mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-01 16:39:26 +01:00
Merge pull request #709 from slingamn/authzid
add more authzid/authcid clarifications
This commit is contained in:
commit
4f8439ac4f
@ -410,36 +410,34 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
|||||||
func authPlainHandler(server *Server, client *Client, mechanism string, value []byte, rb *ResponseBuffer) bool {
|
func authPlainHandler(server *Server, client *Client, mechanism string, value []byte, rb *ResponseBuffer) bool {
|
||||||
splitValue := bytes.Split(value, []byte{'\000'})
|
splitValue := bytes.Split(value, []byte{'\000'})
|
||||||
|
|
||||||
var accountKey, authcid string
|
// PLAIN has separate "authorization ID" (which user you want to become)
|
||||||
|
// and "authentication ID" (whose password you want to use). the first is optional:
|
||||||
nick := client.Nick()
|
// [authzid] \x00 authcid \x00 password
|
||||||
|
var authzid, authcid string
|
||||||
|
|
||||||
if len(splitValue) == 3 {
|
if len(splitValue) == 3 {
|
||||||
accountKey = string(splitValue[0])
|
authzid, authcid = string(splitValue[0]), string(splitValue[1])
|
||||||
authcid = string(splitValue[1])
|
|
||||||
|
|
||||||
if accountKey == "" {
|
if authzid != "" && authcid != authzid {
|
||||||
accountKey = authcid
|
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: authcid and authzid should be the same"))
|
||||||
} else if accountKey != authcid {
|
|
||||||
rb.Add(nil, server.name, ERR_SASLFAIL, nick, client.t("SASL authentication failed: authcid and authzid should be the same"))
|
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
rb.Add(nil, server.name, ERR_SASLFAIL, nick, client.t("SASL authentication failed: Invalid auth blob"))
|
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), client.t("SASL authentication failed: Invalid auth blob"))
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
throttled, remainingTime := client.loginThrottle.Touch()
|
throttled, remainingTime := client.loginThrottle.Touch()
|
||||||
if throttled {
|
if throttled {
|
||||||
rb.Add(nil, server.name, ERR_SASLFAIL, nick, fmt.Sprintf(client.t("Please wait at least %v and try again"), remainingTime))
|
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), fmt.Sprintf(client.t("Please wait at least %v and try again"), remainingTime))
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
password := string(splitValue[2])
|
password := string(splitValue[2])
|
||||||
err := server.accounts.AuthenticateByPassphrase(client, accountKey, password)
|
err := server.accounts.AuthenticateByPassphrase(client, authcid, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
msg := authErrorToMessage(server, err)
|
msg := authErrorToMessage(server, err)
|
||||||
rb.Add(nil, server.name, ERR_SASLFAIL, nick, fmt.Sprintf("%s: %s", client.t("SASL authentication failed"), client.t(msg)))
|
rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(), fmt.Sprintf("%s: %s", client.t("SASL authentication failed"), client.t(msg)))
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user