|
@@ -298,9 +298,15 @@ func accVerifyHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb
|
298
|
298
|
|
299
|
299
|
// AUTHENTICATE [<mechanism>|<data>|*]
|
300
|
300
|
func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
|
|
301
|
+ details := client.Details()
|
|
302
|
+ if details.account != "" {
|
|
303
|
+ rb.Add(nil, server.name, ERR_SASLALREADY, details.nick, client.t("You're already logged into an account"))
|
|
304
|
+ return false
|
|
305
|
+ }
|
|
306
|
+
|
301
|
307
|
// sasl abort
|
302
|
308
|
if !server.AccountConfig().AuthenticationEnabled || len(msg.Params) == 1 && msg.Params[0] == "*" {
|
303
|
|
- rb.Add(nil, server.name, ERR_SASLABORTED, client.nick, client.t("SASL authentication aborted"))
|
|
309
|
+ rb.Add(nil, server.name, ERR_SASLABORTED, details.nick, client.t("SASL authentication aborted"))
|
304
|
310
|
client.saslInProgress = false
|
305
|
311
|
client.saslMechanism = ""
|
306
|
312
|
client.saslValue = ""
|
|
@@ -317,7 +323,7 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
317
|
323
|
client.saslMechanism = mechanism
|
318
|
324
|
rb.Add(nil, server.name, "AUTHENTICATE", "+")
|
319
|
325
|
} else {
|
320
|
|
- rb.Add(nil, server.name, ERR_SASLFAIL, client.nick, client.t("SASL authentication failed"))
|
|
326
|
+ rb.Add(nil, server.name, ERR_SASLFAIL, details.nick, client.t("SASL authentication failed"))
|
321
|
327
|
}
|
322
|
328
|
|
323
|
329
|
return false
|
|
@@ -327,7 +333,7 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
327
|
333
|
rawData := msg.Params[0]
|
328
|
334
|
|
329
|
335
|
if len(rawData) > 400 {
|
330
|
|
- rb.Add(nil, server.name, ERR_SASLTOOLONG, client.nick, client.t("SASL message too long"))
|
|
336
|
+ rb.Add(nil, server.name, ERR_SASLTOOLONG, details.nick, client.t("SASL message too long"))
|
331
|
337
|
client.saslInProgress = false
|
332
|
338
|
client.saslMechanism = ""
|
333
|
339
|
client.saslValue = ""
|
|
@@ -336,7 +342,7 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
336
|
342
|
client.saslValue += rawData
|
337
|
343
|
// allow 4 'continuation' lines before rejecting for length
|
338
|
344
|
if len(client.saslValue) > 400*4 {
|
339
|
|
- rb.Add(nil, server.name, ERR_SASLFAIL, client.nick, client.t("SASL authentication failed: Passphrase too long"))
|
|
345
|
+ rb.Add(nil, server.name, ERR_SASLFAIL, details.nick, client.t("SASL authentication failed: Passphrase too long"))
|
340
|
346
|
client.saslInProgress = false
|
341
|
347
|
client.saslMechanism = ""
|
342
|
348
|
client.saslValue = ""
|
|
@@ -353,7 +359,7 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
353
|
359
|
if client.saslValue != "+" {
|
354
|
360
|
data, err = base64.StdEncoding.DecodeString(client.saslValue)
|
355
|
361
|
if err != nil {
|
356
|
|
- rb.Add(nil, server.name, ERR_SASLFAIL, client.nick, client.t("SASL authentication failed: Invalid b64 encoding"))
|
|
362
|
+ rb.Add(nil, server.name, ERR_SASLFAIL, details.nick, client.t("SASL authentication failed: Invalid b64 encoding"))
|
357
|
363
|
client.saslInProgress = false
|
358
|
364
|
client.saslMechanism = ""
|
359
|
365
|
client.saslValue = ""
|
|
@@ -366,7 +372,7 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.IrcMessage,
|
366
|
372
|
|
367
|
373
|
// like 100% not required, but it's good to be safe I guess
|
368
|
374
|
if !handlerExists {
|
369
|
|
- rb.Add(nil, server.name, ERR_SASLFAIL, client.nick, client.t("SASL authentication failed"))
|
|
375
|
+ rb.Add(nil, server.name, ERR_SASLFAIL, details.nick, client.t("SASL authentication failed"))
|
370
|
376
|
client.saslInProgress = false
|
371
|
377
|
client.saslMechanism = ""
|
372
|
378
|
client.saslValue = ""
|