3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-23 04:19:25 +01:00
Commit Graph

2259 Commits

Author SHA1 Message Date
Shivaram Lingamneni
218f6f2454 fix login throttle handling
We were checking the login throttle at the beginning of every SASL
conversation. This had several problems:

1. Pidgin (on Windows?) tries every mechanism in order, regardless of
the CAP advertisement. It would use up the default throttle allowance
trying unsupported mechanisms like CRAM-MD5.
2. The throttle was actually checked twice for AUTHENTICATE PLAIN
(once at the start of the conversation and once in AuthenticateByPassphrase).

The general pattern here is that we should check the throttle every time we
do something "expensive" (bcrypt verification, send a reset email) or
"dangerous" (anything that could lead to a bruteforce attack on passwords).
Therefore, delete the check from the AUTHENTICATE handler, and add one at
the beginning of the SCRAM conversation to replace it.
2024-05-26 05:19:41 -04:00
Shivaram Lingamneni
6abb291290 fix deadlock on channel state mutex 2024-05-06 02:32:40 -04:00
Shivaram Lingamneni
40ceb4956c
Merge pull request #2145 from slingamn/issue2144
fix #2144
2024-04-15 03:22:19 +02:00
Shivaram Lingamneni
74fa04c5ea
Merge pull request #2143 from slingamn/emailsending.1
fix #2142
2024-04-15 03:22:06 +02:00
Shivaram Lingamneni
f96f918ff1 fix #2144
RPL_NAMREPLY should send = for normal channels and @ for secret channels,
as per Modern docs.
2024-04-13 21:51:59 -04:00
Shivaram Lingamneni
7726160ec7 add a config switch to accept hostnames from WEBIRC
See #1686; this allows i2pd to pass the i2p address to Ergo, which may be
useful for moderation under some circumstances.
2024-04-13 21:43:41 -04:00
Shivaram Lingamneni
b426dd8f93 fix #2142
Allow specifying TCP4 or TCP6 for outgoing email sending, or choosing a
specific local address to send from.
2024-04-07 15:47:01 -04:00
Shivaram Lingamneni
3d2f014d4c fix #2139
Database backup filenames contained a colon character, which is disallowed
on Windows; use period instead
2024-03-29 12:32:42 -04:00
Shivaram Lingamneni
d56e4ea301
Merge pull request #2136 from slingamn/issue2135_nicknameinuse
fix #2135
2024-03-20 10:48:27 -04:00
Shivaram Lingamneni
8d082865da
fix #2133 (#2137)
* fix #2133

Don't record NICK and QUIT in history for invisible auditorium members
2024-03-17 11:42:39 -04:00
Shivaram Lingamneni
837f6ac1a2 fix #2135
Handling of reserved nicknames is special-cased due to #1594, but we want to send
ERR_NICKNAMEINUSE if the nickname is actually in use, since that doesn't pose any
client compatibility problems.
2024-03-11 01:32:39 -04:00
Shivaram Lingamneni
681e8b1292
fix #2129 (#2132)
* fix #2129

Don't print the values of environment variable overrides, just the keys

* fix unit tests
2024-02-25 10:05:36 -05:00
Shivaram Lingamneni
78f342655d clean up dead code 2024-02-25 03:52:52 -05:00
Shivaram Lingamneni
cab192e2af fix #2130
We load registered channels unconditionally; reloading them again on rehash
is incorrect. This caused buggy behavior when channel registration was
disabled in the config, but some registered channels were already loaded.
2024-02-25 03:34:21 -05:00
Matt Hamilton
c67835ce5c
Gracefully handle NS cert add myself <fp> (#2128)
* Gracefully handle NS cert add myself <fp>

A non-operator with the nick "mynick" attempts to register
a fingerprint to their authenticated account.

They /msg NickServ cert add mynick <fingerprint>

NickServ responds with "Insufficient privileges" because
they've accidentally invoked the operator syntax (to action
other accounts).

This patch allows the user to add the fingerprint if the client's
account is identical to the target account.

Signed-off-by: Matt Hamilton <m@tthamilton.com>

* Update nickserv.go

Compare the case-normalized target to Account()

---------

Signed-off-by: Matt Hamilton <m@tthamilton.com>
Co-authored-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
2024-02-14 09:56:37 -05:00
Shivaram Lingamneni
7afd6dbc74 bearer: close open jwt key files 2024-02-13 21:32:37 -05:00
Shivaram Lingamneni
ee7f818674
implement SASL OAUTHBEARER and draft/bearer (#2122)
* implement SASL OAUTHBEARER and draft/bearer
* Upgrade JWT lib
* Fix an edge case in SASL EXTERNAL
* Accept longer SASL responses
* review fix: allow multiple token definitions
* enhance tests
* use SASL utilities from irc-go
* test expired tokens
2024-02-13 18:58:32 -05:00
Shivaram Lingamneni
f691b8c058 pull out max parameters constant in isupport impl 2024-02-11 12:38:49 -05:00
Shivaram Lingamneni
6b7bfe0c09 set up new development version 2024-02-11 00:12:22 -05:00
Shivaram Lingamneni
921651f664 fix #2123
Add a configurable limit on realname length
2024-02-08 00:03:12 -05:00
Shivaram Lingamneni
010875ec9a bump version and changelog for v2.13.0 2024-01-14 17:40:50 -05:00
Shivaram Lingamneni
24cf5fac45 fix #2101 2024-01-07 00:38:10 -05:00
Shivaram Lingamneni
d238eaac67 bump version and changelog for 2.13.0-rc1 2024-01-07 00:30:39 -05:00
Shivaram Lingamneni
dfe2a21b17 add panic handler to async client/channel writes
See #2113 for motivation
2024-01-05 00:18:46 -05:00
Shivaram Lingamneni
580fc7096d fix #2114
Channels with slashes (or other relaymsg separators) in their names
were being falsely detected as relaymsg identifiers.
2024-01-04 01:02:10 -05:00
Shivaram Lingamneni
4aa1aa371d fix #2113
Persisting always-on clients was panicking if client X believed it was
a member of channel Y, but channel Y didn't have a record of client X.
2024-01-03 10:52:34 -05:00
Shivaram Lingamneni
ce162e9279
fix #2109 (#2111)
Remove numerics associated with the retired ACC spec
2023-12-21 01:10:50 -05:00
Shivaram Lingamneni
97d6f9eddb
Merge pull request #2110 from slingamn/msgid
fix #2108
2023-12-21 01:10:24 -05:00
Shivaram Lingamneni
8d80cb52e6 include a fixed test vector in password tests 2023-12-20 23:28:55 -05:00
Shivaram Lingamneni
e11bda643e fix #2108
Send Message-ID even if DKIM is not enabled, for compatibility with Gmail:

