imtest fails with GSSAPI plugin due to base64 decode error

Ken Murchison murch at andrew.cmu.edu
Wed Dec 6 09:22:43 EST 2006


Fabian Fagerholm wrote:
> On Fri, 2006-12-01 at 22:57 +0200, Fabian Fagerholm wrote:
>> The attached patch allows the string to be CRLF-terminated. Could this
>> go into the next version?
> 
> Actually, more testing reveals that in practise -- such as when testing
> with sasl-sample-client -- the string could be LF-terminated, and so it
> could theoretically be CR-terminated as well. In addition, the patch had
> some other flaws. Here's a new one.
> 
> Debian bug #400955 has the whole story:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400955
> 
> Any comments? In particular, what is the idea here? Are applications
> supposed to be stripping off anything that doesn't belong to the base64
> data, or is this unintentional?

Applications are supposed to be stripping any protocol junk off of the 
string and just pass naked base64.

-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University


More information about the Cyrus-sasl mailing list