3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-12-23 11:12:44 +01:00

Merge pull request #2032 from slingamn/scram.1

recommended default: advertise SCRAM
This commit is contained in:
Shivaram Lingamneni 2023-01-15 04:16:28 -08:00 committed by GitHub
commit b2087977d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 2 deletions

View File

@ -450,6 +450,10 @@ accounts:
# this is useful for compatibility with old clients that don't support SASL
login-via-pass-command: true
# advertise the SCRAM-SHA-256 authentication method. set to false in case of
# compatibility issues with certain clients:
advertise-scram: true
# require-sasl controls whether clients are required to have accounts
# (and sign into them using SASL) to connect to the server
require-sasl:

View File

@ -303,7 +303,7 @@ func (t *ThrottleConfig) UnmarshalYAML(unmarshal func(interface{}) error) (err e
type AccountConfig struct {
Registration AccountRegistrationConfig
AuthenticationEnabled bool `yaml:"authentication-enabled"`
AdvertiseSCRAM bool `yaml:"advertise-scram"` // undocumented, see #1782
AdvertiseSCRAM bool `yaml:"advertise-scram"`
RequireSasl struct {
Enabled bool
Exempted []string
@ -1390,7 +1390,6 @@ func LoadConfig(filename string) (config *Config, err error) {
}
saslCapValue := "PLAIN,EXTERNAL,SCRAM-SHA-256"
// TODO(#1782) clean this up:
if !config.Accounts.AdvertiseSCRAM {
saslCapValue = "PLAIN,EXTERNAL"
}

View File

@ -423,6 +423,10 @@ accounts:
# this is useful for compatibility with old clients that don't support SASL
login-via-pass-command: false
# advertise the SCRAM-SHA-256 authentication method. set to false in case of
# compatibility issues with certain clients:
advertise-scram: true
# require-sasl controls whether clients are required to have accounts
# (and sign into them using SASL) to connect to the server
require-sasl: