Bug 3480 - gssapi (cvs) breaks when external_ssf >= max_ssf

Jakub Jelen jjelen at redhat.com
Tue Apr 21 08:11:17 EDT 2015


Hello everybody,

We were dealing recently with this bug in our environment and since 
there is no official statement from authors, I'm CC'ing also author of 
this commit [1], who is also author of RFC [2], if I got this right. I 
was reading through the RFC and this commit does it exactly according to 
specification, but it looks like it is not backward compatible with some 
other implementations, namely M$ ActiveDirectory or even 
cyrus-sasl-2.1.23. Interoperability is important for us and we can't 
leave this change here only because of "it's in RFC". If I see 
correctly, most of distributions reverted this commit in their releases 
and they are still doing fine. We will probably join them, if there will 
not be any other solution to maintain backward compatibility.

I didn't find any official statement about this bugzilla [3], nor about 
backward compatibility so I would like to ask for some, if you would be 
so kind. Here or better to bugzilla. It is not good presentation, having 
bugzilla with such wide impact without any official statement.


[1] 
https://cgit.cyrus.foundation/cyrus-sasl/commit/?id=080e51c7fa0421eb2f0210d34cf0ac48a228b1e9
[2] https://www.ietf.org/rfc/rfc4752.txt
[3] https://bugzilla.cyrusimap.org/show_bug.cgi?id=3480

-- 
Jakub Jelen
Associate Software Engineer
Security Technologies
Red Hat



More information about the Cyrus-sasl mailing list