Add a config var to require SASL auth when connecting.

This commit is contained in:
Valentin Lorentz 2018-09-10 22:48:49 +02:00
parent 7cc7b4fac9
commit c433f05190
2 changed files with 6 additions and 0 deletions

View File

@ -383,6 +383,9 @@ def registerNetwork(name, password='', ssl=True, sasl_username='',
registerGlobalValue(sasl, 'mechanisms', SpaceSeparatedListOfSaslMechanisms( registerGlobalValue(sasl, 'mechanisms', SpaceSeparatedListOfSaslMechanisms(
['ecdsa-nist256p-challenge', 'external', 'plain'], _("""Determines ['ecdsa-nist256p-challenge', 'external', 'plain'], _("""Determines
what SASL mechanisms will be tried and in which order."""))) what SASL mechanisms will be tried and in which order.""")))
registerGlobalValue(sasl, 'required', registry.Boolean(False,
_("""Determines whether the bot will abort the connection if the
none of the enabled SASL mechanism succeeded.""")))
registerGlobalValue(network, 'socksproxy', registry.String('', registerGlobalValue(network, 'socksproxy', registry.String('',
_("""If not empty, determines the hostname of the socks proxy that _("""If not empty, determines the hostname of the socks proxy that
will be used to connect to this network."""))) will be used to connect to this network.""")))

View File

@ -1081,6 +1081,9 @@ class Irc(IrcCommandDispatcher, log.Firewalled):
self.sasl_current_mechanism = self.sasl_next_mechanisms.pop(0) self.sasl_current_mechanism = self.sasl_next_mechanisms.pop(0)
self.sendMsg(ircmsgs.IrcMsg(command='AUTHENTICATE', self.sendMsg(ircmsgs.IrcMsg(command='AUTHENTICATE',
args=(self.sasl_current_mechanism.upper(),))) args=(self.sasl_current_mechanism.upper(),)))
elif conf.supybot.networks.get(self.network).sasl.required():
log.error('None of the configured SASL mechanisms succeeded, '
'aborting connection.')
else: else:
self.sasl_current_mechanism = None self.sasl_current_mechanism = None
self.endCapabilityNegociation() self.endCapabilityNegociation()