[Dovecot] Auth worker max line size
Emmanuel Dreyfus
manu at netbsd.org
Wed Jun 24 17:45:45 EEST 2009
Hello
I have been playing with some exotic authentication scheme with Dovecot
and PAM. That involves sending really large base64 encoded data as
the IMAP password, and I have hit a line limit in Dovecot, with
AUTH_WORKER_MAX_LINE_LENGTH set to 1024.
This limit is especially frustrating since other parts of the software
use much larger limits:
MAX_INBUF_SIZE 4096
MAX_IMAP_LINE 8192
AUTH_CLIENT_MAX_LINE_LENGTH 8192
I had to make the patch attached below to get my authentication working.
I can live with this local patch, but given the much more liberal limits
of MAX_INBUF_SIZE at 4096 makes we wonder if this 1024 limit on
AUTH_WORKER_MAX_LINE_LENGTH could not be a bug. Or is there a security
concern at using more than 1kB?
Opinions? (please Cc: me, I'm not subscribed ot the list)
--- src/auth/auth-worker-client.h.orig 2009-06-23 18:32:15.000000000 +0200
+++ src/auth/auth-worker-client.h 2009-06-23 18:32:33.000000000 +0200
@@ -1,8 +1,8 @@
#ifndef AUTH_WORKER_CLIENT_H
#define AUTH_WORKER_CLIENT_H
-#define AUTH_WORKER_MAX_LINE_LENGTH 1024
+#define AUTH_WORKER_MAX_LINE_LENGTH 4096
struct auth_worker_client *auth_worker_client_create(struct auth *auth, int fd);
void auth_worker_client_destroy(struct auth_worker_client **client);
void auth_worker_client_unref(struct auth_worker_client **client);
--
Emmanuel Dreyfus
manu at netbsd.org
More information about the dovecot
mailing list