Remove sasl cap after registration if network doesn't support it

This will stop clients from trying to issue AUTHENTICATE requests
after connection registration.
This commit is contained in:
Simon Ser 2021-11-21 16:28:38 +01:00
parent 313c6e7f97
commit e3d7c33bcd
2 changed files with 25 additions and 19 deletions

View File

@ -190,7 +190,6 @@ var permanentDownstreamCaps = map[string]string{
"echo-message": "",
"invite-notify": "",
"message-tags": "",
"sasl": "PLAIN",
"server-time": "",
"setname": "",
@ -299,6 +298,7 @@ func newDownstreamConn(srv *Server, ic ircConn, id uint64) *downstreamConn {
for k, v := range permanentDownstreamCaps {
dc.supportedCaps[k] = v
}
dc.supportedCaps["sasl"] = "PLAIN"
// TODO: this is racy, we should only enable chathistory after
// authentication and then check that user.msgStore implements
// chatHistoryMessageStore
@ -1038,6 +1038,12 @@ func (dc *downstreamConn) updateSupportedCaps() {
}
}
if uc := dc.upstream(); uc != nil && uc.supportsSASL("PLAIN") {
dc.setSupportedCap("sasl", "PLAIN")
} else if dc.network != nil {
dc.unsetSupportedCap("sasl")
}
if _, ok := dc.user.msgStore.(chatHistoryMessageStore); ok && dc.network != nil {
dc.setSupportedCap("draft/event-playback", "")
} else {

View File

@ -1731,30 +1731,30 @@ func (uc *upstreamConn) requestCaps() {
})
}
func (uc *upstreamConn) requestSASL() bool {
if uc.network.SASL.Mechanism == "" {
return false
}
func (uc *upstreamConn) supportsSASL(mech string) bool {
v, ok := uc.supportedCaps["sasl"]
if !ok {
return false
}
if v != "" {
mechanisms := strings.Split(v, ",")
found := false
for _, mech := range mechanisms {
if strings.EqualFold(mech, uc.network.SASL.Mechanism) {
found = true
break
}
}
if !found {
return false
}
if v == "" {
return true
}
mechanisms := strings.Split(v, ",")
for _, mech := range mechanisms {
if strings.EqualFold(mech, mech) {
return true
}
}
return false
}
func (uc *upstreamConn) requestSASL() bool {
if uc.network.SASL.Mechanism == "" {
return false
}
return uc.supportsSASL(uc.network.SASL.Mechanism)
}
func (uc *upstreamConn) handleCapAck(name string, ok bool) error {