imtest fails with GSSAPI plugin due to base64 decode error
Ken Murchison
murch at andrew.cmu.edu
Wed Dec 6 09:22:43 EST 2006
Fabian Fagerholm wrote:
> On Fri, 2006-12-01 at 22:57 +0200, Fabian Fagerholm wrote:
>> The attached patch allows the string to be CRLF-terminated. Could this
>> go into the next version?
>
> Actually, more testing reveals that in practise -- such as when testing
> with sasl-sample-client -- the string could be LF-terminated, and so it
> could theoretically be CR-terminated as well. In addition, the patch had
> some other flaws. Here's a new one.
>
> Debian bug #400955 has the whole story:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400955
>
> Any comments? In particular, what is the idea here? Are applications
> supposed to be stripping off anything that doesn't belong to the base64
> data, or is this unintentional?
Applications are supposed to be stripping any protocol junk off of the
string and just pass naked base64.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Cyrus-sasl
mailing list