From 063e6b127ecf92ca5bf8c4ecb137b60e3e7aa216 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Wed, 12 Aug 2020 09:40:36 +0200 Subject: Handle SASL failures by displaying a message and aborting the connection --- src/irc/irc_client.cpp | 25 ++++++++++++++++++++++- src/irc/irc_client.hpp | 3 ++- tests/end_to_end/scenarios/sasl.py | 42 ++++++++++++++++++++++++++++++++++++-- 3 files changed, 66 insertions(+), 4 deletions(-) diff --git a/src/irc/irc_client.cpp b/src/irc/irc_client.cpp index 351f9f8..3ae5ac6 100644 --- a/src/irc/irc_client.cpp +++ b/src/irc/irc_client.cpp @@ -85,8 +85,14 @@ static const std::unordered_mapchannels_to_join.clear(); } else // try the next port this->start(); @@ -1372,6 +1379,22 @@ void IrcClient::on_sasl_success(const IrcMessage &) this->cap_end(); } +void IrcClient::on_sasl_failure(const IrcMessage& message) +{ + this->sasl_state = SaslState::failure; + const auto reason = message.arguments[1]; + // Send an error message for all room that the user wanted to join + for (const auto& tuple: this->channels_to_join) + { + Iid iid(std::get<0>(tuple) + "%" + this->hostname, this->chantypes); + this->bridge.send_presence_error(iid, this->current_nick, + "cancel", "item-not-found", + "", reason); + } + this->channels_to_join.clear(); + this->send_quit_command(reason); +} + void IrcClient::on_sasl_login(const IrcMessage &message) { const auto& login = message.arguments[2]; diff --git a/src/irc/irc_client.hpp b/src/irc/irc_client.hpp index 9f77e29..ac2f6a9 100644 --- a/src/irc/irc_client.hpp +++ b/src/irc/irc_client.hpp @@ -247,8 +247,9 @@ private: public: #ifdef WITH_SASL void on_authenticate(const IrcMessage& message); - void on_sasl_success(const IrcMessage& message); void on_sasl_login(const IrcMessage& message); + void on_sasl_success(const IrcMessage& message); + void on_sasl_failure(const IrcMessage& message); #endif /** * The channel has been completely joined (self presence, topic, all names diff --git a/tests/end_to_end/scenarios/sasl.py b/tests/end_to_end/scenarios/sasl.py index 5f71b7a..b3cc62d 100644 --- a/tests/end_to_end/scenarios/sasl.py +++ b/tests/end_to_end/scenarios/sasl.py @@ -26,9 +26,47 @@ scenario = ( "6667" "RegisteredUser" "66976670" + "9999" ""), expect_stanza("/iq[@type='result']/commands:command[@node='configure'][@status='completed']/commands:note[@type='info'][text()='Configuration successfully applied.']"), - send_stanza(""), - sequences.connection(login="RegisteredUser") + # Joining a channel with the associated nick will work + send_stanza(""), + sequences.connection(login="RegisteredUser"), + expect_stanza("/presence"), + expect_stanza("/message/subject"), + + # Leave the channel and disconnect from the server to try again differently + send_stanza(""), + expect_stanza("/presence[@type='unavailable']"), + + # Configure an INCORRECT password + send_stanza(""), + expect_stanza("/iq[@type='result']/commands:command[@node='configure'][@sessionid][@status='executing']", + "/iq/commands:command/dataform:x[@type='form']/dataform:field[@type='text-private'][@var='sasl_password']", + after = save_value("sessionid", extract_attribute("/iq[@type='result']/commands:command[@node='configure']", "sessionid"))), + + + send_stanza("" + "" + "" + "wrong wrong wrong" + "6667" + "RegisteredUser" + "66976670" + "9999" + ""), + expect_stanza("/iq[@type='result']/commands:command[@node='configure'][@status='completed']/commands:note[@type='info'][text()='Configuration successfully applied.']"), + + send_stanza(""), + # Here, the 6 connecting… connected messages from the connection attempt + expect_stanza("/message"), + expect_stanza("/message"), + expect_stanza("/message"), + expect_stanza("/message"), + expect_stanza("/message"), + expect_stanza("/message"), + expect_stanza("/presence[@type='error'][@from='#foo%{irc_server_one}/RegisteredUser']"), + expect_stanza("/message/body[text()='ERROR: Quit: SASL authentication failed: Invalid account credentials']"), + expect_stanza("/message/body[text()='ERROR: Connection closed.']"), ) -- cgit v1.2.3