager::TYPE_AUTH_USER_MANAGEMENT, "Legacy_UserManager", &factory); - Firebird::getUnloadDetector()->registerMe(); -} diff --git a/src/auth/SecurityDatabase/LegacyManagement.h b/src/auth/SecurityDatabase/LegacyManagement.h deleted file mode 100644 index 65136edb6ad..00000000000 --- a/src/auth/SecurityDatabase/LegacyManagement.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * PROGRAM: Firebird authentication - * MODULE: LegacyManagement.h - * DESCRIPTION: Performs legacy actions with security database - * - * The contents of this file are subject to the Initial - * Developer's Public License Version 1.0 (the "License"); - * you may not use this file except in compliance with the - * License. You may obtain a copy of the License at - * http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_idpl. - * - * Software distributed under the License is distributed AS IS, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. - * See the License for the specific language governing rights - * and limitations under the License. - * - * The Original Code was created by Alex Peshkov - * for the Firebird Open Source RDBMS project. - * - * Copyright (c) 2010 Alex Peshkov - * and all contributors signed below. - * - * All Rights Reserved. - * Contributor(s): ______________________________________. - */ - -#ifndef AUTH_LEGACY_MANAGEMENT_H -#define AUTH_LEGACY_MANAGEMENT_H - -#include "../common/classes/ImplementHelper.h" -#include "firebird/Interface.h" - - -namespace Auth { - -class SecurityDatabaseManagement final : - public Firebird::StdPlugin > -{ -public: - explicit SecurityDatabaseManagement(Firebird::IPluginConfig* par); - - // IManagement implementation - void start(Firebird::CheckStatusWrapper* status, Firebird::ILogonInfo* logonInfo) override; - int execute(Firebird::CheckStatusWrapper* status, Firebird::IUser* user, Firebird::IListUsers* callback) override; - void commit(Firebird::CheckStatusWrapper* status) override; - void rollback(Firebird::CheckStatusWrapper* status) override; - - int release() override; - -private: - Firebird::RefPtr config; - FB_API_HANDLE database, transaction; -}; - -} // namespace Auth - -#endif // AUTH_LEGACY_MANAGEMENT_H diff --git a/src/jrd/version.h b/src/jrd/version.h index 4e7c0a839a1..56461ea6ebb 100644 --- a/src/jrd/version.h +++ b/src/jrd/version.h @@ -90,9 +90,6 @@ #elif defined RC_TARGET_isql #define VER_FILEDESC "Interactive Query tool" -#elif defined RC_TARGET_legacy_usermanager -#define VER_FILEDESC "Legacy User Manager plugin" - #elif defined RC_TARGET_nbackup #define VER_FILEDESC "Physical Backup Management tool"