Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

coretasks: correctly abort SASL PLAIN on invalid server reply #2187

Merged
merged 1 commit into from
Oct 4, 2021
Merged

coretasks: correctly abort SASL PLAIN on invalid server reply #2187

merged 1 commit into from
Oct 4, 2021

Conversation

dgw
Copy link
Member

@dgw dgw commented Oct 1, 2021
edited
Loading

Description

Originally flagged as an unused local variable by LGTM, but turned out to be a real bug.

Could be worth cutting a 7.1.5 release. No, that code is different and this patch doesn't apply.

Checklist

  • I have read CONTRIBUTING.md
  • I can and do license this contribution under the EFLv2
  • No issues are reported by make qa (runs make quality and make test)
  • I have tested the functionality of the things this change touches

@dgw
coretasks: correctly abort SASL PLAIN on invalid server reply
997a4b3 
Originally flagged as an unused local variable by LGTM, but turned out
to be a real bug.
@dgw dgw added the Bugfix Generally, PRs that reference (and fix) one or more issue(s) label Oct 1, 2021
@dgw dgw added this to the 8.0.0 milestone Oct 1, 2021
@dgw dgw requested a review from a team October 1, 2021 05:26
@Exirel
Copy link
Contributor

Exirel commented Oct 1, 2021

This could be backported to a 7.1.5. 😁

@dgw dgw modified the milestones: 8.0.0, 7.1.5 Oct 4, 2021
@dgw dgw merged commit 2132c4f into master Oct 4, 2021
@dgw dgw deleted the sasl-plain-abort-fix branch October 4, 2021 05:45
@dgw dgw modified the milestones: 7.1.5, 8.0.0 Oct 4, 2021
@dgw
Copy link
Member Author

dgw commented Oct 4, 2021

The code for 7.1.x is actually quite different, as proved by Git failing to apply this patch on top of it (merge conflict). I'll have to go through the older code paths and see if the same bug is there.

dgw added a commit that referenced this pull request Oct 5, 2021
@dgw
coretasks: backport SASL abort from #2187
36d9be9 
tl;dr: If the server sends something unrecognized, the correct behavior
is to abort authentication explicitly rather than silently ignoring it.
This was referenced Oct 5, 2021
Merged
Merged
dgw added a commit that referenced this pull request Oct 8, 2021
@dgw
coretasks: backport SASL abort from #2187
2d07271 
tl;dr: If the server sends something unrecognized, the correct behavior
is to abort authentication explicitly rather than silently ignoring it.
dgw added a commit that referenced this pull request Oct 11, 2021
@dgw
Merge pull request #2190 from sopel-irc/sasl-abort-backport
83974bd 
coretasks: backport SASL abort from #2187

Can [skip ci] to save the build credits; PR+HEAD already tested.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Exirel Exirel Exirel approved these changes

Assignees
No one assigned
Labels
Bugfix Generally, PRs that reference (and fix) one or more issue(s)
Projects
None yet
Milestone
8.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@dgw @Exirel