> On 26/03/2025 04:44 EET Brad Koehn via dovecot <[email protected]> wrote: > > > This is running on OS: Linux 6.1.0-28-amd64 x86_64 Debian 11.11 on amd64 > hardware with an ext4 filesystem. > > My uneducated guess is authentik sent a token that was bigger than Dovecot > expected; the OAuth2 spec doesn’t define a maximum size. As an example, > Authentik client secrets are 128 characters long by default, which looks like > it would overflow the `payload` buffer defined in > `oauth2_client_secret_start`. (I edited my Authentik client secret to make it > small enough to fit and it didn’t fix the problem).
The actual fix is to tell SOGo to not do 1 AUTHENTICATE XOAUTH2 <token> but instead C: 1 AUTHENTICATE XOAUTH2 S: + C: <token here> If the token is long enough, client must use interactive sasl. Aki _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
