GitHub
/
ergo
mirror of https://github.com/ergochat/ergo.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,258 Commits 20 Branches 67 Tags 44 MiB
Commit Graph

311 Commits

Author SHA1 Message Date
Shivaram Lingamneni ee7f818674
implement SASL OAUTHBEARER and draft/bearer (#2122) 
* implement SASL OAUTHBEARER and draft/bearer
* Upgrade JWT lib
* Fix an edge case in SASL EXTERNAL
* Accept longer SASL responses
* review fix: allow multiple token definitions
* enhance tests
* use SASL utilities from irc-go
* test expired tokens
 2024-02-13 18:58:32 -05:00
Shivaram Lingamneni 921651f664 fix #2123 
Add a configurable limit on realname length
 2024-02-08 00:03:12 -05:00
Shivaram Lingamneni 580fc7096d fix #2114 
Channels with slashes (or other relaymsg separators) in their names
were being falsely detected as relaymsg identifiers.
 2024-01-04 01:02:10 -05:00
Shivaram Lingamneni 75bd63d0bc add channel autojoin feature 
See discussion on #2077
 2023-07-04 21:44:18 -04:00
Shivaram Lingamneni fc89d72045 publish MSGREFTYPES 005 token 
https://github.com/ircv3/ircv3-specifications/pull/510
 2023-02-02 14:28:37 -05:00
Shivaram Lingamneni 46d32520c7 recommended default: advertise SCRAM 
Fixes #1782
 2023-01-11 09:21:47 -05:00
Shivaram Lingamneni 35b5613349 re-add draft/CHATHISTORY 005 
Kiwi expects it due to https://github.com/kiwiirc/kiwiirc/pull/1244 , but
the corresponding spec change only altered the cap name, not the 005 name.
 2022-12-02 01:30:46 -05:00
Shivaram Lingamneni e40f550af8 fix CHATHISTORY 005 token name 
Unclear where we got draft/CHATHISTORY from, it looks like the merged drafts
have always used unprefixed CHATHISTORY as the token name.
 2022-11-30 04:10:47 -05:00
Shivaram Lingamneni 7ad31497c2 exempt a configurable number of MARKREAD commands from fakelag 2022-08-22 23:23:17 -04:00
Shivaram Lingamneni a549827f17 upgrade to go 1.18, use generics 2022-03-30 00:44:51 -04:00
Shivaram Lingamneni 0a59f41cf9 add ip-check-script.exempt-sasl 2022-01-02 01:51:31 -05:00
Shivaram Lingamneni ed75533cb1
optionally protect against multiple starts with flock (#1873) 
* optionally protect against multiple starts with flock

Fixes #1823

* use traditional .lock extension

* move config key to top level
 2022-01-01 18:56:40 -05:00
Shivaram Lingamneni 51d573d3c9 fix #1802 
Add a config option to suppress LUSERS
 2021-11-01 04:48:31 -04:00
Shivaram Lingamneni 2cae19dde5 remove unnecessary indirection in config 2021-09-19 02:09:43 -04:00
Shivaram Lingamneni 12947644e2 remove SCRAM-SHA-256 from advertised SASL mechanisms 
Advertising SCRAM-SHA-256 breaks irccloud, which doesn't fall back to PLAIN
if it sees SCRAM advertised but SCRAM then fails (as is the case for any
account password hashed on Ergo 2.7 or lower).

Leave a config option for irctest to enable it in the controller.
 2021-08-25 18:34:27 -04:00
Valentin Lorentz f6f25039b7 Advertise support for multiple KICK targets 
This is already implemented, but TARGMAX=KICK:1 says it isn't.

Instead, let's advertise that indefinitely many targets are allowed.
Refs:

