Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-975

connecting with DIGEST-MD5 fails if buffer containing outcome and first encrypted frame is received

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • proton-0.10
    • proton-0.10
    • proton-c
    • None

    Description

      I'm hitting an occasional client crash when using an DIGEST-MD5 SASL mech to talk to the qpidd broker.

      I've built the broker using the 0.10rc1 as the proton library.

      I'm using a pyngus based client. I will upload this reproducer.

      Best I can tell, the client pushes a single buffer to the transport that contains both the SASL outcome frame from qpidd and the first encrypted frame. SASL does not handle this case correctly and attempts to parse the encrypted frame as cleartext.

      I will open another bug against the frame decode to prevent parsing invalid frames.

      Attachments

        1. send.py
          5 kB
          Ken Giusti

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. PROTON-976 pn_read_frame does not validate frame offset

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              astitcher Andrew Stitcher
              kgiusti Ken Giusti
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: