When a client connection supports extended plus encrypted password (EPEP), Open Server handles the login negotiation, including decrypting of the password.
The login negotiation takes place before the SRV_CONNECT handler is called. In the SRV_CONNECT event handler, applications can simply retrieve the password with the existing SRV_T_PWD property and inspect the used password encryption protocol with a new property.
To try out Open Server password encryption, you can connect to the 'lang' sample using isql with the -X option, which turns on password encryption in isql.
This property is used with srv_thread_props() to retrieve the password. If the client supports the EPEP protocol, SRV_T_PWD automatically returns the decrypted password.
This new public enumerated type in Open Server has the following values:
SRV_NOENCRYPT_PWD (0)
SRV_ENCRYPT_PWD (1) (Not implemented in Open Server)
SRV_EXTENDED_ENCRYPT_PWD (2) (Not implemented in Open Server)
SRV_EXTENDED_PLUS_ENCRYPT_PWD (3)
Use this new read-only property along with the srv_thread_props() function to retrieve the protocol version of the password encryption that retrieved the password. The type and possible values of this property are described in SRV_PWD_ENCRYPT_VERSION.
Use the SRV_S_DISABLE_ENCRYPT property to disable support for the native password negotiation. If this property is set, Open Server does not start the password negotiation protocols. The default value for this SRV_S_DISABLE_ENCRYPT is CS_FALSE.