Bug 4967 - Smart card auth failed: assertion at services/service_agent.cc:234
: Smart card auth failed: assertion at services/service_agent.cc:234
: ThinLinc
: 4.1.1
: PC Unknown
: P2 Normal
: 4.2.0
Assigned To:
  Show dependency treegraph
Reported: 2014-01-23 16:21 by
Modified: 2014-04-11 07:42 (History)
Acceptance Criteria:



You need to log in before you can comment on or make changes to this bug.

Description From cendio 2014-01-23 16:21:45
We got a report from a customer that they had a few users who could not log in
using certain smart cards using Windows or Linux clients. The Windows client
reported an assertion failure in tlclient, while the Linux client restarted -
it is unknown if it hit the same assertion at this point.
------- Comment #5 From cendio 2014-02-05 14:22:35 -------
Fixed in r28378.

Still not sure why we're getting data that's bigger than the buffer though.

Tester should, uh... not going to lie, this bug will be difficult to test
properly. Make sure everything smart card auth still works fine, I guess. Try
lots of different cards and SSH servers.
------- Comment #6 From cendio 2014-02-05 16:10:07 -------
After Pierre examined the data given to the signRequest function, it was found
to be in accordance to the SSH protocol. What caused this problem was probably
a combination of too small buffer and long usernames/subjectNames.
------- Comment #7 From cendio 2014-04-11 07:42:36 -------
Tested using client build 4319 and server 4318.

Initialized a aventra card with a certificate were the dn was 1505 bytes long.
Client and server handled this without problesm also did passwdaliases.

Works as expected...