Closed
Bug 592692
Opened 15 years ago
Closed 15 years ago
Negotiate auth may fail with GSSAPI
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| status2.0 | --- | unaffected |
| status1.9.2 | --- | unaffected |
| status1.9.1 | --- | .16-fixed |
People
(Reporter: glandium, Assigned: glandium)
References
Details
(Whiteboard: fixed on trunk and 1.9.2 by 502607)
Attachments
(1 file)
|
1.06 KB,
patch
|
bzbarsky
:
review+
dveditz
:
approval1.9.1.14-
dveditz
:
approval1.9.1.16+
|
Details | Diff | Splinter Review |
In function nsHttpNegotiateAuth::GenerateCredentials, the token length that is given to nsIAuthModule::GetNextToken is calculated before any '=' padding is removed from the original challenge.
This can lead to passing extra bytes to gss_init_sec_context and causes negotiate auth to fail. I don't know if this has impact on other platforms than Linux.
Somehow, this was fixed in a supposedly unrelated patchset:
http://hg.mozilla.org/mozilla-central/rev/275225278550
But it still remains an issue on 3.5/1.9.1.
Attachment #471135 -
Flags: review?(bzbarsky)
Comment 1•15 years ago
|
||
Comment on attachment 471135 [details] [diff] [review]
Calculate token length after removing padding
OK.
Attachment #471135 -
Flags: review?(bzbarsky) → review+
| Assignee | ||
Updated•15 years ago
|
Attachment #471135 -
Flags: approval1.9.1.13?
status1.9.2:
--- → beta4-fixed
Updated•15 years ago
|
Updated•15 years ago
|
status1.9.2:
--- → unaffected
status2.0:
--- → unaffected
Comment 2•15 years ago
|
||
Comment on attachment 471135 [details] [diff] [review]
Calculate token length after removing padding
Approved for 1.9.2.11, a=dveditz for release-drivers
Attachment #471135 -
Flags: approval1.9.1.14? → approval1.9.1.14+
Comment 3•15 years ago
|
||
Comment on attachment 471135 [details] [diff] [review]
Calculate token length after removing padding
missed 1.9.2.11 so we'll see if it lands for 1.9.2.12
Attachment #471135 -
Flags: approval1.9.1.15+
Attachment #471135 -
Flags: approval1.9.1.14-
Attachment #471135 -
Flags: approval1.9.1.14+
Comment 4•15 years ago
|
||
glandium, are you going to land this, or should it be in the checkin-needed queue?
Assignee: nobody → mh+mozilla
Status: NEW → ASSIGNED
| Assignee | ||
Comment 5•15 years ago
|
||
When is 1.9.1 open for 1.9.1.15 stuff ?
Comment 6•15 years ago
|
||
(In reply to comment #5)
> When is 1.9.1 open for 1.9.1.15 stuff ?
Now. See http://tinderbox.mozilla.org/Firefox3.5/ for tree rules.
| Assignee | ||
Comment 7•15 years ago
|
||
You need to log in
before you can comment on or make changes to this bug.
Description
•