* nickserv.go: Update FAIL codes to match spec
* handlers.go: Fix FAIL code
* use ACCOUNT_EXISTS for errNameReserved
* bump irctest to development version
---------
Co-authored-by: Valerie Liu <79415174+ValwareIRC@users.noreply.github.com>
getPushSubscriptions() could have a stale view of the latest subscription
renewal and successful push times. We don't want to rebuild on every renewal
or every push, so add a boolean refresh argument that controls rebuilding.
* Gracefully handle NS cert add myself <fp>
A non-operator with the nick "mynick" attempts to register
a fingerprint to their authenticated account.
They /msg NickServ cert add mynick <fingerprint>
NickServ responds with "Insufficient privileges" because
they've accidentally invoked the operator syntax (to action
other accounts).
This patch allows the user to add the fingerprint if the client's
account is identical to the target account.
Signed-off-by: Matt Hamilton <m@tthamilton.com>
* Update nickserv.go
Compare the case-normalized target to Account()
---------
Signed-off-by: Matt Hamilton <m@tthamilton.com>
Co-authored-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
NS SAREGISTER should send machine-readable responses. A simple approach:
check if the account-registration cap is enabled, and if so, send the
the same responses that would be sent by the REGISTER command.
* Add email-based password reset
Fixes#734
* rename SETPASS to RESETPASS
* review fixes
* abuse mitigations
* SENDPASS and RESETPASS should both touch the client login throttle
* Produce a logline and a sno on SENDPASS (since it actually sends an email)
* don't re-retrieve the settings value
* add email confirmation for NS SET EMAIL
* smtp: if require-tls is disabled, don't validate server cert
* review fixes
* remove cooldown for NS SET EMAIL
If you accidentally set the wrong address, the cooldown would prevent you
from fixing your mistake. Since we touch the registration throttle anyway,
this shouldn't present more of an abuse concern than registration itself.
