diff options
| author | Artem Zhurikhin <ashpool@xecut.net> | 2022-05-13 22:56:26 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-13 15:56:26 -0500 |
| commit | b8645bfbf21a5f3e4583d7fc97c418585a48624a (patch) | |
| tree | 3d2cacd4d6d7e3574a6f7f84d89836376f2b36c6 /src | |
| parent | 778047bc65e529804c3342ee0f3a8d5d7550fde5 (diff) | |
Split long SASL auth strings into 400-byte chunks (#2709)
Fixes #2705
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/inbound.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/src/common/inbound.c b/src/common/inbound.c index 3c505a57..ddd6ee9a 100644 --- a/src/common/inbound.c +++ b/src/common/inbound.c @@ -1929,7 +1929,24 @@ inbound_sasl_authenticate (server *serv, char *data) return; } - tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass); + /* long SASL passwords must be split into 400-byte chunks + https://ircv3.net/specs/extensions/sasl-3.1#the-authenticate-command */ + size_t pass_len = strlen (pass); + if (pass_len <= 400) + tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass); + else + { + size_t sent = 0; + while (sent < pass_len) + { + char *pass_chunk = g_strndup (pass + sent, 400); + tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass_chunk); + sent += 400; + g_free (pass_chunk); + } + } + if (pass_len % 400 == 0) + tcp_sendf (serv, "AUTHENTICATE +\r\n"); g_free (pass); |