[dev] [sic] support for PLAIN SASL authentication on freenode

From: Marcin Cieslak <saper_AT_saper.info>
Date: Fri, 28 Jan 2011 14:26:23 +0000 (UTC)

Some servers, like freenode when used with Tor[1] require user authentication
on connect via SASL against the NickServ database. This done using CAP[2]
command and simple SASL exchange[3].

Here's the patch to sic trunk to support this, it adds a new
argument (-a) that needs to be an base64 encoded SASL PLAIN response.
This can be generated with python like this:

python -c 'import base64; print base64.encodestring("nick\x00nick\x00password")'

diff -r 904b7747c223 sic.1
--- a/sic.1 Fri Aug 06 09:52:12 2010 +0100
+++ b/sic.1 Fri Jan 28 14:23:44 2011 +0000
@@ -7,6 +7,7 @@
 .RB [ \-p " <port>"]
 .RB [ \-n " <nick>"]
 .RB [ \-k " <keyword>"]
+.RB [ \-a " <token>"]
 .RB [ \-v ]
 .SH DESCRIPTION
 .B sic
@@ -28,6 +29,12 @@
 .B \-k <keyword>
 Specifies the keyword to authenticate your nick on the host
 .TP
+.B \-a <token>
+Requests use of SASL authentication to the server. The token
+is a Base64-encoded message as required by SASL PLAIN mechanism:
+.IP ""
+username\\0username\\0password
+.TP
 .BI \-v
 Prints version information to standard output, then exits.
 .SH COMMANDS
diff -r 904b7747c223 sic.c
--- a/sic.c Fri Aug 06 09:52:12 2010 +0100
+++ b/sic.c Fri Jan 28 14:23:44 2011 +0000
@@ -12,6 +12,7 @@
 static char *port = "ircd";
 static char *password;
 static char nick[32];
+static char *auth;
 static char bufin[4096];
 static char bufout[4096];
 static char channel[256];
@@ -124,7 +125,16 @@
                 pout(par, "<%s> %s", usr, txt);
         else if(!strcmp("PING", cmd))
                 sout("PONG %s", txt);
+ else if (!strcmp("CAP", cmd) && auth != NULL) {
+ sout("AUTHENTICATE PLAIN");
+ }
+ else if (!strcmp("AUTHENTICATE", cmd) && auth != NULL) {
+ sout("AUTHENTICATE %s", auth);
+ pout(usr, "AUTHENTICATE KioqKioAKioqKioAKioqKio=");
+ }
         else {
+ if (!strncmp("90", cmd, 2))
+ sout("CAP END");
                 pout(usr, ">< %s (%s): %s", cmd, par, txt);
                 if(!strcmp("NICK", cmd) && !strcmp(usr, nick))
                         strlcpy(nick, txt, sizeof nick);
@@ -138,6 +148,7 @@
         const char *user = getenv("USER");
         fd_set rd;
 
+ auth = NULL;
         strlcpy(nick, user ? user : "unknown", sizeof nick);
         for(i = 1; i < argc; i++) {
                 c = argv[i][1];
@@ -153,19 +164,24 @@
                 case 'n':
                         if(++i < argc) strlcpy(nick, argv[i], sizeof nick);
                         break;
+ case 'a':
+ if(++i < argc) auth = argv[i];
+ break;
                 case 'k':
                         if(++i < argc) password = argv[i];
                         break;
                 case 'v':
                         eprint("sic-"VERSION", © 2005-2009 Kris Maglione, Anselm R. Garbe, Nico Golde\n");
                 default:
- eprint("usage: sic [-h host] [-p port] [-n nick] [-k keyword] [-v]\n");
+ eprint("usage: sic [-h host] [-p port] [-n nick] [-a auth] [-k keyword] [-v]\n");
                 }
         }
         /* init */
         i = dial(host, port);
         srv = fdopen(i, "r+");
         /* login */
+ if(auth)
+ sout("CAP REQ :sasl");
         if(password)
                 sout("PASS %s", password);
         sout("NICK %s", nick);

//Marcin

[1] http://freenode.net/irc_servers.shtml#tor
[2] http://www.leeh.co.uk/draft-mitchell-irc-capabilities-02.html
[3] http://www.beuc.net/tor/
Received on Fri Jan 28 2011 - 15:26:23 CET

This archive was generated by hypermail 2.2.0 : Fri Jan 28 2011 - 15:48:02 CET