Description of problem: By second repeatedly performed attempt to connect from sasl-sample-client using the DIGEST-MD5 mechanism the sasl-sample-server crashes. Version-Release number of selected component (if applicable): cyrus-sasl-2.1.19-11.i386 How reproducible: Always Steps to Reproduce: 1. saslpasswd -c bob 2. saslpasswd2 -c bob 3. service saslauthd start 4. On the server side start: sasl-sample-server -p bvcontrol -s imap -m DIGEST-MD5 5, Try to connect from the client: sasl-sample-client -p bvcontrol -s imap -m DIGEST-MD5 serverHostName This will print error message on the client side: receiving capability list... recv: {0} server doesn't offer mandatory mech 'DIGEST-MD5' closing connection And on the server side: accepted new connection send: {0} client didn't choose mechanism closing connection (This is ok.) 6, But try to connect from the client repeatedly second time: sasl-sample-client -p bvcontrol -s imap -m DIGEST-MD5 serverHostName Message n the client: receiving capability list... server doesn't offer mandatory mech 'DIGEST-MD5' closing connection (This is ok.) But on the server side, segmentation fault appears . . . 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Segmentation fault (core dumped) and the core file (if enabled) is created (see the attachment). Actual results: sasl-sample-server crash Expected results: No crash even after the second connection from the sasl-sample-client Additional info: By my attempt, I used RHEL4 on i386 as sasl-sample-server and RHEL4 ia64 as sasl-sample-client. But did repeated the crash by attempt to connect from RHEL4 s390x client.
Created attachment 160593 [details] Core file generated by the sasl-sample-server
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0795.html