Context Navigation

source: code/trunk/downstream.go@ 723

Last change on this file since 723 was 723, checked in by contact, 4 years ago
Send RPL_LOGGEDIN with bouncer account in multi-upstream mode
File size: 70.1 KB

Line
1	package soju
2
3	import (
4	"context"
5	"crypto/tls"
6	"encoding/base64"
7	"errors"
8	"fmt"
9	"io"
10	"net"
11	"strconv"
12	"strings"
13	"time"
14
15	"github.com/emersion/go-sasl"
16	"golang.org/x/crypto/bcrypt"
17	"gopkg.in/irc.v3"
18	)
19
20	type ircError struct {
21	Message *irc.Message
22	}
23
24	func (err ircError) Error() string {
25	return err.Message.String()
26	}
27
28	func newUnknownCommandError(cmd string) ircError {
29	return ircError{&irc.Message{
30	Command: irc.ERR_UNKNOWNCOMMAND,
31	Params: []string{
32	"*",
33	cmd,
34	"Unknown command",
35	},
36	}}
37	}
38
39	func newNeedMoreParamsError(cmd string) ircError {
40	return ircError{&irc.Message{
41	Command: irc.ERR_NEEDMOREPARAMS,
42	Params: []string{
43	"*",
44	cmd,
45	"Not enough parameters",
46	},
47	}}
48	}
49
50	func newChatHistoryError(subcommand string, target string) ircError {
51	return ircError{&irc.Message{
52	Command: "FAIL",
53	Params: []string{"CHATHISTORY", "MESSAGE_ERROR", subcommand, target, "Messages could not be retrieved"},
54	}}
55	}
56
57	var errAuthFailed = ircError{&irc.Message{
58	Command: irc.ERR_PASSWDMISMATCH,
59	Params: []string{"*", "Invalid username or password"},
60	}}
61
62	func parseBouncerNetID(subcommand, s string) (int64, error) {
63	id, err := strconv.ParseInt(s, 10, 64)
64	if err != nil {
65	return 0, ircError{&irc.Message{
66	Command: "FAIL",
67	Params: []string{"BOUNCER", "INVALID_NETID", subcommand, s, "Invalid network ID"},
68	}}
69	}
70	return id, nil
71	}
72
73	func fillNetworkAddrAttrs(attrs irc.Tags, network *Network) {
74	u, err := network.URL()
75	if err != nil {
76	return
77	}
78
79	hasHostPort := true
80	switch u.Scheme {
81	case "ircs":
82	attrs["tls"] = irc.TagValue("1")
83	case "irc+insecure":
84	attrs["tls"] = irc.TagValue("0")
85	default: // e.g. unix://
86	hasHostPort = false
87	}
88	if host, port, err := net.SplitHostPort(u.Host); err == nil && hasHostPort {
89	attrs["host"] = irc.TagValue(host)
90	attrs["port"] = irc.TagValue(port)
91	} else if hasHostPort {
92	attrs["host"] = irc.TagValue(u.Host)
93	}
94	}
95
96	func getNetworkAttrs(network *network) irc.Tags {
97	state := "disconnected"
98	if uc := network.conn; uc != nil {
99	state = "connected"
100	}
101
102	attrs := irc.Tags{
103	"name": irc.TagValue(network.GetName()),
104	"state": irc.TagValue(state),
105	"nickname": irc.TagValue(GetNick(&network.user.User, &network.Network)),
106	}
107
108	if network.Username != "" {
109	attrs["username"] = irc.TagValue(network.Username)
110	}
111	if realname := GetRealname(&network.user.User, &network.Network); realname != "" {
112	attrs["realname"] = irc.TagValue(realname)
113	}
114
115	fillNetworkAddrAttrs(attrs, &network.Network)
116
117	return attrs
118	}
119
120	func networkAddrFromAttrs(attrs irc.Tags) string {
121	host, ok := attrs.GetTag("host")
122	if !ok {
123	return ""
124	}
125
126	addr := host
127	if port, ok := attrs.GetTag("port"); ok {
128	addr += ":" + port
129	}
130
131	if tlsStr, ok := attrs.GetTag("tls"); ok && tlsStr == "0" {
132	addr = "irc+insecure://" + tlsStr
133	}
134
135	return addr
136	}
137
138	func updateNetworkAttrs(record *Network, attrs irc.Tags, subcommand string) error {
139	addrAttrs := irc.Tags{}
140	fillNetworkAddrAttrs(addrAttrs, record)
141
142	updateAddr := false
143	for k, v := range attrs {
144	s := string(v)
145	switch k {
146	case "host", "port", "tls":
147	updateAddr = true
148	addrAttrs[k] = v
149	case "name":
150	record.Name = s
151	case "nickname":
152	record.Nick = s
153	case "username":
154	record.Username = s
155	case "realname":
156	record.Realname = s
157	case "pass":
158	record.Pass = s
159	default:
160	return ircError{&irc.Message{
161	Command: "FAIL",
162	Params: []string{"BOUNCER", "UNKNOWN_ATTRIBUTE", subcommand, k, "Unknown attribute"},
163	}}
164	}
165	}
166
167	if updateAddr {
168	record.Addr = networkAddrFromAttrs(addrAttrs)
169	if record.Addr == "" {
170	return ircError{&irc.Message{
171	Command: "FAIL",
172	Params: []string{"BOUNCER", "NEED_ATTRIBUTE", subcommand, "host", "Missing required host attribute"},
173	}}
174	}
175	}
176
177	return nil
178	}
179
180	// ' ' and ':' break the IRC message wire format, '@' and '!' break prefixes,
181	// '*' and '?' break masks, '$' breaks server masks in PRIVMSG/NOTICE,
182	// "*" is the reserved nickname for registration
183	const illegalNickChars = " :@!*?$"
184
185	// permanentDownstreamCaps is the list of always-supported downstream
186	// capabilities.
187	var permanentDownstreamCaps = map[string]string{
188	"batch": "",
189	"cap-notify": "",
190	"echo-message": "",
191	"invite-notify": "",
192	"message-tags": "",
193	"sasl": "PLAIN",
194	"server-time": "",
195	"setname": "",
196
197	"soju.im/bouncer-networks": "",
198	"soju.im/bouncer-networks-notify": "",
199	}
200
201	// needAllDownstreamCaps is the list of downstream capabilities that
202	// require support from all upstreams to be enabled
203	var needAllDownstreamCaps = map[string]string{
204	"account-notify": "",
205	"account-tag": "",
206	"away-notify": "",
207	"extended-join": "",
208	"multi-prefix": "",
209
210	"draft/extended-monitor": "",
211	}
212
213	// passthroughIsupport is the set of ISUPPORT tokens that are directly passed
214	// through from the upstream server to downstream clients.
215	//
216	// This is only effective in single-upstream mode.
