nickserv: implement GHOST, GROUP, DROP, and INFO

2025-12-20 02:00:11 -08:00 · 2018-03-02 17:04:24 -05:00 · 2018-03-02 17:04:24 -05:00 · a022befffe
commit a022befffe
parent b211fd35da
6 changed files with 308 additions and 84 deletions
--- a/irc/accounts.go
+++ b/irc/accounts.go
@ -29,6 +29,7 @@ const (
 	keyAccountName             = "account.name %s" // stores the 'preferred name' of the account, not casemapped
 	keyAccountRegTime          = "account.registered.time %s"
 	keyAccountCredentials      = "account.credentials %s"
+	keyAccountAdditionalNicks  = "account.additionalnicks %s"
 	keyCertToAccount           = "account.creds.certfp %s"
 )

@ -75,6 +76,12 @@ func (am *AccountManager) buildNickToAccountIndex() {
 			if _, err := tx.Get(fmt.Sprintf(keyAccountVerified, accountName)); err == nil {
 				result[accountName] = accountName
 			}
+			if rawNicks, err := tx.Get(fmt.Sprintf(keyAccountAdditionalNicks, accountName)); err == nil {
+				additionalNicks := unmarshalReservedNicks(rawNicks)
+				for _, nick := range additionalNicks {
+					result[nick] = accountName
+				}
+			}
 			return true
 		})
 		return err
@ -91,7 +98,12 @@ func (am *AccountManager) buildNickToAccountIndex() {
 	return
 }

-func (am *AccountManager) NickToAccount(cfnick string) string {
+func (am *AccountManager) NickToAccount(nick string) string {
+	cfnick, err := CasefoldName(nick)
+	if err != nil {
+		return ""
+	}
+
 	am.RLock()
 	defer am.RUnlock()
 	return am.nickToAccount[cfnick]
@ -325,13 +337,92 @@ func (am *AccountManager) Verify(client *Client, account string, code string) er
 	return nil
 }

-func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
-	casefoldedAccount, err := CasefoldName(accountName)
+func marshalReservedNicks(nicks []string) string {
+	return strings.Join(nicks, ",")
+}
+
+func unmarshalReservedNicks(nicks string) (result []string) {
+	if nicks == "" {
+		return
+	}
+	return strings.Split(nicks, ",")
+}
+
+func (am *AccountManager) SetNickReserved(client *Client, nick string, reserve bool) error {
+	cfnick, err := CasefoldName(nick)
 	if err != nil {
-		return errAccountDoesNotExist
+		return errAccountNickReservationFailed
 	}

-	account, err := am.LoadAccount(casefoldedAccount)
+	// sanity check so we don't persist bad data
+	account := client.Account()
+	if account == "" || cfnick == "" || !am.server.AccountConfig().NickReservation.Enabled {
+		return errAccountNickReservationFailed
+	}
+
+	limit := am.server.AccountConfig().NickReservation.AdditionalNickLimit
+
+	am.serialCacheUpdateMutex.Lock()
+	defer am.serialCacheUpdateMutex.Unlock()
+
+	// the cache is in sync with the DB while we hold serialCacheUpdateMutex
+	accountForNick := am.NickToAccount(cfnick)
+	if reserve && accountForNick != "" {
+		return errNicknameReserved
+	} else if !reserve && accountForNick != account {
+		return errAccountNickReservationFailed
+	} else if !reserve && cfnick == account {
+		return errAccountCantDropPrimaryNick
+	}
+
+	nicksKey := fmt.Sprintf(keyAccountAdditionalNicks, account)
+	err = am.server.store.Update(func(tx *buntdb.Tx) error {
+		rawNicks, err := tx.Get(nicksKey)
+		if err != nil && err != buntdb.ErrNotFound {
+			return err
+		}
+
+		nicks := unmarshalReservedNicks(rawNicks)
+
+		if reserve {
+			if len(nicks) >= limit {
+				return errAccountTooManyNicks
+			}
+			nicks = append(nicks, cfnick)
+		} else {
+			var newNicks []string
+			for _, reservedNick := range nicks {
+				if reservedNick != cfnick {
+					newNicks = append(newNicks, reservedNick)
+				}
+			}
+			nicks = newNicks
+		}
+
+		marshaledNicks := marshalReservedNicks(nicks)
+		_, _, err = tx.Set(nicksKey, string(marshaledNicks), nil)
+		return err
+	})
+
+	if err == errAccountTooManyNicks {
+		return err
+	} else if err != nil {
+		return errAccountNickReservationFailed
+	}
+
+	// success
+	am.Lock()
+	defer am.Unlock()
+	if reserve {
+		am.nickToAccount[cfnick] = account
+	} else {
+		delete(am.nickToAccount, cfnick)
+	}
+	return nil
+}
+
+func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
+	account, err := am.LoadAccount(accountName)
 	if err != nil {
 		return err
 	}
@ -350,7 +441,13 @@ func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName s
 	return nil
 }

