if (clist_size(&aa->tokens) >= aa->zone->allow_tokens)
cmd_error(c, "Maximum number of tokens was reached");
+ const char *comment = get_string(c->request, "comment");
+ if (comment && strlen(comment) > max_comment_size)
+ cmd_error(c, "Comment too long");
+
struct auth_token *at = auth_create_token(aa);
- char *tok = auth_set_token_generated(at, get_string(c->request, "comment"), c->pool);
+ char *tok = auth_set_token_generated(at, comment, c->pool);
set_string(c, c->reply, "token", tok);
msg(L_INFO, "Created token: login=<%s> zone=<%s> id=<%s>", aa->user->login, aa->zone->name, at->ident);