Shivaram Lingamneni
67f35e5c8a
fix #858 and #383
2020-05-12 12:05:40 -04:00
Alex Jaspersen
b363a01a6f
Read accounts and grouped nicks in same transaction.
2020-05-04 02:20:28 +00:00
Alex Jaspersen
73bea0168d
Read account names and additional nicknames from the db to avoid casefolding issues.
2020-05-04 02:14:55 +00:00
Alex Jaspersen
6019ed1e29
Add ChanServ and NickServ LIST commands.
...
These commands search the registered nicknames/channels for ones
matching the provided regex, or return the entire list.
Only operators with chanreg (for ChanServ) or accreg (for NickServ)
capabilities can use LIST.
2020-05-04 00:51:39 +00:00
Shivaram Lingamneni
f87b71b93f
fix #962
2020-04-24 15:39:39 -04:00
Shivaram Lingamneni
9a6cb84b58
fix #943
2020-04-13 11:54:39 -04:00
Shivaram Lingamneni
ae2a92ca9a
Merge pull request #929 from slingamn/verify_rename.1
...
enforce nick protection immediately after verification
2020-04-06 07:51:53 -07:00
Shivaram Lingamneni
d6e3f188cf
enforce nick protection immediately after verification
2020-04-06 02:38:29 -04:00
Shivaram Lingamneni
ee05a4324d
fix #920 , #921
2020-04-05 03:48:59 -04:00
Shivaram Lingamneni
895a0e6d68
fix #913
2020-03-27 17:52:37 -04:00
Shivaram Lingamneni
b61d258d0c
retain nickname protections after unregistration
2020-03-25 16:24:08 -04:00
Shivaram Lingamneni
c238f07543
fix #908
2020-03-25 14:07:43 -04:00
Shivaram Lingamneni
811da03ab5
fix #889
2020-03-20 14:47:40 -04:00
Shivaram Lingamneni
3363076689
fix #793
2020-03-20 14:29:49 -04:00
Shivaram Lingamneni
6d65335071
fix various bugs
2020-03-17 09:07:32 -04:00
Shivaram Lingamneni
edd161ddfd
rename config keys from review feedback
2020-03-17 09:04:14 -04:00
Shivaram Lingamneni
26fd3e69a8
fix #749
2020-03-16 13:48:14 -04:00
Shivaram Lingamneni
e7c1800893
fix a spurious error logline
...
unregistering an always-on client would produce
"attempting to persist logged-out client : x"
because the client was always-on, but also being ejected
2020-03-02 01:54:40 -05:00
Shivaram Lingamneni
3e01e9995b
fix #836
2020-03-01 03:39:25 -05:00
Shivaram Lingamneni
db39608bcb
change "last signoff" tracking to "last seen"
...
Explicit quit and ping timeout behave the same way,
but reattach after abandoning/losing the previous session
(without the break being detected server-side) is more aggressive
about replaying missed messages, at the cost of potential duplication.
2020-02-27 02:17:58 -05:00
Shivaram Lingamneni
3a78029809
partial fix for #812
2020-02-26 03:19:14 -05:00
Shivaram Lingamneni
521617559f
fix #821
...
Or try to, anyway
2020-02-26 01:44:05 -05:00
Shivaram Lingamneni
44b79a052c
raise passphrase length limit to 300 bytes
...
For irctest compatibility.
Fixes #775
2020-02-23 00:12:21 -05:00
Shivaram Lingamneni
fb8b73e29a
Merge branch 'persistent.14'
2020-02-22 23:10:52 -05:00
Shivaram Lingamneni
91bb7f5877
fix #775
2020-02-21 04:26:17 -05:00
Shivaram Lingamneni
f5ca35ed72
rename 'bouncer' to 'multiclient'
2020-02-21 00:33:55 -05:00
Shivaram Lingamneni
fab0630180
time.Unix still requires normalization to UTC
2020-02-21 00:33:37 -05:00
Shivaram Lingamneni
4472683d58
persist lastSignoff in the database
2020-02-21 00:33:37 -05:00
Shivaram Lingamneni
ef161c47ed
use custime.Duration for more config fields
2020-02-20 00:09:39 -05:00
Shivaram Lingamneni
ad32356e34
move authentication data from Client to Session
2020-02-19 00:24:21 -05:00
Shivaram Lingamneni
33dac4c0ba
initial persistent history implementation
2020-02-19 00:24:12 -05:00
Shivaram Lingamneni
c13597f807
additional LDAP support
2020-02-11 06:35:17 -05:00
Matt Ouille
5ba2527eb0
Fix compilation errors
2020-02-09 22:13:12 -05:00
Matt Ouille
d4afb027e5
Add LDAP support
2020-02-09 22:13:02 -05:00
Shivaram Lingamneni
5426c9fdc0
disallow TAKE and REQUEST while under a FORBID
2020-02-01 23:51:29 -05:00
Shivaram Lingamneni
e1f56aaee3
fix #764
2020-02-01 22:19:33 -05:00
Shivaram Lingamneni
955cdbdfef
impose throttle checks on HS TAKE
2020-01-28 22:27:56 -05:00
Shivaram Lingamneni
05cb80507f
fix #741
2020-01-11 22:43:40 -05:00
Shivaram Lingamneni
eb630b7657
Revert "never set the certfp lookup key before verification"
...
This reverts commit a120cc2443
.
2020-01-06 15:00:26 -05:00
Shivaram Lingamneni
a120cc2443
never set the certfp lookup key before verification
2020-01-06 12:53:21 -05:00
Shivaram Lingamneni
1b35c6887f
fix #733
2020-01-06 12:21:52 -05:00
Shivaram Lingamneni
f920d3b79f
fix #530 , #721
2019-12-29 12:05:01 -05:00
Shivaram Lingamneni
68e3b74b79
Merge pull request #717 from slingamn/issue716
...
fix #716
2019-12-25 21:11:53 -05:00
Shivaram Lingamneni
8c1db7a2f5
better UX for cancelling channel transfers
2019-12-25 15:59:38 -05:00
Shivaram Lingamneni
33c8b2177e
fix a bug
...
In the previous commit, the client would receive a failure message but would
actually remain logged in after an authzid/authcid mismatch. This was a
correctness rather than a security issue, but now it's fixed so that the client
never logs in in the first place.
2019-12-25 15:06:26 -05:00
Shivaram Lingamneni
1487980fe0
Fix #710
2019-12-24 15:03:37 -05:00
Shivaram Lingamneni
7a6925fa3f
Merge remote-tracking branch 'origin/master' into issue702
2019-12-23 11:32:15 -05:00
Shivaram Lingamneni
bf5a02f077
Merge pull request #692 from slingamn/issue683_channelpurge.1
...
chanserv enhancements and miscellaneous fixes
2019-12-22 10:41:24 -05:00
Shivaram Lingamneni
26ca016c66
fix the analogous issue for vhosts
2019-12-21 20:26:40 -05:00
Shivaram Lingamneni
25c4eb2996
fix #702
2019-12-21 20:19:19 -05:00
Shivaram Lingamneni
6740222ecb
fix #616
2019-12-18 17:38:14 -05:00
Shivaram Lingamneni
07865b8f63
chanserv enhancements and miscellaneous fixes
...
* Fix #684
* Fix #683
* Add `CHANSERV CLEAR`
* Allow mode changes from channel founders even when they aren't joined
* Operators with the chanreg capability are exempt from max-channels-per-account
* Small fixes and cleanup
2019-12-16 20:06:52 -05:00
Shivaram Lingamneni
80aa77372b
fix spurious error message
2019-07-12 11:49:01 -04:00
Shivaram Lingamneni
1a1d3ff89f
fix #410
2019-05-29 04:43:13 -04:00
Shivaram Lingamneni
8794740f89
be more pedantic about distinguishing skeletons and casefolds
2019-05-24 13:09:56 -04:00
Shivaram Lingamneni
851617a4a5
Merge remote-tracking branch 'origin/master' into brb.5
2019-05-22 03:29:18 -04:00
Shivaram Lingamneni
1121e3d320
fix #404
2019-05-22 01:18:22 -04:00
Shivaram Lingamneni
3d445573cf
implement draft/resume-0.4
2019-05-21 22:36:37 -04:00
Shivaram Lingamneni
8fc588375b
implement user preferences system
2019-05-19 06:17:30 -04:00
Shivaram Lingamneni
5331afbdd4
Merge remote-tracking branch 'origin/master' into compat.4
2019-05-11 21:56:41 -04:00
Shivaram Lingamneni
c193def606
fix some issues found with staticcheck.io
2019-05-10 01:44:14 -04:00
Shivaram Lingamneni
278e4acf57
fix handling of nil session in reattach code
2019-05-09 05:03:21 -04:00
Shivaram Lingamneni
4af783ed9e
fix #449
2019-04-14 20:48:50 -04:00
Shivaram Lingamneni
c2faeed4b5
initial implementation of bouncer functionality
2019-04-14 20:48:50 -04:00
Shivaram Lingamneni
63029e2ff5
refactor channel registration
2019-03-12 04:16:16 -04:00
Daniel Oaks
7cf8aaccf6
Merge pull request #352 from slingamn/chanreglimit.1
...
track channel registrations per account
2019-02-18 07:08:57 +10:00
Daniel Oaks
c604638b7c
Merge pull request #386 from slingamn/regenabled
...
allow SAREGISTER even when normal registration is fully disabled
2019-02-18 07:08:04 +10:00
Shivaram Lingamneni
a5f04495a1
fix #389
2019-02-15 13:34:09 -05:00
Shivaram Lingamneni
d147708158
allow SAREGISTER even when normal registration is fully disabled
2019-02-14 20:42:02 -05:00
Shivaram Lingamneni
754934b429
unregister should boot clients if sasl is required
2019-02-14 15:42:07 -05:00
Shivaram Lingamneni
7786043275
make the land-grab check case-insensitive
2019-02-13 03:19:47 -05:00
Shivaram Lingamneni
6d690b0e36
add loglines for account registration, login, and unregistration
2019-02-13 02:54:27 -05:00
Shivaram Lingamneni
e4c9351254
fix: set the existing channels unregistered
2019-02-12 02:09:31 -05:00
Shivaram Lingamneni
ff7bbc4a9c
track channel registrations per account
...
