3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-25 13:29:27 +01:00
Or try to, anyway
This commit is contained in:
Shivaram Lingamneni 2020-02-26 01:44:05 -05:00
parent 507f5b7ec3
commit 521617559f
4 changed files with 34 additions and 10 deletions

View File

@ -935,6 +935,12 @@ func (am *AccountManager) checkPassphrase(accountName, passphrase string) (accou
}
func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) (err error) {
if client.registered {
if clientAlready := am.server.clients.Get(accountName); clientAlready != nil && clientAlready.AlwaysOn() {
return errNickAccountMismatch
}
}
var account ClientAccount
defer func() {
@ -1210,6 +1216,11 @@ func (am *AccountManager) AuthenticateByCertFP(client *Client, certfp, authzid s
} else if !clientAccount.Verified {
return errAccountUnverified
}
if client.registered {
if clientAlready := am.server.clients.Get(clientAccount.Name); clientAlready != nil && clientAlready.AlwaysOn() {
return errNickAccountMismatch
}
}
am.Login(client, clientAccount)
return nil
}

View File

@ -42,6 +42,7 @@ var (
errNicknameInUse = errors.New("nickname in use")
errNicknameReserved = errors.New("nickname is reserved")
errCantChangeNick = errors.New(`Always-on clients can't change nicknames`)
errNickAccountMismatch = errors.New(`Your nickname doesn't match your account name`)
errNoExistingBan = errors.New("Ban does not exist")
errNoSuchChannel = errors.New(`No such channel`)
errChannelPurged = errors.New(`This channel was purged by the server operators and cannot be used`)

View File

@ -471,14 +471,19 @@ func nsSetHandler(server *Server, client *Client, command string, params []strin
}
}
case "always-on":
var newValue PersistentStatus
newValue, err = persistentStatusFromString(params[1])
// "opt-in" and "opt-out" don't make sense as user preferences
if err == nil && newValue != PersistentOptIn && newValue != PersistentOptOut {
munger = func(in AccountSettings) (out AccountSettings, err error) {
out = in
out.AlwaysOn = newValue
return
details := client.Details()
if details.nick != details.accountName {
err = errNickAccountMismatch
} else {
var newValue PersistentStatus
newValue, err = persistentStatusFromString(params[1])
// "opt-in" and "opt-out" don't make sense as user preferences
if err == nil && newValue != PersistentOptIn && newValue != PersistentOptOut {
munger = func(in AccountSettings) (out AccountSettings, err error) {
out = in
out.AlwaysOn = newValue
return
}
}
}
case "autoreplay-missed":
@ -515,6 +520,8 @@ func nsSetHandler(server *Server, client *Client, command string, params []strin
displaySetting(params[0], finalSettings, client, rb)
case errInvalidParams, errAccountDoesNotExist, errFeatureDisabled, errAccountUnverified, errAccountUpdateFailed:
nsNotice(rb, client.t(err.Error()))
case errNickAccountMismatch:
nsNotice(rb, fmt.Sprintf(client.t("Your nickname must match your account name %s exactly to modify this setting. Try changing it with /NICK, or logging out and back in with the correct nickname."), client.AccountName()))
default:
// unknown error
nsNotice(rb, client.t("An error occurred"))
@ -601,6 +608,7 @@ func nsIdentifyHandler(server *Server, client *Client, command string, params []
return
}
var err error
loginSuccessful := false
var username, passphrase string
@ -623,18 +631,20 @@ func nsIdentifyHandler(server *Server, client *Client, command string, params []
if !nsLoginThrottleCheck(client, rb) {
return
}
err := server.accounts.AuthenticateByPassphrase(client, username, passphrase)
err = server.accounts.AuthenticateByPassphrase(client, username, passphrase)
loginSuccessful = (err == nil)
}
// try certfp
if !loginSuccessful && rb.session.certfp != "" {
err := server.accounts.AuthenticateByCertFP(client, rb.session.certfp, "")
err = server.accounts.AuthenticateByCertFP(client, rb.session.certfp, "")
loginSuccessful = (err == nil)
}
if loginSuccessful {
sendSuccessfulAccountAuth(client, rb, true, true)
} else if err == errNickAccountMismatch {
nsNotice(rb, client.t("That account is set to always-on; try logging out and logging back in with SASL"))
} else {
nsNotice(rb, client.t("Could not login with your TLS certificate or supplied username/password"))
}

View File

@ -584,6 +584,8 @@ func (server *Server) applyConfig(config *Config) (err error) {
return fmt.Errorf("Datastore path cannot be changed after launching the server, rehash aborted")
} else if globalCasemappingSetting != config.Server.Casemapping {
return fmt.Errorf("Casemapping cannot be changed after launching the server, rehash aborted")
} else if oldConfig.Accounts.Multiclient.AlwaysOn != config.Accounts.Multiclient.AlwaysOn {
return fmt.Errorf("Default always-on setting cannot be changed after launching the server, rehash aborted")
}
}