diff --git a/CHANGELOG.md b/CHANGELOG.md index 96c5cf34..8bf8f820 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,8 @@ This project adheres to [Semantic Versioning](http://semver.org/). For the purpo New release of Oragono! ### Config Changes - +* `registration` and `authentication-enabled` keys moved under `accounts` section. + ### Security ### Added diff --git a/irc/accounts.go b/irc/accounts.go index 9ab9b84d..bb1cc55d 100644 --- a/irc/accounts.go +++ b/irc/accounts.go @@ -78,7 +78,7 @@ func loadAccount(server *Server, tx *buntdb.Tx, accountKey string) *ClientAccoun // authenticateHandler parses the AUTHENTICATE command (for SASL authentication). func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool { // sasl abort - if !server.authenticationEnabled || len(msg.Params) == 1 && msg.Params[0] == "*" { + if !server.accountAuthenticationEnabled || len(msg.Params) == 1 && msg.Params[0] == "*" { if client.saslInProgress { client.Send(nil, server.name, ERR_SASLABORTED, client.nick, "SASL authentication aborted") } else { diff --git a/irc/config.go b/irc/config.go index 9ba19a5f..ac354945 100644 --- a/irc/config.go +++ b/irc/config.go @@ -145,10 +145,9 @@ type Config struct { Path string } - AuthenticationEnabled bool `yaml:"authentication-enabled"` - - Registration struct { - Accounts AccountRegistrationConfig + Accounts struct { + Registration AccountRegistrationConfig + AuthenticationEnabled bool `yaml:"authentication-enabled"` } OperClasses map[string]*OperClassConfig `yaml:"oper-classes"` diff --git a/irc/server.go b/irc/server.go index e189cd75..6f2cad19 100644 --- a/irc/server.go +++ b/irc/server.go @@ -80,44 +80,44 @@ type ListenerEvent struct { // Server is the main Oragono server. type Server struct { - accountRegistration *AccountRegistration - accounts map[string]*ClientAccount - authenticationEnabled bool - channels ChannelNameMap - checkIdent bool - clients *ClientLookupSet - commands chan Command - configFilename string - connectionThrottle *ConnectionThrottle - connectionThrottleMutex sync.Mutex // used when affecting the connection limiter, to make sure rehashing doesn't make things go out-of-whack - connectionLimits *ConnectionLimits - connectionLimitsMutex sync.Mutex // used when affecting the connection limiter, to make sure rehashing doesn't make things go out-of-whack - ctime time.Time - currentOpers map[*Client]bool - dlines *DLineManager - idle chan *Client - isupport *ISupportList - klines *KLineManager - limits Limits - listenerEventActMutex sync.Mutex - listeners map[string]ListenerInterface - listenerUpdateMutex sync.Mutex - monitoring map[string][]Client - motdLines []string - name string - nameCasefolded string - networkName string - newConns chan clientConn - operators map[string]Oper - operclasses map[string]OperClass - password []byte - passwords *PasswordManager - rehashMutex sync.Mutex - rehashSignal chan os.Signal - restAPI *RestAPIConfig - signals chan os.Signal - store *buntdb.DB - whoWas *WhoWasList + accountRegistration *AccountRegistration + accounts map[string]*ClientAccount + accountAuthenticationEnabled bool + channels ChannelNameMap + checkIdent bool + clients *ClientLookupSet + commands chan Command + configFilename string + connectionThrottle *ConnectionThrottle + connectionThrottleMutex sync.Mutex // used when affecting the connection limiter, to make sure rehashing doesn't make things go out-of-whack + connectionLimits *ConnectionLimits + connectionLimitsMutex sync.Mutex // used when affecting the connection limiter, to make sure rehashing doesn't make things go out-of-whack + ctime time.Time + currentOpers map[*Client]bool + dlines *DLineManager + idle chan *Client + isupport *ISupportList + klines *KLineManager + limits Limits + listenerEventActMutex