Bug 208058
Summary: | "decoding error" when using GSSAPI and adding new entries. | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Gordon Messmer <gordon.messmer> | ||||
Component: | Directory Server | Assignee: | Nathan Kinder <nkinder> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 1.0.2 | CC: | benl, nkinder | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-11-10 07:35:23 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 152373, 208654, 240316 | ||||||
Attachments: |
|
Description
Gordon Messmer
2006-09-26 05:40:41 UTC
Nathan, does this ring a bell? Someone reported this error a few months back on the mailing list, but the cause was never nailed down. I'll see if I can reproduce the issue. Created attachment 137163 [details]
Proposed fix
It turns out that this is a data size related issue that is specific to using
SASL mechanisms that encrypt the payload. This problem will be triggered by a
SASL payload that is larger than 512 bytes once it is decrypted.
Internally, we have a buffer that holds the decrypted SASL payload. This data
is copied into a 512 byte buffer inside the sasl_recv_connection() function.
If the decrypted data is larger than 512 bytes, we save an offset to be used to
get the remaining data on the next call to sasl_recv_connection(). The
problem is that we ignore this offset when copying the data between buffers on
the subsequent call to sasl_recv_connection().
The fix is to start copying data out of the decrypted buffer from the offset.
Looks good. Thanks for the review Rich! The changes are now checked into HEAD. Checking in sasl_io.c; /cvs/dirsec/ldapserver/ldap/servers/slapd/sasl_io.c,v <-- sasl_io.c new revision: 1.8; previous revision: 1.7 done Acceptance test case looks good. Thanks Nathan! Since we upgraded to 1.0.4, we haven't seen the decoding error. Should this bug be closed? Acceptance test has been running many times in all supported platform. There is no failure reported for this bug. This bug can be safely closed. |