Bug 501792 - Large messages cause hangs and crashes when using digest-md5 and security layer (ssf 128)
Summary: Large messages cause hangs and crashes when using digest-md5 and security lay...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: qpid-cpp
Version: 1.0
Hardware: All
OS: Linux
high
high
Target Milestone: 1.3
: ---
Assignee: Gordon Sim
QA Contact: Jeff Needle
URL:
Whiteboard:
Depends On:
Blocks: 524664 CVE-2009-5004
TreeView+ depends on / blocked
 
Reported: 2009-05-20 18:23 UTC by Gordon Sim
Modified: 2010-10-20 11:29 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A client no longer stops responding when a large message is sent and the Digest-MD5 mechanism with a security layer is in use.
Clone Of:
: 524664 (view as bug list)
Environment:
Last Closed: 2010-10-20 11:29:52 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Gordon Sim 2009-05-20 18:23:13 UTC
See https://issues.apache.org/jira/browse/QPID-1819

Comment 1 Gordon Sim 2009-06-01 17:01:45 UTC
Fixed on qpid trunk by r780719. (Workaround until that is available through new MRG packages is to reduce the max-frame-size option in ConnectionSettings).

To test, send large messages (e.g. using perftest) with the cyrus-sasl-md5 package installed and use the DIGEST-MD5 mechanism if available (it is usually preferred over other mechanisms, but can be forced by specifying the mechanism on command line).

Comment 3 Jiri Kolar 2010-08-04 08:36:19 UTC
Tested:
on 752581-26 bug aapears (but only on x86_64)

on later it does not, tested on 946106-11 
it is fixed

validated on RHEL5.5/RHEL4  i386 / x86_64  

packages:

# rpm -qa | grep -E '(qpid|openais|rhm)' | sort -u
openais-0.80.6-16.el5_5.2
openais-devel-0.80.6-16.el5_5.2
python-qpid-0.7.946106-11.el5
qpid-cpp-client-0.7.946106-11.el5
qpid-cpp-client-devel-0.7.946106-11.el5
qpid-cpp-client-devel-docs-0.7.946106-11.el5
qpid-cpp-client-ssl-0.7.946106-11.el5
qpid-cpp-mrg-debuginfo-0.7.946106-8.el5
qpid-cpp-server-0.7.946106-11.el5
qpid-cpp-server-cluster-0.7.946106-11.el5
qpid-cpp-server-devel-0.7.946106-11.el5
qpid-cpp-server-ssl-0.7.946106-11.el5
qpid-cpp-server-store-0.7.946106-11.el5
qpid-cpp-server-xml-0.7.946106-11.el5
qpid-java-client-0.7.946106-7.el5
qpid-java-common-0.7.946106-7.el5
qpid-tools-0.7.946106-8.el5
rhm-docs-0.7.946106-4.el5
rh-tests-distribution-MRG-Messaging-qpid_common-1.6-52


->VERIFIED

Comment 4 Jaromir Hradilek 2010-10-07 15:46:06 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
A client no longer stops responding when a large message is sent and the Digest-MD5 mechanism with a security layer is in use.


Note You need to log in before you can comment on or make changes to this bug.