Kerberos WindowsSecurityContextImpl SEC_E_BUFFER_TOO_SMALL

[immo7]

Hi,
on some Windows Accounts we've seen the SEC_E_BUFFER_TOO_SMALL error in WindowsSecurityContextImpl.initialize. So far this case is not handled inside the switch statement, only the SEC_E_INSUFFICIENT_MEMORY error. Both error codes should result in increasing the token size.
Thanks for including this fix in the next version.

[dblock]

Please make a pull request, however MSDN doesn't document that you could be getting SEC_E_INSUFFICIENT_MEMORY, so maybe something else is going on here? It would be great to confirm that that change would work on your side.

[immo7]

I cannot speak for SEC_E_INSUFFICIENT_MEMORY and I don't know why this return code is handled in the first place. We've only seen SEC_E_BUFFER_TOO_SMALL. That is also the error code which is already being checked in WindowsAuthProviderImpl.acceptSecurityToken.

[dblock]

Because it documents that appropriately. But you should re-compile waffle with this change, confirm the fix and make a pull request.

[immo7]

OK, I think you've mentioned the wrong error code in your first comment, then.
Anyway, I've just seen that the same problem had already been reported in 2014 together with a pull request: #128 opened on Aug 4, 2014 by kentcb
It is still open and in the end the changes were not merged.
By the way: There seems to be no way for others to test this because we also don't know the reason why some users receive this error code.

[dblock]

I'm not against merging this, but I'd like to understand how and why this happens, confirm that it actually fixes the problem, make the change in all the code, not just Java. You can help.

[hazendaz]

This code was merged in 20ea0b4