fix #455

2019-05-22 20:25:57 -04:00 · 2019-05-22 20:25:57 -04:00 · 174115deb6
commit 174115deb6
parent a27c46f983
5 changed files with 40 additions and 22 deletions
--- a/irc/client.go
+++ b/irc/client.go
@ -286,18 +286,30 @@ func (client *Client) doIdentLookup(conn net.Conn) {
 	}
 }

-func (client *Client) isAuthorized(config *Config) bool {
+type AuthOutcome uint
+
+const (
+	authSuccess AuthOutcome = iota
+	authFailPass
+	authFailTorSaslRequired
+	authFailSaslRequired
+)
+
+func (client *Client) isAuthorized(config *Config) AuthOutcome {
 	saslSent := client.account != ""
 	// PASS requirement
 	if (config.Server.passwordBytes != nil) && !client.sentPassCommand && !(config.Accounts.SkipServerPassword && saslSent) {
-		return false
+		return authFailPass
 	}
 	// Tor connections may be required to authenticate with SASL
 	if client.isTor && config.Server.TorListeners.RequireSasl && !saslSent {
-		return false
+		return authFailTorSaslRequired
 	}
 	// finally, enforce require-sasl
-	return !config.Accounts.RequireSasl.Enabled || saslSent || utils.IPInNets(client.IP(), config.Accounts.RequireSasl.exemptedNets)
+	if config.Accounts.RequireSasl.Enabled && !saslSent && !utils.IPInNets(client.IP(), config.Accounts.RequireSasl.exemptedNets) {
+		return authFailSaslRequired
+	}
+	return authSuccess
 }

 func (session *Session) resetFakelag() {