https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208058 Bug(s) fixed: 208058 Bug Description: When adding "large" entries or making "large" modifications over a connection using SASL mechanisms that provide encryption, the server returns a decoding error to the client. Reviewed by: ??? Files: see diff Branch: HEAD Fix Description: It turns out that this is a data size related issue that is specific to using SASL mechanisms that encrypt the payload. This problem will be triggered by a SASL payload that is larger than 512 bytes once it is decrypted.

Internally, we have a buffer that holds the decrypted SASL payload. This data is copied into a 512 byte buffer inside the sasl_recv_connection() function. If the decrypted data is larger than 512 bytes, we save an offset to be used to get the remaining data on the next call to sasl_recv_connection(). The problem is that we ignore this offset when copying the data between buffers on the subsequent call to sasl_recv_connection().

The fix is to start copying data out of the decrypted buffer from the offset. Flag Day: no Doc impact: no https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=137163