3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-12-23 03:02:48 +01:00

Merge pull request #531 from slingamn/issue410.1

fix #410
This commit is contained in:
Daniel Oaks 2019-05-29 19:07:29 +10:00 committed by GitHub
commit 236f8fa9fd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 58 additions and 49 deletions

View File

@ -129,17 +129,17 @@ In this section, we'll explain and go through using various features of the Orag
In most IRC servers you can use `NickServ` to register an account. You can do the same thing with Oragono, by default, with no other software needed! In most IRC servers you can use `NickServ` to register an account. You can do the same thing with Oragono, by default, with no other software needed!
These are the two ways you can register an account: These are the two ways you can register an account, either one will work:
/QUOTE ACC REGISTER <username> * passphrase :<password> /QUOTE ACC REGISTER <username> * passphrase <password>
/NS REGISTER <username> * <password> /NS REGISTER <password>
This is the way to go if you want to use a regular password. `<username>` and `<password>` are your username and password, respectively (make sure the leave that one `:` before your actual password!). This is the way to go if you want to use a regular password. `<username>` and `<password>` are your username and password, respectively; if you go the `/NS REGISTER` route, then your current nickname will become your username. Your password cannot contain spaces, but make sure to use a strong one anyway.
If you want to use a TLS client certificate instead of a password to authenticate (`SASL EXTERNAL`), then you can use the commands below to do so. (If you're not sure what this is, don't worry just use the above password method to register an account.)
/QUOTE ACC REGISTER <username> * certfp * /QUOTE ACC REGISTER <username> * certfp *
/NS REGISTER <username> /NS REGISTER *
If you want to use a TLS client certificate to authenticate (`SASL CERTFP`), then you can use the above method to do so. If you're not sure what this is, don't worry just use the above password method to register an account.
Once you've registered, you'll need to setup SASL to login (or use NickServ IDENTIFY). One of the more complete SASL instruction pages is Freenode's page [here](https://freenode.net/kb/answer/sasl). Open up that page, find your IRC client and then setup SASL with your chosen username and password! Once you've registered, you'll need to setup SASL to login (or use NickServ IDENTIFY). One of the more complete SASL instruction pages is Freenode's page [here](https://freenode.net/kb/answer/sasl). Open up that page, find your IRC client and then setup SASL with your chosen username and password!

View File

@ -397,6 +397,10 @@ func validatePassphrase(passphrase string) error {
if len(passphrase) == 0 || len(passphrase) > 600 { if len(passphrase) == 0 || len(passphrase) > 600 {
return errAccountBadPassphrase return errAccountBadPassphrase
} }
// we use * as a placeholder in some places, if it's gotten this far then fail
if passphrase == "*" {
return errAccountBadPassphrase
}
// for now, just enforce that spaces are not allowed // for now, just enforce that spaces are not allowed
for _, r := range passphrase { for _, r := range passphrase {
if unicode.IsSpace(r) { if unicode.IsSpace(r) {

View File

@ -120,11 +120,12 @@ APPROVE approves a user's vhost request.`,
REJECT rejects a user's vhost request, optionally giving them a reason REJECT rejects a user's vhost request, optionally giving them a reason
for the rejection.`, for the rejection.`,
helpShort: `$bREJECT$b rejects a user's vhost request.`, helpShort: `$bREJECT$b rejects a user's vhost request.`,
capabs: []string{"vhosts"}, capabs: []string{"vhosts"},
enabled: hostservEnabled, enabled: hostservEnabled,
minParams: 1, minParams: 1,
maxParams: 2, maxParams: 2,
unsplitFinalParam: true,
}, },
} }
) )

View File

@ -110,16 +110,17 @@ INFO gives you information about the given (or your own) user account.`,
handler: nsRegisterHandler, handler: nsRegisterHandler,
// TODO: "email" is an oversimplification here; it's actually any callback, e.g., // TODO: "email" is an oversimplification here; it's actually any callback, e.g.,
// person@example.com, mailto:person@example.com, tel:16505551234. // person@example.com, mailto:person@example.com, tel:16505551234.
help: `Syntax: $bREGISTER <username> <email> [password]$b help: `Syntax: $bREGISTER <password> [email]$b
REGISTER lets you register a user account. If the server allows anonymous REGISTER lets you register your current nickname as a user account. If the
registration, you can send an asterisk (*) as the email address. server allows anonymous registration, you can omit the e-mail address.
If the password is left out, your account will be registered to your TLS client If you are currently logged in with a TLS client certificate and wish to use
certificate (and you will need to use that certificate to login in future).`, it instead of a password to log in, send * as the password.`,
helpShort: `$bREGISTER$b lets you register a user account.`, helpShort: `$bREGISTER$b lets you register a user account.`,
enabled: servCmdRequiresAccreg, enabled: servCmdRequiresAccreg,
minParams: 2, minParams: 1,
maxParams: 2,
}, },
"sadrop": { "sadrop": {
handler: nsDropHandler, handler: nsDropHandler,
@ -586,20 +587,25 @@ func nsInfoHandler(server *Server, client *Client, command string, params []stri
} }
func nsRegisterHandler(server *Server, client *Client, command string, params []string, rb *ResponseBuffer) { func nsRegisterHandler(server *Server, client *Client, command string, params []string, rb *ResponseBuffer) {
// get params details := client.Details()
account, email := params[0], params[1] account := details.nick
var passphrase string passphrase := params[0]
if len(params) > 2 { var email string
passphrase = params[2] if 1 < len(params) {
email = params[1]
} }
certfp := client.certfp certfp := client.certfp
if passphrase == "" && certfp == "" { if passphrase == "*" {
nsNotice(rb, client.t("You need to either supply a passphrase or be connected via TLS with a client cert")) if certfp == "" {
return nsNotice(rb, client.t("You must be connected with TLS and a client certificate to do this"))
return
} else {
passphrase = ""
}
} }
if client.LoggedIntoAccount() { if details.account != "" {
nsNotice(rb, client.t("You're already logged into an account")) nsNotice(rb, client.t("You're already logged into an account"))
return return
} }
@ -608,13 +614,6 @@ func nsRegisterHandler(server *Server, client *Client, command string, params []
return return
} }
// band-aid to let users know if they mix up the order of registration params
if email == "*" {
nsNotice(rb, client.t("Registering your account with no email address"))
} else {
nsNotice(rb, fmt.Sprintf(client.t("Registering your account with email address %s"), email))
}
config := server.AccountConfig() config := server.AccountConfig()
var callbackNamespace, callbackValue string var callbackNamespace, callbackValue string
noneCallbackAllowed := false noneCallbackAllowed := false
@ -630,7 +629,7 @@ func nsRegisterHandler(server *Server, client *Client, command string, params []
callbackNamespace = "*" callbackNamespace = "*"
} else { } else {
callbackNamespace, callbackValue = parseCallback(email, config) callbackNamespace, callbackValue = parseCallback(email, config)
if callbackNamespace == "" { if callbackNamespace == "" || callbackValue == "" {
nsNotice(rb, client.t("Registration requires a valid e-mail address")) nsNotice(rb, client.t("Registration requires a valid e-mail address"))
return return
} }

