sad/soju
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename certfp reset to sasl reset

Browse Source 
And make it reset all SASL credentials.
This commit is contained in:
Simon Ser 2020-07-22 12:20:52 +02:00
parent 2a3ae55f52
commit cc01ffc19d
No known key found for this signature in database
GPG Key ID: 0FDE7BE0E88F5E48
2 changed files with 32 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/soju.1.scd
View File

@ -170,12 +170,12 @@ abbreviated form, for instance *network* can be abbreviated as *net* or just
Show SHA-1 and SHA-256 fingerprints for the certificate Show SHA-1 and SHA-256 fingerprints for the certificate
currently used with the network. currently used with the network.
*certfp reset* <network name>
Disable SASL EXTERNAL authentication and remove stored certificate.
*sasl set-plain* <network name> <username> <password> *sasl set-plain* <network name> <username> <password>
Set SASL PLAIN credentials. Set SASL PLAIN credentials.
*sasl reset* <network name>
Disable SASL authentication and remove stored credentials.
*user create* -username <username> -password <password> [-admin] *user create* -username <username> -password <password> [-admin]
Create a new soju user. Only admin users can create new accounts. Create a new soju user. Only admin users can create new accounts.

58
service.go
View File

@ -180,11 +180,6 @@ func init() {
desc: "show fingerprints of certificate associated with the network", desc: "show fingerprints of certificate associated with the network",
handle: handleServiceCertfpFingerprints, handle: handleServiceCertfpFingerprints,
}, },
"reset": {
usage: "<network name>",
desc: "disable SASL EXTERNAL authentication and remove stored certificate",
handle: handleServiceCertfpReset,
},
}, },
}, },
"sasl": { "sasl": {
@ -194,6 +189,11 @@ func init() {
desc: "set SASL PLAIN credentials", desc: "set SASL PLAIN credentials",
handle: handleServiceSASLSetPlain, handle: handleServiceSASLSetPlain,
}, },
"reset": {
usage: "<network name>",
desc: "disable SASL authentication and remove stored credentials",
handle: handleServiceSASLReset,
},
}, },
}, },
"user": { "user": {
@ -573,30 +573,6 @@ func handleServiceCertfpFingerprints(dc *downstreamConn, params []string) error
return nil return nil
} }
func handleServiceCertfpReset(dc *downstreamConn, params []string) error {
if len(params) != 1 {
return fmt.Errorf("expected exactly one argument")
}
net := dc.user.getNetwork(params[0])
if net == nil {
return fmt.Errorf("unknown network %q", params[0])
}
net.SASL.External.CertBlob = nil
net.SASL.External.PrivKeyBlob = nil
if net.SASL.Mechanism == "EXTERNAL" {
net.SASL.Mechanism = ""
}
if err := dc.srv.db.StoreNetwork(dc.user.Username, &net.Network); err != nil {
return err
}
sendServicePRIVMSG(dc, "certificate reset")
return nil
}
func handleServiceSASLSetPlain(dc *downstreamConn, params []string) error { func handleServiceSASLSetPlain(dc *downstreamConn, params []string) error {
if len(params) != 3 { if len(params) != 3 {
return fmt.Errorf("expected exactly 3 arguments") return fmt.Errorf("expected exactly 3 arguments")
@ -619,6 +595,30 @@ func handleServiceSASLSetPlain(dc *downstreamConn, params []string) error {
return nil return nil
} }
func handleServiceSASLReset(dc *downstreamConn, params []string) error {
if len(params) != 1 {
return fmt.Errorf("expected exactly one argument")
}
net := dc.user.getNetwork(params[0])
if net == nil {
return fmt.Errorf("unknown network %q", params[0])
}
net.SASL.Plain.Username = ""
net.SASL.Plain.Password = ""
net.SASL.External.CertBlob = nil
net.SASL.External.PrivKeyBlob = nil
net.SASL.Mechanism = ""
if err := dc.srv.db.StoreNetwork(dc.user.Username, &net.Network); err != nil {
return err
}
sendServicePRIVMSG(dc, "credentials reset")
return nil
}
func handlePasswordChange(dc *downstreamConn, params []string) error { func handlePasswordChange(dc *downstreamConn, params []string) error {
if len(params) != 1 { if len(params) != 1 {
return fmt.Errorf("expected exactly one argument") return fmt.Errorf("expected exactly one argument")