Public bug reported: I'm still troubleshooting this, but at the moment apps negotiating a DIGEST-MD5 authentication and requesting some form of transport encryption (ssf != 0) are crashing. The only example I have so far is the openldap client tools (so just one app really).
ssf=0 works: $ ldapwhoami -U ubuntu@lxd -w ubuntusecret -O maxssf=0 SASL/DIGEST-MD5 authentication started SASL username: ubuntu@lxd SASL SSF: 0 dn:uid=ubuntu@lxd,cn=vms,cn=digest-md5,cn=auth ssf=128 crashes: $ ldapwhoami -U ubuntu@lxd -w ubuntusecret -O maxssf=128 SASL/DIGEST-MD5 authentication started SASL username: ubuntu@lxd SASL SSF: 128 SASL data security layer installed. Segmentation fault (core dumped) The crash seems to be inside openssl. I'll get a proper stack trace. 2.1.27, also built with openssl3, does not crash. So far only 2.1.28 (in kinetic-proposed). ** Affects: cyrus-sasl2 (Ubuntu) Importance: High Assignee: Andreas Hasenack (ahasenack) Status: In Progress ** Tags: server-todo update-excuse update-excuses -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973760 Title: Crash when using DIGEST-MD5 with SSF>=128 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1973760/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs