Support for legacy authentication

[fdcastel]

Firebird installer for Windows has a task called EnableLegacyClientAuth which makes the following changes in firebird.conf:

AuthServer = Legacy_Auth, Srp, Win_Sspi 
AuthClient = Legacy_Auth, Srp, Win_Sspi 
UserManager = Legacy_UserManager, Srp 
WireCrypt = enabled 

Could we add a similar environment variable to enable this?

P.S.: The installer code can be found here.

[jacobalberty]

Yeah, should be easy enough to implement. I can add it to docker-entrypoint.sh and have it do it when it needs to create a new etc folder, right now if /firebird/etc doesn't exist then docker-entrypoint.sh copies the original etc out of /usr/local/firebird/skel/etc into /firebird/etc . At that point I can check for environment variables to implement this and #18, i do something similar already in my unifi images.

[jacobalberty]

I used the naming scheme from the windows installer. though its quite a bit verbose for unixy systems but it is functional and matches an existing convention. passing the relevant environment variable EnableLegacyClientAuth=true it will set the relevant configuration flags, it should be up on the hub in about 30 minutes.

[mrotteveel]

When EnableLegacyClientAuth=true, consider creating both sysdba and the FIREBIRD_USER account for both authentication plugins (eg using CREATE USER ${FIREBIRD_USER} PASSWORD '${FIREBIRD_PASSWORD}' USING PLUGIN Srp (and USING PLUGIN Legacy_UserManager), and similar for the create or alter user SYSDBA statement.

I'd argue that it is safer to use UserManager = Srp, Legacy_UserManager, but that can give problems with pre-Firebird 3 tools that use the services API to manage users.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 14 days.