Should SASL_MAXOUTBUF be subject of negotiation?

MKondrin mkondrin at hppi.troitsk.ru
Sat May 17 10:15:19 EDT 2008


MKondrin wrote:
> Dear SASL users and developers!
>
> Should sasl_getprop(conn,SASL_MAXBUF,&x) return th same x on client 
> and server if the security layer is negotiated? But after 
> authentication it returns the value of secprops.maxbufsize (which can 
> of course be different on client and server) installed before with 
> sasl_setprop(conn, SASL_SEC_PROPS, &secprops). Does this mean I have 
> missed some steps in SASL negotiation? I use cyrus-sasl-2.1.21.
>
> Thank you in advance.
>
> M.Kondrin
>

RFC2222 states that:

  "During the authentication protocol exchange, the mechanism performs
   authentication, transmits an authorization identity (frequently known
   as a userid) from the client to server, and negotiates the use of a
   mechanism-specific security layer.  If the use of a security layer is
   agreed upon, then the mechanism must also define or negotiate the
   maximum cipher-text buffer size that each side is able to receive."

So the SASL_MAXOUTBUF should be negotiated. This means that some steps 
are missing or is it bug in plugin?



More information about the Cyrus-sasl mailing list