ouch/inspircd
2
0
Fork 0
mirror of https://github.com/inspircd/inspircd.git synced 2025-03-10 02:59:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Only abort SASL sessions if the user is using sasl-3.1.

Browse Source 
This is a compromise to allow modern clients to authenticate
quickly whilst not breaking old clients.

This reverts commit 4b8e69882e8b591102bfb03da1425b04c43272de.
This commit is contained in:
Sadie Powell 2024-03-24 21:34:48 +00:00
parent be39ca94cc
commit 4931b94e96
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/conf/modules.conf.example
View File

@ -2198,8 +2198,7 @@
# when it should enable the SASL capability. # when it should enable the SASL capability.
# You can also define <sasl:requiressl> to require users to use TLS # You can also define <sasl:requiressl> to require users to use TLS
# in order to be able to use SASL. # in order to be able to use SASL.
#<sasl abortonconnect="yes" #<sasl target="services.mynetwork.com"
# target="services.mynetwork.com"
# requiressl="yes"> # requiressl="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#

4
src/modules/m_sasl.cpp
View File

@ -409,7 +409,6 @@ private:
CommandAuthenticate auth; CommandAuthenticate auth;
CommandSASL sasl; CommandSASL sasl;
ClientProtocol::EventProvider protoev; ClientProtocol::EventProvider protoev;
bool abortonconnect;
public: public:
ModuleSASL() ModuleSASL()
@ -438,7 +437,6 @@ public:
if (target.empty()) if (target.empty())
throw ModuleException(this, "<sasl:target> must be set to the name of your services server!"); throw ModuleException(this, "<sasl:target> must be set to the name of your services server!");
abortonconnect = tag->getBool("abortonconnect", true);
cap.requiressl = tag->getBool("requiressl"); cap.requiressl = tag->getBool("requiressl");
sasl_target = target; sasl_target = target;
servertracker.Reset(); servertracker.Reset();
@ -451,7 +449,7 @@ public:
// in progress, the server SHOULD abort it and send a 906 numeric, then // in progress, the server SHOULD abort it and send a 906 numeric, then
// register the client without authentication. // register the client without authentication.
SaslAuthenticator* saslauth = authExt.Get(user); SaslAuthenticator* saslauth = authExt.Get(user);
if (abortonconnect && saslauth) if (saslauth && cap.GetProtocol(user) == Cap::CAP_LEGACY)
{ {
saslauth->Abort(); saslauth->Abort();
saslauth->AnnounceState(); saslauth->AnnounceState();