217	var passthroughIsupport = map[string]bool{
218	"AWAYLEN": true,
219	"BOT": true,
220	"CHANLIMIT": true,
221	"CHANMODES": true,
222	"CHANNELLEN": true,
223	"CHANTYPES": true,
224	"CLIENTTAGDENY": true,
225	"ELIST": true,
226	"EXCEPTS": true,
227	"EXTBAN": true,
228	"HOSTLEN": true,
229	"INVEX": true,
230	"KICKLEN": true,
231	"MAXLIST": true,
232	"MAXTARGETS": true,
233	"MODES": true,
234	"MONITOR": true,
235	"NAMELEN": true,
236	"NETWORK": true,
237	"NICKLEN": true,
238	"PREFIX": true,
239	"SAFELIST": true,
240	"TARGMAX": true,
241	"TOPICLEN": true,
242	"USERLEN": true,
243	"UTF8ONLY": true,
244	"WHOX": true,
245	}
246
247	type downstreamConn struct {
248	conn
249
250	id uint64
251
252	registered bool
253	user *user
254	nick string
255	nickCM string
256	rawUsername string
257	networkName string
258	clientName string
259	realname string
260	hostname string
261	account string // RPL_LOGGEDIN/OUT state
262	password string // empty after authentication
263	network *network // can be nil
264	isMultiUpstream bool
265
266	negotiatingCaps bool
267	capVersion int
268	supportedCaps map[string]string
269	caps map[string]bool
270
271	lastBatchRef uint64
272
273	monitored casemapMap
274
275	saslServer sasl.Server
276	}
277
278	func newDownstreamConn(srv Server, ic ircConn, id uint64) downstreamConn {
279	remoteAddr := ic.RemoteAddr().String()
280	logger := &prefixLogger{srv.Logger, fmt.Sprintf("downstream %q: ", remoteAddr)}
281	options := connOptions{Logger: logger}
282	dc := &downstreamConn{
283	conn: *newConn(srv, ic, &options),
284	id: id,
285	nick: "*",
286	nickCM: "*",
287	supportedCaps: make(map[string]string),
288	caps: make(map[string]bool),
289	monitored: newCasemapMap(0),
290	}
291	dc.hostname = remoteAddr
292	if host, _, err := net.SplitHostPort(dc.hostname); err == nil {
293	dc.hostname = host
294	}
295	for k, v := range permanentDownstreamCaps {
296	dc.supportedCaps[k] = v
297	}
298	// TODO: this is racy, we should only enable chathistory after
299	// authentication and then check that user.msgStore implements
300	// chatHistoryMessageStore
301	if srv.Config().LogPath != "" {
302	dc.supportedCaps["draft/chathistory"] = ""
303	}
304	return dc
305	}
306
307	func (dc downstreamConn) prefix() irc.Prefix {
308	return &irc.Prefix{
309	Name: dc.nick,
310	User: dc.user.Username,
311	Host: dc.hostname,
312	}
313	}
314
315	func (dc downstreamConn) forEachNetwork(f func(network)) {
316	if dc.network != nil {
317	f(dc.network)
318	} else if dc.isMultiUpstream {
319	dc.user.forEachNetwork(f)
320	}
321	}
322
323	func (dc downstreamConn) forEachUpstream(f func(upstreamConn)) {
324	if dc.network == nil && !dc.isMultiUpstream {
325	return
326	}
327	dc.user.forEachUpstream(func(uc *upstreamConn) {
328	if dc.network != nil && uc.network != dc.network {
329	return
330	}
331	f(uc)
332	})
333	}
334
335	// upstream returns the upstream connection, if any. If there are zero or if
336	// there are multiple upstream connections, it returns nil.
337	func (dc downstreamConn) upstream() upstreamConn {
338	if dc.network == nil {
339	return nil
340	}
341	return dc.network.conn
342	}
343
344	func isOurNick(net *network, nick string) bool {
345	// TODO: this doesn't account for nick changes
346	if net.conn != nil {
347	return net.casemap(nick) == net.conn.nickCM
348	}
349	// We're not currently connected to the upstream connection, so we don't
350	// know whether this name is our nickname. Best-effort: use the network's
351	// configured nickname and hope it was the one being used when we were
352	// connected.
353	return net.casemap(nick) == net.casemap(GetNick(&net.user.User, &net.Network))
354	}
355
356	// marshalEntity converts an upstream entity name (ie. channel or nick) into a
357	// downstream entity name.
358	//
359	// This involves adding a "/<network>" suffix if the entity isn't the current
360	// user.
361	func (dc downstreamConn) marshalEntity(net network, name string) string {
362	if isOurNick(net, name) {
363	return dc.nick
364	}
365	name = partialCasemap(net.casemap, name)
366	if dc.network != nil {
367	if dc.network != net {
368	panic("soju: tried to marshal an entity for another network")
369	}
370	return name
371	}
372	return name + "/" + net.GetName()
373	}
374
375	func (dc downstreamConn) marshalUserPrefix(net network, prefix irc.Prefix) irc.Prefix {
376	if isOurNick(net, prefix.Name) {
377	return dc.prefix()
378	}
379	prefix.Name = partialCasemap(net.casemap, prefix.Name)
380	if dc.network != nil {
381	if dc.network != net {
382	panic("soju: tried to marshal a user prefix for another network")
383	}
384	return prefix
385	}
386	return &irc.Prefix{
387	Name: prefix.Name + "/" + net.GetName(),
388	User: prefix.User,
389	Host: prefix.Host,
390	}
391	}
392
393	// unmarshalEntityNetwork converts a downstream entity name (ie. channel or
394	// nick) into an upstream entity name.
395	//
396	// This involves removing the "/<network>" suffix.
397	func (dc downstreamConn) unmarshalEntityNetwork(name string) (network, string, error) {
398	if dc.network != nil {
399	return dc.network, name, nil
400	}
401
402	var net *network
403	if i := strings.LastIndexByte(name, '/'); i >= 0 {
404	network := name[i+1:]
405	name = name[:i]
406
407	for _, n := range dc.user.networks {
408	if network == n.GetName() {
409	net = n
410	break
411	}
412	}
413	}
414
415	if net == nil {
416	return nil, "", ircError{&irc.Message{
417	Command: irc.ERR_NOSUCHCHANNEL,
418	Params: []string{name, "Missing network suffix in name"},
419	}}
420	}
421
422	return net, name, nil
423	}
424
425	// unmarshalEntity is the same as unmarshalEntityNetwork, but returns the
426	// upstream connection and fails if the upstream is disconnected.
427	func (dc downstreamConn) unmarshalEntity(name string) (upstreamConn, string, error) {
428	net, name, err := dc.unmarshalEntityNetwork(name)
429	if err != nil {
430	return nil, "", err
431	}
432
433	if net.conn == nil {
434	return nil, "", ircError{&irc.Message{
435	Command: irc.ERR_NOSUCHCHANNEL,
436	Params: []string{name, "Disconnected from upstream network"},
437	}}
438	}
439
440	return net.conn, name, nil
441	}
442
443	func (dc downstreamConn) unmarshalText(uc upstreamConn, text string) string {
444	if dc.upstream() != nil {
445	return text
446	}
447	// TODO: smarter parsing that ignores URLs
448	return strings.ReplaceAll(text, "/"+uc.network.GetName(), "")
449	}
450
451	func (dc downstreamConn) ReadMessage() (irc.Message, error) {
452	msg, err := dc.conn.ReadMessage()
453	if err != nil {
454	return nil, err
455	}
456	dc.srv.metrics.downstreamInMessagesTotal.Inc()
457	return msg, nil
458	}
459
460	func (dc *downstreamConn) readMessages(ch chan<- event) error {
461	for {
462	msg, err := dc.ReadMessage()
463	if errors.Is(err, io.EOF) {
464	break
465	} else if err != nil {
466	return fmt.Errorf("failed to read IRC command: %v", err)
467	}
468
469	ch <- eventDownstreamMessage{msg, dc}
470	}
471
472	return nil
473	}
474
475	// SendMessage sends an outgoing message.
476	//
477	// This can only called from the user goroutine.
