Split long SASL auth strings into 400-byte chunks (#2709)

Fixes #2705
author: Artem Zhurikhin <ashpool@xecut.net> 2022-05-13 22:56:26 +0200
committer: GitHub <noreply@github.com> 2022-05-13 15:56:26 -0500
commit: b8645bfbf21a5f3e4583d7fc97c418585a48624a (patch)
tree: 3d2cacd4d6d7e3574a6f7f84d89836376f2b36c6 /src/common/inbound.c
parent: 778047bc65e529804c3342ee0f3a8d5d7550fde5 (diff)
1 files changed, 18 insertions, 1 deletions
diff --git a/src/common/inbound.c b/src/common/inbound.c
index 3c505a57..ddd6ee9a 100644
--- a/src/common/inbound.c
+++ b/src/common/inbound.c
@@ -1929,7 +1929,24 @@ inbound_sasl_authenticate (server *serv, char *data)
 			return;
 		}
 
-		tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass);
+		/* long SASL passwords must be split into 400-byte chunks
+		   https://ircv3.net/specs/extensions/sasl-3.1#the-authenticate-command */
+		size_t pass_len = strlen (pass);
+		if (pass_len <= 400)
+			tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass);
+		else
+		{
+			size_t sent = 0;
+			while (sent < pass_len)
+			{
+				char *pass_chunk = g_strndup (pass + sent, 400);
+				tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass_chunk);
+				sent += 400;
+				g_free (pass_chunk);
+			}
+		}
+		if (pass_len % 400 == 0)
+			tcp_sendf (serv, "AUTHENTICATE +\r\n");
 		g_free (pass);
author	Artem Zhurikhin <ashpool@xecut.net>	2022-05-13 22:56:26 +0200
committer	GitHub <noreply@github.com>	2022-05-13 15:56:26 -0500
commit	b8645bfbf21a5f3e4583d7fc97c418585a48624a (patch)
tree	3d2cacd4d6d7e3574a6f7f84d89836376f2b36c6 /src/common/inbound.c
parent	778047bc65e529804c3342ee0f3a8d5d7550fde5 (diff)