|
@@ -199,13 +199,17 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.Message, rb
|
199
|
199
|
// continue existing sasl session
|
200
|
200
|
rawData := msg.Params[0]
|
201
|
201
|
|
202
|
|
- if len(rawData) > 400 {
|
|
202
|
+ // https://ircv3.net/specs/extensions/sasl-3.1:
|
|
203
|
+ // "The response is encoded in Base64 (RFC 4648), then split to 400-byte chunks,
|
|
204
|
+ // and each chunk is sent as a separate AUTHENTICATE command."
|
|
205
|
+ saslMaxArgLength := 400
|
|
206
|
+ if len(rawData) > saslMaxArgLength {
|
203
|
207
|
rb.Add(nil, server.name, ERR_SASLTOOLONG, details.nick, client.t("SASL message too long"))
|
204
|
208
|
session.sasl.Clear()
|
205
|
209
|
return false
|
206
|
|
- } else if len(rawData) == 400 {
|
|
210
|
+ } else if len(rawData) == saslMaxArgLength {
|
207
|
211
|
// allow 4 'continuation' lines before rejecting for length
|
208
|
|
- if len(session.sasl.value) >= 400*4 {
|
|
212
|
+ if len(session.sasl.value) >= saslMaxArgLength*4 {
|
209
|
213
|
rb.Add(nil, server.name, ERR_SASLFAIL, details.nick, client.t("SASL authentication failed: Passphrase too long"))
|
210
|
214
|
session.sasl.Clear()
|
211
|
215
|
return false
|
|
@@ -1062,7 +1066,7 @@ func extjwtHandler(server *Server, client *Client, msg ircmsg.Message, rb *Respo
|
1062
|
1066
|
tokenString, err := sConfig.Sign(claims)
|
1063
|
1067
|
|
1064
|
1068
|
if err == nil {
|
1065
|
|
- maxTokenLength := 400
|
|
1069
|
+ maxTokenLength := maxLastArgLength
|
1066
|
1070
|
|
1067
|
1071
|
for maxTokenLength < len(tokenString) {
|
1068
|
1072
|
rb.Add(nil, server.name, "EXTJWT", msg.Params[0], serviceName, "*", tokenString[:maxTokenLength])
|
|
@@ -3149,7 +3153,7 @@ func userhostHandler(server *Server, client *Client, msg ircmsg.Message, rb *Res
|
3149
|
3153
|
returnedClients := make(ClientSet)
|
3150
|
3154
|
|
3151
|
3155
|
var tl utils.TokenLineBuilder
|
3152
|
|
- tl.Initialize(400, " ")
|
|
3156
|
+ tl.Initialize(maxLastArgLength, " ")
|
3153
|
3157
|
for i, nickname := range msg.Params {
|
3154
|
3158
|
if i >= 10 {
|
3155
|
3159
|
break
|