[ https://issues.apache.org/jira/browse/PROTON-975?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14658617#comment-14658617 ]
Ken Giusti commented on PROTON-975: ----------------------------------- To reproduce: 1) build latest qpidd w/proton 0.10rc1 library. 2) configure qpidd SASL, include DIGEST-MD5 as allowed mechs 3) create a python virtual environment and activate it 4) untar proton 0.10 rc, cd proton-c/bindings/python; python setup.py build install 5) Install the 2.0.0RC2 pyngus package: $ pip install --pre -i https://testpypi.python.org/pypi pyngus Run the attached test client - for example, if qpidd has an admin account 'admin' password 'qpid': while ./send.py -a amqp://<IP of broker>:<port> --target amq.topic --username admin --password qpid; do echo "HI"; done > crash occurs if buffer containing outcome and first encrypted frame is > received > ------------------------------------------------------------------------------- > > Key: PROTON-975 > URL: https://issues.apache.org/jira/browse/PROTON-975 > Project: Qpid Proton > Issue Type: Bug > Components: proton-c > Affects Versions: 0.10 > Reporter: Ken Giusti > Priority: Blocker > Fix For: 0.10 > > Attachments: send.py > > > I'm hitting an occasional client crash when using an DIGEST-MD5 SASL mech to > talk to the qpidd broker. > I've built the broker using the 0.10rc1 as the proton library. > I'm using a pyngus based client. I will upload this reproducer. > Best I can tell, the client pushes a single buffer to the transport that > contains both the SASL outcome frame from qpidd and the first encrypted > frame. SASL does not handle this case correctly and attempts to parse the > encrypted frame as cleartext. > I will open another bug against the frame decode to prevent parsing invalid > frames. -- This message was sent by Atlassian JIRA (v6.3.4#6332)