Remove sasl cap after registration if network doesn't support it

This will stop clients from trying to issue AUTHENTICATE requests
after connection registration.
This commit is contained in:
Simon Ser 2021-11-21 16:28:38 +01:00
parent 313c6e7f97
commit e3d7c33bcd
2 changed files with 25 additions and 19 deletions

View File

@ -190,7 +190,6 @@ var permanentDownstreamCaps = map[string]string{
"echo-message": "", "echo-message": "",
"invite-notify": "", "invite-notify": "",
"message-tags": "", "message-tags": "",
"sasl": "PLAIN",
"server-time": "", "server-time": "",
"setname": "", "setname": "",
@ -299,6 +298,7 @@ func newDownstreamConn(srv *Server, ic ircConn, id uint64) *downstreamConn {
for k, v := range permanentDownstreamCaps { for k, v := range permanentDownstreamCaps {
dc.supportedCaps[k] = v dc.supportedCaps[k] = v
} }
dc.supportedCaps["sasl"] = "PLAIN"
// TODO: this is racy, we should only enable chathistory after // TODO: this is racy, we should only enable chathistory after
// authentication and then check that user.msgStore implements // authentication and then check that user.msgStore implements
// chatHistoryMessageStore // chatHistoryMessageStore
@ -1038,6 +1038,12 @@ func (dc *downstreamConn) updateSupportedCaps() {
} }
} }
if uc := dc.upstream(); uc != nil && uc.supportsSASL("PLAIN") {
dc.setSupportedCap("sasl", "PLAIN")
} else if dc.network != nil {
dc.unsetSupportedCap("sasl")
}
if _, ok := dc.user.msgStore.(chatHistoryMessageStore); ok && dc.network != nil { if _, ok := dc.user.msgStore.(chatHistoryMessageStore); ok && dc.network != nil {
dc.setSupportedCap("draft/event-playback", "") dc.setSupportedCap("draft/event-playback", "")
} else { } else {

View File

@ -1731,30 +1731,30 @@ func (uc *upstreamConn) requestCaps() {
}) })
} }
func (uc *upstreamConn) requestSASL() bool { func (uc *upstreamConn) supportsSASL(mech string) bool {
if uc.network.SASL.Mechanism == "" {
return false
}
v, ok := uc.supportedCaps["sasl"] v, ok := uc.supportedCaps["sasl"]
if !ok { if !ok {
return false return false
} }
if v != "" {
mechanisms := strings.Split(v, ",") if v == "" {
found := false return true
for _, mech := range mechanisms {
if strings.EqualFold(mech, uc.network.SASL.Mechanism) {
found = true
break
}
}
if !found {
return false
}
} }
mechanisms := strings.Split(v, ",")
for _, mech := range mechanisms {
if strings.EqualFold(mech, mech) {
return true return true
}
}
return false
}
func (uc *upstreamConn) requestSASL() bool {
if uc.network.SASL.Mechanism == "" {
return false
}
return uc.supportsSASL(uc.network.SASL.Mechanism)
} }
func (uc *upstreamConn) handleCapAck(name string, ok bool) error { func (uc *upstreamConn) handleCapAck(name string, ok bool) error {