Re: GSSAPI and "encoded packet size too big"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


--On Friday, March 22, 2013 04:21:55 PM +0000 Hugh Cole-Baker <sigmaris@xxxxxxxxx> wrote:

On 22 Mar 2013, at 16:00, cyrus-sasl-request@xxxxxxxxxxxxxxxxxxxx wrote:

We are seeing a problem that looks a lot like this yours.  From JNDI
clients connecting to our OpenLDAP server on Debian Wheezy connections
are failing.  If the client makes a GSSAPI connection and uses SASL
encryption then the client will fail with a
java.lang.NegativeArraySizeException error.

I ran into the same problem with Java interop [1], initially thinking
it was a Java bug, and found a workaround, which is to set minssf to
at least 1 in the sasl-secprops setting in OpenLDAP. This might be
useful - I haven't tried to upgrade to 2.1.26 yet to check if it's
fixed in that version.

Hugh C-B


That fixes the problem that we were seeing.  Thanks a lot.

I am going to try 2.1.26 as well because it finally includes the
change to make life simpler in a load balanced environment.  I let you
know how that goes.



Bill MacAllister
Infrastructure Delivery Group, Stanford University

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux