GSSAPI and "encoded packet size too big"
Hugh Cole-Baker
sigmaris at gmail.com
Fri Mar 22 12:21:55 EDT 2013
On 22 Mar 2013, at 16:00, cyrus-sasl-request at lists.andrew.cmu.edu wrote:
> We are seeing a problem that looks a lot like this yours. From JNDI
> clients connecting to our OpenLDAP server on Debian Wheezy connections
> are failing. If the client makes a GSSAPI connection and uses SASL
> encryption then the client will fail with a
> java.lang.NegativeArraySizeException error.
I ran into the same problem with Java interop [1], initially thinking
it was a Java bug, and found a workaround, which is to set minssf to
at least 1 in the sasl-secprops setting in OpenLDAP. This might be
useful - I haven't tried to upgrade to 2.1.26 yet to check if it's
fixed in that version.
Hugh C-B
[1] http://mail.openjdk.java.net/pipermail/security-dev/2013-February/006665.html
More information about the Cyrus-sasl
mailing list