Detecting connection is using wire encryption

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Detecting connection is using wire encryption

Mark Rotteveel-2
Is there a way to programmatically detect a connection is using wire
encryption (eg in a monitoring table or the service API)?

I'm writing a test to check if Jaybird is correctly (not) using
encryption depending on its connection properties, and I'd prefer
'outside' confirmation (that is: Firebird telling me it is indeed (not)
encrypted) instead of relying on the specifics of the implementation itself.

--
Mark Rotteveel

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

Mark Rotteveel-2
On 16-7-2017 11:59, Mark Rotteveel wrote:
> Is there a way to programmatically detect a connection is using wire
> encryption (eg in a monitoring table or the service API)?
>
> I'm writing a test to check if Jaybird is correctly (not) using
> encryption depending on its connection properties, and I'd prefer
> 'outside' confirmation (that is: Firebird telling me it is indeed (not)
> encrypted) instead of relying on the specifics of the implementation
> itself.

Instead if service API, I of course meant isc_database_info.

Mark

--
Mark Rotteveel

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

Jiří Činčura-2
In reply to this post by Mark Rotteveel-2
> I'm writing a test to check if Jaybird is correctly (not) using
> encryption depending on its connection properties, and I'd prefer
> 'outside' confirmation (that is: Firebird telling me it is indeed (not)
> encrypted) instead of relying on the specifics of the implementation
> itself.

I think you can get the information from full version string. I'm using
it
(https://github.com/cincuranet/FirebirdSql.Data.FirebirdClient/blob/master/Provider/src/FirebirdSql.Data.UnitTests/FbConnectionTests.cs#L352)
to test everything with compression is fine from server's POV.

--
Mgr. Jiří Činčura
https://www.tabsoverspaces.com/

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

Jiří Činčura-2
Too fast. The encrypted connection will have 'C' there and I'm getting
that string from isc_info_firebird_version.

--
Mgr. Jiří Činčura
https://www.tabsoverspaces.com/


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

firebird-devel mailing list
In reply to this post by Mark Rotteveel-2
16.07.2017 12:59, Mark Rotteveel wrote:
> Is there a way to programmatically detect a connection is using wire encryption (eg in a monitoring table or the service API)?
>
> I'm writing a test to check if Jaybird is correctly (not) using encryption depending on its connection properties, and I'd prefer
> 'outside' confirmation (that is: Firebird telling me it is indeed (not) encrypted) instead of relying on the specifics of the
> implementation itself.
>

   Looks for Alex answers in thread "Wire compression" from 21.06.2016.

   Response on op_info_database contains (among other data) protocol version
with optional flags about compression (Z) and\or encryption (C), for example:

P15 - no encryption, no compression
P15:CZ - encrypted, compressed

Hope it helps,
Vlad

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

Mark Rotteveel-2
In reply to this post by Jiří Činčura-2
On 16-7-2017 12:15, Jiří Činčura wrote:

>> I'm writing a test to check if Jaybird is correctly (not) using
>> encryption depending on its connection properties, and I'd prefer
>> 'outside' confirmation (that is: Firebird telling me it is indeed (not)
>> encrypted) instead of relying on the specifics of the implementation
>> itself.
>
> I think you can get the information from full version string. I'm using
> it
> (https://github.com/cincuranet/FirebirdSql.Data.FirebirdClient/blob/master/Provider/src/FirebirdSql.Data.UnitTests/FbConnectionTests.cs#L352)
> to test everything with compression is fine from server's POV.
>

Thanks, I knew it did that for compression. Hadn't thought it might also
apply to encryption. I can use that.

That said, I would still like to know if there is a specific info item I
can use as well.

Mark
--
Mark Rotteveel

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

Dmitry Yemanov-3
16.07.2017 13:31, Mark Rotteveel wrote:
>
> That said, I would still like to know if there is a specific info item I
> can use as well.

There's no such an item, AFAIK.


Dmitry

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Detecting connection is using wire encryption

firebird-devel mailing list
In reply to this post by firebird-devel mailing list


On 16.07.2017 13:23, Vlad Khorsun via Firebird-devel wrote:

> 16.07.2017 12:59, Mark Rotteveel wrote:
>> Is there a way to programmatically detect a connection is using wire
>> encryption (eg in a monitoring table or the service API)?
>>
>> I'm writing a test to check if Jaybird is correctly (not) using
>> encryption depending on its connection properties, and I'd prefer
>> 'outside' confirmation (that is: Firebird telling me it is indeed
>> (not) encrypted) instead of relying on the specifics of the
>> implementation itself.
>>
>
>   Looks for Alex answers in thread "Wire compression" from 21.06.2016.
>
>   Response on op_info_database contains (among other data) protocol
> version
> with optional flags about compression (Z) and\or encryption (C), for
> example:
>
> P15 - no encryption, no compression
> P15:CZ - encrypted, compressed
>

I understand that parsing text string  is not best way to go. There are
plans to add appropriate boolean fields to mon$ tables.



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Loading...