Giters

DalekIRC / Dalek-Services

IRC Services with WordPress integration. Have everything your way!

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Crash when using SASL plain with password over 400 characters

progval opened this issue · comments

commented

Client traffic and services log (interleaved):

1662797615.506 1: connects to server.
1662797615.506 1 -> S: CAP LS 302
[SEND] @msgid=avct7WwIOXh/D/AS/7e+R/cP+aZnXQRT;time=2022-09-10T08:13:35.518Z :00AFFC916 PRIVMSG #services :chkNS (~chk@localhost) [127.0.0.1] disconnected from the network. (Quit: chkNS) (001)
1662797616.019 S -> 1: :My.Little.Server CAP * LS :unrealircd.org/link-security=2 unrealircd.org/plaintext-policy=user=allow,oper=deny,server=deny unrealircd.org/history-storage=memory away-notify invite-notify extended-join userhost-in-names multi-prefix cap-notify sasl=PLAIN,EXTERNAL setname tls chghost account-notify message-tags batch server-time account-tag echo-message labeled-response draft/chathistory draft/extended-monitor unrealircd.org/json-log
1662797616.020 1 -> S: CAP REQ :sasl
1662797616.020 S -> 1: :My.Little.Server CAP * ACK :sasl 
1662797616.020 1 -> S: AUTHENTICATE PLAIN
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 H 127.0.0.1 127.0.0.1
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 S PLAIN
[SEND] @msgid=aTfX50Ra9V24C75e0QoeXeUy7rqoJAK2;time=2022-09-10T08:13:36.03Z SASL My.Little.Server 001Y35N04 C +
1662797616.030 S -> 1: AUTHENTICATE +
1662797616.031 1 -> S: AUTHENTICATE Zm9vAGZvbwBiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJi
1662797616.031 1 -> S: AUTHENTICATE YXJiYXJiYXI=
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 C Zm9vAGZvbwBiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJi
PHP Fatal error:  Uncaught Error: Call to a member function bind_param() on bool in /home/oragono/Dalek-Services/src/misc.php:429
Stack trace:
#0 /home/oragono/Dalek-Services/src/modules/sasl.php(347): is_invite()
#1 /home/oragono/Dalek-Services/src/modules/sasl.php(241): IRC_SASL->check_pass()
#2 /home/oragono/Dalek-Services/src/modules/sasl.php(163): IRC_SASL->__construct()
#3 /home/oragono/Dalek-Services/src/cmd.php(31): SASL::cmd_sasl()
#4 /home/oragono/Dalek-Services/src/cmd.php(108): cmd::run()
#5 /home/oragono/Dalek-Services/src/hook.php(78): {closure}()
#6 /home/oragono/Dalek-Services/src/main.php(197): hook::run()
#7 /home/oragono/Dalek-Services/src/dalek(2): include('/home/oragono/D...')
#8 {main}
  thrown in /home/oragono/Dalek-Services/src/misc.php on line 429

Adding print_r($conn->error); before the offending line shows the error is: Table 'pifpaf.dalek_invite' doesn't exist

commented

There are two bugs here:

  • Table dalek_invite doesn't exist, as you show
  • Dalek does not take into account that it can receive AUTHENTICATE in multiple parts due to a long password.

Thank you so much for reporting these

commented

sorry for the stupid question, how to check irctest if the sasl authenticate400 portion worked?

commented

Remove that part: https://github.com/progval/irctest/blob/master/irctest/server_tests/sasl.py#L179-L188 and run it locally

Running it with Dalek is a bit convoluted, you need to run these commands: https://github.com/progval/irctest/blob/master/workflows.yml#L335-L342 (replace ${{ github.workspace }} with the absolute path of directory that contains each of the things) then type make unrealircd-dlk