Create configurable client rejection message for SASL only (#236)

2021-07-09 15:31:17 -07:00 · 2021-07-09 15:31:17 -07:00 · 05bc814d83
commit 05bc814d83
parent 875fed0168
7 changed files with 24 additions and 2 deletions
--- a/doc/ircd.conf.example
+++ b/doc/ircd.conf.example
@ -579,6 +579,7 @@ general {
 	kline_with_reason = yes;
 	hide_tkdline_duration = no;
 	kline_reason = "K-Lined";
+	sasl_only_client_message = "You need to identify via SASL to use to use this server.";
 	identify_service = "NickServ@services.int";
 	identify_command = "IDENTIFY";
 	non_redundant_klines = yes;
--- a/doc/reference.conf
+++ b/doc/reference.conf
@ -1148,6 +1148,11 @@ general {
 	 */
 	kline_reason = "Connection closed";

+	/* SASL access only client message: give users a message that
+	 * informs them
+	 */
+	sasl_only_client_message = "You need to identify via SASL to use to use this server.";
+
 	/* identify to services via server password
 	 * if auth{} block had no password but the user specified a
 	 * server password anyway, send a PRIVMSG to <identify_service>
--- a/include/s_conf.h
+++ b/include/s_conf.h
@ -257,6 +257,7 @@ struct config_file_entry
 	int hide_opers;

 	char *drain_reason;
+	char *sasl_only_client_message;
 };

 struct config_channel_entry
--- a/ircd/newconf.c
+++ b/ircd/newconf.c
@ -2707,6 +2707,7 @@ static struct ConfEntry conf_general_table[] =
 	{ "hide_opers",		CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers		},
 	{ "certfp_method",	CF_STRING, conf_set_general_certfp_method, 0, NULL },
 	{ "drain_reason",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason	},
+	{ "sasl_only_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message	},
 	{ "tls_ciphers_oper_only",	CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only	},
 	{ "oper_secure_only",	CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only	},
 	{ "\0", 		0, 	  NULL, 0, NULL }
--- a/ircd/s_conf.c
+++ b/ircd/s_conf.c
@ -1550,6 +1550,8 @@ clear_out_old_conf(void)
 	ConfigFileEntry.sasl_service = NULL;
 	rb_free(ConfigFileEntry.drain_reason);
 	ConfigFileEntry.drain_reason = NULL;
+	rb_free(ConfigFileEntry.sasl_only_client_message);
+	ConfigFileEntry.sasl_only_client_message = NULL;

 	if (ConfigFileEntry.hidden_caps != NULL)
 	{
--- a/ircd/s_user.c
+++ b/ircd/s_user.c
@ -491,9 +491,16 @@ register_local_user(struct Client *client_p, struct Client *source_p)

 	if(IsNeedSasl(aconf) && !*source_p->user->suser)
 	{
+
+		const char *sasl_only_client_message = ConfigFileEntry.sasl_only_client_message;
+
+		if (sasl_only_client_message == NULL)
+			sasl_only_client_message = "You need to identify via SASL to use to use this server.";
+
 		ServerStats.is_ref++;
-		sendto_one_notice(source_p, ":*** Notice -- You need to identify via SASL to use this server");
-		exit_client(client_p, source_p, &me, "SASL access only");
+		sendto_one_notice(source_p, ":*** Notice -- %s", sasl_only_client_message);
+
+		exit_client(client_p, source_p, &me, sasl_only_client_message);
 		return (CLIENT_EXITED);
 	}

--- a/modules/m_info.c
+++ b/modules/m_info.c
@ -200,6 +200,11 @@ static struct InfoStruct info_table[] = {
 		"Message to quit users with if this server is draining.",
 		INFO_STRING(&ConfigFileEntry.drain_reason),
 	},
+	{
+		"sasl_only_client_message",
+		"Message to quit users with if they require SASL authentication.",
+		INFO_STRING(&ConfigFileEntry.sasl_only_client_message),
+	},
 	{
 		"disable_auth",
 		"Controls whether auth checking is disabled or not",