From 1dfe909babc7b513ebe54f7b50ac17465c118e0c Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@zerotier.com>
Date: Fri, 4 Jun 2021 16:46:56 -0400
Subject: [PATCH] Increase authentication URL sizes.

---
 controller/EmbeddedNetworkController.cpp | 2 +-
 node/IncomingPacket.cpp                  | 4 ++--
 node/NetworkConfig.hpp                   | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp
index a9ebe91fb..04222272b 100644
--- a/controller/EmbeddedNetworkController.cpp
+++ b/controller/EmbeddedNetworkController.cpp
@@ -1340,7 +1340,7 @@ void EmbeddedNetworkController::_request(
 		if ((authenticationExpiryTime == 0) || (authenticationExpiryTime < now)) {
 			std::string authenticationURL = _db.getSSOAuthURL(member);
 			if (!authenticationURL.empty()) {
-				Dictionary<1024> authInfo;
+				Dictionary<3072> authInfo;
 				authInfo.add("aU", authenticationURL.c_str());
 				fprintf(stderr, "sending auth URL: %s\n", authenticationURL.c_str());
 				DB::cleanMember(member);
diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index ff8f9e5bd..bcde85cc4 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -200,8 +200,8 @@ bool IncomingPacket::_doERROR(const RuntimeEnvironment *RR,void *tPtr,const Shar
 					const uint16_t errorDataSize = at<uint16_t>(ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 8);
 					s -= 2;
 					if (s >= (int)errorDataSize) {
-						Dictionary<1024> authInfo(((const char *)this->data()) + (ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 10), errorDataSize);
-						char authenticationURL[256];
+						Dictionary<3072> authInfo(((const char *)this->data()) + (ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 10), errorDataSize);
+						char authenticationURL[2048];
 						if (authInfo.get("aU", authenticationURL, sizeof(authenticationURL)) > 0) {
 							authenticationURL[sizeof(authenticationURL) - 1] = 0; // ensure always zero terminated
 							network->setAuthenticationRequired(authenticationURL);
diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp
index 3f49ba50f..ebd046ab2 100644
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@@ -612,7 +612,7 @@ public:
 	/**
 	 * Authentication URL if authentication is required
 	 */
-	char authenticationURL[256];
+	char authenticationURL[2048];
 
 	/**
 	 * Time current authentication expires or -1 if external authentication is disabled