diff options
| -rw-r--r-- | conf.c | 2 | ||||
| -rw-r--r-- | conf.h | 2 | ||||
| -rw-r--r-- | irc.c | 5 | ||||
| -rw-r--r-- | irc.h | 1 | ||||
| -rw-r--r-- | irc_commands.c | 1 |
5 files changed, 10 insertions, 1 deletions
@@ -260,6 +260,8 @@ static int conf_loadini(conf_t *conf, char *file) conf->authmode = AUTHMODE_REGISTERED; } else if (g_strcasecmp(ini->value, "closed") == 0) { conf->authmode = AUTHMODE_CLOSED; + } else if (g_strcasecmp(ini->value, "sasl") == 0) { + conf->authmode = AUTHMODE_SASL; } else { conf->authmode = AUTHMODE_OPEN; } @@ -27,7 +27,7 @@ #define __CONF_H typedef enum runmode { RUNMODE_DAEMON, RUNMODE_FORKDAEMON, RUNMODE_INETD } runmode_t; -typedef enum authmode { AUTHMODE_OPEN, AUTHMODE_CLOSED, AUTHMODE_REGISTERED } authmode_t; +typedef enum authmode { AUTHMODE_OPEN, AUTHMODE_CLOSED, AUTHMODE_REGISTERED, AUTHMODE_SASL } authmode_t; typedef struct conf { char *iface_in, *iface_out; @@ -751,6 +751,11 @@ int irc_check_login(irc_t *irc) if (global.conf->authmode == AUTHMODE_CLOSED && !(irc->status & USTATUS_AUTHORIZED)) { irc_send_num(irc, 464, ":This server is password-protected."); return 0; + } else if (global.conf->authmode == AUTHMODE_SASL && + (!(irc->caps & CAP_SASL) || + !(irc->status & USTATUS_SASL_AUTHENTICATED))) { + irc_send_num(irc, 464, ":This server requires sasl."); + return 0; } else { irc_channel_t *ic; irc_user_t *iu = irc->user; @@ -58,6 +58,7 @@ typedef enum { Currently just blocks irc_vawrite(). */ USTATUS_CAP_PENDING = 16, USTATUS_SASL_PLAIN_PENDING = 32, + USTATUS_SASL_AUTHENTICATED = 64, /* Not really status stuff, but other kinds of flags: For slightly better password security, since the only way to send passwords diff --git a/irc_commands.c b/irc_commands.c index f2d4ddf6..2696eb11 100644 --- a/irc_commands.c +++ b/irc_commands.c @@ -149,6 +149,7 @@ static void irc_cmd_authenticate(irc_t *irc, char **cmd) /* no check_login here - wait for CAP END */ irc_setpass(irc, pass); } + irc->status |= USTATUS_SASL_AUTHENTICATED; } g_free(user); |