-func (am *AccountManager) LoadAccount(casefoldedAccount string) (result ClientAccount, err error) {
+func (am *AccountManager) LoadAccount(accountName string) (result ClientAccount, err error) {
+	casefoldedAccount, err := CasefoldName(accountName)
+	if err != nil {
+		err = errAccountDoesNotExist
+		return
+	}
+
 	var raw rawClientAccount
 	am.server.store.View(func(tx *buntdb.Tx) error {
 		raw, err = am.loadRawAccount(tx, casefoldedAccount)
@ -369,6 +466,7 @@ func (am *AccountManager) LoadAccount(casefoldedAccount string) (result ClientAc
 		err = errAccountDoesNotExist
 		return
 	}
+	result.AdditionalNicks = unmarshalReservedNicks(raw.AdditionalNicks)
 	result.Verified = raw.Verified
 	return
 }
@ -380,6 +478,7 @@ func (am *AccountManager) loadRawAccount(tx *buntdb.Tx, casefoldedAccount string
 	credentialsKey := fmt.Sprintf(keyAccountCredentials, casefoldedAccount)
 	verifiedKey := fmt.Sprintf(keyAccountVerified, casefoldedAccount)
 	callbackKey := fmt.Sprintf(keyAccountCallback, casefoldedAccount)
+	nicksKey := fmt.Sprintf(keyAccountAdditionalNicks, casefoldedAccount)

 	_, e := tx.Get(accountKey)
 	if e == buntdb.ErrNotFound {
@ -391,6 +490,7 @@ func (am *AccountManager) loadRawAccount(tx *buntdb.Tx, casefoldedAccount string
 	result.RegisteredAt, _ = tx.Get(registeredTimeKey)
 	result.Credentials, _ = tx.Get(credentialsKey)
 	result.Callback, _ = tx.Get(callbackKey)
+	result.AdditionalNicks, _ = tx.Get(nicksKey)

 	if _, e = tx.Get(verifiedKey); e == nil {
 		result.Verified = true
@ -412,51 +512,56 @@ func (am *AccountManager) Unregister(account string) error {
 	callbackKey := fmt.Sprintf(keyAccountCallback, casefoldedAccount)
 	verificationCodeKey := fmt.Sprintf(keyAccountVerificationCode, casefoldedAccount)
 	verifiedKey := fmt.Sprintf(keyAccountVerified, casefoldedAccount)
+	nicksKey := fmt.Sprintf(keyAccountAdditionalNicks, casefoldedAccount)

 	var clients []*Client

-	func() {
-		var credText string
+	var credText string
+	var rawNicks string

-		am.serialCacheUpdateMutex.Lock()
-		defer am.serialCacheUpdateMutex.Unlock()
+	am.serialCacheUpdateMutex.Lock()
+	defer am.serialCacheUpdateMutex.Unlock()

-		am.server.store.Update(func(tx *buntdb.Tx) error {
-			tx.Delete(accountKey)
-			tx.Delete(accountNameKey)
-			tx.Delete(verifiedKey)
-			tx.Delete(registeredTimeKey)
-			tx.Delete(callbackKey)
-			tx.Delete(verificationCodeKey)
-			credText, err = tx.Get(credentialsKey)
-			tx.Delete(credentialsKey)
-			return nil
-		})
+	am.server.store.Update(func(tx *buntdb.Tx) error {
+		tx.Delete(accountKey)
+		tx.Delete(accountNameKey)
+		tx.Delete(verifiedKey)
+		tx.Delete(registeredTimeKey)
+		tx.Delete(callbackKey)
+		tx.Delete(verificationCodeKey)
+		rawNicks, _ = tx.Get(nicksKey)
+		tx.Delete(nicksKey)
+		credText, err = tx.Get(credentialsKey)
+		tx.Delete(credentialsKey)
+		return nil
+	})