View File

@ -26,17 +26,18 @@ type ircService struct {
// defines a command associated with a service, e.g., NICKSERV IDENTIFY // defines a command associated with a service, e.g., NICKSERV IDENTIFY
type serviceCommand struct { type serviceCommand struct {
aliasOf string // marks this command as an alias of another aliasOf string // marks this command as an alias of another
capabs []string // oper capabs the given user has to have to access this command capabs []string // oper capabs the given user has to have to access this command
handler func(server *Server, client *Client, command string, params []string, rb *ResponseBuffer) handler func(server *Server, client *Client, command string, params []string, rb *ResponseBuffer)
help string help string
helpStrings []string helpStrings []string
helpShort string helpShort string
authRequired bool enabled func(*Config) bool // is this command enabled in the server config?
hidden bool authRequired bool
enabled func(*Config) bool // is this command enabled in the server config? hidden bool
minParams int minParams int
maxParams int // split into at most n params, with last param containing remaining unsplit text maxParams int // optional, if set it's an error if the user passes more than this many params
unsplitFinalParam bool // split into at most maxParams, with last param containing unsplit text
} }
// looks up a command in the table of command definitions for a service, resolving aliases // looks up a command in the table of command definitions for a service, resolving aliases
@ -109,7 +110,7 @@ func serviceCmdHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb
params := msg.Params[1:] params := msg.Params[1:]
cmd := lookupServiceCommand(service.Commands, commandName) cmd := lookupServiceCommand(service.Commands, commandName)
// for a maxParams command, join all final parameters together if necessary // for a maxParams command, join all final parameters together if necessary
if cmd != nil && cmd.maxParams != 0 && cmd.maxParams < len(params) { if cmd != nil && cmd.unsplitFinalParam && cmd.maxParams < len(params) {
newParams := make([]string, cmd.maxParams) newParams := make([]string, cmd.maxParams)
copy(newParams, params[:cmd.maxParams-1]) copy(newParams, params[:cmd.maxParams-1])
newParams[cmd.maxParams-1] = strings.Join(params[cmd.maxParams-1:], " ") newParams[cmd.maxParams-1] = strings.Join(params[cmd.maxParams-1:], " ")
@ -130,7 +131,7 @@ func servicePrivmsgHandler(service *ircService, server *Server, client *Client,
commandName := strings.ToLower(params[0]) commandName := strings.ToLower(params[0])
cmd := lookupServiceCommand(service.Commands, commandName) cmd := lookupServiceCommand(service.Commands, commandName)
// reparse if needed // reparse if needed
if cmd != nil && cmd.maxParams != 0 { if cmd != nil && cmd.unsplitFinalParam {
params = utils.FieldsN(message, cmd.maxParams+1)[1:] params = utils.FieldsN(message, cmd.maxParams+1)[1:]
} else { } else {
params = params[1:] params = params[1:]
@ -150,7 +151,7 @@ func serviceRunCommand(service *ircService, server *Server, client *Client, cmd
return return
} }
if len(params) < cmd.minParams { if len(params) < cmd.minParams || (0 < cmd.maxParams && cmd.maxParams < len(params)) {
sendNotice(fmt.Sprintf(client.t("Invalid parameters. For usage, do /msg %[1]s HELP %[2]s"), service.Name, strings.ToUpper(commandName))) sendNotice(fmt.Sprintf(client.t("Invalid parameters. For usage, do /msg %[1]s HELP %[2]s"), service.Name, strings.ToUpper(commandName)))
return return
} }
@ -277,6 +278,10 @@ func initializeServices() {
log.Fatal(fmt.Sprintf("help entry missing for %s command %s", serviceName, commandName)) log.Fatal(fmt.Sprintf("help entry missing for %s command %s", serviceName, commandName))
} }
} }
if commandInfo.maxParams == 0 && commandInfo.unsplitFinalParam {
log.Fatal("unsplitFinalParam requires use of maxParams")
}
} }
} }