SASL-OTP problem/question
Hadmut Danisch
hadmut at danisch.de
Sun Jul 15 09:36:43 EDT 2007
Hi,
I was just playing a little bit with the sasl-sample-server and
sasl-sample-client programs that come with the
debian packages for sasl2. Running both programs in separate xterm
windows and 'sending' their messages vice versa with mouse cut and paste
works as expected, e.g. for DIGEST-MD5. The sasl-sample-client then asks
for a password.
But when I choose OTP (which is offered by the server), then the client
aborts, and I currently don't see why:
% sasl-sample-client -m OTP
Waiting for mechanism list from server...
S: QU5PTllNT1VTIE9UUCBDUkFNLU1ENSBESUdFU1QtTUQ1IExPR0lOIFBMQUlOIE5UTE0=
recieved 50 byte message
Forcing use of mechanism OTP
Choosing best mechanism from: OTP
Using mechanism OTP
Preparing initial.
Sending initial response...
C: T1RQAGhhZG11dABoYWRtdXQ=
Waiting for server reply...
S: b3RwLW1kNSA0OTggYW42OTQzIGV4dA==
recieved 22 byte message
sasl-sample-client: Performing SASL negotiation: invalid parameter supplied
You should be able to run this just example with the client side.
So the message
S: b3RwLW1kNSA0OTggYW42OTQzIGV4dA==
causes a problem. Decoding it looks like this:
% decode64 b3RwLW1kNSA0OTggYW42OTQzIGV4dA== |xxd
0000000: 6f74 702d 6d64 3520 3439 3820 616e 3639 otp-md5 498 an69
0000010: 3433 2065 7874 43 ext
which is
otp-md5 498 an6943 ext
498 and the seed an6943 are correct. But what's wrong with this string
and why
does the client abort?
regards
Hadmut
More information about the Cyrus-sasl
mailing list