SAML | Input buffer full (no auth attempts in 0 secs)
Timo Sirainen
tss at iki.fi
Sat Dec 3 19:04:47 UTC 2016
On 3 Dec 2016, at 20.47, mj <lists at merit.unu.edu> wrote:
>
> Hi,
>
> In my journey to enable SAML auth for our webmail (sogo.nu) I have
> created a password-less dovecot imap listener on 127.0.0.1/32, so that
> once a user is SAML authenticated for the SOGo webmail, SOGo can connect to dovecot on 127.0.0.1:143 with something like "01 LOGIN username randompassword".
>
> Watching this (tcpflow) as it happens,i can see the following auth attempt coming from sogo:
..
> > Dec 02 22:34:33 imap-login: Info: Disconnected: Input buffer full (no
> > auth attempts in 0 secs): user=<>, rip=x.y.z.32, lip=x.y.z.68,
> > session=<d+o3tLNCaOvAV48g>
If SOGo used AUTHENTICATE PLAIN instead of LOGIN, it should work. The SASL authentication buffer is larger (8 kB) than regular commands' buffer (~1 kB).
> The question: is there a way to make this work? (make the input buffer larger, for example..?)
You could also increase this:
src/lib-master/master-auth.h:#define MASTER_AUTH_MAX_DATA_SIZE (1024 + 128 + 64 + 2)
More information about the dovecot
mailing list