When SASL is active, if a read request is made and SASL buffer contains some
data (but not enough to fulfill the request), upon return the taken data from
the buffer is not accounted for and hence part of the message gets discarded.
red_stream_sasl_read function takes available data from sasl buffer and returns
if it's enough. If it's not, nbyte is decremented and buf pointer is
incremented to account for the taken data (if any). Then it tries to get more
data from the socket and decode it.
Suppose there was some data in the sasl buffer, but not enough. Then the socket
is not readable (EAGAIN, EINTR, whatever) or the new data isn't enough for
sasl_decode (hence decodedlen == 0). In both cases the function returns as if
no data was read, but it took some data from sasl buffer. This data is lost and
from this point on the communication ceases on the channel (eventually new data
is read, but messages are corrupt without the parts previously discarded).
On the other hand, if some data is read from sasl buffer and everything else
works fine, the output buffer contains all the data, but the count returned
only inform the caller about the newly read data (which causes the similar
effect of discarding part of the message).
Fixes: https://gitlab.freedesktop.org/spice/spice/-/issues/40
Acked-by: Frediano Ziglio <fziglio@redhat.com>
Instead of forcibly cast functions cast only if data pointer and
function pointers match. This also allows to remove dangerous
casts all over the place.
Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
