New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Irc host authentication #6757

Merged
merged 6 commits into from Jun 2, 2017

Conversation

Projects
None yet
6 participants
@Olen
Contributor

Olen commented May 30, 2017

DO NOT DELETE THIS TEXT

Please note

Please read this information carefully. You can run ./scripts/pre-commit.php to check your code before submitting.

Testers

If you would like to test this pull request then please run: ./scripts/github-apply <pr_id>, i.e ./scripts/github-apply 5926

This patch will allow you to add users/hosts to be pre-authenticated.
$config['irc_auth'][username1][] = "*!*ident@*host.tld"

@mention-bot

This comment has been minimized.

Show comment
Hide comment
@mention-bot

mention-bot May 30, 2017

Thank you for submitting a PR @Olen! We have found the following @murrant, @deutor and @laf based on the history of these files to review this PR.

Thank you for submitting a PR @Olen! We have found the following @murrant, @deutor and @laf based on the history of these files to review this PR.

@LibreNMS-CI

This comment has been minimized.

Show comment
Hide comment
@deutor

This comment has been minimized.

Show comment
Hide comment
@deutor

deutor May 31, 2017

Contributor

Actually it pre-authenticates you every time you send a command.
I think that either moving that feature to _auth (so .auth admin authenticates you without token) or pre-authenticate only if not $this->isAuthd() would save some CPU ticks, though those "wasted" ticks do not really matter nowadays (pre-authentication on first command if user is not authorized would still require changing _auth so one could refresh user['devices'] and user['ports'] with pre-authentication).
Overall I like this change as it will save me some work required to authenticate to 20 bots :)

Anyway $this->user['expire'] should honor config['irc_authtime'] setting so it should be:
$this->user['expire'] = (time() + ($this->config['irc_authtime'] * 3600));
instead of:
$this->user['expire'] = (time() + 3600);

Contributor

deutor commented May 31, 2017

Actually it pre-authenticates you every time you send a command.
I think that either moving that feature to _auth (so .auth admin authenticates you without token) or pre-authenticate only if not $this->isAuthd() would save some CPU ticks, though those "wasted" ticks do not really matter nowadays (pre-authentication on first command if user is not authorized would still require changing _auth so one could refresh user['devices'] and user['ports'] with pre-authentication).
Overall I like this change as it will save me some work required to authenticate to 20 bots :)

Anyway $this->user['expire'] should honor config['irc_authtime'] setting so it should be:
$this->user['expire'] = (time() + ($this->config['irc_authtime'] * 3600));
instead of:
$this->user['expire'] = (time() + 3600);

@Olen

This comment has been minimized.

Show comment
Hide comment
@Olen

Olen May 31, 2017

Contributor

I thought of using _auth, but that means you still need to type ".auth" at leas once, which was something I wanted to avoid. But I agree that if we move the check to _auth, it makes sense to honor irc_authtime as well.
But I agreee that checking isAuthd() first is a good thing. I will add that. I will look into checking devices and ports.
I will also add the same test to external commands. This might lead to some refactoring of the code.

Contributor

Olen commented May 31, 2017

I thought of using _auth, but that means you still need to type ".auth" at leas once, which was something I wanted to avoid. But I agree that if we move the check to _auth, it makes sense to honor irc_authtime as well.
But I agreee that checking isAuthd() first is a good thing. I will add that. I will look into checking devices and ports.
I will also add the same test to external commands. This might lead to some refactoring of the code.

@LibreNMS-CI

This comment has been minimized.

Show comment
Hide comment
@laf

This comment has been minimized.

Show comment
Hide comment
@laf

laf May 31, 2017

Member

@deutor if you're happy with these changes we'll merge in.

Member

laf commented May 31, 2017

@deutor if you're happy with these changes we'll merge in.

@deutor

This comment has been minimized.

Show comment
Hide comment
@deutor

deutor Jun 1, 2017

Contributor

I'm very happy with these changes :)

Contributor

deutor commented Jun 1, 2017

I'm very happy with these changes :)

@laf

This comment has been minimized.

Show comment
Hide comment
Member

laf commented Jun 2, 2017

@laf laf added the Blocker 🚫 label Jun 2, 2017

@LibreNMS-CI

This comment has been minimized.

Show comment
Hide comment
@LibreNMS-CI

This comment has been minimized.

Show comment
Hide comment
@scrutinizer-notifier

This comment has been minimized.

Show comment
Hide comment
@scrutinizer-notifier

scrutinizer-notifier Jun 2, 2017

The inspection completed: 1 new issues, 3 updated code elements

The inspection completed: 1 new issues, 3 updated code elements

@laf laf merged commit 43e135e into librenms:master Jun 2, 2017

3 checks passed

Auto-Deploy Build finished.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
license/cla Contributor License Agreement is signed.
Details
@lock

This comment has been minimized.

Show comment
Hide comment
@lock

lock bot May 18, 2018

This thread has been automatically locked since there has not been any recent activity after it was closed.

lock bot commented May 18, 2018

This thread has been automatically locked since there has not been any recent activity after it was closed.

@lock lock bot locked as resolved and limited conversation to collaborators May 18, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.