478	func (dc downstreamConn) SendMessage(msg irc.Message) {
479	if !dc.caps["message-tags"] {
480	if msg.Command == "TAGMSG" {
481	return
482	}
483	msg = msg.Copy()
484	for name := range msg.Tags {
485	supported := false
486	switch name {
487	case "time":
488	supported = dc.caps["server-time"]
489	case "account":
490	supported = dc.caps["account"]
491	}
492	if !supported {
493	delete(msg.Tags, name)
494	}
495	}
496	}
497	if !dc.caps["batch"] && msg.Tags["batch"] != "" {
498	msg = msg.Copy()
499	delete(msg.Tags, "batch")
500	}
501	if msg.Command == "JOIN" && !dc.caps["extended-join"] {
502	msg.Params = msg.Params[:1]
503	}
504	if msg.Command == "SETNAME" && !dc.caps["setname"] {
505	return
506	}
507	if msg.Command == "AWAY" && !dc.caps["away-notify"] {
508	return
509	}
510	if msg.Command == "ACCOUNT" && !dc.caps["account-notify"] {
511	return
512	}
513
514	dc.srv.metrics.downstreamOutMessagesTotal.Inc()
515	dc.conn.SendMessage(msg)
516	}
517
518	func (dc *downstreamConn) SendBatch(typ string, params []string, tags irc.Tags, f func(batchRef irc.TagValue)) {
519	dc.lastBatchRef++
520	ref := fmt.Sprintf("%v", dc.lastBatchRef)
521
522	if dc.caps["batch"] {
523	dc.SendMessage(&irc.Message{
524	Tags: tags,
525	Prefix: dc.srv.prefix(),
526	Command: "BATCH",
527	Params: append([]string{"+" + ref, typ}, params...),
528	})
529	}
530
531	f(irc.TagValue(ref))
532
533	if dc.caps["batch"] {
534	dc.SendMessage(&irc.Message{
535	Prefix: dc.srv.prefix(),
536	Command: "BATCH",
537	Params: []string{"-" + ref},
538	})
539	}
540	}
541
542	// sendMessageWithID sends an outgoing message with the specified internal ID.
543	func (dc downstreamConn) sendMessageWithID(msg irc.Message, id string) {
544	dc.SendMessage(msg)
545
546	if id == "" \|\| !dc.messageSupportsBacklog(msg) {
547	return
548	}
549
550	dc.sendPing(id)
551	}
552
553	// advanceMessageWithID advances history to the specified message ID without
554	// sending a message. This is useful e.g. for self-messages when echo-message
555	// isn't enabled.
556	func (dc downstreamConn) advanceMessageWithID(msg irc.Message, id string) {
557	if id == "" \|\| !dc.messageSupportsBacklog(msg) {
558	return
559	}
560
561	dc.sendPing(id)
562	}
563
564	// ackMsgID acknowledges that a message has been received.
565	func (dc *downstreamConn) ackMsgID(id string) {
566	netID, entity, err := parseMsgID(id, nil)
567	if err != nil {
568	dc.logger.Printf("failed to ACK message ID %q: %v", id, err)
569	return
570	}
571
572	network := dc.user.getNetworkByID(netID)
573	if network == nil {
574	return
575	}
576
577	network.delivered.StoreID(entity, dc.clientName, id)
578	}
579
580	func (dc *downstreamConn) sendPing(msgID string) {
581	token := "soju-msgid-" + msgID
582	dc.SendMessage(&irc.Message{
583	Command: "PING",
584	Params: []string{token},
585	})
586	}
587
588	func (dc *downstreamConn) handlePong(token string) {
589	if !strings.HasPrefix(token, "soju-msgid-") {
590	dc.logger.Printf("received unrecognized PONG token %q", token)
591	return
592	}
593	msgID := strings.TrimPrefix(token, "soju-msgid-")
594	dc.ackMsgID(msgID)
595	}
596
597	// marshalMessage re-formats a message coming from an upstream connection so
598	// that it's suitable for being sent on this downstream connection. Only
599	// messages that may appear in logs are supported, except MODE messages which
600	// may only appear in single-upstream mode.
601	func (dc downstreamConn) marshalMessage(msg irc.Message, net network) irc.Message {
602	msg = msg.Copy()
603	msg.Prefix = dc.marshalUserPrefix(net, msg.Prefix)
604
605	if dc.network != nil {
606	return msg
607	}
608
609	switch msg.Command {
610	case "PRIVMSG", "NOTICE", "TAGMSG":
611	msg.Params[0] = dc.marshalEntity(net, msg.Params[0])
612	case "NICK":
613	// Nick change for another user
614	msg.Params[0] = dc.marshalEntity(net, msg.Params[0])
615	case "JOIN", "PART":
616	msg.Params[0] = dc.marshalEntity(net, msg.Params[0])
617	case "KICK":
618	msg.Params[0] = dc.marshalEntity(net, msg.Params[0])
619	msg.Params[1] = dc.marshalEntity(net, msg.Params[1])
620	case "TOPIC":
621	msg.Params[0] = dc.marshalEntity(net, msg.Params[0])
622	case "QUIT", "SETNAME":
623	// This space is intentionally left blank
624	default:
625	panic(fmt.Sprintf("unexpected %q message", msg.Command))
626	}
627
628	return msg
629	}
630
631	func (dc downstreamConn) handleMessage(ctx context.Context, msg irc.Message) error {
632	ctx, cancel := dc.conn.NewContext(ctx)
633	defer cancel()
634
635	ctx, cancel = context.WithTimeout(ctx, handleDownstreamMessageTimeout)
636	defer cancel()
637
638	switch msg.Command {
639	case "QUIT":
640	return dc.Close()
641	default:
642	if dc.registered {
643	return dc.handleMessageRegistered(ctx, msg)
644	} else {
645	return dc.handleMessageUnregistered(ctx, msg)
646	}
647	}
648	}
649
650	func (dc downstreamConn) handleMessageUnregistered(ctx context.Context, msg irc.Message) error {
651	switch msg.Command {
652	case "NICK":
653	var nick string
654	if err := parseMessageParams(msg, &nick); err != nil {
655	return err
656	}
657	if nick == "" \|\| strings.ContainsAny(nick, illegalNickChars) {
658	return ircError{&irc.Message{
659	Command: irc.ERR_ERRONEUSNICKNAME,
660	Params: []string{dc.nick, nick, "contains illegal characters"},
661	}}
662	}
663	nickCM := casemapASCII(nick)
664	if nickCM == serviceNickCM {
665	return ircError{&irc.Message{
666	Command: irc.ERR_NICKNAMEINUSE,
667	Params: []string{dc.nick, nick, "Nickname reserved for bouncer service"},
668	}}
669	}
670	dc.nick = nick
671	dc.nickCM = nickCM
672	case "USER":
673	if err := parseMessageParams(msg, &dc.rawUsername, nil, nil, &dc.realname); err != nil {
674	return err
675	}
676	case "PASS":
677	if err := parseMessageParams(msg, &dc.password); err != nil {
678	return err
679	}
680	case "CAP":
681	var subCmd string
682	if err := parseMessageParams(msg, &subCmd); err != nil {
683	return err
684	}
685	if err := dc.handleCapCommand(subCmd, msg.Params[1:]); err != nil {
686	return err
687	}
688	case "AUTHENTICATE":
689	if !dc.caps["sasl"] {
690	return ircError{&irc.Message{
691	Prefix: dc.srv.prefix(),
692	Command: irc.ERR_SASLFAIL,
693	Params: []string{"*", "AUTHENTICATE requires the \"sasl\" capability to be enabled"},
694	}}
695	}
696	if len(msg.Params) == 0 {
697	return ircError{&irc.Message{
698	Prefix: dc.srv.prefix(),
699	Command: irc.ERR_SASLFAIL,
700	Params: []string{"*", "Missing AUTHENTICATE argument"},
701	}}
702	}
703
704	var resp []byte
705	if msg.Params[0] == "*" {
706	dc.saslServer = nil
707	return ircError{&irc.Message{
708	Prefix: dc.srv.prefix(),
709	Command: irc.ERR_SASLABORTED,
710	Params: []string{"*", "SASL authentication aborted"},
711	}}
712	} else if dc.saslServer == nil {
713	mech := strings.ToUpper(msg.Params[0])
714	switch mech {
715	case "PLAIN":
716	dc.saslServer = sasl.NewPlainServer(sasl.PlainAuthenticator(func(identity, username, password string) error {
717	// TODO: we can't use the command context here, because it
718	// gets cancelled once the command handler returns. SASL
719	// might take multiple AUTHENTICATE commands to complete.
