We were checking the login throttle at the beginning of every SASL
conversation. This had several problems:
1. Pidgin (on Windows?) tries every mechanism in order, regardless of
the CAP advertisement. It would use up the default throttle allowance
trying unsupported mechanisms like CRAM-MD5.
2. The throttle was actually checked twice for AUTHENTICATE PLAIN
(once at the start of the conversation and once in AuthenticateByPassphrase).
The general pattern here is that we should check the throttle every time we
do something "expensive" (bcrypt verification, send a reset email) or
"dangerous" (anything that could lead to a bruteforce attack on passwords).
Therefore, delete the check from the AUTHENTICATE handler, and add one at
the beginning of the SCRAM conversation to replace it.
* Makefile: Add dependencies between targets
* Implement draft/message-redaction for channels
Permission to use REDACT mirrors permission for 'HistServ DELETE'
* Error when the given targetmsg does not exist
* gofmt
* Add CanDelete enum type
* gofmt
* Add support for PMs
* Fix documentation of allow-individual-delete.
* Remove 'TODO: add configurable fallback'
slingamn says it's probably not desirable, and I'm on the fence.
Out of laziness, let's omit it for now, as it's not a regression
compared to '/msg HistServ DELETE'.
* Revert "Makefile: Add dependencies between targets"
This reverts commit 2182b1da69.
---------
Co-authored-by: Val Lorentz <progval+git+ergo@progval.net>
* implement draft/pre-away
* clean up some subtleties in auto-away aggregation.
* consistently apply auto-away only to always-on
* `AWAY *` should not produce user-visible changes wherever possible
According to the de facto standard, `AWAY :\r\n` is equivalent to `AWAY\r\n`.
Our behavior was inconsistent before, now it consistently matches the de facto
standard.
`NICK :` pre-registration needs to be special-cased to immediately
send ERR_NONICKNAMEGIVEN (unlike erroneous nonempty nicknames,
which are processed when registration is complete)
Having the 'samode' capability made all KICK commands privileged. This appears
to have been introduced unintentionally by 42316bc04f and I can't find
any discussion of a rationale. Since this goes against our policy that all
ircop (as opposed to channel founder) privileges must be invoked explicitly
(e.g. SAJOIN, SAMODE), remove this.