Closed
Bug 592692
Opened 14 years ago
Closed 14 years ago
Negotiate auth may fail with GSSAPI
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| status2.0 | --- | unaffected |
| status1.9.2 | --- | unaffected |
| status1.9.1 | --- | .16-fixed |
People
(Reporter: glandium, Assigned: glandium)
References
Details
(Whiteboard: fixed on trunk and 1.9.2 by 502607)
Attachments
(1 file)
|
1.06 KB,
patch
|
bzbarsky
:
review+
dveditz
:
approval1.9.1.14-
dveditz
:
approval1.9.1.16+
|
Details | Diff | Splinter Review |
In function nsHttpNegotiateAuth::GenerateCredentials, the token length that is given to nsIAuthModule::GetNextToken is calculated before any '=' padding is removed from the original challenge. This can lead to passing extra bytes to gss_init_sec_context and causes negotiate auth to fail. I don't know if this has impact on other platforms than Linux. Somehow, this was fixed in a supposedly unrelated patchset: http://hg.mozilla.org/mozilla-central/rev/275225278550 But it still remains an issue on 3.5/1.9.1.
Attachment #471135 -
Flags: review?(bzbarsky)
|
||
Comment 1•14 years ago
|
||
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding OK.
Attachment #471135 -
Flags: review?(bzbarsky) → review+
|
Assignee | |
Updated•14 years ago
|
Attachment #471135 -
Flags: approval1.9.1.13?
status1.9.2:
--- → beta4-fixed
|
||
Updated•14 years ago
|
|
|
||
Updated•14 years ago
|
status1.9.2:
--- → unaffected
status2.0:
--- → unaffected
|
|
||
Comment 2•14 years ago
|
||
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding Approved for 1.9.2.11, a=dveditz for release-drivers
Attachment #471135 -
Flags: approval1.9.1.14? → approval1.9.1.14+
|
|
||
Comment 3•14 years ago
|
||
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding missed 1.9.2.11 so we'll see if it lands for 1.9.2.12
Attachment #471135 -
Flags: approval1.9.1.15+
Attachment #471135 -
Flags: approval1.9.1.14-
Attachment #471135 -
Flags: approval1.9.1.14+
|
||
Comment 4•14 years ago
|
||
glandium, are you going to land this, or should it be in the checkin-needed queue?
Assignee: nobody → mh+mozilla
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 5•14 years ago
|
||
When is 1.9.1 open for 1.9.1.15 stuff ?
|
|
||
Comment 6•14 years ago
|
||
(In reply to comment #5) > When is 1.9.1 open for 1.9.1.15 stuff ? Now. See http://tinderbox.mozilla.org/Firefox3.5/ for tree rules.
|
|
Assignee | |
Comment 7•14 years ago
|
||
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/a78a9ff14f26
You need to log in
before you can comment on or make changes to this bug.
Description
•