720	return dc.authenticate(context.TODO(), username, password)
721	}))
722	default:
723	return ircError{&irc.Message{
724	Prefix: dc.srv.prefix(),
725	Command: irc.ERR_SASLFAIL,
726	Params: []string{"*", fmt.Sprintf("Unsupported SASL mechanism %q", mech)},
727	}}
728	}
729	} else if msg.Params[0] == "+" {
730	resp = nil
731	} else {
732	// TODO: multi-line messages
733	var err error
734	resp, err = base64.StdEncoding.DecodeString(msg.Params[0])
735	if err != nil {
736	dc.saslServer = nil
737	return ircError{&irc.Message{
738	Prefix: dc.srv.prefix(),
739	Command: irc.ERR_SASLFAIL,
740	Params: []string{"*", "Invalid base64-encoded response"},
741	}}
742	}
743	}
744
745	challenge, done, err := dc.saslServer.Next(resp)
746	if err != nil {
747	dc.saslServer = nil
748	if ircErr, ok := err.(ircError); ok && ircErr.Message.Command == irc.ERR_PASSWDMISMATCH {
749	return ircError{&irc.Message{
750	Prefix: dc.srv.prefix(),
751	Command: irc.ERR_SASLFAIL,
752	Params: []string{"*", ircErr.Message.Params[1]},
753	}}
754	}
755	dc.SendMessage(&irc.Message{
756	Prefix: dc.srv.prefix(),
757	Command: irc.ERR_SASLFAIL,
758	Params: []string{"*", "SASL error"},
759	})
760	return fmt.Errorf("SASL authentication failed: %v", err)
761	} else if done {
762	dc.saslServer = nil
763	// Technically we should send RPL_LOGGEDIN here. However we use
764	// RPL_LOGGEDIN to mirror the upstream connection status. Let's see
765	// how many clients that breaks. See:
766	// https://github.com/ircv3/ircv3-specifications/pull/476
767	dc.SendMessage(&irc.Message{
768	Prefix: dc.srv.prefix(),
769	Command: irc.RPL_SASLSUCCESS,
770	Params: []string{dc.nick, "SASL authentication successful"},
771	})
772	} else {
773	challengeStr := "+"
774	if len(challenge) > 0 {
775	challengeStr = base64.StdEncoding.EncodeToString(challenge)
776	}
777
778	// TODO: multi-line messages
779	dc.SendMessage(&irc.Message{
780	Prefix: dc.srv.prefix(),
781	Command: "AUTHENTICATE",
782	Params: []string{challengeStr},
783	})
784	}
785	case "BOUNCER":
786	var subcommand string
787	if err := parseMessageParams(msg, &subcommand); err != nil {
788	return err
789	}
790
791	switch strings.ToUpper(subcommand) {
792	case "BIND":
793	var idStr string
794	if err := parseMessageParams(msg, nil, &idStr); err != nil {
795	return err
796	}
797
798	if dc.user == nil {
799	return ircError{&irc.Message{
800	Command: "FAIL",
801	Params: []string{"BOUNCER", "ACCOUNT_REQUIRED", "BIND", "Authentication needed to bind to bouncer network"},
802	}}
803	}
804
805	id, err := parseBouncerNetID(subcommand, idStr)
806	if err != nil {
807	return err
808	}
809
810	var match *network
811	dc.user.forEachNetwork(func(net *network) {
812	if net.ID == id {
813	match = net
814	}
815	})
816	if match == nil {
817	return ircError{&irc.Message{
818	Command: "FAIL",
819	Params: []string{"BOUNCER", "INVALID_NETID", idStr, "Unknown network ID"},
820	}}
821	}
822
823	dc.networkName = match.GetName()
824	}
825	default:
826	dc.logger.Printf("unhandled message: %v", msg)
827	return newUnknownCommandError(msg.Command)
828	}
829	if dc.rawUsername != "" && dc.nick != "*" && !dc.negotiatingCaps {
830	return dc.register(ctx)
831	}
832	return nil
833	}
834
835	func (dc *downstreamConn) handleCapCommand(cmd string, args []string) error {
836	cmd = strings.ToUpper(cmd)
837
838	switch cmd {
839	case "LS":
840	if len(args) > 0 {
841	var err error
842	if dc.capVersion, err = strconv.Atoi(args[0]); err != nil {
843	return err
844	}
845	}
846	if !dc.registered && dc.capVersion >= 302 {
847	// Let downstream show everything it supports, and trim
848	// down the available capabilities when upstreams are
849	// known.
850	for k, v := range needAllDownstreamCaps {
851	dc.supportedCaps[k] = v
852	}
853	}
854
855	caps := make([]string, 0, len(dc.supportedCaps))
856	for k, v := range dc.supportedCaps {
857	if dc.capVersion >= 302 && v != "" {
858	caps = append(caps, k+"="+v)
859	} else {
860	caps = append(caps, k)
861	}
862	}
863
864	// TODO: multi-line replies
865	dc.SendMessage(&irc.Message{
866	Prefix: dc.srv.prefix(),
867	Command: "CAP",
868	Params: []string{dc.nick, "LS", strings.Join(caps, " ")},
869	})
870
871	if dc.capVersion >= 302 {
872	// CAP version 302 implicitly enables cap-notify
873	dc.caps["cap-notify"] = true
874	}
875
876	if !dc.registered {
877	dc.negotiatingCaps = true
878	}
879	case "LIST":
880	var caps []string
881	for name, enabled := range dc.caps {
882	if enabled {
883	caps = append(caps, name)
884	}
885	}
886
887	// TODO: multi-line replies
888	dc.SendMessage(&irc.Message{
889	Prefix: dc.srv.prefix(),
890	Command: "CAP",
891	Params: []string{dc.nick, "LIST", strings.Join(caps, " ")},
892	})
893	case "REQ":
894	if len(args) == 0 {
895	return ircError{&irc.Message{
896	Command: err_invalidcapcmd,
897	Params: []string{dc.nick, cmd, "Missing argument in CAP REQ command"},
898	}}
899	}
900
901	// TODO: atomically ack/nak the whole capability set
902	caps := strings.Fields(args[0])
903	ack := true
904	for _, name := range caps {
905	name = strings.ToLower(name)
906	enable := !strings.HasPrefix(name, "-")
907	if !enable {
908	name = strings.TrimPrefix(name, "-")
909	}
910
911	if enable == dc.caps[name] {
912	continue
913	}
914
915	_, ok := dc.supportedCaps[name]
916	if !ok {
917	ack = false
918	break
919	}
920
921	if name == "cap-notify" && dc.capVersion >= 302 && !enable {
922	// cap-notify cannot be disabled with CAP version 302
923	ack = false
924	break
925	}
926
927	dc.caps[name] = enable
928	}
929
930	reply := "NAK"
931	if ack {
932	reply = "ACK"
933	}
934	dc.SendMessage(&irc.Message{
935	Prefix: dc.srv.prefix(),
936	Command: "CAP",
937	Params: []string{dc.nick, reply, args[0]},
938	})
939
940	if !dc.registered {
941	dc.negotiatingCaps = true
942	}
943	case "END":
944	dc.negotiatingCaps = false
945	default:
946	return ircError{&irc.Message{
947	Command: err_invalidcapcmd,
948	Params: []string{dc.nick, cmd, "Unknown CAP command"},
949	}}
950	}
951	return nil
952	}
953
954	func (dc *downstreamConn) setSupportedCap(name, value string) {
955	prevValue, hasPrev := dc.supportedCaps[name]
956	changed := !hasPrev \|\| prevValue != value
957	dc.supportedCaps[name] = value
958
959	if !dc.caps["cap-notify"] \|\| !changed {
960	return
961	}
962
963	cap := name
964	if value != "" && dc.capVersion >= 302 {
965	cap = name + "=" + value
