3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-25 05:19:25 +01:00
Commit Graph

5288 Commits

Author SHA1 Message Date
Shivaram Lingamneni
d81494ac09
Merge pull request #2159 from ergochat/casefolding.2
fix #2099
2024-05-29 08:04:14 +02:00
Shivaram Lingamneni
54ca659e57
Merge pull request #2158 from slingamn/ircv3bearer.2
remove draft/bearer in favor of IRCV3BEARER
2024-05-29 08:00:07 +02:00
Shivaram Lingamneni
794b4a2483 allow null bytes in bearer tokens
(Haven't decided what to do at the spec level yet)
2024-05-29 01:54:12 -04:00
Shivaram Lingamneni
7772b55cab fix #2099
Add optional support for rfc1459 and rfc1459-strict casemappings
2024-05-27 22:16:20 -04:00
Shivaram Lingamneni
ed683bff79 remove draft/bearer in favor of IRCV3BEARER 2024-05-27 20:40:04 -04:00
Shivaram Lingamneni
5ee32cda1c
Merge pull request #2156 from slingamn/throttle.1
fix login throttle handling
2024-05-28 02:25:11 +02:00
Shivaram Lingamneni
218f6f2454 fix login throttle handling
We were checking the login throttle at the beginning of every SASL
conversation. This had several problems:

1. Pidgin (on Windows?) tries every mechanism in order, regardless of
the CAP advertisement. It would use up the default throttle allowance
trying unsupported mechanisms like CRAM-MD5.
2. The throttle was actually checked twice for AUTHENTICATE PLAIN
(once at the start of the conversation and once in AuthenticateByPassphrase).

The general pattern here is that we should check the throttle every time we
do something "expensive" (bcrypt verification, send a reset email) or
"dangerous" (anything that could lead to a bruteforce attack on passwords).
Therefore, delete the check from the AUTHENTICATE handler, and add one at
the beginning of the SCRAM conversation to replace it.
2024-05-26 05:19:41 -04:00
Shivaram Lingamneni
ca4b9c15c5
Merge pull request #2151 from slingamn/modes_forwardport
fix deadlock on channel state mutex
2024-05-06 08:47:23 +02:00
Shivaram Lingamneni
6abb291290 fix deadlock on channel state mutex 2024-05-06 02:32:40 -04:00
Shivaram Lingamneni
ccc362be84
Merge pull request #2148 from slingamn/i2p
add i2pd b32 address directions
2024-05-06 07:00:19 +02:00
Shivaram Lingamneni
19b9867409 add i2pd b32 address directions
Fixes #1686
2024-05-05 21:18:29 -04:00
Shivaram Lingamneni
f6626ddb6e bump irctest 2024-05-01 11:40:19 -04:00
Shivaram Lingamneni
40ceb4956c
Merge pull request #2145 from slingamn/issue2144
fix #2144
2024-04-15 03:22:19 +02:00
Shivaram Lingamneni
74fa04c5ea
Merge pull request #2143 from slingamn/emailsending.1
fix #2142
2024-04-15 03:22:06 +02:00
Shivaram Lingamneni
15d686c593
Merge pull request #2146 from slingamn/webirc.1
add a config switch to accept hostnames from WEBIRC
2024-04-14 20:46:01 +02:00
Shivaram Lingamneni
f96f918ff1 fix #2144
RPL_NAMREPLY should send = for normal channels and @ for secret channels,
as per Modern docs.
2024-04-13 21:51:59 -04:00
Shivaram Lingamneni
7726160ec7 add a config switch to accept hostnames from WEBIRC
See #1686; this allows i2pd to pass the i2p address to Ergo, which may be
useful for moderation under some circumstances.
2024-04-13 21:43:41 -04:00
Shivaram Lingamneni
b426dd8f93 fix #2142
Allow specifying TCP4 or TCP6 for outgoing email sending, or choosing a
specific local address to send from.
2024-04-07 15:47:01 -04:00
Shivaram Lingamneni
1f4b5248a0
Merge pull request #2140 from slingamn/issue2139
fix #2139
2024-03-29 22:50:22 +01:00
Shivaram Lingamneni
0c804f8ea3 bump irctest 2024-03-29 13:34:52 -04:00
Shivaram Lingamneni
3d2f014d4c fix #2139
Database backup filenames contained a colon character, which is disallowed
on Windows; use period instead
2024-03-29 12:32:42 -04:00
Shivaram Lingamneni
d56e4ea301
Merge pull request #2136 from slingamn/issue2135_nicknameinuse
fix #2135
2024-03-20 10:48:27 -04:00
Shivaram Lingamneni
8d082865da
fix #2133 (#2137)
* fix #2133

Don't record NICK and QUIT in history for invisible auditorium members
2024-03-17 11:42:39 -04:00
Shivaram Lingamneni
837f6ac1a2 fix #2135
Handling of reserved nicknames is special-cased due to #1594, but we want to send
ERR_NICKNAMEINUSE if the nickname is actually in use, since that doesn't pose any
client compatibility problems.
2024-03-11 01:32:39 -04:00
Shivaram Lingamneni
681e8b1292
fix #2129 (#2132)
* fix #2129

