3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-22 11:59:40 +01:00

config: Fix accounts registration/authentication

This commit is contained in:
Daniel Oaks 2017-03-06 09:43:52 +10:00
parent d1cb4b9b37
commit 3058161f62
5 changed files with 66 additions and 66 deletions

View File

@ -8,6 +8,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). For the purpo
New release of Oragono!
### Config Changes
* `registration` and `authentication-enabled` keys moved under `accounts` section.
### Security

View File

@ -78,7 +78,7 @@ func loadAccount(server *Server, tx *buntdb.Tx, accountKey string) *ClientAccoun
// authenticateHandler parses the AUTHENTICATE command (for SASL authentication).
func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
// sasl abort
if !server.authenticationEnabled || len(msg.Params) == 1 && msg.Params[0] == "*" {
if !server.accountAuthenticationEnabled || len(msg.Params) == 1 && msg.Params[0] == "*" {
if client.saslInProgress {
client.Send(nil, server.name, ERR_SASLABORTED, client.nick, "SASL authentication aborted")
} else {

View File

@ -145,10 +145,9 @@ type Config struct {
Path string
}
Accounts struct {
Registration AccountRegistrationConfig
AuthenticationEnabled bool `yaml:"authentication-enabled"`
Registration struct {
Accounts AccountRegistrationConfig
}
OperClasses map[string]*OperClassConfig `yaml:"oper-classes"`

View File

@ -82,7 +82,7 @@ type ListenerEvent struct {
type Server struct {
accountRegistration *AccountRegistration
accounts map[string]*ClientAccount
authenticationEnabled bool
accountAuthenticationEnabled bool
channels ChannelNameMap
checkIdent bool
clients *ClientLookupSet
@ -150,7 +150,7 @@ func NewServer(configFilename string, config *Config) *Server {
}
}
if config.AuthenticationEnabled {
if config.Accounts.AuthenticationEnabled {
SupportedCapabilities[SASL] = true
}
@ -179,7 +179,7 @@ func NewServer(configFilename string, config *Config) *Server {
server := &Server{
accounts: make(map[string]*ClientAccount),
authenticationEnabled: config.AuthenticationEnabled,
accountAuthenticationEnabled: config.Accounts.AuthenticationEnabled,
channels: make(ChannelNameMap),
clients: NewClientLookupSet(),
commands: make(chan Command),
@ -297,7 +297,7 @@ func NewServer(configFilename string, config *Config) *Server {
}
// registration
accountReg := NewAccountRegistration(config.Registration.Accounts)
accountReg := NewAccountRegistration(config.Accounts.Registration)
server.accountRegistration = &accountReg
// Attempt to clean up when receiving these signals.
@ -1286,17 +1286,17 @@ func (server *Server) rehash() error {
removedCaps := make(CapabilitySet)
// SASL
if config.AuthenticationEnabled && !server.authenticationEnabled {
if config.Accounts.AuthenticationEnabled && !server.accountAuthenticationEnabled {
// enabling SASL
SupportedCapabilities[SASL] = true
addedCaps[SASL] = true
}
if !config.AuthenticationEnabled && server.authenticationEnabled {
if !config.Accounts.AuthenticationEnabled && server.accountAuthenticationEnabled {
// disabling SASL
SupportedCapabilities[SASL] = false
removedCaps[SASL] = true
}
server.authenticationEnabled = config.AuthenticationEnabled
server.accountAuthenticationEnabled = config.Accounts.AuthenticationEnabled
// burst new and removed caps
var capBurstClients ClientSet
@ -1336,7 +1336,7 @@ func (server *Server) rehash() error {
server.checkIdent = config.Server.CheckIdent
// registration
accountReg := NewAccountRegistration(config.Registration.Accounts)
accountReg := NewAccountRegistration(config.Accounts.Registration)
server.accountRegistration = &accountReg
// set RPL_ISUPPORT

View File

@ -97,10 +97,10 @@ server:
- "127.0.0.1/8"
- "::1/128"
# account/channel registration
registration:
# account registration
# account options
accounts:
# account registration
registration:
# can users register new accounts?
enabled: true
@ -112,7 +112,7 @@ registration:
enabled-callbacks:
- none # no verification needed, will instantly register successfully
# whether account authentication is enabled
# is account authentication enabled?
authentication-enabled: true
# operator classes