Create configurable client rejection message for SASL only (#236)

This commit is contained in:
Melissa Draper 2021-07-09 15:31:17 -07:00 committed by Doug Freed
parent 875fed0168
commit 05bc814d83
7 changed files with 24 additions and 2 deletions

View file

@ -579,6 +579,7 @@ general {
kline_with_reason = yes; kline_with_reason = yes;
hide_tkdline_duration = no; hide_tkdline_duration = no;
kline_reason = "K-Lined"; kline_reason = "K-Lined";
sasl_only_client_message = "You need to identify via SASL to use to use this server.";
identify_service = "NickServ@services.int"; identify_service = "NickServ@services.int";
identify_command = "IDENTIFY"; identify_command = "IDENTIFY";
non_redundant_klines = yes; non_redundant_klines = yes;

View file

@ -1148,6 +1148,11 @@ general {
*/ */
kline_reason = "Connection closed"; kline_reason = "Connection closed";
/* SASL access only client message: give users a message that
* informs them
*/
sasl_only_client_message = "You need to identify via SASL to use to use this server.";
/* identify to services via server password /* identify to services via server password
* if auth{} block had no password but the user specified a * if auth{} block had no password but the user specified a
* server password anyway, send a PRIVMSG to <identify_service> * server password anyway, send a PRIVMSG to <identify_service>

View file

@ -257,6 +257,7 @@ struct config_file_entry
int hide_opers; int hide_opers;
char *drain_reason; char *drain_reason;
char *sasl_only_client_message;
}; };
struct config_channel_entry struct config_channel_entry

View file

@ -2707,6 +2707,7 @@ static struct ConfEntry conf_general_table[] =
{ "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers }, { "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers },
{ "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL }, { "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
{ "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason }, { "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason },
{ "sasl_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message },
{ "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only }, { "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only },
{ "oper_secure_only", CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only }, { "oper_secure_only", CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only },
{ "\0", 0, NULL, 0, NULL } { "\0", 0, NULL, 0, NULL }

View file

@ -1550,6 +1550,8 @@ clear_out_old_conf(void)
ConfigFileEntry.sasl_service = NULL; ConfigFileEntry.sasl_service = NULL;
rb_free(ConfigFileEntry.drain_reason); rb_free(ConfigFileEntry.drain_reason);
ConfigFileEntry.drain_reason = NULL; ConfigFileEntry.drain_reason = NULL;
rb_free(ConfigFileEntry.sasl_only_client_message);
ConfigFileEntry.sasl_only_client_message = NULL;
if (ConfigFileEntry.hidden_caps != NULL) if (ConfigFileEntry.hidden_caps != NULL)
{ {

View file

@ -491,9 +491,16 @@ register_local_user(struct Client *client_p, struct Client *source_p)
if(IsNeedSasl(aconf) && !*source_p->user->suser) if(IsNeedSasl(aconf) && !*source_p->user->suser)
{ {
const char *sasl_only_client_message = ConfigFileEntry.sasl_only_client_message;
if (sasl_only_client_message == NULL)
sasl_only_client_message = "You need to identify via SASL to use to use this server.";
ServerStats.is_ref++; ServerStats.is_ref++;
sendto_one_notice(source_p, ":*** Notice -- You need to identify via SASL to use this server"); sendto_one_notice(source_p, ":*** Notice -- %s", sasl_only_client_message);
exit_client(client_p, source_p, &me, "SASL access only");
exit_client(client_p, source_p, &me, sasl_only_client_message);
return (CLIENT_EXITED); return (CLIENT_EXITED);
} }

View file

@ -200,6 +200,11 @@ static struct InfoStruct info_table[] = {
"Message to quit users with if this server is draining.", "Message to quit users with if this server is draining.",
INFO_STRING(&ConfigFileEntry.drain_reason), INFO_STRING(&ConfigFileEntry.drain_reason),
}, },
{
"sasl_only_client_message",
"Message to quit users with if they require SASL authentication.",
INFO_STRING(&ConfigFileEntry.sasl_only_client_message),
},
{ {
"disable_auth", "disable_auth",
"Controls whether auth checking is disabled or not", "Controls whether auth checking is disabled or not",