ircd.chat/ircd
11
1
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity
4,764 Commits 5 Branches 52 Tags 23 MiB
8b2f6de3e0
Commit Graph

4764 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Shivaram Lingamneni
8b2f6de3e0
Add email-based password reset (#1779) 
* Add email-based password reset

Fixes #734

* rename SETPASS to RESETPASS

* review fixes

* abuse mitigations

* SENDPASS and RESETPASS should both touch the client login throttle
* Produce a logline and a sno on SENDPASS (since it actually sends an email)

* don't re-retrieve the settings value

* add email confirmation for NS SET EMAIL

* smtp: if require-tls is disabled, don't validate server cert

* review fixes

* remove cooldown for NS SET EMAIL

If you accidentally set the wrong address, the cooldown would prevent you
from fixing your mistake. Since we touch the registration throttle anyway,
this shouldn't present more of an abuse concern than registration itself.
 2021-08-25 22:32:55 -04:00
Shivaram Lingamneni
0baaf0b711
Merge pull request #1783 from slingamn/scram_mechanisms 
remove SCRAM-SHA-256 from advertised SASL mechanisms
 2021-08-25 21:03:29 -04:00
Shivaram Lingamneni
a1d4b8ac82 bump irctest to latest 2021-08-25 19:00:33 -04:00
Shivaram Lingamneni
12947644e2 remove SCRAM-SHA-256 from advertised SASL mechanisms 
Advertising SCRAM-SHA-256 breaks irccloud, which doesn't fall back to PLAIN
if it sees SCRAM advertised but SCRAM then fails (as is the case for any
account password hashed on Ergo 2.7 or lower).

Leave a config option for irctest to enable it in the controller.
 2021-08-25 18:34:27 -04:00
Shivaram Lingamneni
9c77f89bc2
Merge pull request #1781 from slingamn/go_upgrade 
upgrade go to 1.17
 2021-08-20 16:56:26 -04:00
Shivaram Lingamneni
492109f29d upgrade go to 1.17 2021-08-20 15:59:26 -04:00
Shivaram Lingamneni
00255586cc update manual to point to stable branch systemd file 2021-08-19 10:51:46 -04:00
Shivaram Lingamneni
fea8cc1b9a
Merge pull request #1778 from ProgVal/empty-realname 
Add missing argument to ERR_NEEDMOREPARAMS on USER commands.
 2021-08-13 16:58:53 -04:00
Valentin Lorentz
a90fbf9f2c Add missing argument to ERR_NEEDMOREPARAMS on USER commands. 
Refs:

* other instances in the codebase
* https://defs.ircdocs.horse/defs/numerics.html#err-needmoreparams-461
* https://modern.ircdocs.horse/#errneedmoreparams-461
 2021-08-13 21:10:46 +02:00
Shivaram Lingamneni
0d438dd0d6
Merge pull request #1776 from ProgVal/kick-default-comment 
Make kick messages default to the kicker name instead of the kicked
 2021-08-13 14:20:17 -04:00
Valentin Lorentz
f33f41b0eb Make kick messages default to the kicker name instead of the kicked 
For consistency with RFC2812, Bahamut, Hybrid, Insp, Plexus4, Unreal.
https://datatracker.ietf.org/doc/html/rfc2812#section-3.2.8

At the expense of consistency with chary/solanum, irc2, and ircu2.
 2021-08-13 20:16:37 +02:00
Shivaram Lingamneni
4785a3953a
Merge pull request #1777 from ProgVal/targmax-kick 
Advertise support for multiple KICK targets
 2021-08-13 14:14:56 -04:00
Valentin Lorentz
f6f25039b7 Advertise support for multiple KICK targets 
This is already implemented, but TARGMAX=KICK:1 says it isn't.

Instead, let's advertise that indefinitely many targets are allowed.
Refs:

* https://defs.ircdocs.horse/defs/isupport.html#targmax
* https://github.com/ircdocs/modern-irc/pull/112
 2021-08-13 19:42:03 +02:00
Shivaram Lingamneni
5d2d4a99bc
Merge pull request #1775 from slingamn/channelkey 
fix handling of +k with an empty key parameter
 2021-08-10 15:15:40 -04:00
Shivaram Lingamneni
abfb8442ab fix handling of +k with an empty key parameter 
This should be disallowed; `MODE #keytest +k :` should just be an error.
 2021-08-10 15:11:11 -04:00
Shivaram Lingamneni
bbb52bf692
Merge pull request #1773 from ProgVal/keyvalidation 
Add missing channel parameter to ERR_INVALIDMODEPARAM.
 2021-08-10 15:02:02 -04:00
Valentin Lorentz
e894c44960 Add missing channel parameter to ERR_INVALIDMODEPARAM. 2021-08-10 20:33:00 +02:00
Shivaram Lingamneni
ada135d7cf
Merge pull request #1772 from slingamn/bump_irctest 
bump irctest
 2021-08-08 17:04:32 -04:00
Shivaram Lingamneni
0355c2df1e bump irctest 2021-08-08 14:49:08 -04:00
Shivaram Lingamneni
37c7b97084 documentation: update CI config path 2021-08-08 12:35:55 -04:00
Shivaram Lingamneni
0ac8b6daea
Merge pull request #1770 from ajaspers/patch-1 
Document mute extbans
 2021-08-04 01:58:45 -04:00
ajaspers
c3fb7f2ad6
Document mute extbans 
Fixes #1747.
 2021-08-03 21:31:54 -07:00
Shivaram Lingamneni
1c5a485c17
Merge pull request #1768 from slingamn/scram_clientid 
fix SCRAM not supporting client IDs
 2021-08-03 23:51:10 -04:00
Shivaram Lingamneni
5b93fdfcf2
Merge pull request #1769 from ajaspers/logout 
Correct help text for NS CLIENTS LOGOUT.
 2021-08-03 23:50:01 -04:00
Alex Jaspersen
ecd878c169 Correct help text for NS CLIENTS LOGOUT. 
"LOGOUT ALL" logs out all clients for a user.

