On Mon, 15 Apr 2002, Andreas Amann wrote:
Hello to all readers!
Are there any known problems with the DIGEST-MD5 (CRAM-MD5?)
authentication mechanisms in Cyrus SASL 1.5.27 that comes with SuSE 8.0?
When i use DIGEST-MD5 to authenticate a SuSE 8.0 box (sendmail
8.12.2/8.12.3) against a sendmail 8.12.2 Server on SuSE 7.3 the network
connection breaks.
Authentication via the LOGIN mechanism works fine and i am pretty sure
that it is not a configuration problem. Also, the cyradm tool for the
Cyrus IMAPD does not work well on 8.0 (also uses DIGEST-MD5 to
authenticate against the IMAPD). Did anyone here encounter similar
problems?
Btw.: only DIGEST-MD5 is affected by this.
I posted this question to comp.mail.sendmail today. For completeness
and your information i forward the response from Claus Assmann
here.
Thanks to all the friendly people who answered to this question!!!
--------------------------------------------------------------------
Claus Assmann wrote:
Most likely a problem with SASL 1.5.27.
I sent some patches for dealing with malloc()/free() to CMU,
maybe they will release 1.5.28.
If you want to test the patches, here they are
(see the XYZ below, it may require another change).
*** lib/server.c.orig Sun Mar 17 06:46:41 2002
--- lib/server.c Sun Mar 17 06:47:24 2002
***************
*** 701,707 ****
SASL_FAIL, 0, "couldn't identify flag '%s'",
t);
}
! free(t);
}
/* insert mechanism into mechlist */
--- 701,707 ----
SASL_FAIL, 0, "couldn't identify flag '%s'",
t);
}
! sasl_FREE(t);
}
/* insert mechanism into mechlist */
*** plugins/cram.c.orig Sun Mar 17 06:50:49 2002
--- plugins/cram.c Sun Mar 17 06:55:09 2002
***************
*** 601,607 ****
memcpy(&version, sec->data, 4);
version = ntohl(version);
}
! free(sec);
}
if (version != CRAM_MD5_VERSION) {
--- 601,607 ----
memcpy(&version, sec->data, 4);
version = ntohl(version);
}
! utils->free(sec);
}
if (version != CRAM_MD5_VERSION) {
*** plugins/digestmd5.c.orig Sun Mar 17 06:51:51 2002
--- plugins/digestmd5.c Sun Mar 17 06:56:04 2002
***************
*** 1900,1905 ****
--- 1900,1906 ----
if ((text->size > 0xFFFF) || (text->size < 0))
return SASL_FAIL; /* too big probably error */
+ /* XYZ why not text->free/text->alloc ??? */
free(text->buffer);
text->buffer = malloc(text->size);
}
***************
*** 2742,2748 ****
memcpy(&tmpversion, sec->data, 4);
tmpversion = ntohl(tmpversion);
}
! free(sec);
}
if (result == SASL_NOUSER || result == SASL_FAIL) {
return result;
--- 2743,2749 ----
memcpy(&tmpversion, sec->data, 4);
tmpversion = ntohl(tmpversion);
}
! utils->free(sec);
}
if (result == SASL_NOUSER || result == SASL_FAIL) {
return result;
*** plugins//kerberos4.c.orig Sun Mar 17 06:54:08 2002
--- plugins//kerberos4.c Sun Mar 17 06:54:11 2002
***************
*** 446,452 ****
*output = text->realloc(*output, *outputlen+extralen);
memcpy(*output+*outputlen, extra, extralen);
*outputlen+=extralen;
! free(extra);
}
}
--- 446,452 ----
*output = text->realloc(*output, *outputlen+extralen);
memcpy(*output+*outputlen, extra, extralen);
*outputlen+=extralen;
! text->free(extra);
}
}
--
Best regards / Mit freundlichen Gruessen,
Andreas Amann < andreas.amann@epost.de >
=========================================