Skip to content

Commit

Permalink
coretasks: backport SASL abort from #2187
Browse files Browse the repository at this point in the history 
tl;dr: If the server sends something unrecognized, the correct behavior
is to abort authentication explicitly rather than silently ignoring it.
  • Loading branch information
@dgw
dgw committed Oct 5, 2021
1 parent a992d56 commit 2d07271
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions sopel/coretasks.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1045,6 +1045,10 @@ def auth_proceed(bot, trigger):
"""
if trigger.args[0] != '+':
# How did we get here? I am not good with computer.
LOGGER.warning("Aborting SASL: unexpected server reply '%s'" % trigger)
# Send `authenticate-abort` command
# See https://ircv3.net/specs/extensions/sasl-3.1#the-authenticate-command
bot.write(('AUTHENTICATE', '*'))
return
# Is this right?
if bot.config.core.auth_method == 'sasl':
Expand Down

1 comment on commit 2d07271

@dgw
Copy link
Member Author

@dgw dgw commented on 2d07271 Oct 11, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't a clue why the status on this is ❌. The PR passed its tests, otherwise I wouldn't have been allowed to merge it. 🤷‍♂️ The merge event even says the checks passed:

image

Please sign in to comment.