Authentication-Results: mail-b.sr.ht; dkim=pass header.d=adnano.co header.i=@adnano.co Received: from out0.migadu.com (out0.migadu.com [94.23.1.103]) by mail-b.sr.ht (Postfix) with ESMTPS id 5619411F0B0 for <~emersion/public-inbox@lists.sr.ht>; Tue, 14 Jun 2022 10:33:16 +0000 (UTC) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=adnano.co; s=key1; t=1655202793; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=9xf82jQK3PJ13Fwh4fwDV6a0vWDvX0GD3fzr41xojRI=; b=RCKplt9smcdqpqLc1D2IiSrL79ZjTfQeLiNXVJG9wjp9pG409mA1BC/ylTrRFYXELsBkZG u5HJXQBLOyfbm/LgmutC0WcnDa/Z0n1plN2FnJ4hHOT0p93thfzpd/9KKVaSbh8Jcqc0ak IbV2W5Kv0KVXVLdR/dD4KXpySqlWSOmJbS4342Pyj9cvRtcP+Yu9eiT/GpENHy2zS7gLu/ WwziLw7CtT37RtRUMBhgQ7DztBs/Ag/zQ5cppr3ULVycEK+vd10a70IipdBEPhfncdRw/T SrrMgMRntH7rAUIBQ9qLAwf/N+V6N2ngWfgneS9WQ+WQubxnvgAaSSaIw10S+Q== From: Adnan Maolood To: ~emersion/public-inbox@lists.sr.ht Cc: Adnan Maolood Subject: [PATCH chathistorysync v2 1/2] client: Use SASL authentication Date: Tue, 14 Jun 2022 06:32:51 -0400 Message-Id: <20220614103251.32597-1-me@adnano.co> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: adnano.co --- client.go | 42 +++++++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 7 deletions(-) diff --git a/client.go b/client.go index 492a75b..89f4b5a 100644 --- a/client.go +++ b/client.go @@ -1,7 +1,10 @@ package main import ( + "bytes" "crypto/tls" + "encoding/base64" + "errors" "fmt" "log" "net" @@ -68,19 +71,13 @@ func dialTLS(addr string) (*client, error) { } func (c *client) Register(nick, pass string) { - caps := []string{"draft/chathistory", "message-tags", "batch", "echo-message", "server-time", "causal.agency/passive", "soju.im/bouncer-networks"} + caps := []string{"draft/chathistory", "sasl", "message-tags", "batch", "echo-message", "server-time", "causal.agency/passive", "soju.im/bouncer-networks"} for _, name := range caps { c.WriteMessage(&irc.Message{ Command: "CAP", Params: []string{"REQ", name}, }) } - if pass != "" { - c.WriteMessage(&irc.Message{ - Command: "PASS", - Params: []string{pass}, - }) - } c.WriteMessage(&irc.Message{ Command: "NICK", Params: []string{nick}, @@ -89,6 +86,23 @@ func (c *client) Register(nick, pass string) { Command: "USER", Params: []string{nick, "0", "*", nick}, }) + if pass != "" { + var buf bytes.Buffer + buf.WriteString(nick) + buf.WriteByte(0) + buf.WriteString(nick) + buf.WriteByte(0) + buf.WriteString(pass) + payload := base64.StdEncoding.EncodeToString(buf.Bytes()) + c.WriteMessage(&irc.Message{ + Command: "AUTHENTICATE", + Params: []string{"PLAIN"}, + }) + c.WriteMessage(&irc.Message{ + Command: "AUTHENTICATE", + Params: []string{payload}, + }) + } c.WriteMessage(&irc.Message{ Command: "CAP", Params: []string{"END"}, @@ -143,6 +157,10 @@ func (c *client) ReadMessage() (*message, error) { c.caps.chatHistory = ok case "soju.im/bouncer-networks": c.caps.bouncerNetworks = ok + case "sasl": + if !ok { + return nil, fmt.Errorf("server doesn't support SASL authentication") + } } } case "BATCH": @@ -153,6 +171,16 @@ func (c *client) ReadMessage() (*message, error) { msg.closeBatch = c.batches[name] delete(c.batches, name) } + case "AUTHENTICATE": + challenge := msg.Params[0] + if challenge != "+" { + return nil, fmt.Errorf("unexpected SASL challenge %q", challenge) + } + case irc.RPL_SASLSUCCESS: + // SASL authentication successful + case irc.ERR_NICKLOCKED, irc.ERR_SASLFAIL, irc.ERR_SASLTOOLONG, + irc.ERR_SASLABORTED, irc.ERR_SASLALREADY, irc.RPL_SASLMECHS: + return nil, errors.New(strings.Join(msg.Params[1:], " ")) } return msg, nil -- 2.36.1