[exim-dev] [Bug 2524] New: gssapi via cyrus_sasl broken, ap…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 2524] gssapi via cyrus_sasl broken, approx since c0fb53b7
Subject: [exim-dev] [Bug 2524] New: gssapi via cyrus_sasl broken, approx sicne c0fb53b74e07fd17247960c998ffcb1f3c9f931f
https://bugs.exim.org/show_bug.cgi?id=2524

            Bug ID: 2524
           Summary: gssapi via cyrus_sasl broken, approx sicne
                    c0fb53b74e07fd17247960c998ffcb1f3c9f931f
           Product: Exim
           Version: 4.93
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: SMTP Authentication
          Assignee: jgh146exb@???
          Reporter: sebastian.langenhorst@???
                CC: exim-dev@???


Created attachment 1273
--> https://bugs.exim.org/attachment.cgi?id=1273&action=edit
sting_copyn -> memcpy

We use gssapi-authentication via cyrus_sasl-lib, which broke when we tried to
use a 4.9X version with debian buster.

I could pinpoint it so commit c0fb53b74e07fd17247960c998ffcb1f3c9f931f, where
the previous memcpy got replaced by string_copyn.

Even though string_copyn would be a line-saving replacement for most cases, in
a gssapi-enviroment it unfortunately cuts down at the \0-char (Ustrncpy), which
causes only a copy of the first 15 chars.

This results in a always-failed authentication.

The patch reverts the single string_copyn-line back to the memcpy used before.

There should be no implications other than working gssapi via cyrus_sasl.

--
You are receiving this mail because:
You are on the CC list for the bug.