* limit the total number of registrations per account
* when an account is unregistered, unregister all its channels
2019-02-06 04:34:45 -05:00
Shivaram Lingamneni
775ead700f
prevent nick reservation land-grabs
2019-02-05 20:18:40 -05:00
Shivaram Lingamneni
1c23af8767
add sasl-only config option
2019-02-05 00:51:58 -05:00
Shivaram Lingamneni
35948d2e5b
refactor some conditions for clarity
2019-01-31 17:34:06 -05:00
Shivaram Lingamneni
b9b2553a2f
use the TR39 skeleton algorithm to prevent confusables ( #178 )
2019-01-30 21:48:53 -05:00
Shivaram Lingamneni
a52d167278
additional defensive check in EnforcementStatus
2019-01-03 23:44:01 -05:00
Shivaram Lingamneni
f20abf414f
don't log an error logline for an incorrect SASL password
2019-01-02 10:29:42 -05:00
Shivaram Lingamneni
2ee89b15b3
per-user settings for nickname enforcement
2019-01-02 10:15:59 -05:00
Shivaram Lingamneni
c2b2559ab4
avoid some uses of Sprintf for loglines
2019-01-02 09:55:45 -05:00
Daniel Oaks
f912f64f21
Merge pull request #304 from slingamn/history.1
...
draft/resume-0.2 implementation, message history support
2018-12-15 04:37:16 +10:00
Shivaram Lingamneni
48f9b5e4fa
implement NS PASSWD for password changes
2018-11-28 18:25:15 -05:00
Shivaram Lingamneni
a0bf548fc5
draft/resume-0.2 implementation, message history support
2018-11-26 05:23:27 -05:00
Shivaram Lingamneni
dfb0a57040
refactor the password hashing / password autoupgrade system
2018-08-06 02:26:21 -04:00
Daniel Oaks
6260869068
Upgrade password hashing.
...
Previously, we generated and prepended a long salt before generating
password hashes. This resulted in the hash verification cutting off long
before it should do. This form of salting is also not necessary with
bcrypt as it's provided by the password hashing and verification
functions themselves, so totally rip it out.
This commit also adds the functionality for the server to automagically
upgrade users to use the new hashing system, which means better
security and more assurance that people can't bruteforce passwords.
No need to apply a database upgrade to do this, whoo! \o/
2018-08-05 22:51:15 -04:00
Shivaram Lingamneni
cc9941cb07
review fixes, bug fixes
2018-04-23 02:38:35 -04:00
Shivaram Lingamneni
5e62cc4ebc
initial vhosts implementation, #183
2018-04-19 03:00:56 -04:00
Daniel Oaks
a95c77bb86
Remove old command line that's no longer valid
2018-04-01 23:07:49 +10:00
Shivaram Lingamneni
fd34c78d6b
add sadrop command
2018-03-14 06:50:26 -04:00
Shivaram Lingamneni
679f25491c
can't reserve a nick that's the name of an unverified account
2018-03-11 14:40:36 -04:00
Shivaram Lingamneni
47b9fe50be
can't register an account with the same name as a registered nick
2018-03-11 13:59:02 -04:00
Shivaram Lingamneni
a022befffe
nickserv: implement GHOST, GROUP, DROP, and INFO
2018-03-02 17:05:47 -05:00
Shivaram Lingamneni
a5897baa2b
clean up redundant error handling
2018-02-28 17:29:18 -05:00
Shivaram Lingamneni
878f9ca94c
fix: store the uncasefolded account name correctly
2018-02-20 04:50:46 -05:00
Shivaram Lingamneni
89ae261739
implement mailto callbacks
2018-02-20 04:20:30 -05:00
Shivaram Lingamneni
988cb22692
changes to nick reservation
...
* Clients are now renamed, not disconnected, on reservation timeout
* Nick reservation config is now its own subsection
2018-02-18 04:46:14 -05:00
Shivaram Lingamneni
73391f11a6
replace ACC UNREGISTER with nickserv unregister
2018-02-12 01:09:30 -05:00
Shivaram Lingamneni
ad73d68807
refactor account registration, add nick enforcement
2018-02-11 05:30:40 -05:00