966	}
967
968	dc.SendMessage(&irc.Message{
969	Prefix: dc.srv.prefix(),
970	Command: "CAP",
971	Params: []string{dc.nick, "NEW", cap},
972	})
973	}
974
975	func (dc *downstreamConn) unsetSupportedCap(name string) {
976	_, hasPrev := dc.supportedCaps[name]
977	delete(dc.supportedCaps, name)
978	delete(dc.caps, name)
979
980	if !dc.caps["cap-notify"] \|\| !hasPrev {
981	return
982	}
983
984	dc.SendMessage(&irc.Message{
985	Prefix: dc.srv.prefix(),
986	Command: "CAP",
987	Params: []string{dc.nick, "DEL", name},
988	})
989	}
990
991	func (dc *downstreamConn) updateSupportedCaps() {
992	supportedCaps := make(map[string]bool)
993	for cap := range needAllDownstreamCaps {
994	supportedCaps[cap] = true
995	}
996	dc.forEachUpstream(func(uc *upstreamConn) {
997	for cap, supported := range supportedCaps {
998	supportedCaps[cap] = supported && uc.caps[cap]
999	}
1000	})
1001
1002	for cap, supported := range supportedCaps {
1003	if supported {
1004	dc.setSupportedCap(cap, needAllDownstreamCaps[cap])
1005	} else {
1006	dc.unsetSupportedCap(cap)
1007	}
1008	}
1009
1010	if _, ok := dc.user.msgStore.(chatHistoryMessageStore); ok && dc.network != nil {
1011	dc.setSupportedCap("draft/event-playback", "")
1012	} else {
1013	dc.unsetSupportedCap("draft/event-playback")
1014	}
1015	}
1016
1017	func (dc *downstreamConn) updateNick() {
1018	if uc := dc.upstream(); uc != nil && uc.nick != dc.nick {
1019	dc.SendMessage(&irc.Message{
1020	Prefix: dc.prefix(),
1021	Command: "NICK",
1022	Params: []string{uc.nick},
1023	})
1024	dc.nick = uc.nick
1025	dc.nickCM = casemapASCII(dc.nick)
1026	}
1027	}
1028
1029	func (dc *downstreamConn) updateRealname() {
1030	if uc := dc.upstream(); uc != nil && uc.realname != dc.realname && dc.caps["setname"] {
1031	dc.SendMessage(&irc.Message{
1032	Prefix: dc.prefix(),
1033	Command: "SETNAME",
1034	Params: []string{uc.realname},
1035	})
1036	dc.realname = uc.realname
1037	}
1038	}
1039
1040	func (dc *downstreamConn) updateAccount() {
1041	var account string
1042	if dc.network == nil {
1043	account = dc.user.Username
1044	} else if uc := dc.upstream(); uc != nil {
1045	account = uc.account
1046	} else {
1047	return
1048	}
1049
1050	if dc.account == account \|\| !dc.caps["sasl"] {
1051	return
1052	}
1053
1054	if account != "" {
1055	dc.SendMessage(&irc.Message{
1056	Prefix: dc.srv.prefix(),
1057	Command: irc.RPL_LOGGEDIN,
1058	Params: []string{dc.nick, dc.prefix().String(), account, "You are logged in as " + account},
1059	})
1060	} else {
1061	dc.SendMessage(&irc.Message{
1062	Prefix: dc.srv.prefix(),
1063	Command: irc.RPL_LOGGEDOUT,
1064	Params: []string{dc.nick, dc.prefix().String(), "You are logged out"},
1065	})
1066	}
1067
1068	dc.account = account
1069	}
1070
1071	func sanityCheckServer(ctx context.Context, addr string) error {
1072	ctx, cancel := context.WithTimeout(ctx, 15*time.Second)
1073	defer cancel()
1074
1075	conn, err := new(tls.Dialer).DialContext(ctx, "tcp", addr)
1076	if err != nil {
1077	return err
1078	}
1079
1080	return conn.Close()
1081	}
1082
1083	func unmarshalUsername(rawUsername string) (username, client, network string) {
1084	username = rawUsername
1085
1086	i := strings.IndexAny(username, "/@")
1087	j := strings.LastIndexAny(username, "/@")
1088	if i >= 0 {
1089	username = rawUsername[:i]
1090	}
1091	if j >= 0 {
1092	if rawUsername[j] == '@' {
1093	client = rawUsername[j+1:]
1094	} else {
1095	network = rawUsername[j+1:]
1096	}
1097	}
1098	if i >= 0 && j >= 0 && i < j {
1099	if rawUsername[i] == '@' {
1100	client = rawUsername[i+1 : j]
1101	} else {
1102	network = rawUsername[i+1 : j]
1103	}
1104	}
1105
1106	return username, client, network
1107	}
1108
1109	func (dc *downstreamConn) authenticate(ctx context.Context, username, password string) error {
1110	username, clientName, networkName := unmarshalUsername(username)
1111
1112	u, err := dc.srv.db.GetUser(ctx, username)
1113	if err != nil {
1114	dc.logger.Printf("failed authentication for %q: user not found: %v", username, err)
1115	return errAuthFailed
1116	}
1117
1118	// Password auth disabled
1119	if u.Password == "" {
1120	return errAuthFailed
1121	}
1122
1123	err = bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password))
1124	if err != nil {
1125	dc.logger.Printf("failed authentication for %q: wrong password: %v", username, err)
1126	return errAuthFailed
1127	}
1128
1129	dc.user = dc.srv.getUser(username)
1130	if dc.user == nil {
1131	dc.logger.Printf("failed authentication for %q: user not active", username)
1132	return errAuthFailed
1133	}
1134	dc.clientName = clientName
1135	dc.networkName = networkName
1136	return nil
1137	}
1138
1139	func (dc *downstreamConn) register(ctx context.Context) error {
1140	if dc.registered {
1141	return fmt.Errorf("tried to register twice")
1142	}
1143
1144	if dc.saslServer != nil {
1145	dc.saslServer = nil
1146	dc.SendMessage(&irc.Message{
1147	Prefix: dc.srv.prefix(),
1148	Command: irc.ERR_SASLABORTED,
1149	Params: []string{"*", "SASL authentication aborted"},
1150	})
1151	}
1152
1153	password := dc.password
1154	dc.password = ""
1155	if dc.user == nil {
1156	if err := dc.authenticate(ctx, dc.rawUsername, password); err != nil {
1157	return err
1158	}
1159	}
1160
1161	if dc.clientName == "" && dc.networkName == "" {
1162	_, dc.clientName, dc.networkName = unmarshalUsername(dc.rawUsername)
1163	}
1164
1165	dc.registered = true
1166	dc.logger.Printf("registration complete for user %q", dc.user.Username)
1167	return nil
1168	}
1169
1170	func (dc *downstreamConn) loadNetwork(ctx context.Context) error {
1171	if dc.networkName == "" {
1172	return nil
1173	}
1174
1175	network := dc.user.getNetwork(dc.networkName)
1176	if network == nil {
1177	addr := dc.networkName
1178	if !strings.ContainsRune(addr, ':') {
1179	addr = addr + ":6697"
1180	}
1181
1182	dc.logger.Printf("trying to connect to new network %q", addr)
1183	if err := sanityCheckServer(ctx, addr); err != nil {
1184	dc.logger.Printf("failed to connect to %q: %v", addr, err)
1185	return ircError{&irc.Message{
1186	Command: irc.ERR_PASSWDMISMATCH,
1187	Params: []string{"*", fmt.Sprintf("Failed to connect to %q", dc.networkName)},
1188	}}
1189	}
1190
1191	// Some clients only allow specifying the nickname (and use the
1192	// nickname as a username too). Strip the network name from the
1193	// nickname when auto-saving networks.
