GSSAPI and Cyrus SASL: testing failed
Cyrus SASL lib and MIT kerberos installed.
But testing w/ negotiation between sample-server and sample-client failed: run "./sample-server -s ldap -p ../plugins/.libs" gives me Quote:
Quote:
Then, after copy the whole line from "S:" to client, client script quit and complains the following: Quote:
or maybe the line starting w/ "S:" was not correctly copied and pasted to the client side? I tried to copy and paste until the last "=" sign but the client just sit there and did nothing. So, I guess the client should wait for some terminating char(s). Then I tried to hit "Enter" but that gave me the same error... So, what might cause this problem? Could be configuration option like mit kerberos gssapi lib path or something? Thanks! |
Solved and new problems found.
Cause: this seems to be a bug coming with cyrus-sasl-2.1.22. There are 2 places in "samp_recv()". One in sample-server.c and the other in sample-client.c. When whole line (S: or C: ) is copied there is a NEWLINE after the exchange message text. In "samp_recv()", the length of this exchange message text is calculated as "(unsigned) strlen(buf + 3)". But correct length should be ONE LESS of this value. As a result, wrong length caused either server and client to see a wrong encoded text and quit at the end. Sol: find where "sasl_decode64" is called in "samp_recv()" in both .c files and make them look like this: Quote:
- Copy 1st "S:" line from server to client - Client prompts the following message and then generate "C:" line. Quote:
Quote:
|
All times are GMT -5. The time now is 05:48 PM. |