http://qs321.pair.com?node_id=11117007


in reply to DBD::Sybase with Repserver and password encryption

I don't have much to offer but only a point of investigation: does encrypted password actually reach replication server as such via isql?

From OP, seems like RSSD hosted separately from replication server. That in ASE 15 era could be served via ASE itself. So, are you able to connect to RSSD server with encryptPassword = 1?

Replies are listed 'Best First'.
Re^2: DBD::Sybase with Repserver and password encryption
by Anonymous Monk on May 21, 2020 at 07:55 UTC

    Yes I can connect to the RSSD server which is an ASE using the encryptPassword=1 if my example is changed to point at the RSSD instead

    If I am using isql then using the isql equivalent (isql -X) of the DBD::Sybase encryptPassword=1 works fine. It also works if I use sqsh -X. The only thing that does not work is the perl code version

    Is there any extra tracing I can add to the dbi call to see if that shows anymore diagnstic information that might be of assistance ?

      Per Jan 2005 thread, you may need to turn off transaction and/or assign error handler callback sub when connecting to replication server. OTOH if you can connect to replication server without encryptPassword and can execute a command successfully, then I don't see how that advice would help.

      (Some of the bug reports are available on Michael P's (maintainer's) website, e.g. 441: amdmin who,sqm fails while in a transaction, 2002.)

        Everything works fine without password encryption set on in the DBI call. I had seen that previous thread but it's a different problem I have and was hoping somebdoy else may have ht a similar issue with security being a buzzword these days

      Could you list the versions of ...

      • perl & DBD::Sybase;
      • the external libraries (e.g. freetds or ones from AES) that DBD::Sybase uses;
      • isql;
      • Replication Server
      ... for possibly others to help?

      You could do DBI->trace(4); before connect() to see where the issue is at more granular level.

      At this point all I can say is to check that encrypted passwords match as sent by isql & DBD::Sybase (say, via tcpdump or some other network packet analyzer) to the replication server.

        Setting the trace has helped I believe

        I see this which only appears when the encryptPassword is set on

        -> DBI->connect(dbi:Sybase:server=MY_REPSERVER;encryptPassword=1, rep +serv_user, ****) !! ERROR: 2056 CLEARED by call to connect method -> connect for DBD::Sybase::dr (DBI::dr=HASH(0x1a723a8)~0x1a72420 +'server=MY_REPSERVER;encryptPassword=1' 'repserv_user' **** HASH(0x1d +1d640)) syb_db_login() -> using global CS_LOCALE data servermsg_cb -> number=14021 severity=12 state=0 line=0 server=MY_ +REPSERVER text=Invalid login attempted by user 'repserv_user' clientmsg_cb -> ct_connect(): protocol specific layer: external er +ror: The attempt to connect to the server failed.

        That 2056 error (which is a Sybase syntax error) does not appear when encryptPassword is not set.

        So it looks like a possible bug in DBD::Sybase ?

        I'm not sure if that module is maintained anymore