problems with clients and cyrus-sasl-2.1.22

Andreas Hasenack ahasenack at terra.com.br
Thu May 25 10:27:11 EDT 2006


On Thu, May 25, 2006 at 10:55:23AM -0300, Andreas Hasenack wrote:
> On Thu, May 25, 2006 at 02:27:23PM +0100, Dave Cridland wrote:
> > On Thu May 25 14:16:27 2006, Dave Cridland wrote:
> > >On Thu May 25 14:10:48 2006, Andreas Hasenack wrote:
> > >>But openssl's base64 can't decode the string, so perhaps there is 
> > >>something
> > >>wrong:
> > >>$ echo -n 
> > >>bm9uY2U9IkVZMEI5anR4NlNsc0tQSGhHTGovNmI4WW1qQ3BadDZCL1RGUXAva21kUEU9IixyZWFsbT0icGFuZG9yYS5jb25lY3RpdmEiLHFvcD0iYXV0aCxhdXRoLWludCxhdXRoLWNvbmYiLGNpcGhlcj0icmM0LTQwLHJjNC01NixyYzQsZGVzLDNkZXMiLG1heGJ1Zj00MDk2LGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz 
> > >>| openssl base64 -d
> > >>$
> > >>
> > >>
> > >Didn't somebody point out a bug with openSSL's base64 decoder a 
> > >while back? This all rings a bell with me. I think it's a 
> > >line-length issue or something.
> > >
> > >I'll see if I can track down the mail.
> > 
> > Ah, not a mail.
> > 
> > http://lookit.typepad.com/lookit/2006/04/lame_openssl_bu.html
> > 
> > This looks like your bug.
> 
> Is sasl using this de/encoder? Or is it just an issue with the command-line
> openssl tool and it has nothing to do with this thread?

The imtest failure is here:
 saslresult = sasl_decode64(str, strlen(str),
                                   *line, len, (unsigned *) linelen);
        if (saslresult != SASL_OK) {

I added a printf there and the result I get is "1", which means SASL_CONTINUE.
Does this mean the b64 string is too short or incomplete?



More information about the Cyrus-sasl mailing list