* https://defs.ircdocs.horse/defs/isupport.html#targmax
* https://github.com/ircdocs/modern-irc/pull/112
 2021-08-13 19:42:03 +02:00
Shivaram Lingamneni e1401934df implement SCRAM-SHA-256 2021-07-30 12:20:13 -04:00
Shivaram Lingamneni 59bddd066f update draft/register -> draft/account-registration 
Fixes #1740
 2021-07-07 07:37:46 -04:00
Shivaram Lingamneni 0751f31b9e fix #1722 
Validate operator vhosts against the configured (or default)
vhosts.valid-regexp
 2021-06-29 10:06:37 -04:00
Shivaram Lingamneni b68696eb9b fix #1714 
Fix a panic if the operator class title is empty
 2021-06-28 01:45:13 -04:00
Shivaram Lingamneni 4910aefa37 use ergochat/irc-go instead of goshuirc/irc-go 2021-06-18 02:43:25 -04:00
Shivaram Lingamneni 23c7218bf1 first pass at renaming Oragono to Ergo 2021-05-26 15:55:24 -04:00
Shivaram Lingamneni 7c5a8f2013 make MaxLineLen configurable 2021-05-24 00:38:47 -04:00
Shivaram Lingamneni ba21987d03 remove draft/resume-0.5 2021-05-18 23:27:46 -04:00
Shivaram Lingamneni 2d31a16647 propagate require-sasl into tor-listeners.require-sasl 2021-04-26 10:26:16 -04:00
Shivaram Lingamneni 317720bfc8
Merge pull request #1632 from slingamn/mysql_safety 
fix #1622
 2021-04-25 23:14:40 -04:00
Shivaram Lingamneni e14aace1da
Merge pull request #1635 from slingamn/pass 
fix #1634 (forward-porting to master)
 2021-04-25 21:34:12 -04:00
Shivaram Lingamneni 97ba1c3d63 fix #1634: 
1. Fix auth bypass in the default configuration with the addition of
   server.password (the REGISTER command was allowed before connection
   registration, allowing unauthenticated users to REGISTER and then
   take advantage of skip-server-password)
2. Caution operators against the use of require-sasl without disabling
   user-initiated account registration. (Such a configuration is still valid
   in the case of a public server that requires everyone to register.)
 2021-04-25 19:22:08 -04:00
Shivaram Lingamneni 5eed48c077 fix #1622 
Allow users to set max MySQL connections and connection lifetime;
set a sane default for max connections if it's not present.
 2021-04-23 13:54:44 -04:00
Shivaram Lingamneni 517b776b62 don't call (*Config).prepareListeners twice 2021-04-18 21:40:33 -04:00
Shivaram Lingamneni 1a5d079670 fix #1611 
Allow setting the minimum TLS version
 2021-04-18 21:40:33 -04:00
Shivaram Lingamneni 8dd12b0693 publish the FORWARD 005 token 2021-04-08 07:10:05 -04:00
Shivaram Lingamneni aecb28a616 support SNI 2021-04-07 23:30:24 -04:00
Shivaram Lingamneni f9c1a00b91 populate (tls.Certificate).Leaf 2021-04-07 22:35:54 -04:00
Shivaram Lingamneni 03185ea4a9 deprecate message truncation 
Implements #1577, but the issue should remain open until we clean up
the debugging loglines.
 2021-03-04 22:29:34 -05:00
Shivaram Lingamneni 29666107ab fix #1559 
Improve debuggability of some config deserialization errors
 2021-02-26 01:10:21 -05:00
Shivaram Lingamneni 9e25a3027a fix #1549 
If history is disabled, disable the history CAPs
 2021-02-21 13:25:22 -05:00
Shivaram Lingamneni 430b40fc2f upgrade go to 1.16 
Fixes #1510
 2021-02-17 15:14:53 -05:00
Shivaram Lingamneni 2e7cf3cc1e
Merge pull request #1496 from slingamn/jointime.1 
fix #1490
 2021-01-21 01:20:45 -05:00
Shivaram Lingamneni 4a48e52518 fix #1490 
Track channel join times, use them to optionally enforce history access
restrictions
 2021-01-20 21:13:18 -05:00
Shivaram Lingamneni 64bc363cf1 fix #1443 
Improve auditability of sensitive operator actions
 2021-01-19 06:45:30 -05:00
Shivaram Lingamneni e195854851 fix #1442 
strip local_ from oper capab names, also consolidate unban into ban
 2021-01-19 06:45:30 -05:00
Shivaram Lingamneni db81b15acb initial work on #1483 
Add the new utf8-only cap, disallow non-utf8 when websockets are enabled
 2021-01-15 06:19:13 -05:00
Shivaram Lingamneni 48166b5b4b Implement expiration for always-on clients 
Fixes #810
 2020-12-21 05:11:50 -05:00
Shivaram Lingamneni 45471138d2 update nick reservation docs 2020-12-08 02:11:53 -05:00
Shivaram Lingamneni 7bdbb01238 fix #1428 
Tor listeners should never see an STS cap.

Add an undocumented 'hide-sts' key for listeners that hides the STS cap.
This can be used if the listener is secured at layer 3 or 4 (VPNs,
E2E mixnets). It will be necessary to add the relevant IPs to `secure-nets`.
 2020-12-05 23:06:23 -05:00
Shivaram Lingamneni 3ee6fd1f6c allow overriding services hostname 
Fixes #1407
 2020-11-29 00:02:26 -05:00
Shivaram Lingamneni 3062f97c2b fix #1389 
Support PROXY protocol v2, including ahead of plaintext connections
 2020-11-19 12:31:58 -05:00
Shivaram Lingamneni 9c4b086113
Merge pull request #1355 from slingamn/invite 
security enhancements for INVITE
 2020-10-26 13:30:41 -07:00
Shivaram Lingamneni 42d246b557 improve security properties of INVITE 
See #1171.
 2020-10-25 22:09:17 -04:00