• Rafal Somla's avatar
    BUG#11879051: FIRST REPLY LENGTH LIMIT (255) CAN BE VIOLATED · a6acc73b
    Rafal Somla authored
    BEFORE: First packet sent by client-side plugin (generated by Windows
    function InitializeSecurityContext()) could be longer than 255 bytes 
    violating the limitation imposed by authentication protocol.
    
    AFTER: Handshake protocol is  changed so that if first client's reply is 
    longer than 254 bytes then  it is be sent in 2 parts. However, for replies
    shorter than 255 bytes nothing changes.
    
    ADDITIONAL CHANGES: 
    - The generic packet processing loop  (Handshake::packet_processing_loop) 
    has been refactored. Communication with the peer has been abstracted
    into virtual methods read/write_packet() which are implemented in client 
    and server and transparently do the required splitting and gluing of packets.
    - Make it possible to optionally use dbug library in the plugin.
    - Add code for testing splitting of long first client reply.
    a6acc73b
handshake.h 3.92 KB