List:Commits« Previous MessageNext Message »
From:Vladislav Vaintroub Date:May 9 2011 7:37pm
Subject:RE: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051
View as plain text  
Hello Rafal,

> -----Original Message-----
> From: Rafal Somla [mailto:rafal.somla@stripped]
> Sent: Donnerstag, 28. April 2011 21:40
> To: commits@stripped
> Subject: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051
> 
> #At file:///D:/source/bzr2/mysql-5.5-wl5367-merge/ based on
> revid:rafal.somla@stripped
> 
>  3477 Rafal Somla	2011-04-28
>       BUG#11879051:  FIRST REPLY LENGTH LIMIT (255) CAN BE VIOLATED
> 
>       BEFORE: First packet sent by client-side plugin (generated by
Windows
>       function InitializeSecurityContext()) could be longer than 255 bytes
>       violating the limitation imposed by authentication protocol.
> 
>       AFTER: Handshake protocol is  changed so that if first client's
reply is
>       longer than 254 bytes then  it is be sent in 2 parts. However, for
replies
>       shorter than 255 bytes nothing changes.

I  think  the analysis  is not completely correct here.

The way Windows authentication works  is such that 
0) Server sends welcome packet.
1) client sends client authentication packet that contains authentication
method but without payload.
2) then server sends UPN to client
3) then client puts UPN into InitializeSecurityContext() and sends the
resulting blob to server.
(following steps omitted)

The 255 limit is would be a limit in step 1).  But since payload is not used
in this step , there is also no limit.

Wlad

Thread
bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Rafal Somla28 Apr
  • RE: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Vladislav Vaintroub9 May
    • Re: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Rafal Somla10 May
      • RE: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Vladislav Vaintroub10 May
        • Re: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Rafal Somla10 May
          • RE: bzr commit into mysql-5.5 branch (rafal.somla:3477) Bug#11879051Vladislav Vaintroub10 May