3
0
mirror of https://github.com/ergochat/ergo.git synced 2025-01-04 09:02:49 +01:00
Commit Graph

53 Commits

Author SHA1 Message Date
Shivaram Lingamneni
35948d2e5b refactor some conditions for clarity 2019-01-31 17:34:06 -05:00
Shivaram Lingamneni
b9b2553a2f use the TR39 skeleton algorithm to prevent confusables (#178) 2019-01-30 21:48:53 -05:00
Shivaram Lingamneni
a52d167278 additional defensive check in EnforcementStatus 2019-01-03 23:44:01 -05:00
Shivaram Lingamneni
f20abf414f don't log an error logline for an incorrect SASL password 2019-01-02 10:29:42 -05:00
Shivaram Lingamneni
2ee89b15b3 per-user settings for nickname enforcement 2019-01-02 10:15:59 -05:00
Shivaram Lingamneni
c2b2559ab4 avoid some uses of Sprintf for loglines 2019-01-02 09:55:45 -05:00
Daniel Oaks
f912f64f21
Merge pull request #304 from slingamn/history.1
draft/resume-0.2 implementation, message history support
2018-12-15 04:37:16 +10:00
Shivaram Lingamneni
48f9b5e4fa implement NS PASSWD for password changes 2018-11-28 18:25:15 -05:00
Shivaram Lingamneni
a0bf548fc5 draft/resume-0.2 implementation, message history support 2018-11-26 05:23:27 -05:00
Shivaram Lingamneni
dfb0a57040 refactor the password hashing / password autoupgrade system 2018-08-06 02:26:21 -04:00
Daniel Oaks
6260869068 Upgrade password hashing.
Previously, we generated and prepended a long salt before generating
password hashes. This resulted in the hash verification cutting off long
before it should do. This form of salting is also not necessary with
bcrypt as it's provided by the password hashing and verification
functions themselves, so totally rip it out.

This commit also adds the functionality for the server to automagically
upgrade users to use the new hashing system, which means better
security and more assurance that people can't bruteforce passwords.

No need to apply a database upgrade to do this, whoo! \o/
2018-08-05 22:51:15 -04:00
Shivaram Lingamneni
cc9941cb07 review fixes, bug fixes 2018-04-23 02:38:35 -04:00
Shivaram Lingamneni
5e62cc4ebc initial vhosts implementation, #183 2018-04-19 03:00:56 -04:00
Daniel Oaks
a95c77bb86 Remove old command line that's no longer valid 2018-04-01 23:07:49 +10:00
Shivaram Lingamneni
fd34c78d6b add sadrop command 2018-03-14 06:50:26 -04:00
Shivaram Lingamneni
679f25491c can't reserve a nick that's the name of an unverified account 2018-03-11 14:40:36 -04:00
Shivaram Lingamneni
47b9fe50be can't register an account with the same name as a registered nick 2018-03-11 13:59:02 -04:00
Shivaram Lingamneni
a022befffe nickserv: implement GHOST, GROUP, DROP, and INFO 2018-03-02 17:05:47 -05:00
Shivaram Lingamneni
a5897baa2b clean up redundant error handling 2018-02-28 17:29:18 -05:00
Shivaram Lingamneni
878f9ca94c fix: store the uncasefolded account name correctly 2018-02-20 04:50:46 -05:00
Shivaram Lingamneni
89ae261739 implement mailto callbacks 2018-02-20 04:20:30 -05:00
Shivaram Lingamneni
988cb22692 changes to nick reservation
* Clients are now renamed, not disconnected, on reservation timeout
* Nick reservation config is now its own subsection
2018-02-18 04:46:14 -05:00
Shivaram Lingamneni
73391f11a6 replace ACC UNREGISTER with nickserv unregister 2018-02-12 01:09:30 -05:00
Shivaram Lingamneni
ad73d68807 refactor account registration, add nick enforcement 2018-02-11 05:30:40 -05:00
Daniel Oaks
e0fa97d344 Get labeled-reply working just fine 2018-02-06 00:21:08 +10:00
Daniel Oaks
2419f69879 Move all errors into errors.go 2018-02-03 22:03:36 +10:00
Daniel Oaks
47d2ce351c Centralise all command handlers in handlers.go 2018-02-03 19:28:02 +10:00
Daniel Oaks
275227a461 Make like every client-facing string translatable 2018-01-22 21:26:01 +10:00
Daniel Oaks
9bfdc4fdfb Move caps to their own package to prevent conflicts 2017-09-29 12:07:52 +10:00
Daniel Oaks
cd8b4877b6 accounts: Check for account logins correctly, fixes registration. Also fix a typo, thanks squigz! 2017-09-28 15:49:01 +10:00
Daniel Oaks
c48d869f4d Allow multiple account registrations for testing 2017-09-11 09:16:13 +10:00
Daniel Oaks
c0fbc7908d sasl: Always send a 906 in response to AUTHENTICATE * 2017-06-30 11:06:10 +10:00
Daniel Oaks
c9ed749538 Rename deps 2017-06-15 10:14:19 -06:00
Daniel Oaks
a8fa131244 Move to new repo 2017-06-14 12:00:53 -06:00
Daniel Oaks
53190ef131 Send a whole lot more snomasks 2017-05-28 12:43:09 -06:00
Daniel Oaks
22216d4d60 Fix lots of nits 2017-04-16 11:31:33 +10:00
Daniel Oaks
317a804644 Fix dates at top of source files 2017-03-27 22:15:02 +10:00
Daniel Oaks
b33b217fab Add very initial ChanServ and NickServ virtual clients
As well, add channel registration and re-applying founder privs on the first client joining the channel. I'm going to re-architect our modes system to better acocunt for this sort of change.
2017-03-11 22:01:40 +10:00
Daniel Oaks
3d597a4fb3 accounts: Login to accounts properly
Avoids letting clients login to two accounts at once
2017-03-08 21:50:12 +10:00
Daniel Oaks
3058161f62 config: Fix accounts registration/authentication 2017-03-06 09:43:52 +10:00
Daniel Oaks
658d1656fa accounts: Only allow verified accounts to SASL auth 2017-01-11 01:02:26 +10:00
Daniel Oaks
1cc217a9ae sasl: Follow PLAIN spec more closely 2016-12-01 18:48:11 +10:00
Daniel Oaks
b84dbb1a06 Support cap-notify and enabling/disabling SASL 2016-10-22 22:18:41 +10:00
Daniel Oaks
b33cbd311c accounts: Release SASL lock after finishing auth 2016-10-16 14:01:40 +10:00
Daniel Oaks
4fa094cea2 accounts: Support account-notify capability 2016-10-13 18:18:00 +10:00
Daniel Oaks
5e72409695 Move from ascii(ish) unicode encoding to prelim rfc7700 using functions instead 2016-10-11 23:51:46 +10:00
Daniel Oaks
32b328f53f accounts: Fix broken long SASL auth strings 2016-09-19 21:34:17 +10:00
Daniel Oaks
b5e7d8968f accounts: Add SASL EXTERNAL handler 2016-09-07 21:32:58 +10:00
Daniel Oaks
70665850aa accounts: Add SASL PLAIN handler 2016-09-07 20:46:01 +10:00
Daniel Oaks
1679bc9ac2 accounts: Add initial SASL handler, still need to write mechanism handlers 2016-09-06 16:31:59 +10:00