From bd4523a7f26d1aed6ff9370f19082d536aa0f349 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Taavi=20V=C3=A4=C3=A4n=C3=A4nen?= Date: Mon, 14 Nov 2022 19:39:14 +0200 Subject: [PATCH] Support SASL authentication Fixes: https://github.com/google/alertmanager-irc-relay/issues/12 --- README.md | 4 ++-- config.go | 2 ++ go.mod | 3 ++- go.sum | 6 ++++-- irc.go | 18 ++++++++++++++++++ 5 files changed, 28 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 77a2a19..7fa01fd 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,8 @@ irc_host_password: myserver_password irc_nickname: myalertbot # Password used to identify with NickServ irc_nickname_password: mynickserv_key +# If true, SASL authentication will be used to log in to the server. +irc_use_sasl: false # Use this IRC real name irc_realname: myrealname @@ -113,5 +115,3 @@ be sent to: send_resolved: false url: http://localhost:8000/mychannel ``` - - diff --git a/config.go b/config.go index 3308595..4ce67a3 100644 --- a/config.go +++ b/config.go @@ -37,6 +37,7 @@ type Config struct { HTTPPort int `yaml:"http_port"` IRCNick string `yaml:"irc_nickname"` IRCNickPass string `yaml:"irc_nickname_password"` + IRCUseSASL bool `yaml:"irc_use_sasl"` IRCRealName string `yaml:"irc_realname"` IRCHost string `yaml:"irc_host"` IRCPort int `yaml:"irc_port"` @@ -60,6 +61,7 @@ func LoadConfig(configFile string) (*Config, error) { HTTPPort: 8000, IRCNick: "alertmanager-irc-relay", IRCNickPass: "", + IRCUseSASL: false, IRCRealName: "Alertmanager IRC Relay", IRCHost: "example.com", IRCPort: 7000, diff --git a/go.mod b/go.mod index 5b2c231..66e78f4 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,8 @@ module github.com/google/alertmanager-irc-relay go 1.13 require ( - github.com/fluffle/goirc v1.1.1 + github.com/emersion/go-sasl v0.0.0-20220912192320-0145f2c60ead + github.com/fluffle/goirc v1.3.0 github.com/gorilla/mux v1.8.0 github.com/prometheus/alertmanager v0.21.0 github.com/prometheus/client_golang v1.11.1 diff --git a/go.sum b/go.sum index ddd2cce..ea38c1e 100644 --- a/go.sum +++ b/go.sum @@ -62,12 +62,14 @@ github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5m github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= +github.com/emersion/go-sasl v0.0.0-20220912192320-0145f2c60ead h1:fI1Jck0vUrXT8bnphprS1EoVRe2Q5CKCX8iDlpqjQ/Y= +github.com/emersion/go-sasl v0.0.0-20220912192320-0145f2c60ead/go.mod h1:iL2twTeMvZnrg54ZoPDNfJaJaqy0xIQFuBdrLsmspwQ= github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fluffle/goirc v1.1.1 h1:6nO+7rrED3Kp3mngoi9OmQmQHevNwDfjGpYUdWc1s0k= -github.com/fluffle/goirc v1.1.1/go.mod h1:iRzPLv2vkuZEtbns5LioYguJkRh/bvshuWg7izf1yeE= +github.com/fluffle/goirc v1.3.0 h1:6G38L9XiXD+XCo5+sLKQcz156W8YIc5Q6ZXM+SqXJNA= +github.com/fluffle/goirc v1.3.0/go.mod h1:CHys34YkX6L6VYpOPCc8PYBjEldgE8M/bBuRa/+fxZw= github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4= github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= diff --git a/irc.go b/irc.go index daf1abf..0509c78 100644 --- a/irc.go +++ b/irc.go @@ -22,6 +22,7 @@ import ( "sync" "time" + "github.com/emersion/go-sasl" irc "github.com/fluffle/goirc/client" "github.com/google/alertmanager-irc-relay/logging" "github.com/prometheus/client_golang/prometheus" @@ -73,6 +74,11 @@ func makeGOIRCConfig(config *Config) *irc.Config { ircConfig.Timeout = connectionTimeoutSecs * time.Second ircConfig.NewNick = func(n string) string { return n + "^" } + if config.IRCUseSASL && config.IRCNickPass != "" { + ircConfig.EnableCapabilityNegotiation = true + ircConfig.Sasl = sasl.NewPlainClient("", config.IRCNick, config.IRCNickPass) + } + return ircConfig } @@ -81,6 +87,7 @@ type IRCNotifier struct { // might change its copy. Nick string NickPassword string + UseSASL bool NickservName string NickservIdentifyPatterns []string @@ -122,6 +129,7 @@ func NewIRCNotifier(config *Config, alertMsgs chan AlertMsg, delayerMaker Delaye notifier := &IRCNotifier{ Nick: config.IRCNick, NickPassword: config.IRCNickPass, + UseSASL: config.IRCUseSASL, NickservName: config.NickservName, NickservIdentifyPatterns: config.NickservIdentifyPatterns, Client: client, @@ -171,6 +179,11 @@ func (n *IRCNotifier) HandleNotice(nick string, msg string) { } func (n *IRCNotifier) HandleNickservMsg(msg string) { + if n.UseSASL { + logging.Debug("Skip processing NickServ request, SASL is enabled instead") + return + } + if n.NickPassword == "" { logging.Debug("Skip processing NickServ request, no password configured") return @@ -216,6 +229,11 @@ func (n *IRCNotifier) MaybeGhostNick() { } func (n *IRCNotifier) MaybeWaitForNickserv() { + if n.UseSASL { + logging.Debug("Skip NickServ wait, SASL is enabled instead") + return + } + if n.NickPassword == "" { logging.Debug("Skip NickServ wait, no password configured") return