1194	nick, _, _ := unmarshalUsername(dc.nick)
1195
1196	dc.logger.Printf("auto-saving network %q", dc.networkName)
1197	var err error
1198	network, err = dc.user.createNetwork(ctx, &Network{
1199	Addr: dc.networkName,
1200	Nick: nick,
1201	Enabled: true,
1202	})
1203	if err != nil {
1204	return err
1205	}
1206	}
1207
1208	dc.network = network
1209	return nil
1210	}
1211
1212	func (dc *downstreamConn) welcome(ctx context.Context) error {
1213	if dc.user == nil \|\| !dc.registered {
1214	panic("tried to welcome an unregistered connection")
1215	}
1216
1217	// TODO: doing this might take some time. We should do it in dc.register
1218	// instead, but we'll potentially be adding a new network and this must be
1219	// done in the user goroutine.
1220	if err := dc.loadNetwork(ctx); err != nil {
1221	return err
1222	}
1223
1224	if dc.network == nil && !dc.caps["soju.im/bouncer-networks"] && dc.srv.Config().MultiUpstream {
1225	dc.isMultiUpstream = true
1226	}
1227
1228	dc.updateSupportedCaps()
1229
1230	isupport := []string{
1231	fmt.Sprintf("CHATHISTORY=%v", chatHistoryLimit),
1232	"CASEMAPPING=ascii",
1233	}
1234
1235	if dc.network != nil {
1236	isupport = append(isupport, fmt.Sprintf("BOUNCER_NETID=%v", dc.network.ID))
1237	}
1238	if title := dc.srv.Config().Title; dc.network == nil && title != "" {
1239	isupport = append(isupport, "NETWORK="+encodeISUPPORT(title))
1240	}
1241	if dc.network == nil && !dc.isMultiUpstream {
1242	isupport = append(isupport, "WHOX")
1243	}
1244
1245	if uc := dc.upstream(); uc != nil {
1246	for k := range passthroughIsupport {
1247	v, ok := uc.isupport[k]
1248	if !ok {
1249	continue
1250	}
1251	if v != nil {
1252	isupport = append(isupport, fmt.Sprintf("%v=%v", k, *v))
1253	} else {
1254	isupport = append(isupport, k)
1255	}
1256	}
1257	}
1258
1259	dc.SendMessage(&irc.Message{
1260	Prefix: dc.srv.prefix(),
1261	Command: irc.RPL_WELCOME,
1262	Params: []string{dc.nick, "Welcome to soju, " + dc.nick},
1263	})
1264	dc.SendMessage(&irc.Message{
1265	Prefix: dc.srv.prefix(),
1266	Command: irc.RPL_YOURHOST,
1267	Params: []string{dc.nick, "Your host is " + dc.srv.Config().Hostname},
1268	})
1269	dc.SendMessage(&irc.Message{
1270	Prefix: dc.srv.prefix(),
1271	Command: irc.RPL_MYINFO,
1272	Params: []string{dc.nick, dc.srv.Config().Hostname, "soju", "aiwroO", "OovaimnqpsrtklbeI"},
1273	})
1274	for _, msg := range generateIsupport(dc.srv.prefix(), dc.nick, isupport) {
1275	dc.SendMessage(msg)
1276	}
1277	if uc := dc.upstream(); uc != nil {
1278	dc.SendMessage(&irc.Message{
1279	Prefix: dc.srv.prefix(),
1280	Command: irc.RPL_UMODEIS,
1281	Params: []string{dc.nick, "+" + string(uc.modes)},
1282	})
1283	}
1284	if dc.network == nil && !dc.isMultiUpstream && dc.user.Admin {
1285	dc.SendMessage(&irc.Message{
1286	Prefix: dc.srv.prefix(),
1287	Command: irc.RPL_UMODEIS,
1288	Params: []string{dc.nick, "+o"},
1289	})
1290	}
1291
1292	dc.updateNick()
1293	dc.updateRealname()
1294	dc.updateAccount()
1295
1296	if motd := dc.user.srv.Config().MOTD; motd != "" && dc.network == nil {
1297	for _, msg := range generateMOTD(dc.srv.prefix(), dc.nick, motd) {
1298	dc.SendMessage(msg)
1299	}
1300	} else {
1301	motdHint := "No MOTD"
1302	if dc.network != nil {
1303	motdHint = "Use /motd to read the message of the day"
1304	}
1305	dc.SendMessage(&irc.Message{
1306	Prefix: dc.srv.prefix(),
1307	Command: irc.ERR_NOMOTD,
1308	Params: []string{dc.nick, motdHint},
1309	})
1310	}
1311
1312	if dc.caps["soju.im/bouncer-networks-notify"] {
1313	dc.SendBatch("soju.im/bouncer-networks", nil, nil, func(batchRef irc.TagValue) {
1314	dc.user.forEachNetwork(func(network *network) {
1315	idStr := fmt.Sprintf("%v", network.ID)
1316	attrs := getNetworkAttrs(network)
1317	dc.SendMessage(&irc.Message{
1318	Tags: irc.Tags{"batch": batchRef},
1319	Prefix: dc.srv.prefix(),
1320	Command: "BOUNCER",
1321	Params: []string{"NETWORK", idStr, attrs.String()},
1322	})
1323	})
1324	})
1325	}
1326
1327	dc.forEachUpstream(func(uc *upstreamConn) {
1328	for _, entry := range uc.channels.innerMap {
1329	ch := entry.value.(*upstreamChannel)
1330	if !ch.complete {
1331	continue
1332	}
1333	record := uc.network.channels.Value(ch.Name)
1334	if record != nil && record.Detached {
1335	continue
1336	}
1337
1338	dc.SendMessage(&irc.Message{
1339	Prefix: dc.prefix(),
1340	Command: "JOIN",
1341	Params: []string{dc.marshalEntity(ch.conn.network, ch.Name)},
1342	})
1343
1344	forwardChannel(dc, ch)
1345	}
1346	})
1347
1348	dc.forEachNetwork(func(net *network) {
1349	if dc.caps["draft/chathistory"] \|\| dc.user.msgStore == nil {
1350	return
1351	}
1352
1353	// Only send history if we're the first connected client with that name
1354	// for the network
1355	firstClient := true
1356	dc.user.forEachDownstream(func(c *downstreamConn) {
1357	if c != dc && c.clientName == dc.clientName && c.network == dc.network {
1358	firstClient = false
1359	}
1360	})
1361	if firstClient {
1362	net.delivered.ForEachTarget(func(target string) {
1363	lastDelivered := net.delivered.LoadID(target, dc.clientName)
1364	if lastDelivered == "" {
1365	return
1366	}
1367
1368	dc.sendTargetBacklog(ctx, net, target, lastDelivered)
1369
1370	// Fast-forward history to last message
1371	targetCM := net.casemap(target)
1372	lastID, err := dc.user.msgStore.LastMsgID(&net.Network, targetCM, time.Now())
1373	if err != nil {
1374	dc.logger.Printf("failed to get last message ID: %v", err)
1375	return
1376	}
1377	net.delivered.StoreID(target, dc.clientName, lastID)
1378	})
1379	}
1380	})
1381
1382	return nil
1383	}
1384
1385	// messageSupportsBacklog checks whether the provided message can be sent as
1386	// part of an history batch.
