| Subject | Re: [firebird-support] Firebird 3.0 client does not work with remote Firebird 2.5 database |
|---|---|
| Author | Helen Borrie |
| Post date | 2019-01-20T21:35:06Z |
Michael Fox wrote:
humps and bumps in the early releases, you might well be encountering
bugs that have since been fixed.
if it is working OK for you with 2.5.3 (also ancient!!) it might not
be a factor in this issue.
represent the default configs for a Fb3 client and a Fb3 server. Since
they are Fb 3 settings, the 2.5 server doesn't know about them.
Specifically, they are telling the Fb3 client to encrypt the wire
transmissions but of course Fb 2.5 doesn't support wire encryption.
Likewise, Fb 2.5 doesn't support SRP authentication; nor does the
Linux cclient support Win_Sspi at all.
Firebird 3 allows configuration at both client and server for some
parameters, including these two. Changes to these parameters must be
done at the client side for your situation. If you plan to use the
same Firebird setup on the Linus server as a client for databases on
both 2.5 and 3.0 servers, you'll need to configure records there in
databases.conf, specific to each. (You could set them globally in
firebird.conf but that would, of course, restrict the options for
accessing diverse remote databases.)
On the 2.5 server side, have the third party make an alias in
aliases.conf, e.g.,
p2gold = "d:/Database/P2Gold data.ib"
(You may or may not need the double quotes, try it both ways.)
At the Fb3 client side, make an entry in databases.conf for the
same alias. That's just for syntactic completeness: the client
doesn't do anything with the path, though of course this would be an
invalid entry if you tried to use it locally! You can study the notes
in databases.conf for the syntax of an entry. For this alias you will
need to set AuthClient = Legacy_Auth and WireCrpyt = Disabled.
Once saved, the config should work. The same isn't true for reconfigs
of server-side parameters, though - that requires a server restart.
Likewise, on the Fb 2.5 side, the alias should be available once
aliases.conf is saved, whereas anything reconfigured in firebird.conf
will necessitate a server restart before it is visible.
You can find more details in this article:
https://www.ibphoenix.com/files/Authentication_FB3.pdf
Helen
---
This email has been checked for viruses by AVG.
https://www.avg.com
> It’s the default package of firebird-dev 3.0.1.32609.ds4-14 onAncient. Current sub-release is 3.0.4. Given that there were some
> Stretch which doesn’t work.
humps and bumps in the early releases, you might well be encountering
bugs that have since been fixed.
> The previous version of firebird-devMaybe, maybe not. There are some bugs around with that driver. But
> 2.5.3.26778.ds4-5+deb8u1 on Jessie works fine with the same
> credentials (note: I’m using PHP’s Interbase extension to connect
> but I don’t think it’s the cause of the issue).
>
if it is working OK for you with 2.5.3 (also ancient!!) it might not
be a factor in this issue.
> The config settings are the default ones. For the two settings you mentioned:Here's the thing. The defaults shown here for these two parameters
> AuthClient = Srp, Win_Sspi, Legacy_Auth
> WireCrypt = Enabled (for client) / Required (for server)
represent the default configs for a Fb3 client and a Fb3 server. Since
they are Fb 3 settings, the 2.5 server doesn't know about them.
Specifically, they are telling the Fb3 client to encrypt the wire
transmissions but of course Fb 2.5 doesn't support wire encryption.
Likewise, Fb 2.5 doesn't support SRP authentication; nor does the
Linux cclient support Win_Sspi at all.
Firebird 3 allows configuration at both client and server for some
parameters, including these two. Changes to these parameters must be
done at the client side for your situation. If you plan to use the
same Firebird setup on the Linus server as a client for databases on
both 2.5 and 3.0 servers, you'll need to configure records there in
databases.conf, specific to each. (You could set them globally in
firebird.conf but that would, of course, restrict the options for
accessing diverse remote databases.)
> I’ve played around with different permutations without success.So - you have done settings in databases.conf?
> Maybe worth noting that the credentials for the remote server are in the format:It no longer makes good sense to avoid using aliases.
> XX.XXX.X.XXX/45731:d:/Database/P2Gold data.ib
On the 2.5 server side, have the third party make an alias in
aliases.conf, e.g.,
p2gold = "d:/Database/P2Gold data.ib"
(You may or may not need the double quotes, try it both ways.)
At the Fb3 client side, make an entry in databases.conf for the
same alias. That's just for syntactic completeness: the client
doesn't do anything with the path, though of course this would be an
invalid entry if you tried to use it locally! You can study the notes
in databases.conf for the syntax of an entry. For this alias you will
need to set AuthClient = Legacy_Auth and WireCrpyt = Disabled.
Once saved, the config should work. The same isn't true for reconfigs
of server-side parameters, though - that requires a server restart.
Likewise, on the Fb 2.5 side, the alias should be available once
aliases.conf is saved, whereas anything reconfigured in firebird.conf
will necessitate a server restart before it is visible.
You can find more details in this article:
https://www.ibphoenix.com/files/Authentication_FB3.pdf
Helen
---
This email has been checked for viruses by AVG.
https://www.avg.com