Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for SASL #195

Closed
jaraco opened this issue Aug 12, 2021 · 4 comments · Fixed by #199
Closed

Add support for SASL #195

jaraco opened this issue Aug 12, 2021 · 4 comments · Fixed by #199

Comments

@jaraco
Copy link
Owner

jaraco commented Aug 12, 2021

Many popular IRC networks now require SASL auth in order to accept connections. This library should implement that.
@jaraco
Copy link
Owner Author

jaraco commented Aug 12, 2021

This library hints at how it may be done.

@jaraco
Copy link
Owner Author

jaraco commented Aug 12, 2021

Or maybe this.

@jesopo
Copy link

jesopo commented Aug 12, 2021

the process goes as follows (> is client-to-server, < is server-to-client)

< :server NOTICE * :*** Checking Ident
< :server NOTICE * :*** Looking up your hostname...
< :server NOTICE * :*** Found your hostname: localhost
< :server NOTICE * :*** No Ident response
> CAP LS
> USER u s e r
> NICK jess
< :server CAP * LS :account-notify extended-join sasl invite-notify
> CAP REQ sasl
< :server CAP * ACK :sasl
> AUTHENTICATE PLAIN
< AUTHENTICATE +
> AUTHENTICATE AGplc3MAaHVudGVyMg==
< :server 900 * jess!u@localhost jess :You are now logged in as jess
< :server 903 * :SASL authentication successful
> CAP END
< :server 001 jess :Welcome to the localhost Internet Relay Chat Network jess

AGplc3MAaHVudGVyMg== is a base64 of \x00jess\x00hunter2 which is \x00<account>\x00<password>

@supertassu
Copy link

This can be helpful too, as it's a SASL implementation with this library.

anisse added a commit to anisse/irc-python that referenced this issue Sep 7, 2022
@anisse
Add support for SASL PLAIN authentication
42055a3 
This implements a minimal state machine to do the SASL PLAIN
authentication dance.

It could have been done even simpler by sending all the commands and not
checking for server capabilities, but I don't think it's being a good
citizen.

It changes the ServerConnection api by adding a sasl_login argument, and
reusing the old password argument, since I couldn't think of a usecase
where both were needed. The SimpleIRCClient and SingleServerIRCBot can
also pass this new argument.

A new "login_failed" generated event is added and is sent in some of the
cases where the SASL login can fail. Note that there is no timeout on
the state machine, so if the server does not send any of the expected
commands, it will just stay active forever, potentially with the login
failing.

It was tested on libera.chat with the cobe bot and seems to work
reasonably well.

Fixes jaraco#195
@anisse anisse mentioned this issue Sep 7, 2022
Merged
anisse added a commit to anisse/irc-python that referenced this issue Sep 7, 2022
@anisse
Add support for SASL PLAIN authentication
35cc621 
This implements a minimal state machine to do the SASL PLAIN
authentication dance.

It could have been done even simpler by sending all the commands and not
checking for server capabilities, but I don't think it's being a good
citizen.

It changes the ServerConnection api by adding a sasl_login argument, and
reusing the old password argument, since I couldn't think of a usecase
where both were needed. The SimpleIRCClient and SingleServerIRCBot can
also pass this new argument.

A new "login_failed" generated event is added and is sent in some of the
cases where the SASL login can fail. Note that there is no timeout on
the state machine, so if the server does not send any of the expected
commands, it will just stay active forever, potentially with the login
failing.

It was tested on libera.chat with the cobe bot and seems to work
reasonably well.

Fixes jaraco#195
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for SASL PLAIN authentication anisse/irc-python
3 participants
@jaraco @supertassu @jesopo