CEF/ergo
1
0
Fork 0
forked from External/ergo
Code Pull requests Activity

fix #328 (implement DEFCON)

Browse source
This commit is contained in:
Shivaram Lingamneni 2020-07-08 05:32:14 -04:00
parent f2d0842453
commit 6ea2eb367d
11 changed files with 70 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
irc/client.go
View file

@ -529,7 +529,7 @@ const (
authFailSaslRequired
)
func (client *Client) isAuthorized(config *Config, session *Session) AuthOutcome {
func (client *Client) isAuthorized(server *Server, config *Config, session *Session) AuthOutcome {
saslSent := client.account != ""
// PASS requirement
if (config.Server.passwordBytes != nil) && session.passStatus != serverPassSuccessful && !(config.Accounts.SkipServerPassword && saslSent) {
@ -540,7 +540,8 @@ func (client *Client) isAuthorized(config *Config, session *Session) AuthOutcome
return authFailTorSaslRequired
}
// finally, enforce require-sasl
if config.Accounts.RequireSasl.Enabled && !saslSent && !utils.IPInNets(session.IP(), config.Accounts.RequireSasl.exemptedNets) {
if !saslSent && (config.Accounts.RequireSasl.Enabled || server.Defcon() <= 2) &&
!utils.IPInNets(session.IP(), config.Accounts.RequireSasl.exemptedNets) {
return authFailSaslRequired
}
return authSuccess