Don't print the values of environment variable overrides, just the keys

* fix unit tests
2024-02-25 10:05:36 -05:00
Shivaram Lingamneni
432d4ea860
Merge pull request #2131 from slingamn/issue2130
fix #2130
2024-02-25 03:55:54 -05:00
Shivaram Lingamneni
78f342655d clean up dead code 2024-02-25 03:52:52 -05:00
Shivaram Lingamneni
cab192e2af fix #2130
We load registered channels unconditionally; reloading them again on rehash
is incorrect. This caused buggy behavior when channel registration was
disabled in the config, but some registered channels were already loaded.
2024-02-25 03:34:21 -05:00
Matt Hamilton
c67835ce5c
Gracefully handle NS cert add myself <fp> (#2128)
* Gracefully handle NS cert add myself <fp>

A non-operator with the nick "mynick" attempts to register
a fingerprint to their authenticated account.

They /msg NickServ cert add mynick <fingerprint>

NickServ responds with "Insufficient privileges" because
they've accidentally invoked the operator syntax (to action
other accounts).

This patch allows the user to add the fingerprint if the client's
account is identical to the target account.

Signed-off-by: Matt Hamilton <m@tthamilton.com>

* Update nickserv.go

Compare the case-normalized target to Account()

---------

Signed-off-by: Matt Hamilton <m@tthamilton.com>
Co-authored-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
2024-02-14 09:56:37 -05:00
Shivaram Lingamneni
7afd6dbc74 bearer: close open jwt key files 2024-02-13 21:32:37 -05:00
Shivaram Lingamneni
ee7f818674
implement SASL OAUTHBEARER and draft/bearer (#2122)
* implement SASL OAUTHBEARER and draft/bearer
* Upgrade JWT lib
* Fix an edge case in SASL EXTERNAL
* Accept longer SASL responses
* review fix: allow multiple token definitions
* enhance tests
* use SASL utilities from irc-go
* test expired tokens
2024-02-13 18:58:32 -05:00
Shivaram Lingamneni
8475b62da4 bump irctest 2024-02-12 23:43:28 -05:00
Shivaram Lingamneni
52d15a483c
Merge pull request #2127 from slingamn/isupport_thirteen
pull out max parameters constant in isupport impl
2024-02-12 23:40:54 -05:00
Shivaram Lingamneni
f691b8c058 pull out max parameters constant in isupport impl 2024-02-11 12:38:49 -05:00
Shivaram Lingamneni
6b7bfe0c09 set up new development version 2024-02-11 00:12:22 -05:00
Shivaram Lingamneni
2098cc9f2b
Merge pull request #2126 from slingamn/go122
upgrade to go 1.22
2024-02-11 00:02:28 -05:00
Shivaram Lingamneni
4b9aa725cb upgrade to go 1.22 2024-02-10 23:46:34 -05:00
Shivaram Lingamneni
24ac3b68b4
Merge pull request #2124 from slingamn/realnamelimit
fix #2123
2024-02-10 23:25:31 -05:00
Shivaram Lingamneni
0918564edc bump irctest 2024-02-08 00:46:26 -05:00
Shivaram Lingamneni
921651f664 fix #2123
Add a configurable limit on realname length
2024-02-08 00:03:12 -05:00
Shivaram Lingamneni
d97e964b35 v2.13.0: fix go release version in changelog 2024-01-14 17:42:34 -05:00
Shivaram Lingamneni
010875ec9a bump version and changelog for v2.13.0 2024-01-14 17:40:50 -05:00
Neale Pickett
7b525f8899
Add caddy reverse proxy websocket example (#2119)
* Add caddy reverse proxy websocket example

* Use consistent hostname for caddy reverse proxy
2024-01-12 13:30:53 -05:00
Neale Pickett
3839f8ae60
Explain reverse proxy setup for websockets (#2121)
* Explain reverse proxy setup for websockets

* Update MANUAL.md

Clarify that we only support `X-Forwarded-For`

---------

Co-authored-by: Shivaram Lingamneni <slingamn@cs.stanford.edu>
2024-01-11 23:20:26 -05:00
Shivaram Lingamneni
4e574b99f3 fix changelog typo 2024-01-07 01:07:36 -05:00
Shivaram Lingamneni
9d388d8cdb
Merge pull request #2118 from slingamn/changelog
bump version and changelog for 2.13.0-rc1
2024-01-07 00:42:46 -05:00
Shivaram Lingamneni
24cf5fac45 fix #2101 2024-01-07 00:38:10 -05:00
Shivaram Lingamneni
d238eaac67 bump version and changelog for 2.13.0-rc1 2024-01-07 00:30:39 -05:00
Shivaram Lingamneni
0f059ea2cc
Merge pull request #2117 from slingamn/handlepanic
add panic handler to async client/channel writes
2024-01-05 00:21:23 -05:00
Shivaram Lingamneni
dfe2a21b17 add panic handler to async client/channel writes
See #2113 for motivation
2024-01-05 00:18:46 -05:00