* A workaround for Ergo 2.12.0 is to enable DKIM
* You need to enable either DKIM or SPF (preferably both) to send to Gmail anyway
* You also need forward-confirmed reverse DNS, which can be tricky for IPv6...
2023-12-20 22:18:48 -05:00
Shivaram Lingamneni
5671ee2a36 set up new development version 2023-10-11 11:20:45 -04:00
Shivaram Lingamneni
4d9e80fe5b bump version and changelog for v2.12.0 2023-10-10 22:11:15 -04:00
Val Lorentz
ddb804b622
Fix typo in ACCOUNT_NAME_MUST_BE_NICK code 2023-09-24 14:16:49 +02:00
Shivaram Lingamneni
29b4be83bc bump version for v2.12.0-rc1 2023-09-17 23:07:54 -04:00
Shivaram Lingamneni
2013beb7c8
fix #1997 (#2088)
* Fix #1997 (allow the use of an external file for the email blacklist)
* Change config key names for blacklist (compatibility break)
* Accept globs rather than regexes for blacklist by default
* Blacklist comparison is now case-insensitive
2023-09-12 01:06:55 -04:00
Shivaram Lingamneni
f07707dfbc
Merge pull request #2083 from slingamn/nonames.2
implement draft/no-implicit-names
2023-08-16 08:47:05 -07:00
Shivaram Lingamneni
f77d430d25 use maps.Clone from go1.21 2023-08-15 20:57:52 -04:00
Shivaram Lingamneni
28d9a7ff63 use slices.Contains from go1.21 2023-08-15 20:55:09 -04:00
Shivaram Lingamneni
b3abd0bf1d use slices.Reverse from go1.21 2023-08-15 20:45:00 -04:00
Shivaram Lingamneni
3f74612e2b implement draft/no-implicit-names 2023-08-15 20:29:57 -04:00
Shivaram Lingamneni
75bd63d0bc add channel autojoin feature
See discussion on #2077
2023-07-04 21:44:18 -04:00
Shivaram Lingamneni
ad3ad97047 upgrade to irc-go v0.4.0 2023-06-14 02:46:14 -04:00
Shivaram Lingamneni
0f39fde647 remove insecure reattach check
See #2013; given that plaintext is deprecated now, it seems like there is no
added value from continuing to police this.
2023-06-05 04:22:40 -04:00
Shivaram Lingamneni
f100c1d0fa fix incorrect chathistory batch types
This was introduced in 38a6d17ee5
2023-06-02 06:56:45 -04:00
Shivaram Lingamneni
60af8ee491 clean up force-trailing logic 2023-06-02 02:58:09 -04:00
Shivaram Lingamneni
38a6d17ee5 clean up nested batch logic 2023-06-01 06:29:22 -04:00
Shivaram Lingamneni
d082ec7ab9
don't send multiline responses to CAP LS 301 (#2068)
* don't send multiline responses to CAP LS 301

This is more or less explicitly prohibited by the spec:

https://ircv3.net/specs/extensions/capability-negotiation.html#multiline-replies-to-cap-ls-and-cap-list

* switch to whitelist model to be future-proof

* bump irctest to include test

* add a unit test
2023-05-31 23:22:16 -04:00
Shivaram Lingamneni
3e68694760
Merge pull request #2067 from slingamn/issue2066
fix #2066
2023-05-30 23:12:19 -07:00
Val Lorentz
48f8c341d7
Implement draft/message-redaction (#2065)
* Makefile: Add dependencies between targets

* Implement draft/message-redaction for channels

Permission to use REDACT mirrors permission for 'HistServ DELETE'

* Error when the given targetmsg does not exist

* gofmt

* Add CanDelete enum type

* gofmt

* Add support for PMs

* Fix documentation of allow-individual-delete.

* Remove 'TODO: add configurable fallback'

slingamn says it's probably not desirable, and I'm on the fence.
Out of laziness, let's omit it for now, as it's not a regression
compared to '/msg HistServ DELETE'.

* Revert "Makefile: Add dependencies between targets"

This reverts commit 2182b1da69.

---------

Co-authored-by: Val Lorentz <progval+git+ergo@progval.net>
2023-05-31 01:16:14 -04:00
Shivaram Lingamneni
00cfe98461 fix #2066
CHATHISTORY TARGETS response should not be in a batch unless the client has
explicitly requested the batch cap.
2023-05-29 22:22:01 -04:00