Skip to content
Permalink
Browse files

Add sasl timeout

Patch by: michaelortmann
  • Loading branch information...
michaelortmann authored and vanosg committed Sep 8, 2019
1 parent 45ce502 commit d659635ee1f6ccafa0f96d4ee957e61a2c2de7e2
Showing with 25 additions and 11 deletions.
  1. +3 −1 eggdrop.conf
  2. +5 −0 src/mod/server.mod/server.c
  3. +17 −10 src/mod/server.mod/servmsg.c
@@ -538,8 +538,10 @@ set ssl-capath "/etc/ssl/"
# If SASL authentication fails, do you want to connect to the server anyway?
# Set to this to 0 to disconnect and retry until success, or 1 to continue
# connecting to the server without SASL authentication.
#
#set sasl-continue 1
#
# Timeout (in seconds) before giving up SASL authentication
#set sasl-timeout 15

##### MORE ADVANCED SETTINGS #####

@@ -128,6 +128,8 @@ static char sasl_username[NICKMAX + 1];
static char sasl_password[81];
static int sasl_continue = 1;
static char sasl_ecdsa_key[121];
static int sasl_timeout = 15;
static int sasl_timeout_time = 0;

#include "servmsg.c"

@@ -1451,6 +1453,7 @@ static tcl_ints my_tcl_ints[] = {
{"sasl", &sasl, 0},
{"sasl-mechanism", &sasl_mechanism, 0},
{"sasl-continue", &sasl_continue, 0},
{"sasl-timeout", &sasl_timeout, 0},
{NULL, NULL, 0}
};

@@ -1691,6 +1694,8 @@ static void server_secondly()
deq_msg();
if (!resolvserv && serv < 0)
connect_server();
if (!--sasl_timeout_time)
handle_sasl_timeout();
}

static void server_5minutely()
@@ -1271,25 +1271,32 @@ static int got900(char *from, char *msg)
return 0;
}

static int got904905and906(char *from, char *msg)
static int sasl_error(char *msg)
{
newsplit(&msg); /* nick */
fixcolon(msg);
putlog(LOG_SERV, "*", "SASL: %s", msg);
dprintf(DP_MODE, "CAP END\n");
sasl_timeout_time = 0;
if (!sasl_continue) {
putlog(LOG_DEBUG, "*", "SASL: Aborting connection and retrying");
nuke_server("Quitting...");
}
return 1;
}

static int got904905and906(char *from, char *msg)
{
newsplit(&msg); /* nick */
fixcolon(msg);
return sasl_error(msg);
}

static int got903(char *from, char *msg)
{
newsplit(&msg); /* nick */
fixcolon(msg);
putlog(LOG_SERV, "*", "SASL: %s", msg);
dprintf(DP_MODE, "CAP END\n");
sasl_timeout_time = 0;
return 0;
}

@@ -1301,6 +1308,11 @@ static int got908(char *from, char *msg)
return 0;
}

static int handle_sasl_timeout()
{
return sasl_error("timeout");
}

/*
* 465 ERR_YOUREBANNEDCREEP :You are banned from this server
*/
@@ -1459,15 +1471,10 @@ static int gotcap(char *from, char *msg) {
putlog(LOG_SERV, "*", "SASL: put AUTHENTICATE %s",
SASL_MECHANISMS[sasl_mechanism]);
dprintf(DP_MODE, "AUTHENTICATE %s\n", SASL_MECHANISMS[sasl_mechanism]);
sasl_timeout_time = sasl_timeout;
#ifndef TLS
} else {
putlog(LOG_SERV, "*", "SASL: No TLS libs, aborting authentication");
dprintf(DP_MODE, "CAP END\n");
if (!sasl_continue) {
putlog(LOG_DEBUG, "*", "SASL: Aborting connection and retrying");
nuke_server("Quitting...");
}
return 1;
return sasl_error("No TLS libs, aborting authentication");
}
#endif
} else {

0 comments on commit d659635

Please sign in to comment.
You can’t perform that action at this time.