• Welcome, Guest. Please login.
 
September 17, 2019, 02:05:01 pm

News:

Welcome to the SQLitening support forums!


Summary of update suggestions for SQLitening code base

Started by Bern Ertl, November 19, 2015, 10:55:17 am

Previous topic - Next topic

Bern Ertl

Here's a summary of the suggestions for updating the SQLitening code base (that I'm aware of).  Some might already be incorporated (shouldn't take but a second to confirm)...

Fix for issue with slDisconnect causing lock ups
SQLiteningClient.Bas, add RESET thMutex statement:

SUB SQLiteDisconnect ALIAS "SQLiteDisconnect" EXPORT
  ' Tell ImHere thread to die
  @tlpKillImHere = 1
  reset tlpKillImHere  ' Disconnect and close Tcp socket

  DoRequest %reqDisconnect, 0, 0, "", 0
  TCP CLOSE thSocket
  CloseHandle thMutex
  RESET thMutex
END SUB

Solution discussed here:  http://www.sqlitening.com/support/index.php?topic=9420.0

~~~

Documentation update:  http://www.sqlitening.com/support/index.php?topic=9162.msg24023#msg24023

~~~

slConnect wsOutData pararmeter fix:  http://www.sqlitening.com/support/index.php?topic=9079.0

~~~

Expose new function slKill:  http://www.sqlitening.com/support/index.php?topic=9087.0

~~~

slSetNamedLocks error handling update:  http://www.sqlitening.com/support/index.php?topic=9391.msg24774#msg24774

~~~

(Proposed / solution not detailed) Update Rijndael encryption:  http://www.sqlitening.com/support/index.php?topic=9406.0

Note:  if there is any difference in the encryption (from existing routine to potential replacement), it could break existing apps so this would need to be something optional unless fully tested)

~~~


If I missed something, please add to the list.

Paul Squires

Thanks Bern

Yes, please everyone take a look at your codebases to see what needs to be added, changed, etc. I will consolidate all changes and upload a new package. It has been a very long time since an updated package was made available.

Bern Ertl

cj - appreciate the work you are doing on this.  I haven't had a chance to review what you are doing, so I can't offer any comments on it, but I would prefer that updates to the main code base only include changes that we are sure about.  It seems like what you are doing with the server code probably deserves it's own thread (and some extensive testing).


Paul Squires

Thanks guys, I will start processing the updates tomorrow and post the new package here for your review. I will exclude cj's suggested new code until you guys feel more comfortable with including it.

Paul Squires

Okay, all changes have been added to the source code. I am now updating the version numbers and will compile using PB10. I will post the zip file later today for you guys to look at.

Also, I want to ask how you feel about me putting the code base on GitHub ?

Paul Squires

I have not screwed around with the Rijndael Encryption code. I feel uncomfortable changing/updating that code for fear of breaking existing user databases.

cj

It is unfortunate nobody tested the AcceptConnection which protects the globals and eliminated the race contention.
I haven't used github so can't be a judge.


Paul Squires

Hi guys,

Version 1.70 is attached to this post. I will post it to the regular download section once you are happy with it.


[attachment deleted by admin]

Bern Ertl

November 25, 2015, 12:10:27 pm #9 Last Edit: November 25, 2015, 12:15:52 pm by Bern Ertl
Thanks Paul.  I also have never used github.  What is it?

cj - I haven't had a chance yet, but I do intend to review what you've done.  I understand the significance of the changes you are proposing (or of the potential problem it is attempting to fix), so once your changes are vetted, it should merit another update I would think.

cj

October 06, 2016, 12:20:05 am #10 Last Edit: October 11, 2016, 11:04:06 am by cj
The encryption code of SQLitening is from Greg Turgeon's version of 2002.

Revised 04/2005
-- Hard-coded table DATA for FUNCTION Rijndael_Init&() to make possible
   avoiding STATIC variables

References:
https://forum.powerbasic.com/forum/user-to-user-discussions/third-party-addons/29426-what-happened-to-pbcrypto-com

The variable DD in this thread was changed to d_d as in the 2002 version of SQLiteningAuxRuts.bas
https://forum.powerbasic.com/forum/user-to-user-discussions/source-code/24101-rijndael-encryption-aes-for-3-0-7-0?t=23464

Previous SQLiteningAuxRuts.DLL 30,328 bytes.   Newer SQLiteningAuxRuts.DLL 36,864 bytes.

The zip file below contains the source code to create SQLiteningAuxRuts.DLL   

cj

I see no reason we can't individually compile to a DLL and add encryption (following the license agreement.)
https://github.com/sqlcipher/sqlcipher

Current AES encryption appears to be cookbook with SQLitening which is not good enough nor does it encrypt entire database.
Encryptiing just columns can also cause problems doing searches.

https://www.zetetic.net/sqlcipher/     I thought it was $128, but it is $499.00  and $99.00 per year for support as of 3/29/18

I just downloaded all the source and wonder if anyone else is using with PowerBASIC.
I have sent a request for a trial.