3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-11 06:29:29 +01:00

Merge pull request #1450 from slingamn/tor_defcon

DEFCON 4 and lower should require SASL from Tor users
This commit is contained in:
Shivaram Lingamneni 2020-12-13 20:06:30 -05:00 committed by GitHub
commit 9033d97c6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions

View File

@ -596,7 +596,7 @@ func (client *Client) isAuthorized(server *Server, config *Config, session *Sess
return authFailPass
}
// Tor connections may be required to authenticate with SASL
if session.isTor && config.Server.TorListeners.RequireSasl && !saslSent {
if session.isTor && !saslSent && (config.Server.TorListeners.RequireSasl || server.Defcon() <= 4) {
return authFailTorSaslRequired
}
// finally, enforce require-sasl

View File

@ -182,7 +182,8 @@ spam or other hostile activity. It has five levels, which are cumulative
(i.e., level 3 includes all restrictions from level 4 and so on):
5: Normal operation
4: No new account or channel registrations
4: No new account or channel registrations; if Tor is enabled, no new
unauthenticated connections from Tor
3: All users are +R; no changes to vhosts
2: No new unauthenticated connections; all channels are +R
1: No new connections except from localhost or other trusted IPs`,