diff --git a/irc/client.go b/irc/client.go index 68bc680b..75c7b828 100644 --- a/irc/client.go +++ b/irc/client.go @@ -596,7 +596,7 @@ func (client *Client) isAuthorized(server *Server, config *Config, session *Sess return authFailPass } // Tor connections may be required to authenticate with SASL - if session.isTor && config.Server.TorListeners.RequireSasl && !saslSent { + if session.isTor && !saslSent && (config.Server.TorListeners.RequireSasl || server.Defcon() <= 4) { return authFailTorSaslRequired } // finally, enforce require-sasl diff --git a/irc/help.go b/irc/help.go index 60804b2b..5ff28702 100644 --- a/irc/help.go +++ b/irc/help.go @@ -182,7 +182,8 @@ spam or other hostile activity. It has five levels, which are cumulative (i.e., level 3 includes all restrictions from level 4 and so on): 5: Normal operation -4: No new account or channel registrations +4: No new account or channel registrations; if Tor is enabled, no new + unauthenticated connections from Tor 3: All users are +R; no changes to vhosts 2: No new unauthenticated connections; all channels are +R 1: No new connections except from localhost or other trusted IPs`,