suspended nick #351
Comments
|
How are you force identifying the user? There's nothing for this that ships with Anope afaik. If you're using |
|
The person is changing their password, and when confirming the new password it force identifies them. [10:35:41] <@NickServ> COMMAND: Betelgeuse!~Betelgeus@*** used CONFIRM to confirm RESETPASS and forcefully identify as j The Nick J is still suspended but the user was able to identify it after it was suspended. We don't have os_forceid on freenode but it is on the other two networks. It was not being used at the time of this testing. |
Description
Suspended a nick. a person was able to reset the password. Was able to change the password, confirm, and forcefully identify Nick who was suspended.
Steps to reproduce the issue:
Describe the results you received:
The password was able to change and forcefully identify to account. The user was able to drop the nick (while still showing suspended) and able to re-register the account, thus removing the suspension completely.
Describe the results you expected:
The user shouldn't be able to receive an email to change the password while the account is suspended.
Additional information you deem important (e.g. issue happens only occasionally):
I tried this on two networks that have anope set up. It occurred on both networks.
Output of
services --version:Notice- {from ChanServ} VERSION Anope-2.0.12 services.technet.chat :UnrealIRCd 4+ - (enc_sha256) -- build #8, compiled 01:33:11 Jul 29 2023
and
Notice- {from ChanServ} VERSION Anope-2.0.9 services.freenode.net :InspIRCd 3 - (enc_sha256) -- build #19, compiled 01:56:18 Apr 20 2022, flags D
Notice- {from ChanServ} VERSION Anope-2.0.10 services.irc-nerds.net :UnrealIRCd 4+ - (enc_sha256) -- build #14, compiled 07:41:07 Oct 28 2021
The text was updated successfully, but these errors were encountered: