Fixed #8644: Connection error via Loopback provider if it's the first in the Providers parameter

(cherry picked from commit 27f7d41)

Author: AlexPeshkoff

src/jrd/extds/IscDS.cpp

@@ -119,7 +119,22 @@ void IscConnection::attach(thread_db* tdbb, const PathName& dbName, const string
 
 	// Avoid change of m_dpb by validatePassword() below
 	ClumpletWriter newDpb(m_dpb);
-	validatePassword(tdbb, m_dbName, newDpb);
+	if (validatePassword(tdbb, m_dbName, newDpb))
+	{
+		// After successful password validation only local for current server providers
+		// should be used. Currently we do not distinguish provider's properties
+		// therefore use working but definitely not ideal way to avoid remote & loopback
+		// providers to be used - add empty isc_dpb_address_path clumplet to DPB.
+		// See also get_new_dpb() in interface.cpp.
+
+		ClumpletWriter address_record(ClumpletReader::UnTagged, MAX_UCHAR - 2);
+		ClumpletWriter address_stack_buffer(ClumpletReader::UnTagged, MAX_UCHAR - 2);
+		address_stack_buffer.insertBytes(isc_dpb_address,
+			address_record.getBuffer(), address_record.getBufferLength());
+
+		newDpb.insertBytes(isc_dpb_address_path, address_stack_buffer.getBuffer(),
+						   address_stack_buffer.getBufferLength());
+	}
 
 	if (newDpb.getBufferLength() > MAX_USHORT)
 	{

src/jrd/extds/ValidatePassword.cpp

@@ -169,16 +169,18 @@ void SBlock::putData(CheckStatusWrapper* status, unsigned int length, const void
 
 namespace EDS {
 
-void validatePassword(thread_db* tdbb, const PathName& file, ClumpletWriter& dpb)
+bool validatePassword(thread_db* tdbb, const PathName& file, ClumpletWriter& dpb)
 {
 	// Peliminary checks - should we really validate password ourself
 	if (!dpb.find(isc_dpb_user_name))		// check for user name presence
-		return;
+		return false;
 	if (ISC_check_if_remote(file, false))	// check for remote connection
-		return;
+		return false;
 	UserId* usr = tdbb->getAttachment()->att_user;
+	if (!usr)
+		return false;
 	if (!usr->usr_auth_block.hasData())		// check for embedded attachment
-		return;
+		return false;
 
 	Arg::Gds loginError(isc_login_error);
 
@@ -260,10 +262,13 @@ void validatePassword(thread_db* tdbb, const PathName& file, ClumpletWriter& dpb
 			switch (server.plugin()->authenticate(&s, &sBlock, &writer))
 			{
 			case IAuth::AUTH_SUCCESS:
+				// remove isc_dpb_user_name cause it has precedence over isc_dpb_auth_block
 				dpb.deleteWithTag(isc_dpb_user_name);
+				// isc_dpb_password makes no sense w/o isc_dpb_user_name
 				dpb.deleteWithTag(isc_dpb_password);
+				// save built by this routine isc_dpb_auth_block
 				writer.store(&dpb, isc_dpb_auth_block);
-				return;
+				return true;
 
 			case IAuth::AUTH_CONTINUE:
 				limit = MAXLIMIT;
@@ -289,6 +294,7 @@ void validatePassword(thread_db* tdbb, const PathName& file, ClumpletWriter& dpb
 	}
 
 	Arg::Gds(isc_login).raise();
+	return false;		// warning silencer
 }
 
 } // namespace EDS

src/jrd/extds/ValidatePassword.h

@@ -34,7 +34,7 @@ namespace Jrd
 
 namespace EDS {
 
-void validatePassword(Jrd::thread_db* tdbb, const Firebird::PathName& file,
+bool validatePassword(Jrd::thread_db* tdbb, const Firebird::PathName& file,
 	Firebird::ClumpletWriter& dpb);
 
 } // namespace EDS