From 1702d408bfc09716ed0fbd42ef8c6bd11c51fd3a Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 27 Nov 2002 03:51:46 +0000
Subject: [PATCH] ITS#2184 maxbuf tweaks from Larry Greenfield @ CMU

---
 libraries/libldap/cyrus.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index 59d5b41cf7..eaf4f219ac 100644
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -194,10 +194,6 @@ sb_sasl_pkt_length( const unsigned char *buf, unsigned max, int debuglevel )
 			"sb_sasl_pkt_length: received illegal packet length "
 			"of %lu bytes\n", (unsigned long)size );      
 		size = 16; /* this should lead to an error. */
-	} else if ( size > max ) {
-		ber_log_printf( LDAP_DEBUG_ANY, debuglevel,
-			"sb_sasl_pkt_length: received packet length "
-			"of %lu exceeds negotiated max of %lu bytes\n", (unsigned long)size, (unsigned long)max );
 	}
 
 	return size + 4; /* include the size !!! */
@@ -344,11 +340,14 @@ sb_sasl_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 	/* now encode the next packet. */
 #if SASL_VERSION_MAJOR >= 2
 	ber_pvt_sb_buf_init( &p->buf_out );
+	/* sasl v2 makes sure this number is correct */
+	if ( len > *p->sasl_maxbuf )
+		len = *p->sasl_maxbuf;
 #else
 	ber_pvt_sb_buf_destroy( &p->buf_out );
-#endif
 	if ( len > *p->sasl_maxbuf - 100 )
 		len = *p->sasl_maxbuf - 100;	/* For safety margin */
+#endif
 	ret = sasl_encode( p->sasl_context, buf, len,
 		(SASL_CONST char **)&p->buf_out.buf_base,
 		(unsigned *)&p->buf_out.buf_size );
-- 
2.39.5