Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 250732

Summary: sasl-sample-server crash
Product: Red Hat Enterprise Linux 4 Reporter: Jan Lieskovsky <jlieskov>
Component: cyrus-saslAssignee: Steve Conklin <sconklin>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: low Docs Contact:
Priority: low    
Version: 4.5CC: jlieskov
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2007-0795 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-09-04 14:49:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Core file generated by the sasl-sample-server none

Description Jan Lieskovsky 2007-08-03 09:52:24 UTC 
Description of problem:
By second repeatedly performed attempt to connect from sasl-sample-client
using the DIGEST-MD5 mechanism the sasl-sample-server crashes.

Version-Release number of selected component (if applicable):
cyrus-sasl-2.1.19-11.i386

How reproducible:
Always

Steps to Reproduce:
1. saslpasswd -c bob
2. saslpasswd2 -c bob
3. service saslauthd start
4. On the server side start:
   sasl-sample-server -p bvcontrol -s imap -m DIGEST-MD5
5, Try to connect from the client:
   sasl-sample-client -p bvcontrol -s imap -m DIGEST-MD5 serverHostName
   This will print error message on the client side:
   
   receiving capability list... recv: {0}
   server doesn't offer mandatory mech 'DIGEST-MD5'
   closing connection

   And on the server side: 
      
   accepted new connection
   send: {0}

   client didn't choose mechanism
   closing connection                          (This is ok.)

6, But try to connect from the client repeatedly second time:
   sasl-sample-client -p bvcontrol -s imap -m DIGEST-MD5 serverHostName

   Message n the client:

    receiving capability list...
    server doesn't offer mandatory mech 'DIGEST-MD5'
    closing connection                                 (This is ok.)

   But on the server side, segmentation fault appears 
    
   . . .
   0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Segmentation fault
(core dumped)

   and the core file (if enabled) is created (see the attachment).
  
  
Actual results:
sasl-sample-server crash

Expected results:
No crash even after the second connection from the sasl-sample-client

Additional info:
By my attempt, I used RHEL4 on i386 as sasl-sample-server and RHEL4 ia64
as sasl-sample-client. But did repeated the crash by attempt to connect
from RHEL4 s390x client.
Comment 1 Jan Lieskovsky 2007-08-03 09:52:26 UTC 
Created attachment 160593 [details]
Core file generated by the sasl-sample-server
Comment 8 Red Hat Bugzilla 2007-09-04 14:49:44 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0795.html