Closed Bug 592692 Opened 15 years ago Closed 15 years ago

Negotiate auth may fail with GSSAPI

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Version:
1.9.1 Branch
Platform:
All
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
status2.0 --- unaffected
status1.9.2 --- unaffected
status1.9.1 --- .16-fixed

People

(Reporter: glandium, Assigned: glandium)

References

Details

(Whiteboard: fixed on trunk and 1.9.2 by 502607)

Attachments

(1 file)

Calculate token length after removing padding
1.06 KB, patch
bzbarsky
: review+
dveditz
: approval1.9.1.14-
dveditz
: approval1.9.1.16+
Details | Diff | Splinter Review
In function nsHttpNegotiateAuth::GenerateCredentials, the token length that is given to nsIAuthModule::GetNextToken is calculated before any '=' padding is removed from the original challenge. This can lead to passing extra bytes to gss_init_sec_context and causes negotiate auth to fail. I don't know if this has impact on other platforms than Linux. Somehow, this was fixed in a supposedly unrelated patchset: http://hg.mozilla.org/mozilla-central/rev/275225278550 But it still remains an issue on 3.5/1.9.1.
Attachment #471135 - Flags: review?(bzbarsky)
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding OK.
Attachment #471135 - Flags: review?(bzbarsky) → review+
Attachment #471135 - Flags: approval1.9.1.13?
status1.9.2: --- → beta4-fixed
status1.9.2: beta4-fixed → ---
Depends on: 520607
Whiteboard: fixed on trunk and 1.9.2 by 502607
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding Approved for 1.9.2.11, a=dveditz for release-drivers
Attachment #471135 - Flags: approval1.9.1.14? → approval1.9.1.14+
Comment on attachment 471135 [details] [diff] [review] Calculate token length after removing padding missed 1.9.2.11 so we'll see if it lands for 1.9.2.12
Attachment #471135 - Flags: approval1.9.1.15+
Attachment #471135 - Flags: approval1.9.1.14-
Attachment #471135 - Flags: approval1.9.1.14+
glandium, are you going to land this, or should it be in the checkin-needed queue?
Assignee: nobody → mh+mozilla
Status: NEW → ASSIGNED
When is 1.9.1 open for 1.9.1.15 stuff ?
(In reply to comment #5) > When is 1.9.1 open for 1.9.1.15 stuff ? Now. See http://tinderbox.mozilla.org/Firefox3.5/ for tree rules.
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/a78a9ff14f26
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
status1.9.1: --- → .15-fixed
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: