3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-12-28 05:32:49 +01:00
Commit Graph

174 Commits

Author SHA1 Message Date
Shivaram Lingamneni
9a6cb84b58 fix #943 2020-04-13 11:54:39 -04:00
Shivaram Lingamneni
ae2a92ca9a
Merge pull request #929 from slingamn/verify_rename.1
enforce nick protection immediately after verification
2020-04-06 07:51:53 -07:00
Shivaram Lingamneni
d6e3f188cf enforce nick protection immediately after verification 2020-04-06 02:38:29 -04:00
Shivaram Lingamneni
ee05a4324d fix #920, #921 2020-04-05 03:48:59 -04:00
Shivaram Lingamneni
895a0e6d68 fix #913 2020-03-27 17:52:37 -04:00
Shivaram Lingamneni
b61d258d0c retain nickname protections after unregistration 2020-03-25 16:24:08 -04:00
Shivaram Lingamneni
c238f07543 fix #908 2020-03-25 14:07:43 -04:00
Shivaram Lingamneni
811da03ab5 fix #889 2020-03-20 14:47:40 -04:00
Shivaram Lingamneni
3363076689 fix #793 2020-03-20 14:29:49 -04:00
Shivaram Lingamneni
6d65335071 fix various bugs 2020-03-17 09:07:32 -04:00
Shivaram Lingamneni
edd161ddfd rename config keys from review feedback 2020-03-17 09:04:14 -04:00
Shivaram Lingamneni
26fd3e69a8 fix #749 2020-03-16 13:48:14 -04:00
Shivaram Lingamneni
e7c1800893 fix a spurious error logline
unregistering an always-on client would produce
"attempting to persist logged-out client : x"
because the client was always-on, but also being ejected
2020-03-02 01:54:40 -05:00
Shivaram Lingamneni
3e01e9995b fix #836 2020-03-01 03:39:25 -05:00
Shivaram Lingamneni
db39608bcb change "last signoff" tracking to "last seen"
Explicit quit and ping timeout behave the same way,
but reattach after abandoning/losing the previous session
(without the break being detected server-side) is more aggressive
about replaying missed messages, at the cost of potential duplication.
2020-02-27 02:17:58 -05:00
Shivaram Lingamneni
3a78029809 partial fix for #812 2020-02-26 03:19:14 -05:00
Shivaram Lingamneni
521617559f fix #821
Or try to, anyway
2020-02-26 01:44:05 -05:00
Shivaram Lingamneni
44b79a052c raise passphrase length limit to 300 bytes
For irctest compatibility.

Fixes #775
2020-02-23 00:12:21 -05:00
Shivaram Lingamneni
fb8b73e29a Merge branch 'persistent.14' 2020-02-22 23:10:52 -05:00
Shivaram Lingamneni
91bb7f5877 fix #775 2020-02-21 04:26:17 -05:00
Shivaram Lingamneni
f5ca35ed72 rename 'bouncer' to 'multiclient' 2020-02-21 00:33:55 -05:00
Shivaram Lingamneni
fab0630180 time.Unix still requires normalization to UTC 2020-02-21 00:33:37 -05:00
Shivaram Lingamneni
4472683d58 persist lastSignoff in the database 2020-02-21 00:33:37 -05:00
Shivaram Lingamneni
ef161c47ed use custime.Duration for more config fields 2020-02-20 00:09:39 -05:00
Shivaram Lingamneni
ad32356e34 move authentication data from Client to Session 2020-02-19 00:24:21 -05:00
Shivaram Lingamneni
33dac4c0ba initial persistent history implementation 2020-02-19 00:24:12 -05:00
Shivaram Lingamneni
c13597f807 additional LDAP support 2020-02-11 06:35:17 -05:00
Matt Ouille
5ba2527eb0 Fix compilation errors 2020-02-09 22:13:12 -05:00
Matt Ouille
d4afb027e5 Add LDAP support 2020-02-09 22:13:02 -05:00
Shivaram Lingamneni
5426c9fdc0 disallow TAKE and REQUEST while under a FORBID 2020-02-01 23:51:29 -05:00
Shivaram Lingamneni
e1f56aaee3 fix #764 2020-02-01 22:19:33 -05:00
Shivaram Lingamneni
955cdbdfef impose throttle checks on HS TAKE 2020-01-28 22:27:56 -05:00
Shivaram Lingamneni
05cb80507f fix #741 2020-01-11 22:43:40 -05:00
Shivaram Lingamneni
eb630b7657 Revert "never set the certfp lookup key before verification"
This reverts commit a120cc2443.
2020-01-06 15:00:26 -05:00
Shivaram Lingamneni
a120cc2443 never set the certfp lookup key before verification 2020-01-06 12:53:21 -05:00
Shivaram Lingamneni
1b35c6887f fix #733 2020-01-06 12:21:52 -05:00
Shivaram Lingamneni
f920d3b79f fix #530, #721 2019-12-29 12:05:01 -05:00
Shivaram Lingamneni
68e3b74b79
Merge pull request #717 from slingamn/issue716
fix #716
2019-12-25 21:11:53 -05:00
Shivaram Lingamneni
8c1db7a2f5 better UX for cancelling channel transfers 2019-12-25 15:59:38 -05:00
Shivaram Lingamneni
33c8b2177e fix a bug
In the previous commit, the client would receive a failure message but would
actually remain logged in after an authzid/authcid mismatch. This was a
correctness rather than a security issue, but now it's fixed so that the client
never logs in in the first place.
2019-12-25 15:06:26 -05:00
Shivaram Lingamneni
1487980fe0 Fix #710 2019-12-24 15:03:37 -05:00
Shivaram Lingamneni
7a6925fa3f Merge remote-tracking branch 'origin/master' into issue702 2019-12-23 11:32:15 -05:00
Shivaram Lingamneni
bf5a02f077
Merge pull request #692 from slingamn/issue683_channelpurge.1
chanserv enhancements and miscellaneous fixes
2019-12-22 10:41:24 -05:00
Shivaram Lingamneni
26ca016c66 fix the analogous issue for vhosts 2019-12-21 20:26:40 -05:00
Shivaram Lingamneni
25c4eb2996 fix #702 2019-12-21 20:19:19 -05:00
Shivaram Lingamneni
6740222ecb fix #616 2019-12-18 17:38:14 -05:00
Shivaram Lingamneni
07865b8f63 chanserv enhancements and miscellaneous fixes
* Fix #684
* Fix #683
* Add `CHANSERV CLEAR`
* Allow mode changes from channel founders even when they aren't joined
* Operators with the chanreg capability are exempt from max-channels-per-account
* Small fixes and cleanup
2019-12-16 20:06:52 -05:00
Shivaram Lingamneni
80aa77372b fix spurious error message 2019-07-12 11:49:01 -04:00
Shivaram Lingamneni
1a1d3ff89f fix #410 2019-05-29 04:43:13 -04:00
Shivaram Lingamneni
8794740f89 be more pedantic about distinguishing skeletons and casefolds 2019-05-24 13:09:56 -04:00
Shivaram Lingamneni
851617a4a5 Merge remote-tracking branch 'origin/master' into brb.5 2019-05-22 03:29:18 -04:00
Shivaram Lingamneni
1121e3d320 fix #404 2019-05-22 01:18:22 -04:00
Shivaram Lingamneni
3d445573cf implement draft/resume-0.4 2019-05-21 22:36:37 -04:00
Shivaram Lingamneni
8fc588375b implement user preferences system 2019-05-19 06:17:30 -04:00
Shivaram Lingamneni
5331afbdd4 Merge remote-tracking branch 'origin/master' into compat.4 2019-05-11 21:56:41 -04:00
Shivaram Lingamneni
c193def606 fix some issues found with staticcheck.io 2019-05-10 01:44:14 -04:00
Shivaram Lingamneni
278e4acf57 fix handling of nil session in reattach code 2019-05-09 05:03:21 -04:00
Shivaram Lingamneni
4af783ed9e fix #449 2019-04-14 20:48:50 -04:00
Shivaram Lingamneni
c2faeed4b5 initial implementation of bouncer functionality 2019-04-14 20:48:50 -04:00
Shivaram Lingamneni
63029e2ff5 refactor channel registration 2019-03-12 04:16:16 -04:00
Daniel Oaks
7cf8aaccf6
Merge pull request #352 from slingamn/chanreglimit.1
track channel registrations per account
2019-02-18 07:08:57 +10:00
Daniel Oaks
c604638b7c
Merge pull request #386 from slingamn/regenabled
allow SAREGISTER even when normal registration is fully disabled
2019-02-18 07:08:04 +10:00
Shivaram Lingamneni
a5f04495a1 fix #389 2019-02-15 13:34:09 -05:00
Shivaram Lingamneni
d147708158 allow SAREGISTER even when normal registration is fully disabled 2019-02-14 20:42:02 -05:00
Shivaram Lingamneni
754934b429 unregister should boot clients if sasl is required 2019-02-14 15:42:07 -05:00
Shivaram Lingamneni
7786043275 make the land-grab check case-insensitive 2019-02-13 03:19:47 -05:00
Shivaram Lingamneni
6d690b0e36 add loglines for account registration, login, and unregistration 2019-02-13 02:54:27 -05:00
Shivaram Lingamneni
e4c9351254 fix: set the existing channels unregistered 2019-02-12 02:09:31 -05:00
Shivaram Lingamneni
ff7bbc4a9c track channel registrations per account
* limit the total number of registrations per account
* when an account is unregistered, unregister all its channels
2019-02-06 04:34:45 -05:00
Shivaram Lingamneni
775ead700f prevent nick reservation land-grabs 2019-02-05 20:18:40 -05:00
Shivaram Lingamneni
1c23af8767 add sasl-only config option 2019-02-05 00:51:58 -05:00
Shivaram Lingamneni
35948d2e5b refactor some conditions for clarity 2019-01-31 17:34:06 -05:00
Shivaram Lingamneni
b9b2553a2f use the TR39 skeleton algorithm to prevent confusables (#178) 2019-01-30 21:48:53 -05:00
Shivaram Lingamneni
a52d167278 additional defensive check in EnforcementStatus 2019-01-03 23:44:01 -05:00
Shivaram Lingamneni
f20abf414f don't log an error logline for an incorrect SASL password 2019-01-02 10:29:42 -05:00
Shivaram Lingamneni
2ee89b15b3 per-user settings for nickname enforcement 2019-01-02 10:15:59 -05:00
Shivaram Lingamneni
c2b2559ab4 avoid some uses of Sprintf for loglines 2019-01-02 09:55:45 -05:00
Daniel Oaks
f912f64f21
Merge pull request #304 from slingamn/history.1
draft/resume-0.2 implementation, message history support
2018-12-15 04:37:16 +10:00
Shivaram Lingamneni
48f9b5e4fa implement NS PASSWD for password changes 2018-11-28 18:25:15 -05:00
Shivaram Lingamneni
a0bf548fc5 draft/resume-0.2 implementation, message history support 2018-11-26 05:23:27 -05:00
Shivaram Lingamneni
dfb0a57040 refactor the password hashing / password autoupgrade system 2018-08-06 02:26:21 -04:00
Daniel Oaks
6260869068 Upgrade password hashing.
Previously, we generated and prepended a long salt before generating
password hashes. This resulted in the hash verification cutting off long
before it should do. This form of salting is also not necessary with
bcrypt as it's provided by the password hashing and verification
functions themselves, so totally rip it out.

