mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-10 22:19:31 +01:00
commit
1023f7e20e
@ -65,6 +65,7 @@ type Client struct {
|
||||
nickMaskString string // cache for nickmask string since it's used with lots of replies
|
||||
nickTimer *NickTimer
|
||||
operName string
|
||||
preregNick string
|
||||
proxiedIP net.IP // actual remote IP if using the PROXY protocol
|
||||
quitMessage string
|
||||
rawHostname string
|
||||
|
@ -61,6 +61,7 @@ func (conf *PassConfig) PasswordBytes() []byte {
|
||||
type AccountConfig struct {
|
||||
Registration AccountRegistrationConfig
|
||||
AuthenticationEnabled bool `yaml:"authentication-enabled"`
|
||||
SkipServerPassword bool `yaml:"skip-server-password"`
|
||||
NickReservation NickReservationConfig `yaml:"nick-reservation"`
|
||||
}
|
||||
|
||||
|
@ -142,6 +142,30 @@ func (client *Client) SetAccountName(account string) (changed bool) {
|
||||
return
|
||||
}
|
||||
|
||||
func (client *Client) Authorized() bool {
|
||||
client.stateMutex.RLock()
|
||||
defer client.stateMutex.RUnlock()
|
||||
return client.authorized
|
||||
}
|
||||
|
||||
func (client *Client) SetAuthorized(authorized bool) {
|
||||
client.stateMutex.Lock()
|
||||
defer client.stateMutex.Unlock()
|
||||
client.authorized = authorized
|
||||
}
|
||||
|
||||
func (client *Client) PreregNick() string {
|
||||
client.stateMutex.RLock()
|
||||
defer client.stateMutex.RUnlock()
|
||||
return client.preregNick
|
||||
}
|
||||
|
||||
func (client *Client) SetPreregNick(preregNick string) {
|
||||
client.stateMutex.Lock()
|
||||
defer client.stateMutex.Unlock()
|
||||
client.preregNick = preregNick
|
||||
}
|
||||
|
||||
func (client *Client) HasMode(mode modes.Mode) bool {
|
||||
client.stateMutex.RLock()
|
||||
defer client.stateMutex.RUnlock()
|
||||
|
@ -319,6 +319,10 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
||||
// let the SASL handler do its thing
|
||||
exiting := handler(server, client, client.saslMechanism, data, rb)
|
||||
|
||||
if client.LoggedIntoAccount() && server.AccountConfig().SkipServerPassword {
|
||||
client.SetAuthorized(true)
|
||||
}
|
||||
|
||||
// wait 'til SASL is done before emptying the sasl vars
|
||||
client.saslInProgress = false
|
||||
client.saslMechanism = ""
|
||||
@ -491,9 +495,8 @@ func capHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Respo
|
||||
rb.Add(nil, server.name, "CAP", client.nick, "ACK", capString)
|
||||
|
||||
case "END":
|
||||
if !client.registered {
|
||||
if !client.Registered() {
|
||||
client.capState = caps.NegotiatedState
|
||||
server.tryRegister(client)
|
||||
}
|
||||
|
||||
default:
|
||||
@ -1623,12 +1626,12 @@ func namesHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Res
|
||||
|
||||
// NICK <nickname>
|
||||
func nickHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
||||
if !client.authorized {
|
||||
client.Quit("Bad password")
|
||||
return true
|
||||
if client.Registered() {
|
||||
performNickChange(server, client, client, msg.Params[0], rb)
|
||||
} else {
|
||||
client.SetPreregNick(msg.Params[0])
|
||||
}
|
||||
|
||||
return performNickChange(server, client, client, msg.Params[0], rb)
|
||||
return false
|
||||
}
|
||||
|
||||
// NOTICE <target>{,<target>} <message>
|
||||
@ -1821,14 +1824,14 @@ func partHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
||||
|
||||
// PASS <password>
|
||||
func passHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
||||
if client.registered {
|
||||
if client.Registered() {
|
||||
rb.Add(nil, server.name, ERR_ALREADYREGISTRED, client.nick, client.t("You may not reregister"))
|
||||
return false
|
||||
}
|
||||
|
||||
// if no password exists, skip checking
|
||||
if len(server.password) == 0 {
|
||||
client.authorized = true
|
||||
client.SetAuthorized(true)
|
||||
return false
|
||||
}
|
||||
|
||||
@ -1840,7 +1843,7 @@ func passHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
||||
return true
|
||||
}
|
||||
|
||||
client.authorized = true
|
||||
client.SetAuthorized(true)
|
||||
return false
|
||||
}
|
||||
|
||||
@ -1932,7 +1935,7 @@ func privmsgHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *R
|
||||
// http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
|
||||
func proxyHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
||||
// only allow unregistered clients to use this command
|
||||
if client.registered || client.proxiedIP != nil {
|
||||
if client.Registered() || client.proxiedIP != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
@ -2096,7 +2099,8 @@ func sanickHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Re
|
||||
rb.Add(nil, server.name, ERR_NOSUCHNICK, client.nick, msg.Params[0], client.t("No such nick"))
|
||||
return false
|
||||
}
|
||||
return performNickChange(server, client, target, msg.Params[1], rb)
|
||||
performNickChange(server, client, target, msg.Params[1], rb)
|
||||
return false
|
||||
}
|
||||
|
||||
// SCENE <target> <message>
|
||||
@ -2310,16 +2314,11 @@ func unKLineHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *R
|
||||
|
||||
// USER <username> * 0 <realname>
|
||||
func userHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
||||
if client.registered {
|
||||
if client.Registered() {
|
||||
rb.Add(nil, server.name, ERR_ALREADYREGISTRED, client.nick, client.t("You may not reregister"))
|
||||
return false
|
||||
}
|
||||
|
||||
if !client.authorized {
|
||||
client.Quit("Bad password")
|
||||
return true
|
||||
}
|
||||
|
||||
if client.username != "" && client.realname != "" {
|
||||
return false
|
||||
}
|
||||
@ -2340,8 +2339,6 @@ func userHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
||||
client.realname = msg.Params[3]
|
||||
}
|
||||
|
||||
server.tryRegister(client)
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
@ -2393,7 +2390,7 @@ func versionHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *R
|
||||
// WEBIRC <password> <gateway> <hostname> <ip> [:flag1 flag2=x flag3]
|
||||
func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
||||
// only allow unregistered clients to use this command
|
||||
if client.registered || client.proxiedIP != nil {
|
||||
if client.Registered() || client.proxiedIP != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
|
@ -23,6 +23,7 @@ var (
|
||||
}
|
||||
)
|
||||
|
||||
// returns whether the change succeeded or failed
|
||||
func performNickChange(server *Server, client *Client, target *Client, newnick string, rb *ResponseBuffer) bool {
|
||||
nickname := strings.TrimSpace(newnick)
|
||||
cfnick, err := CasefoldName(nickname)
|
||||
@ -38,7 +39,7 @@ func performNickChange(server *Server, client *Client, target *Client, newnick s
|
||||
}
|
||||
|
||||
if target.Nick() == nickname {
|
||||
return false
|
||||
return true
|
||||
}
|
||||
|
||||
hadNick := target.HasNick()
|
||||
@ -49,7 +50,7 @@ func performNickChange(server *Server, client *Client, target *Client, newnick s
|
||||
rb.Add(nil, server.name, ERR_NICKNAMEINUSE, client.nick, nickname, client.t("Nickname is already in use"))
|
||||
return false
|
||||
} else if err == errNicknameReserved {
|
||||
client.Send(nil, server.name, ERR_NICKNAMEINUSE, client.nick, nickname, client.t("Nickname is reserved by a different account"))
|
||||
rb.Add(nil, server.name, ERR_NICKNAMEINUSE, client.nick, nickname, client.t("Nickname is reserved by a different account"))
|
||||
return false
|
||||
} else if err != nil {
|
||||
rb.Add(nil, server.name, ERR_UNKNOWNERROR, client.nick, "NICK", fmt.Sprintf(client.t("Could not set or change nickname: %s"), err.Error()))
|
||||
@ -67,12 +68,11 @@ func performNickChange(server *Server, client *Client, target *Client, newnick s
|
||||
}
|
||||
}
|
||||
|
||||
if target.registered {
|
||||
if target.Registered() {
|
||||
client.server.monitorManager.AlertAbout(target, true)
|
||||
} else {
|
||||
server.tryRegister(target)
|
||||
}
|
||||
return false
|
||||
// else: Run() will attempt registration immediately after this
|
||||
return true
|
||||
}
|
||||
|
||||
func (server *Server) RandomlyRename(client *Client) {
|
||||
|
@ -416,8 +416,28 @@ func (server *Server) generateMessageID() string {
|
||||
//
|
||||
|
||||
func (server *Server) tryRegister(c *Client) {
|
||||
if c.registered || !c.HasNick() || !c.HasUsername() ||
|
||||
(c.capState == caps.NegotiatingState) {
|
||||
if c.Registered() {
|
||||
return
|
||||
}
|
||||
|
||||
preregNick := c.PreregNick()
|
||||
if preregNick == "" || !c.HasUsername() || c.capState == caps.NegotiatingState {
|
||||
return
|
||||
}
|
||||
|
||||
// client MUST send PASS (or AUTHENTICATE, if skip-server-password is set)
|
||||
// before completing the other registration commands
|
||||
if !c.Authorized() {
|
||||
c.Quit(c.t("Bad password"))
|
||||
c.destroy(false)
|
||||
return
|
||||
}
|
||||
|
||||
rb := NewResponseBuffer(c)
|
||||
nickAssigned := performNickChange(server, c, c, preregNick, rb)
|
||||
rb.Send()
|
||||
if !nickAssigned {
|
||||
c.SetPreregNick("")
|
||||
return
|
||||
}
|
||||
|
||||
@ -447,7 +467,7 @@ func (server *Server) tryRegister(c *Client) {
|
||||
//TODO(dan): Look at adding last optional [<channel modes with a parameter>] parameter
|
||||
c.Send(nil, server.name, RPL_MYINFO, c.nick, server.name, Ver, supportedUserModesString, supportedChannelModesString)
|
||||
|
||||
rb := NewResponseBuffer(c)
|
||||
rb = NewResponseBuffer(c)
|
||||
c.RplISupport(rb)
|
||||
server.MOTD(c, rb)
|
||||
rb.Send()
|
||||
|
@ -171,6 +171,13 @@ accounts:
|
||||
# is account authentication enabled?
|
||||
authentication-enabled: true
|
||||
|
||||
# some clients (notably Pidgin and Hexchat) offer only a single password field,
|
||||
# which makes it impossible to specify a separate server password (for the PASS
|
||||
# command) and SASL password. if this option is set to true, a client that
|
||||
# successfully authenticates with SASL will not be required to send
|
||||
# PASS as well, so it can be configured to authenticate with SASL only.
|
||||
skip-server-password: false
|
||||
|
||||
# nick-reservation controls how, and whether, nicknames are linked to accounts
|
||||
nick-reservation:
|
||||
# is there any enforcement of reserved nicknames?
|
||||
|
Loading…
Reference in New Issue
Block a user