3
0
mirror of https://github.com/ergochat/ergo.git synced 2025-01-22 10:14:07 +01:00
Commit Graph

2038 Commits

Author SHA1 Message Date
Shivaram Lingamneni
8b2f6de3e0
Add email-based password reset (#1779)
* Add email-based password reset

Fixes #734

* rename SETPASS to RESETPASS

* review fixes

* abuse mitigations

* SENDPASS and RESETPASS should both touch the client login throttle
* Produce a logline and a sno on SENDPASS (since it actually sends an email)

* don't re-retrieve the settings value

* add email confirmation for NS SET EMAIL

* smtp: if require-tls is disabled, don't validate server cert

* review fixes

* remove cooldown for NS SET EMAIL

If you accidentally set the wrong address, the cooldown would prevent you
from fixing your mistake. Since we touch the registration throttle anyway,
this shouldn't present more of an abuse concern than registration itself.
2021-08-25 22:32:55 -04:00
Shivaram Lingamneni
12947644e2 remove SCRAM-SHA-256 from advertised SASL mechanisms
Advertising SCRAM-SHA-256 breaks irccloud, which doesn't fall back to PLAIN
if it sees SCRAM advertised but SCRAM then fails (as is the case for any
account password hashed on Ergo 2.7 or lower).

Leave a config option for irctest to enable it in the controller.
2021-08-25 18:34:27 -04:00
Shivaram Lingamneni
492109f29d upgrade go to 1.17 2021-08-20 15:59:26 -04:00
Shivaram Lingamneni
fea8cc1b9a
Merge pull request #1778 from ProgVal/empty-realname
Add missing argument to ERR_NEEDMOREPARAMS on USER commands.
2021-08-13 16:58:53 -04:00
Valentin Lorentz
a90fbf9f2c Add missing argument to ERR_NEEDMOREPARAMS on USER commands.
Refs:

* other instances in the codebase
* https://defs.ircdocs.horse/defs/numerics.html#err-needmoreparams-461
* https://modern.ircdocs.horse/#errneedmoreparams-461
2021-08-13 21:10:46 +02:00
Shivaram Lingamneni
0d438dd0d6
Merge pull request #1776 from ProgVal/kick-default-comment
Make kick messages default to the kicker name instead of the kicked
2021-08-13 14:20:17 -04:00
Valentin Lorentz
f33f41b0eb Make kick messages default to the kicker name instead of the kicked
For consistency with RFC2812, Bahamut, Hybrid, Insp, Plexus4, Unreal.
https://datatracker.ietf.org/doc/html/rfc2812#section-3.2.8

At the expense of consistency with chary/solanum, irc2, and ircu2.
2021-08-13 20:16:37 +02:00
Valentin Lorentz
f6f25039b7 Advertise support for multiple KICK targets
This is already implemented, but TARGMAX=KICK:1 says it isn't.

Instead, let's advertise that indefinitely many targets are allowed.
Refs:

* https://defs.ircdocs.horse/defs/isupport.html#targmax
* https://github.com/ircdocs/modern-irc/pull/112
2021-08-13 19:42:03 +02:00
Shivaram Lingamneni
abfb8442ab fix handling of +k with an empty key parameter
This should be disallowed; `MODE #keytest +k :` should just be an error.
2021-08-10 15:11:11 -04:00
Valentin Lorentz
e894c44960 Add missing channel parameter to ERR_INVALIDMODEPARAM. 2021-08-10 20:33:00 +02:00
Shivaram Lingamneni
1c5a485c17
Merge pull request #1768 from slingamn/scram_clientid
fix SCRAM not supporting client IDs
2021-08-03 23:51:10 -04:00
Alex Jaspersen
ecd878c169 Correct help text for NS CLIENTS LOGOUT.
"LOGOUT ALL" logs out all clients for a user.

Fixes #1712.
2021-08-03 18:54:37 -07:00
Shivaram Lingamneni
117401f293 fix SCRAM not supporting client IDs
reported by @Mikaela
2021-08-03 11:47:00 -04:00
Shivaram Lingamneni
1389d89a9b
Merge pull request #1766 from slingamn/allow_truncation
fix incorrect handling of overlong lines when allow-truncation is enabled
2021-08-03 00:40:54 -04:00
Shivaram Lingamneni
cf25e894e1 fix incorrect handling of overlong lines when allow-truncation is enabled 2021-08-02 21:49:42 -04:00
Shivaram Lingamneni
4dd9af8f06 add autogeneration of SCRAM credentials on successful PLAIN 2021-08-02 12:26:58 -04:00
Shivaram Lingamneni
ebe1f84d64 consolidate login throttle checks
We can check once during initialization of the SASL session, e.g.
on receiving `AUTHENTICATE PLAIN` or `AUTHENTICATE EXTERNAL`
2021-07-30 14:06:13 -04:00
Shivaram Lingamneni
41822813c0 clean up redundant check for sasl mechanism 2021-07-30 14:03:40 -04:00
Shivaram Lingamneni
e1401934df implement SCRAM-SHA-256 2021-07-30 12:20:13 -04:00
Shivaram Lingamneni
ef92318282 replace jwt library
Fixes #1762
2021-07-29 16:49:35 -04:00
Shivaram Lingamneni
6851901e20 fix #1756
A default channel mode of +i would block channel creation; fix this by treating
initial joins as SAJOINs.