This commit also adds the functionality for the server to automagically
upgrade users to use the new hashing system, which means better
security and more assurance that people can't bruteforce passwords.

No need to apply a database upgrade to do this, whoo! \o/
2018-08-05 22:51:15 -04:00
Shivaram Lingamneni
cc9941cb07 review fixes, bug fixes 2018-04-23 02:38:35 -04:00
Shivaram Lingamneni
5e62cc4ebc initial vhosts implementation, #183 2018-04-19 03:00:56 -04:00
Daniel Oaks
a95c77bb86 Remove old command line that's no longer valid 2018-04-01 23:07:49 +10:00
Shivaram Lingamneni
fd34c78d6b add sadrop command 2018-03-14 06:50:26 -04:00
Shivaram Lingamneni
679f25491c can't reserve a nick that's the name of an unverified account 2018-03-11 14:40:36 -04:00
Shivaram Lingamneni
47b9fe50be can't register an account with the same name as a registered nick 2018-03-11 13:59:02 -04:00
Shivaram Lingamneni
a022befffe nickserv: implement GHOST, GROUP, DROP, and INFO 2018-03-02 17:05:47 -05:00
Shivaram Lingamneni
a5897baa2b clean up redundant error handling 2018-02-28 17:29:18 -05:00
Shivaram Lingamneni
878f9ca94c fix: store the uncasefolded account name correctly 2018-02-20 04:50:46 -05:00
Shivaram Lingamneni
89ae261739 implement mailto callbacks 2018-02-20 04:20:30 -05:00
Shivaram Lingamneni
988cb22692 changes to nick reservation
* Clients are now renamed, not disconnected, on reservation timeout
* Nick reservation config is now its own subsection
2018-02-18 04:46:14 -05:00
Shivaram Lingamneni
73391f11a6 replace ACC UNREGISTER with nickserv unregister 2018-02-12 01:09:30 -05:00
Shivaram Lingamneni
ad73d68807 refactor account registration, add nick enforcement 2018-02-11 05:30:40 -05:00
Daniel Oaks
e0fa97d344 Get labeled-reply working just fine 2018-02-06 00:21:08 +10:00
Daniel Oaks
2419f69879 Move all errors into errors.go 2018-02-03 22:03:36 +10:00
Daniel Oaks
47d2ce351c Centralise all command handlers in handlers.go 2018-02-03 19:28:02 +10:00
Daniel Oaks
275227a461 Make like every client-facing string translatable 2018-01-22 21:26:01 +10:00
Daniel Oaks
9bfdc4fdfb Move caps to their own package to prevent conflicts 2017-09-29 12:07:52 +10:00