Should SASL_MAXOUTBUF be subject of negotiation?

mkondrin mkondrin at hppi.troitsk.ru
Mon May 19 12:53:08 EDT 2008


Sorry, the problem seems to be caused by old heimdal library (0.7.1) on 
client. Upgrading to the latest one (1.1) fixes it.
> MKondrin wrote:
>> Dear SASL users and developers!
>>
>> Should sasl_getprop(conn,SASL_MAXBUF,&x) return th same x on client 
>> and server if the security layer is negotiated? But after 
>> authentication it returns the value of secprops.maxbufsize (which can 
>> of course be different on client and server) installed before with 
>> sasl_setprop(conn, SASL_SEC_PROPS, &secprops). Does this mean I have 
>> missed some steps in SASL negotiation? I use cyrus-sasl-2.1.21.
>>
>> Thank you in advance.
>>
>> M.Kondrin
>>
>
> RFC2222 states that:
>
>  "During the authentication protocol exchange, the mechanism performs
>   authentication, transmits an authorization identity (frequently known
>   as a userid) from the client to server, and negotiates the use of a
>   mechanism-specific security layer.  If the use of a security layer is
>   agreed upon, then the mechanism must also define or negotiate the
>   maximum cipher-text buffer size that each side is able to receive."
>
> So the SASL_MAXOUTBUF should be negotiated. This means that some steps 
> are missing or is it bug in plugin?
>
>



More information about the Cyrus-sasl mailing list