Fixes #1712.
 2021-08-03 18:54:37 -07:00
Shivaram Lingamneni
117401f293 fix SCRAM not supporting client IDs 
reported by @Mikaela
 2021-08-03 11:47:00 -04:00
Shivaram Lingamneni
b13776787b
Merge pull request #1767 from slingamn/bunt 
upgrade buntdb
 2021-08-03 09:58:10 -04:00
Shivaram Lingamneni
c5a9916302 upgrade buntdb 2021-08-03 01:46:43 -04:00
Shivaram Lingamneni
1389d89a9b
Merge pull request #1766 from slingamn/allow_truncation 
fix incorrect handling of overlong lines when allow-truncation is enabled
 2021-08-03 00:40:54 -04:00
Shivaram Lingamneni
941c12244f
Merge pull request #1765 from slingamn/autorehash 
add autogeneration of SCRAM credentials on successful PLAIN
 2021-08-03 00:40:47 -04:00
Shivaram Lingamneni
cf25e894e1 fix incorrect handling of overlong lines when allow-truncation is enabled 2021-08-02 21:49:42 -04:00
Shivaram Lingamneni
4dd9af8f06 add autogeneration of SCRAM credentials on successful PLAIN 2021-08-02 12:26:58 -04:00
Shivaram Lingamneni
d8dc24dee8
Merge pull request #1764 from slingamn/scram.3 
implement SCRAM-SHA-256
 2021-08-01 22:00:14 -04:00
Shivaram Lingamneni
ebe1f84d64 consolidate login throttle checks 
We can check once during initialization of the SASL session, e.g.
on receiving `AUTHENTICATE PLAIN` or `AUTHENTICATE EXTERNAL`
 2021-07-30 14:06:13 -04:00
Shivaram Lingamneni
41822813c0 clean up redundant check for sasl mechanism 2021-07-30 14:03:40 -04:00
Shivaram Lingamneni
e1401934df implement SCRAM-SHA-256 2021-07-30 12:20:13 -04:00
Shivaram Lingamneni
3264687803
Merge pull request #1763 from slingamn/jwt 
replace jwt library
 2021-07-29 20:51:23 -04:00
Shivaram Lingamneni
ef92318282 replace jwt library 
Fixes #1762
 2021-07-29 16:49:35 -04:00
Shivaram Lingamneni
ad61f9f213
Merge pull request #1758 from ergochat/channel_creation 
fix channel creation bugs
 2021-07-15 08:35:29 -04:00
Shivaram Lingamneni
6851901e20 fix #1756 
A default channel mode of +i would block channel creation; fix this by treating
initial joins as SAJOINs.

Note that it's nontrivial to detect initial join in (*Channel).Join, because
having 0 members does not necessarily indicate a new channel.
 2021-07-15 06:31:27 -04:00
Shivaram Lingamneni
c99b2be403 fix #1757 
Allow SAJOIN or implicit always-on join to override channels.operator-only-creation
 2021-07-15 06:27:37 -04:00
Shivaram Lingamneni
699921afff
Merge pull request #1755 from mogad0n/enhance/uban_list_timecreated 
add timeCreated to /uban list output
 2021-07-14 10:17:49 -04:00
Pratyush Desai
99610eae4b add timeCreated to /uban list output 2021-07-14 12:36:45 +05:30
Shivaram Lingamneni
128142ca41
Merge pull request #1753 from slingamn/rename 
fix #1751
 2021-07-14 02:09:43 -04:00
Shivaram Lingamneni
dc0bf1a02d
Merge pull request #1748 from ProgVal/patch-2 
Add support for KICK #chan user1,user2
 2021-07-13 08:55:44 -04:00
Shivaram Lingamneni
5b317d4846 fix #1751 
RENAME (channel rename) that was a simple case change (e.g.
renaming #chan to #CHAN) would delete the channel :-|
 2021-07-13 08:47:16 -04:00
Valentin Lorentz
f58f8531b2 Restore support for multiple channels + single user 2021-07-12 20:59:05 +02:00
Val Lorentz
54c5d35193 Add support for KICK #chan user1,user2 
This is one of the two cases of [RFC 2812 kicks](https://datatracker.ietf.org/doc/html/rfc2812#section-3.2.8):
even when there are multiple user targets, the RFC (and Unreal
and Inspircd and probably others) allows a single channel name.
 2021-07-10 11:13:52 +02:00
Shivaram Lingamneni
907f82a27e
Merge pull request #1741 from slingamn/greylisting.3 
user visible email errors, email timeouts
 2021-07-09 07:22:03 -04:00
Shivaram Lingamneni
497aa429b7
Merge pull request #1746 from slingamn/docker_fix 
pin docker base image to alpine 3.13
 2021-07-08 20:58:51 -04:00