-		if err == nil {
-			var creds AccountCredentials
-			if err = json.Unmarshal([]byte(credText), &creds); err == nil && creds.Certificate != "" {
-				certFPKey := fmt.Sprintf(keyCertToAccount, creds.Certificate)
-				am.server.store.Update(func(tx *buntdb.Tx) error {
-					if account, err := tx.Get(certFPKey); err == nil && account == casefoldedAccount {
-						tx.Delete(certFPKey)
-					}
-					return nil
-				})
-			}
+	if err == nil {
+		var creds AccountCredentials
+		if err = json.Unmarshal([]byte(credText), &creds); err == nil && creds.Certificate != "" {
+			certFPKey := fmt.Sprintf(keyCertToAccount, creds.Certificate)
+			am.server.store.Update(func(tx *buntdb.Tx) error {
+				if account, err := tx.Get(certFPKey); err == nil && account == casefoldedAccount {
+					tx.Delete(certFPKey)
+				}
+				return nil
+			})
 		}
+	}

-		am.Lock()
-		defer am.Unlock()
-		clients = am.accountToClients[casefoldedAccount]
-		delete(am.accountToClients, casefoldedAccount)
-		// TODO when registration of multiple nicks is fully implemented,
-		// save the nicks that were deleted from the store and delete them here:
-		delete(am.nickToAccount, casefoldedAccount)
-	}()
+	additionalNicks := unmarshalReservedNicks(rawNicks)

+	am.Lock()
+	defer am.Unlock()
+
+	clients = am.accountToClients[casefoldedAccount]
+	delete(am.accountToClients, casefoldedAccount)
+	delete(am.nickToAccount, casefoldedAccount)
+	for _, nick := range additionalNicks {
+		delete(am.nickToAccount, nick)
+	}
 	for _, client := range clients {
-		client.LogoutOfAccount()
+		am.logoutOfAccount(client)
 	}

 	if err != nil {
@ -498,29 +603,25 @@ func (am *AccountManager) AuthenticateByCertFP(client *Client) error {
 }

 func (am *AccountManager) Login(client *Client, account string) {
-	client.LoginToAccount(account)
-
-	casefoldedAccount, _ := CasefoldName(account)
 	am.Lock()
 	defer am.Unlock()
+
+	am.loginToAccount(client, account)
+	casefoldedAccount := client.Account()
 	am.accountToClients[casefoldedAccount] = append(am.accountToClients[casefoldedAccount], client)
 }

 func (am *AccountManager) Logout(client *Client) {
-	casefoldedAccount := client.Account()
-	if casefoldedAccount == "" || casefoldedAccount == "*" {
-		return
-	}
-
-	client.LogoutOfAccount()
-
 	am.Lock()
 	defer am.Unlock()

-	if client.LoggedIntoAccount() {
+	casefoldedAccount := client.Account()
+	if casefoldedAccount == "" {
 		return
 	}

+	am.logoutOfAccount(client)
+
 	clients := am.accountToClients[casefoldedAccount]
 	if len(clients) <= 1 {
 		delete(am.accountToClients, casefoldedAccount)
@ -559,42 +660,45 @@ type ClientAccount struct {
 	// Name of the account.
 	Name string
 	// RegisteredAt represents the time that the account was registered.
-	RegisteredAt time.Time
-	Credentials  AccountCredentials
-	Verified     bool
+	RegisteredAt    time.Time
+	Credentials     AccountCredentials
+	Verified        bool
+	AdditionalNicks []string
 }

 // convenience for passing around raw serialized account data
 type rawClientAccount struct {
-	Name         string
-	RegisteredAt string
-	Credentials  string
-	Callback     string
-	Verified     bool
+	Name            string
+	RegisteredAt    string
+	Credentials     string
+	Callback        string
+	Verified        bool
+	AdditionalNicks string
 }

-// LoginToAccount logs the client into the given account.
-func (client *Client) LoginToAccount(account string) {
+// loginToAccount logs the client into the given account.
+func (am *AccountManager) loginToAccount(client *Client, account string) {
 	changed := client.SetAccountName(account)
 	if changed {
-		client.nickTimer.Touch()
+		go client.nickTimer.Touch()
 	}
 }

-// LogoutOfAccount logs the client out of their current account.
-func (client *Client) LogoutOfAccount() {
+// logoutOfAccount logs the client out of their current account.
+func (am *AccountManager) logoutOfAccount(client *Client) {
 	if client.Account() == "" {
 		// already logged out
 		return
 	}

 	client.SetAccountName("")
-	client.nickTimer.Touch()
+	go client.nickTimer.Touch()

 	// dispatch account-notify
 	// TODO: doing the I/O here is kind of a kludge, let's move this somewhere else
-	for friend := range client.Friends(caps.AccountNotify) {
-		friend.Send(nil, client.nickMaskString, "ACCOUNT", "*")
-	}
+	go func() {
+		for friend := range client.Friends(caps.AccountNotify) {
+			friend.Send(nil, client.NickMaskString(), "ACCOUNT", "*")
+		}
+	}()
 }
-