Note that it's nontrivial to detect initial join in (*Channel).Join, because
having 0 members does not necessarily indicate a new channel.
2021-07-15 06:31:27 -04:00
Shivaram Lingamneni
c99b2be403 fix #1757
Allow SAJOIN or implicit always-on join to override channels.operator-only-creation
2021-07-15 06:27:37 -04:00
99610eae4b add timeCreated to /uban list output 2021-07-14 12:36:45 +05:30
Shivaram Lingamneni
128142ca41
Merge pull request #1753 from slingamn/rename
fix #1751
2021-07-14 02:09:43 -04:00
Shivaram Lingamneni
5b317d4846 fix #1751
RENAME (channel rename) that was a simple case change (e.g.
renaming #chan to #CHAN) would delete the channel :-|
2021-07-13 08:47:16 -04:00
Valentin Lorentz
f58f8531b2 Restore support for multiple channels + single user 2021-07-12 20:59:05 +02:00
Val Lorentz
54c5d35193 Add support for KICK #chan user1,user2
This is one of the two cases of [RFC 2812 kicks](https://datatracker.ietf.org/doc/html/rfc2812#section-3.2.8):
even when there are multiple user targets, the RFC (and Unreal
and Inspircd and probably others) allows a single channel name.
2021-07-10 11:13:52 +02:00
Shivaram Lingamneni
907f82a27e
Merge pull request #1741 from slingamn/greylisting.3
user visible email errors, email timeouts
2021-07-09 07:22:03 -04:00
Shivaram Lingamneni
3fde046a01
Merge pull request #1743 from mogad0n/fix/disconn_sno_help_missing
fix missing disconnect sno help text
2021-07-08 11:04:25 -04:00
Shivaram Lingamneni
29f1afd565
Merge pull request #1742 from slingamn/register_update
update draft/register -> draft/account-registration
2021-07-07 09:17:20 -04:00
b2ea2583f4 add missing disconnect sno help 2021-07-07 18:43:42 +05:30
Shivaram Lingamneni
59bddd066f update draft/register -> draft/account-registration
Fixes #1740
2021-07-07 07:37:46 -04:00
Shivaram Lingamneni
032ca175e4 add support for email timeouts 2021-07-07 07:21:22 -04:00
Shivaram Lingamneni
46572b871f expose a user-visible error if direct email sending fails
See #1659
2021-07-07 07:21:22 -04:00
Shivaram Lingamneni
1c89f996bc fix #1738
Fix error message for privileged NS PASSWD on a nonexistent account
2021-07-06 13:28:25 -04:00
Shivaram Lingamneni
fedf4a9176 add a debug logline for client read errors
May help clarify TLS configuration issues, possibly others too
2021-07-05 03:30:18 -04:00
Shivaram Lingamneni
98c4d0e399
Merge pull request #1735 from slingamn/systemd
support systemd notifications
2021-07-05 03:10:27 -04:00
Shivaram Lingamneni
5fc7ac41da always mark the service ready after rehash 2021-07-04 19:51:35 -04:00
Shivaram Lingamneni
364193df4e refactor some start-stop logging 2021-07-04 17:58:48 -04:00
Shivaram Lingamneni
dbfa704eb2 fix UBAN ADD of masks (k-lines) not killing clients 2021-07-04 08:14:38 -04:00
Shivaram Lingamneni
6f24082705 support systemd notifications
Fixes #1733
2021-07-04 07:41:59 -04:00
Shivaram Lingamneni
188d8c499d
Merge pull request #1728 from mogad0n/session_disconnect_sno
DISCONNECT Sno for always-on and/or multiclient
2021-07-04 02:25:10 -04:00
Shivaram Lingamneni
77bfdd8619
Merge pull request #1723 from slingamn/vhost_validation
fix #1722
2021-07-04 01:41:38 -04:00
Shivaram Lingamneni
d0801e45a8 fix #1731
CHATHISTORY INVALID_TARGETS was missing the subcommand parameter
2021-07-04 01:37:59 -04:00
99cb1fd02c DISCONNECT Sno for always-on and/or multiclient 2021-07-03 04:41:42 +05:30
Kyle Fuller
9adc77498e Include nick in ERR_LISTMODEALREADYSET and ERR_LISTMODENOTSET 2021-07-02 20:09:48 +01:00
Shivaram Lingamneni
0751f31b9e fix #1722
Validate operator vhosts against the configured (or default)
vhosts.valid-regexp
2021-06-29 10:06:37 -04:00
Shivaram Lingamneni
5daabdd226
Merge pull request #1717 from ajaspers/voice
Allow +v users to talk in +R channels.
2021-06-29 09:11:52 -04:00
Alex Jaspersen
ff3f959d52 Allow +v users to talk in +R channels. 2021-06-28 17:27:50 -07:00
Shivaram Lingamneni
b68696eb9b fix #1714
Fix a panic if the operator class title is empty
2021-06-28 01:45:13 -04:00