Return-Path: <krb5-bugs-incoming-bounces@PCH.mit.edu>
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 3106D3EBB0; Thu, 13 Sep 2012 18:27:54 -0400 (EDT)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id q8DMRpmS017757; Thu, 13 Sep 2012 18:27:51 -0400
Received: from mailhub-dmz-1.mit.edu (MAILHUB-DMZ-1.MIT.EDU [18.9.21.41]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id q8DMOaJx017370 for <krb5-bugs-incoming@PCH.mit.edu>; Thu, 13 Sep 2012 18:24:36 -0400
Received: from dmz-mailsec-scanner-3.mit.edu (DMZ-MAILSEC-SCANNER-3.MIT.EDU [18.9.25.14]) by mailhub-dmz-1.mit.edu (8.13.8/8.9.2) with ESMTP id q8DMOZxg013892 for <krb5-bugs@mit.edu>; Thu, 13 Sep 2012 18:24:35 -0400
X-Auditid: 1209190e-b7f256d000000c6a-9d-50525d23f1fa
Authentication-Results: symauth.service.identifier
Received: from sentry-two.sandia.gov (sentry-two.sandia.gov [132.175.109.14]) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id B8.A6.03178.32D52505; Thu, 13 Sep 2012 18:24:35 -0400 (EDT)
X-WSS-ID: 0MAB7KY-0B-3VA-02
X-M-MSG: 
Received: from interceptor1.sandia.gov (interceptor1.sandia.gov [132.175.109.5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sentry-two.sandia.gov (Postfix) with ESMTP id 13242D2C442 for <krb5-bugs@mit.edu>; Thu, 13 Sep 2012 16:24:34 -0600 (MDT)
Received: from sentry.sandia.gov (sentry.sandia.gov [132.175.109.21]) by interceptor1.sandia.gov (RSA Interceptor) for <krb5-bugs@mit.edu>; Thu, 13 Sep 2012 16:24:19 -0600
Received: from [132.175.109.1] by sentry.sandia.gov with ESMTP (SMTP Relay 01 (Email Firewall v6.3.2)); Thu, 13 Sep 2012 16:24:14 -0600
X-Server-Uuid: AF72F651-81B1-4134-BA8C-A8E1A4E620FF
Received: from mail.sandia.gov (exch04.sandia.gov [134.253.103.4] (may be forged)) by mailgate.sandia.gov (8.14.4/8.14.4) with ESMTP id q8DMOBVC008149 for <krb5-bugs@mit.edu>; Thu, 13 Sep 2012 16:24:13 -0600
Received: from [134.253.45.175] (134.253.95.179) by mail.sandia.gov ( 134.253.103.4) with Microsoft SMTP Server (TLS) id 14.2.318.1; Thu, 13 Sep 2012 16:24:12 -0600
Subject: gssftp client cannot fully handle encoded multiline replies
From: "Daniel Sands" <dnsands@sandia.gov>
To: krb5-bugs@mit.edu
Date: Thu, 13 Sep 2012 16:24:11 -0600
Message-ID: <1347575051.28817.18.camel@s952894.srn.sandia.gov>
MIME-Version: 1.0
X-Mailer: Evolution 2.28.3 (2.28.3-24.el6)
X-TMWD-Spam-Summary: TS=20120913222416; ID=1; SEV=2.3.1; DFV=B2012091325; IFV=NA; AIF=B2012091325; RPD=5.03.0010; ENG=NA; RPDID=7374723D303030312E30413031303230342E35303532354431302E303032323A534346535441543838363133332C73733D312C6667733D30; CAT=NONE; CON=NONE; SIG=AAAAAAAAAAAAAAAAAAAAAAAAfQ==
X-MMS-Spam-Filter-ID: B2012091325_5.03.0010
X-WSS-ID: 7C4C82840I81051699-01-01
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Rsa-Inspected: yes
X-Rsa-Classifications: public
X-Rsa-Action: allow
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprIJsWRWlGSWpSXmKPExsXSsj6XT1c5NijA4OpbM4uGh8fZHRg9ms4c ZQ5gjOKySUnNySxLLdK3S+DK+HxsNWPBIbaKAwdWMDUwLmDtYuTgkBAwkZj/0KCLkZODUcBI Yve5V6wgtoSAmMSFe+vZuhi5OIQErjFKTGv+wASRkJY4dGAuG4TNKXHm4zuwBiGBTUwST4/E QTSsZpTYNWMGI4TTySix5NhEdogOY4lN998wQyQuM0r8f9rPCuGsYJRobTvJAlIlLOAicbbj KZjNJqApMeXLP7DdIgKiEi//HgOLswioSrxacxEszitgJ/Fl5T42CFtQ4uTMJywQ27QkVs9Z zgSyQEJgDZPEus0zoc7Qlph5+BtUkZLE6aWPwZqZgZatWHkeypaX2P52DjNEjYjEm5czoCEj K/Fj736gGnYgW1jiodEERulZSDbPQjJoFpJBCxiZVzHKpuRW6eYmZuYUpybrFicn5uWlFuka 6+VmluilppRuYgTGpxCnJN8Oxq8HlQ4xCnAwKvHwRrAGBQixJpYVV+YeYpTkYFIS5U0LBwrx JeWnVGYkFmfEF5XmpBYfYpTgYFYS4bXVBsrxpiRWVqUW5cOkpDlYlMR5r6Tc9BcSSE8sSc1O TS1ILYLJMnGwH2KU4eBQkuBNjwHqFixKTU+tSMvMKUFWwwkiuEDW8ACtcQQp5C0uSMwtzkyH KDrFqCglzqsGkhAASWSU5sENgKXUS4yyUsK8jAwMDEI8QBcAPY4q/4pRHOhpYV5bkCk8mXkl cNNfAS1mAlo8Ya0/yOKSRISUVAPjtAnpZo+FZp54tVLbYIKOyrNprzYoHb/rMbcz9YT+YYVY zQ+NWgfUWEukv68qnNo5v/qX5/frXH7zPfWOh1/8/3Quy9PCXTsWdrpvYdjhZz7xnYv9cdE7 2zpdm/O1kzMandT3mDzg1J9RtSMx+s23eXNMFFUmlufsK+CWvHXcP/TCiab2RmdmJZbijERD Leai4kQAEUZmvKQDAAA=
X-Mailman-Approved-At: Thu, 13 Sep 2012 18:27:50 -0400
X-Beenthere: krb5-bugs-incoming@mailman.mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Sender: krb5-bugs-incoming-bounces@PCH.mit.edu
Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu
Content-Length: 812

If a server reply encodes more than one line within a single encoded
line after secure authentication, the gssftp client will only print the
first line of the reply.  So in an example from RFC2228:

631-base64(protect("123-First line\r\nSecond line\r\n  234 A line b"))
631 base64(protect("eginning with numbers\r\n123 The last line\r\n"))

the client will only see (and print out):
123-First line\r\n
eginning with numbers\r\n


This is because its internal line buffer is not equipped to rebuffer
the decoded lines.  It naively expects the server to use a 1:1
correlation between each plaintext line and its encoded form.
Unfortunately, not all servers are so nice.  It also adds an extra CRLF
to the end of a decoded line, which also breaks the example above.

krb5-appl versions up to and including 1.0.3