Add SASL authentication to rcirc

* lisp/net/rcirc.el (rcirc-handler-AUTHENTICATE): New function (bug#48601). (rcirc-authenticate): (rcirc-connect): Support sasl. (rcirc-get-server-password, rcirc-get-server-method): New functions. (rcirc-authinfo): Document it.
2021-06-24 18:45:08 +02:00 · 2021-06-24 18:45:08 +02:00 · 8db520837a
commit 8db520837a
parent 8febca87c3
3 changed files with 51 additions and 2 deletions
--- a/doc/misc/rcirc.texi
+++ b/doc/misc/rcirc.texi
@ -590,6 +590,12 @@ Use this symbol if you need to identify yourself in the Bitlbee channel
 as follows: @code{identify secret}.  The necessary arguments are the
 nickname you want to use this for, and the password to use.

+@item sasl
+@cindex sasl authentication
+Use this symbol if you want to use @acronym{SASL} authentication.  The
+necessary arguments are the nickname you want to use this for, and the
+password to use.
+
@cindex gateway to other IM services
@cindex instant messaging, other services
@cindex Jabber
--- a/etc/NEWS
+++ b/etc/NEWS
@ -2134,6 +2134,9 @@ summaries will include the failing condition.

 ** Miscellaneous

+++
+*** rcirc now supports SASL authentication.
+
 +++
 *** 'save-interprogram-paste-before-kill' can now be a number.
 In that case, it's interpreted as a limit on the size of the clipboard
--- a/lisp/net/rcirc.el
+++ b/lisp/net/rcirc.el
@ -245,13 +245,15 @@ The ARGUMENTS for each METHOD symbol are:
  `chanserv': NICK CHANNEL PASSWORD
  `bitlbee': NICK PASSWORD
  `quakenet': ACCOUNT PASSWORD
+  `sasl': NICK PASSWORD

 Examples:
 ((\"freenode\" nickserv \"bob\" \"p455w0rd\")
  (\"freenode\" chanserv \"bob\" \"#bobland\" \"passwd99\")
  (\"bitlbee\" bitlbee \"robert\" \"sekrit\")
  (\"dal.net\" nickserv \"bob\" \"sekrit\" \"NickServ@services.dal.net\")
-  (\"quakenet.org\" quakenet \"bobby\" \"sekrit\"))"
+  (\"quakenet.org\" quakenet \"bobby\" \"sekrit\")
+  (\"oftc\" sasl \"bob\" \"hunter2\"))"
  :type '(alist :key-type (regexp :tag "Server")
 		:value-type (choice (list :tag "NickServ"
 					  (const nickserv)
@ -269,6 +271,10 @@ Examples:
                                    (list :tag "QuakeNet"
                                          (const quakenet)
                                          (string :tag "Account")
+                                          (string :tag "Password"))
+                                    (list :tag "SASL"
+                                          (const sasl)
+                                          (string :tag "Nick")
                                          (string :tag "Password")))))

 (defcustom rcirc-auto-authenticate-flag t
@ -543,6 +549,22 @@ If ARG is non-nil, instead prompt for connection parameters."
 (defvar rcirc-connection-info nil)
 (defvar rcirc-process nil)

+(defun rcirc-get-server-method (server)
+  (catch 'method
+    (dolist (i rcirc-authinfo)
+      (let ((server-i (car i))
+	    (method (cadr i)))
+	(when (string-match server-i server)
+          (throw 'method method))))))
+
+(defun rcirc-get-server-password (server)
+  (catch 'pass
+    (dolist (i rcirc-authinfo)
+      (let ((server-i (car i))
+	    (args (cdddr i)))
+	(when (string-match server-i server)
+          (throw 'pass (car args)))))))
+
 ;;;###autoload
 (defun rcirc-connect (server &optional port nick user-name
                             full-name startup-channels password encryption
@ -559,6 +581,7 @@ If ARG is non-nil, instead prompt for connection parameters."
 	   (user-name (or user-name rcirc-default-user-name))
 	   (full-name (or full-name rcirc-default-full-name))
 	   (startup-channels startup-channels)
+           (use-sasl (eq (rcirc-get-server-method server) 'sasl))
           (process (open-network-stream
                     (or server-alias server) nil server port-number
                     :type (or encryption 'plain))))
@ -591,6 +614,8 @@ If ARG is non-nil, instead prompt for connection parameters."
      (setq-local rcirc-server-parameters nil)

      (add-hook 'auto-save-hook 'rcirc-log-write)
+      (when use-sasl
+        (rcirc-send-string process "CAP REQ sasl"))

      ;; identify
      (unless (zerop (length password))
@ -598,6 +623,10 @@ If ARG is non-nil, instead prompt for connection parameters."
      (rcirc-send-string process (concat "NICK " nick))
      (rcirc-send-string process (concat "USER " user-name
                                         " 0 * :" full-name))
+      ;; Setup sasl, and initiate authentication.
+      (when (and rcirc-auto-authenticate-flag
+                 use-sasl)
+        (rcirc-send-string process "AUTHENTICATE PLAIN"))

      ;; setup ping timer if necessary
      (unless rcirc-keepalive-timer
@ -2923,7 +2952,8 @@ Passwords are stored in `rcirc-authinfo' (which see)."
                 (rcirc-send-privmsg
                  process
                  "&bitlbee"
-                  (concat "IDENTIFY " (car args)))))
+                  (concat "IDENTIFY " (car args))))
+                (sasl nil))
            ;; quakenet authentication doesn't rely on the user's nickname.
            ;; the variable `nick' here represents the Q account name.
            (when (eq method 'quakenet)
@ -2969,6 +2999,16 @@ Passwords are stored in `rcirc-authinfo' (which see)."

 (defun rcirc-handler-CTCP-response (process _target sender message)
  (rcirc-print process sender "CTCP" nil message t))
+
+(defun rcirc-handler-AUTHENTICATE (process _cmd _args _text)
+  (rcirc-send-string
+   process
+   (format "AUTHENTICATE %s"
+           (base64-encode-string
+            ;; use connection user-name
+            (concat "\0" (nth 3 rcirc-connection-info)
+                    "\0" (rcirc-get-server-password rcirc-server))))))
+

 (defgroup rcirc-faces nil
  "Faces for rcirc."