From 75475972d7647828ea24263b5097b2039c03b820 Mon Sep 17 00:00:00 2001 From: Uli Schlachter Date: Thu, 24 Jan 2019 13:11:50 +0100 Subject: [PATCH] sasl: Fix sending of long authentication information The specification requires AUTHENTICATE information to be split into chunks of size 400. This commit implements the necessary chunking. Fixes: https://github.com/znc/znc/issues/942 Signed-off-by: Uli Schlachter --- modules/sasl.cpp | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/modules/sasl.cpp b/modules/sasl.cpp index 8509ed2d..ca381f02 100644 --- a/modules/sasl.cpp +++ b/modules/sasl.cpp @@ -194,13 +194,22 @@ class CSASLMod : public CModule { } void Authenticate(const CString& sLine) { + /* Send blank authenticate for other mechanisms (like EXTERNAL). */ + CString sAuthLine; if (m_Mechanisms.GetCurrent().Equals("PLAIN") && sLine.Equals("+")) { - CString sAuthLine = GetNV("username") + '\0' + GetNV("username") + + sAuthLine = GetNV("username") + '\0' + GetNV("username") + '\0' + GetNV("password"); sAuthLine.Base64Encode(); - PutIRC("AUTHENTICATE " + sAuthLine); - } else { - /* Send blank authenticate for other mechanisms (like EXTERNAL). */ + } + + /* The spec requires authentication data to be sent in chunks */ + const size_t chunkSize = 400; + for (size_t offset = 0; offset < sAuthLine.length(); offset += chunkSize) { + size_t size = std::min(chunkSize, sAuthLine.length() - offset); + PutIRC("AUTHENTICATE " + sAuthLine.substr(offset, size)); + } + if (sAuthLine.length() % chunkSize == 0) { + /* Signal end if we have a multiple of the chunk size */ PutIRC("AUTHENTICATE +"); } }