sasl: Fix sending of long authentication information

The specification requires AUTHENTICATE information to be split into chunks of size 400. This commit implements the necessary chunking. Fixes: https://github.com/znc/znc/issues/942 Signed-off-by: Uli Schlachter <psychon@znc.in>
2026-05-01 02:52:30 +02:00 · 2019-01-24 13:11:50 +01:00
parent e415d9f58c
commit 75475972d7
1 changed files with 13 additions and 4 deletions
--- a/modules/sasl.cpp
+++ b/modules/sasl.cpp
@@ -194,13 +194,22 @@ class CSASLMod : public CModule {
    }

    void Authenticate(const CString& sLine) {
+        /* Send blank authenticate for other mechanisms (like EXTERNAL). */
+        CString sAuthLine;
        if (m_Mechanisms.GetCurrent().Equals("PLAIN") && sLine.Equals("+")) {
-            CString sAuthLine = GetNV("username") + '\0' + GetNV("username") +
+            sAuthLine = GetNV("username") + '\0' + GetNV("username") +
                                '\0' + GetNV("password");
            sAuthLine.Base64Encode();
-            PutIRC("AUTHENTICATE " + sAuthLine);
-        } else {
-            /* Send blank authenticate for other mechanisms (like EXTERNAL). */
+        }
+
+        /* The spec requires authentication data to be sent in chunks */
+        const size_t chunkSize = 400;
+        for (size_t offset = 0; offset < sAuthLine.length(); offset += chunkSize) {
+            size_t size = std::min(chunkSize, sAuthLine.length() - offset);
+            PutIRC("AUTHENTICATE " + sAuthLine.substr(offset, size));
+        }
+        if (sAuthLine.length() % chunkSize == 0) {
+            /* Signal end if we have a multiple of the chunk size */
            PutIRC("AUTHENTICATE +");
        }
    }