Bugzilla – Bug 4967
Smart card auth failed: assertion at services/service_agent.cc:234
Last modified: 2014-04-11 07:42:36
You need to
before you can comment on or make changes to this bug.
We got a report from a customer that they had a few users who could not log in
using certain smart cards using Windows or Linux clients. The Windows client
reported an assertion failure in tlclient, while the Linux client restarted -
it is unknown if it hit the same assertion at this point.
Fixed in r28378.
Still not sure why we're getting data that's bigger than the buffer though.
Tester should, uh... not going to lie, this bug will be difficult to test
properly. Make sure everything smart card auth still works fine, I guess. Try
lots of different cards and SSH servers.
After Pierre examined the data given to the signRequest function, it was found
to be in accordance to the SSH protocol. What caused this problem was probably
a combination of too small buffer and long usernames/subjectNames.
Tested using client build 4319 and server 4318.
Initialized a aventra card with a certificate were the dn was 1505 bytes long.
Client and server handled this without problesm also did passwdaliases.
Works as expected...