Author: Markus <huaraz@moeller.plus.com>

author Amos Jeffries <squid3@treenet.co.nz>

Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)

committer Amos Jeffries <squid3@treenet.co.nz>

Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)
author Amos Jeffries <squid3@treenet.co.nz>
Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)
committer Amos Jeffries <squid3@treenet.co.nz>
Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)
diff --git a/src/auth/negotiate/auth_negotiate.cc b/src/auth/negotiate/auth_negotiate.cc

index 36ff22f34b203348aeeff26520d658f42d21d97c..cfde0a883a06b5d3a9f4cb00f474ccb2e892fcda 100644 (file)
--- a/src/auth/negotiate/auth_negotiate.cc
+++ b/src/auth/negotiate/auth_negotiate.cc
@@ -55,6 +55,11 @@
   \ingroup AuthNegotiateAPI
   */
  
+/**
+ * Maximum length (buffer size) for token strings.
+ */
+#define MAX_AUTHTOKEN_LEN   32768
+
  static void
  authenticateNegotiateReleaseServer(AuthUserRequest * auth_user_request);
  
@@ -562,7 +567,7 @@ void
  AuthNegotiateUserRequest::module_start(RH * handler, void *data)
  {
      authenticateStateData *r = NULL;
-    static char buf[8192];
+    static char buf[MAX_AUTHTOKEN_LEN];
      negotiate_user_t *negotiate_user;
      AuthUser *auth_user = user();
  
@@ -588,9 +593,9 @@ AuthNegotiateUserRequest::module_start(RH * handler, void *data)
      AUTHUSERREQUESTLOCK(r->auth_user_request, "r");
  
      if (auth_state == AUTHENTICATE_STATE_INITIAL) {
-        snprintf(buf, 8192, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
+        snprintf(buf, MAX_AUTHTOKEN_LEN, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
      } else {
-        snprintf(buf, 8192, "KK %s\n", client_blob);
+        snprintf(buf, MAX_AUTHTOKEN_LEN, "KK %s\n", client_blob);
      }
  
      waiting = 1;
author	Amos Jeffries <squid3@treenet.co.nz>
	Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Tue, 29 Jul 2008 13:00:30 +0000 (01:00 +1200)