Should SASL_MAXOUTBUF be subject of negotiation?
MKondrin
mkondrin at hppi.troitsk.ru
Sat May 17 10:15:19 EDT 2008
MKondrin wrote:
> Dear SASL users and developers!
>
> Should sasl_getprop(conn,SASL_MAXBUF,&x) return th same x on client
> and server if the security layer is negotiated? But after
> authentication it returns the value of secprops.maxbufsize (which can
> of course be different on client and server) installed before with
> sasl_setprop(conn, SASL_SEC_PROPS, &secprops). Does this mean I have
> missed some steps in SASL negotiation? I use cyrus-sasl-2.1.21.
>
> Thank you in advance.
>
> M.Kondrin
>
RFC2222 states that:
"During the authentication protocol exchange, the mechanism performs
authentication, transmits an authorization identity (frequently known
as a userid) from the client to server, and negotiates the use of a
mechanism-specific security layer. If the use of a security layer is
agreed upon, then the mechanism must also define or negotiate the
maximum cipher-text buffer size that each side is able to receive."
So the SASL_MAXOUTBUF should be negotiated. This means that some steps
are missing or is it bug in plugin?
More information about the Cyrus-sasl
mailing list