sync.Mutex + listeners map[string]ListenerInterface + listenerUpdateMutex sync.Mutex + monitoring map[string][]Client + motdLines []string + name string + nameCasefolded string + networkName string + newConns chan clientConn + operators map[string]Oper + operclasses map[string]OperClass + password []byte + passwords *PasswordManager + rehashMutex sync.Mutex + rehashSignal chan os.Signal + restAPI *RestAPIConfig + signals chan os.Signal + store *buntdb.DB + whoWas *WhoWasList } var ( @@ -150,7 +150,7 @@ func NewServer(configFilename string, config *Config) *Server { } } - if config.AuthenticationEnabled { + if config.Accounts.AuthenticationEnabled { SupportedCapabilities[SASL] = true } @@ -178,17 +178,17 @@ func NewServer(configFilename string, config *Config) *Server { } server := &Server{ - accounts: make(map[string]*ClientAccount), - authenticationEnabled: config.AuthenticationEnabled, - channels: make(ChannelNameMap), - clients: NewClientLookupSet(), - commands: make(chan Command), - configFilename: configFilename, - connectionLimits: connectionLimits, - connectionThrottle: connectionThrottle, - ctime: time.Now(), - currentOpers: make(map[*Client]bool), - idle: make(chan *Client), + accounts: make(map[string]*ClientAccount), + accountAuthenticationEnabled: config.Accounts.AuthenticationEnabled, + channels: make(ChannelNameMap), + clients: NewClientLookupSet(), + commands: make(chan Command), + configFilename: configFilename, + connectionLimits: connectionLimits, + connectionThrottle: connectionThrottle, + ctime: time.Now(), + currentOpers: make(map[*Client]bool), + idle: make(chan *Client), limits: Limits{ AwayLen: int(config.Limits.AwayLen), ChannelLen: int(config.Limits.ChannelLen), @@ -297,7 +297,7 @@ func NewServer(configFilename string, config *Config) *Server { } // registration - accountReg := NewAccountRegistration(config.Registration.Accounts) + accountReg := NewAccountRegistration(config.Accounts.Registration) server.accountRegistration = &accountReg // Attempt to clean up when receiving these signals. @@ -1286,17 +1286,17 @@ func (server *Server) rehash() error { removedCaps := make(CapabilitySet) // SASL - if config.AuthenticationEnabled && !server.authenticationEnabled { + if config.Accounts.AuthenticationEnabled && !server.accountAuthenticationEnabled { // enabling SASL SupportedCapabilities[SASL] = true addedCaps[SASL] = true } - if !config.AuthenticationEnabled && server.authenticationEnabled { + if !config.Accounts.AuthenticationEnabled && server.accountAuthenticationEnabled { // disabling SASL SupportedCapabilities[SASL] = false removedCaps[SASL] = true } - server.authenticationEnabled = config.AuthenticationEnabled + server.accountAuthenticationEnabled = config.Accounts.AuthenticationEnabled // burst new and removed caps var capBurstClients ClientSet @@ -1336,7 +1336,7 @@ func (server *Server) rehash() error { server.checkIdent = config.Server.CheckIdent // registration - accountReg := NewAccountRegistration(config.Registration.Accounts) + accountReg := NewAccountRegistration(config.Accounts.Registration) server.accountRegistration = &accountReg // set RPL_ISUPPORT diff --git a/oragono.yaml b/oragono.yaml index a714597d..be7dd219 100644 --- a/oragono.yaml +++ b/oragono.yaml @@ -97,10 +97,10 @@ server: - "127.0.0.1/8" - "::1/128" -# account/channel registration -registration: +# account options +accounts: # account registration - accounts: + registration: # can users register new accounts? enabled: true @@ -112,8 +112,8 @@ registration: enabled-callbacks: - none # no verification needed, will instantly register successfully -# whether account authentication is enabled -authentication-enabled: true + # is account authentication enabled? + authentication-enabled: true # operator classes oper-classes: