[Dovecot] MASTER_AUTH_MAX_DATA_SIZE
In 2.0.17 you increased LOGIN_MAX_INBUF_SIZE from 1024 to 4096. Should you also have increased MASTER_AUTH_MAX_DATA_SIZE from (1024*2) to (4096*2)? /* This should be kept in sync with LOGIN_MAX_INBUF_SIZE. Multiply it by two to make sure there's space to transfer the command tag */
On 12.1.2012, at 1.09, Mike Abbott wrote:
In 2.0.17 you increased LOGIN_MAX_INBUF_SIZE from 1024 to 4096. Should you also have increased MASTER_AUTH_MAX_DATA_SIZE from (1024*2) to (4096*2)? /* This should be kept in sync with LOGIN_MAX_INBUF_SIZE. Multiply it by two to make sure there's space to transfer the command tag */
Well, yes.. Although I'd rather not do that.
Command tag length needs to be restricted to something reasonable, maybe 100 chars, so it won't have to be multiplied by 2 but just added the 100 (+1 for NUL).
Maybe I can change the LOGIN_MAX_INBUF_SIZE back to its original size and change the AUTHENTICATE command handling to read the SASL initial response to a separate buffer.
I'll try doing those next week.
On Thu, 2012-01-12 at 22:20 +0200, Timo Sirainen wrote:
On 12.1.2012, at 1.09, Mike Abbott wrote:
In 2.0.17 you increased LOGIN_MAX_INBUF_SIZE from 1024 to 4096. Should you also have increased MASTER_AUTH_MAX_DATA_SIZE from (1024*2) to (4096*2)? /* This should be kept in sync with LOGIN_MAX_INBUF_SIZE. Multiply it by two to make sure there's space to transfer the command tag */
Well, yes.. Although I'd rather not do that.
Command tag length needs to be restricted to something reasonable, maybe 100 chars, so it won't have to be multiplied by 2 but just added the 100 (+1 for NUL).
Maybe I can change the LOGIN_MAX_INBUF_SIZE back to its original size and change the AUTHENTICATE command handling to read the SASL initial response to a separate buffer.
I'll try doing those next week.
http://hg.dovecot.org/dovecot-2.1/rev/b86f7dd170c6 does this.
participants (2)
-
Mike Abbott
-
Timo Sirainen