c-treeACE has many advanced security controls to prevent unauthorized access to data. Multiple areas of access control were reviewed and updated to take advantage of the latest security techniques where applicable. Some areas, such as password transmission and storage, were extensively modified in V10, so please note the compatibility issues that have been introduced.
The FAIRCOM.FCS file stores user and group information required to access c-treeACE. This file is now encrypted by default (the ADMIN_ENCRYPT keyword defaults to YES). To disable this encryption level, add ADMIN_ENCRYPT NO to your ctsrvr.cfg configuration file. By default, the file is scrambled using FairCom's CAMO technique. (CAMO or "Camouflage" is an older, legacy method of hiding data, which is not a standards-conforming encryption scheme, such as AES. It is not intended as a replacement for Advanced Encryption or other security systems.) AES encryption is used if ADVANCED_ENCRYPTION YES is specified in ctsrvr.cfg.
A GUEST account is used when no user name is presented to c-treeACE at connection time. Guest logons are now disabled by default. Add GUEST_LOGON YES to your ctsrvr.cfg configuration file should you wish to continue using the guest account.
Strong passwords are the first line of defense to protect unauthorized access to data. c-treeACE has increased password lengths to 63 bytes. Passwords are now “salted” and stored as SHA-512 hash values. Enhanced password exchange between client and server has also been implemented. Password exchanges with the server that must send a new password (for example, the ctpass utility) use AES encryption of the data between the client and server with randomly negotiated keys. Collectively, these techniques provide advanced levels of password protection.
These password changes break prior client/server compatibility with existing clients and/or servers. Only V10 clients matching the new V10 server format can connect to c-treeACE V10. New error codes can be experienced when a mismatch between client and server occur with these new secure logon changes.
If a client without secure password transmission calls a function that sends a password and the server requires the new secure logon, the call fails with error PWDC_ERR (961).
If a client with secure password transmission calls a function that sends a password and the server does not support secure password transmission, the call fails with error PWDS_ERR (962).
There is no reverse compatibility configuration available ensuring secured password exchange going forward.
