problems with clients and cyrus-sasl-2.1.22

Alexey Melnikov alexey.melnikov at isode.com
Thu May 25 11:24:48 EDT 2006


Andreas Hasenack wrote:

>On Thu, May 25, 2006 at 10:55:23AM -0300, Andreas Hasenack wrote:
>  
>
>>On Thu, May 25, 2006 at 02:27:23PM +0100, Dave Cridland wrote:
>>    
>>
>>>On Thu May 25 14:16:27 2006, Dave Cridland wrote:
>>>      
>>>
>>>>On Thu May 25 14:10:48 2006, Andreas Hasenack wrote:
>>>>        
>>>>
>>>>>But openssl's base64 can't decode the string, so perhaps there is 
>>>>>something
>>>>>wrong:
>>>>>$ echo -n 
>>>>>bm9uY2U9IkVZMEI5anR4NlNsc0tQSGhHTGovNmI4WW1qQ3BadDZCL1RGUXAva21kUEU9IixyZWFsbT0icGFuZG9yYS5jb25lY3RpdmEiLHFvcD0iYXV0aCxhdXRoLWludCxhdXRoLWNvbmYiLGNpcGhlcj0icmM0LTQwLHJjNC01NixyYzQsZGVzLDNkZXMiLG1heGJ1Zj00MDk2LGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz 
>>>>>| openssl base64 -d
>>>>>$
>>>>>
>>>>>
>>>>>          
>>>>>
>>>>Didn't somebody point out a bug with openSSL's base64 decoder a 
>>>>while back? This all rings a bell with me. I think it's a 
>>>>line-length issue or something.
>>>>
>>>>I'll see if I can track down the mail.
>>>>        
>>>>
>>>Ah, not a mail.
>>>
>>>http://lookit.typepad.com/lookit/2006/04/lame_openssl_bu.html
>>>
>>>This looks like your bug.
>>>      
>>>
>>Is sasl using this de/encoder? Or is it just an issue with the command-line
>>openssl tool and it has nothing to do with this thread?
>>    
>>
>
>The imtest failure is here:
> saslresult = sasl_decode64(str, strlen(str),
>                                   *line, len, (unsigned *) linelen);
>        if (saslresult != SASL_OK) {
>
>I added a printf there and the result I get is "1", which means SASL_CONTINUE.
>Does this mean the b64 string is too short or incomplete?
>  
>
Yes. It means that the sasl_decode64() input was not multiple of 4.




More information about the Cyrus-sasl mailing list