From d6e3f188cf2bf68d8869bc4732f4dbe845ad3148 Mon Sep 17 00:00:00 2001 From: Shivaram Lingamneni Date: Mon, 6 Apr 2020 00:06:06 -0400 Subject: [PATCH] enforce nick protection immediately after verification --- irc/accounts.go | 15 ++++++++++++++- irc/nickname.go | 4 ++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/irc/accounts.go b/irc/accounts.go index 0626e4b7..35227c3c 100644 --- a/irc/accounts.go +++ b/irc/accounts.go @@ -750,6 +750,7 @@ func (am *AccountManager) dispatchMailtoCallback(client *Client, casefoldedAccou func (am *AccountManager) Verify(client *Client, account string, code string) error { casefoldedAccount, err := CasefoldName(account) + var skeleton string if err != nil || account == "" || account == "*" { return errAccountVerificationFailed } @@ -820,7 +821,7 @@ func (am *AccountManager) Verify(client *Client, account string, code string) er }) if err == nil { - skeleton, _ := Skeleton(raw.Name) + skeleton, _ = Skeleton(raw.Name) am.Lock() am.nickToAccount[casefoldedAccount] = casefoldedAccount am.skeletonToAccount[skeleton] = casefoldedAccount @@ -845,6 +846,18 @@ func (am *AccountManager) Verify(client *Client, account string, code string) er if client != nil { am.Login(client, clientAccount) } + _, method := am.EnforcementStatus(casefoldedAccount, skeleton) + if method != NickEnforcementNone { + currentClient := am.server.clients.Get(casefoldedAccount) + if currentClient == nil || currentClient == client || currentClient.Account() == casefoldedAccount { + return nil + } + if method == NickEnforcementStrict { + am.server.RandomlyRename(currentClient) + } else if method == NickEnforcementWithTimeout { + currentClient.nickTimer.Touch(nil) + } + } return nil } diff --git a/irc/nickname.go b/irc/nickname.go index 2dd7ae33..a49a2137 100644 --- a/irc/nickname.go +++ b/irc/nickname.go @@ -98,6 +98,10 @@ func (server *Server) RandomlyRename(client *Client) { nick := strings.Replace(format, "*", utils.B32Encoder.EncodeToString(buf), -1) sessions := client.Sessions() if len(sessions) == 0 { + // this can happen if they are anonymous and BRB (in general, an always-on + // client has title to its nickname and will never be the victim of + // a call to RandomlyRename) + client.destroy(nil) return } // XXX arbitrarily pick the first session to receive error messages;