1387	func (dc downstreamConn) messageSupportsBacklog(msg irc.Message) bool {
1388	// Don't replay all messages, because that would mess up client
1389	// state. For instance we just sent the list of users, sending
1390	// PART messages for one of these users would be incorrect.
1391	switch msg.Command {
1392	case "PRIVMSG", "NOTICE":
1393	return true
1394	}
1395	return false
1396	}
1397
1398	func (dc downstreamConn) sendTargetBacklog(ctx context.Context, net network, target, msgID string) {
1399	if dc.caps["draft/chathistory"] \|\| dc.user.msgStore == nil {
1400	return
1401	}
1402
1403	ch := net.channels.Value(target)
1404
1405	ctx, cancel := context.WithTimeout(ctx, backlogTimeout)
1406	defer cancel()
1407
1408	targetCM := net.casemap(target)
1409	history, err := dc.user.msgStore.LoadLatestID(ctx, &net.Network, targetCM, msgID, backlogLimit)
1410	if err != nil {
1411	dc.logger.Printf("failed to send backlog for %q: %v", target, err)
1412	return
1413	}
1414
1415	dc.SendBatch("chathistory", []string{dc.marshalEntity(net, target)}, nil, func(batchRef irc.TagValue) {
1416	for _, msg := range history {
1417	if ch != nil && ch.Detached {
1418	if net.detachedMessageNeedsRelay(ch, msg) {
1419	dc.relayDetachedMessage(net, msg)
1420	}
1421	} else {
1422	msg.Tags["batch"] = batchRef
1423	dc.SendMessage(dc.marshalMessage(msg, net))
1424	}
1425	}
1426	})
1427	}
1428
1429	func (dc downstreamConn) relayDetachedMessage(net network, msg *irc.Message) {
1430	if msg.Command != "PRIVMSG" && msg.Command != "NOTICE" {
1431	return
1432	}
1433
1434	sender := msg.Prefix.Name
1435	target, text := msg.Params[0], msg.Params[1]
1436	if net.isHighlight(msg) {
1437	sendServiceNOTICE(dc, fmt.Sprintf("highlight in %v: <%v> %v", dc.marshalEntity(net, target), sender, text))
1438	} else {
1439	sendServiceNOTICE(dc, fmt.Sprintf("message in %v: <%v> %v", dc.marshalEntity(net, target), sender, text))
1440	}
1441	}
1442
1443	func (dc *downstreamConn) runUntilRegistered() error {
1444	ctx, cancel := context.WithTimeout(context.TODO(), downstreamRegisterTimeout)
1445	defer cancel()
1446
1447	// Close the connection with an error if the deadline is exceeded
1448	go func() {
1449	<-ctx.Done()
1450	if err := ctx.Err(); err == context.DeadlineExceeded {
1451	dc.SendMessage(&irc.Message{
1452	Prefix: dc.srv.prefix(),
1453	Command: "ERROR",
1454	Params: []string{"Connection registration timed out"},
1455	})
1456	dc.Close()
1457	}
1458	}()
1459
1460	for !dc.registered {
1461	msg, err := dc.ReadMessage()
1462	if err != nil {
1463	return fmt.Errorf("failed to read IRC command: %w", err)
1464	}
1465
1466	err = dc.handleMessage(ctx, msg)
1467	if ircErr, ok := err.(ircError); ok {
1468	ircErr.Message.Prefix = dc.srv.prefix()
1469	dc.SendMessage(ircErr.Message)
1470	} else if err != nil {
1471	return fmt.Errorf("failed to handle IRC command %q: %v", msg, err)
1472	}
1473	}
1474
1475	return nil
1476	}
1477
1478	func (dc downstreamConn) handleMessageRegistered(ctx context.Context, msg irc.Message) error {
1479	switch msg.Command {
1480	case "CAP":
1481	var subCmd string
1482	if err := parseMessageParams(msg, &subCmd); err != nil {
1483	return err
1484	}
1485	if err := dc.handleCapCommand(subCmd, msg.Params[1:]); err != nil {
1486	return err
1487	}
1488	case "PING":
1489	var source, destination string
1490	if err := parseMessageParams(msg, &source); err != nil {
1491	return err
1492	}
1493	if len(msg.Params) > 1 {
1494	destination = msg.Params[1]
1495	}
1496	hostname := dc.srv.Config().Hostname
1497	if destination != "" && destination != hostname {
1498	return ircError{&irc.Message{
1499	Command: irc.ERR_NOSUCHSERVER,
1500	Params: []string{dc.nick, destination, "No such server"},
1501	}}
1502	}
1503	dc.SendMessage(&irc.Message{
1504	Prefix: dc.srv.prefix(),
1505	Command: "PONG",
1506	Params: []string{hostname, source},
1507	})
1508	return nil
1509	case "PONG":
1510	if len(msg.Params) == 0 {
1511	return newNeedMoreParamsError(msg.Command)
1512	}
1513	token := msg.Params[len(msg.Params)-1]
1514	dc.handlePong(token)
1515	case "USER":
1516	return ircError{&irc.Message{
1517	Command: irc.ERR_ALREADYREGISTERED,
1518	Params: []string{dc.nick, "You may not reregister"},
1519	}}
1520	case "NICK":
1521	var rawNick string
1522	if err := parseMessageParams(msg, &rawNick); err != nil {
1523	return err
1524	}
1525
1526	nick := rawNick
1527	var upstream *upstreamConn
1528	if dc.upstream() == nil {
1529	uc, unmarshaledNick, err := dc.unmarshalEntity(nick)
1530	if err == nil { // NICK nick/network: NICK only on a specific upstream
1531	upstream = uc
1532	nick = unmarshaledNick
1533	}
1534	}
1535
1536	if nick == "" \|\| strings.ContainsAny(nick, illegalNickChars) {
1537	return ircError{&irc.Message{
1538	Command: irc.ERR_ERRONEUSNICKNAME,
1539	Params: []string{dc.nick, rawNick, "contains illegal characters"},
1540	}}
1541	}
1542	if casemapASCII(nick) == serviceNickCM {
1543	return ircError{&irc.Message{
1544	Command: irc.ERR_NICKNAMEINUSE,
1545	Params: []string{dc.nick, rawNick, "Nickname reserved for bouncer service"},
1546	}}
1547	}
1548
1549	var err error
1550	dc.forEachNetwork(func(n *network) {
1551	if err != nil \|\| (upstream != nil && upstream.network != n) {
1552	return
1553	}
1554	n.Nick = nick
1555	err = dc.srv.db.StoreNetwork(ctx, dc.user.ID, &n.Network)
1556	})
1557	if err != nil {
1558	return err
1559	}
1560
1561	dc.forEachUpstream(func(uc *upstreamConn) {
1562	if upstream != nil && upstream != uc {
1563	return
1564	}
1565	uc.SendMessageLabeled(dc.id, &irc.Message{
1566	Command: "NICK",
1567	Params: []string{nick},
1568	})
1569	})
1570
1571	if dc.upstream() == nil && upstream == nil && dc.nick != nick {
1572	dc.SendMessage(&irc.Message{
1573	Prefix: dc.prefix(),
1574	Command: "NICK",
1575	Params: []string{nick},
1576	})
1577	dc.nick = nick
1578	dc.nickCM = casemapASCII(dc.nick)
1579	}
1580	case "SETNAME":
1581	var realname string
1582	if err := parseMessageParams(msg, &realname); err != nil {
1583	return err
1584	}
1585
1586	// If the client just resets to the default, just wipe the per-network
1587	// preference
1588	storeRealname := realname
1589	if realname == dc.user.Realname {
1590	storeRealname = ""
1591	}
1592
1593	var storeErr error
1594	var needUpdate []Network
1595	dc.forEachNetwork(func(n *network) {
1596	// We only need to call updateNetwork for upstreams that don't
1597	// support setname
1598	if uc := n.conn; uc != nil && uc.caps["setname"] {
1599	uc.SendMessageLabeled(dc.id, &irc.Message{
1600	Command: "SETNAME",
1601	Params: []string{realname},
1602	})
1603
1604	n.Realname = storeRealname
1605	if err := dc.srv.db.StoreNetwork(ctx, dc.user.ID, &n.Network); err != nil {
1606	dc.logger.Printf("failed to store network realname: %v", err)
1607	storeErr = err
1608	}
1609	return
1610	}
1611
1612	record := n.Network // copy network record because we'll mutate it
1613	record.Realname = storeRealname
1614	needUpdate = append(needUpdate, record)
1615	})
1616
1617	// Walk the network list as a second step, because updateNetwork
1618	// mutates the original list
1619	for _, record := range needUpdate {
1620	if _, err := dc.user.updateNetwork(ctx, &record); err != nil {
1621	dc.logger.Printf("failed to update network realname: %v", err)
1622	storeErr = err
1623	}
1624	}
1625	if storeErr != nil {
1626	return ircError{&irc.Message{
1627	Command: "FAIL",
1628	Params: []string{"SETNAME", "CANNOT_CHANGE_REALNAME", "Failed to update realname"},
1629	}}
1630	}
1631
1632	if dc.upstream() == nil {
1633	dc.SendMessage(&irc.Message{
1634	Prefix: dc.prefix(),
1635	Command: "SETNAME",
1636	Params: []string{realname},
1637	})
1638	}
1639	case "JOIN":
1640	var namesStr string
1641	if err := parseMessageParams(msg, &namesStr); err != nil {
1642	return err
1643	}
1644
1645	var keys []string
1646	if len(msg.Params) > 1 {
1647	keys = strings.Split(msg.Params[1], ",")
1648	}
1649
1650	for i, name := range strings.Split(namesStr, ",") {
1651	uc, upstreamName, err := dc.unmarshalEntity(name)
1652	if err != nil {
1653	return err
1654	}
1655
1656	var key string
1657	if len(keys) > i {
1658	key = keys[i]
1659	}
1660
1661	if !uc.isChannel(upstreamName) {
1662	dc.SendMessage(&irc.Message{
1663	Prefix: dc.srv.prefix(),
1664	Command: irc.ERR_NOSUCHCHANNEL,
1665	Params: []string{name, "Not a channel name"},
1666	})
1667	continue
1668	}
1669
1670	params := []string{upstreamName}
1671	if key != "" {
1672	params = append(params, key)
1673	}
1674	uc.SendMessageLabeled(dc.id, &irc.Message{
1675	Command: "JOIN",
1676	Params: params,
1677	})
1678
1679	ch := uc.network.channels.Value(upstreamName)
1680	if ch != nil {
1681	// Don't clear the channel key if there's one set
1682	// TODO: add a way to unset the channel key
1683	if key != "" {
1684	ch.Key = key
1685	}
1686	uc.network.attach(ch)
1687	} else {
1688	ch = &Channel{
1689	Name: upstreamName,
1690	Key: key,
1691	}
1692	uc.network.channels.SetValue(upstreamName, ch)
1693	}
1694	if err := dc.srv.db.StoreChannel(ctx, uc.network.ID, ch); err != nil {
1695	dc.logger.Printf("failed to create or update channel %q: %v", upstreamName, err)
1696	}
1697	}
1698	case "PART":
1699	var namesStr string
1700	if err := parseMessageParams(msg, &namesStr); err != nil {
1701	return err
1702	}
1703
1704	var reason string
1705	if len(msg.Params) > 1 {
1706	reason = msg.Params[1]
1707	}
1708
1709	for _, name := range strings.Split(namesStr, ",") {
1710	uc, upstreamName, err := dc.unmarshalEntity(name)
1711	if err != nil {
1712	return err
1713	}
1714
1715	if strings.EqualFold(reason, "detach") {
1716	ch := uc.network.channels.Value(upstreamName)
1717	if ch != nil {
1718	uc.network.detach(ch)
1719	} else {
1720	ch = &Channel{
1721	Name: name,
1722	Detached: true,
1723	}
1724	uc.network.channels.SetValue(upstreamName, ch)
1725	}
1726	if err := dc.srv.db.StoreChannel(ctx, uc.network.ID, ch); err != nil {
1727	dc.logger.Printf("failed to create or update channel %q: %v", upstreamName, err)
1728	}
1729	} else {
1730	params := []string{upstreamName}
1731	if reason != "" {
1732	params = append(params, reason)
1733	}
1734	uc.SendMessageLabeled(dc.id, &irc.Message{
1735	Command: "PART",
1736	Params: params,
1737	})
1738
1739	if err := uc.network.deleteChannel(ctx, upstreamName); err != nil {
1740	dc.logger.Printf("failed to delete channel %q: %v", upstreamName, err)
1741	}
1742	}
1743	}
1744	case "KICK":
1745	var channelStr, userStr string
1746	if err := parseMessageParams(msg, &channelStr, &userStr); err != nil {
1747	return err
1748	}
1749
1750	channels := strings.Split(channelStr, ",")
1751	users := strings.Split(userStr, ",")
1752
1753	var reason string
1754	if len(msg.Params) > 2 {
1755	reason = msg.Params[2]
1756	}
1757
1758	if len(channels) != 1 && len(channels) != len(users) {
1759	return ircError{&irc.Message{
1760	Command: irc.ERR_BADCHANMASK,
1761	Params: []string{dc.nick, channelStr, "Bad channel mask"},
1762	}}
1763	}
1764
1765	for i, user := range users {
1766	var channel string
1767	if len(channels) == 1 {
1768	channel = channels[0]
1769	} else {
1770	channel = channels[i]
1771	}
1772
1773	ucChannel, upstreamChannel, err := dc.unmarshalEntity(channel)
1774	if err != nil {
1775	return err
1776	}
1777
1778	ucUser, upstreamUser, err := dc.unmarshalEntity(user)
1779	if err != nil {
1780	return err
1781	}
1782
1783	if ucChannel != ucUser {
1784	return ircError{&irc.Message{
1785	Command: irc.ERR_USERNOTINCHANNEL,
1786	Params: []string{dc.nick, user, channel, "They are on another network"},
1787	}}
1788	}
1789	uc := ucChannel
1790
1791	params := []string{upstreamChannel, upstreamUser}
1792	if reason != "" {
1793	params = append(params, reason)
1794	}
1795	uc.SendMessageLabeled(dc.id, &irc.Message{
1796	Command: "KICK",
1797	Params: params,
1798	})
1799	}
1800	case "MODE":
1801	var name string
1802	if err := parseMessageParams(msg, &name); err != nil {
1803	return err
1804	}
1805
1806	var modeStr string
1807	if len(msg.Params) > 1 {
1808	modeStr = msg.Params[1]
1809	}
1810
1811	if casemapASCII(name) == dc.nickCM {
1812	if modeStr != "" {
1813	if uc := dc.upstream(); uc != nil {
1814	uc.SendMessageLabeled(dc.id, &irc.Message{
1815	Command: "MODE",
1816	Params: []string{uc.nick, modeStr},
1817	})
1818	} else {
1819	dc.SendMessage(&irc.Message{
1820	Prefix: dc.srv.prefix(),
1821	Command: irc.ERR_UMODEUNKNOWNFLAG,
1822	Params: []string{dc.nick, "Cannot change user mode in multi-upstream mode"},
1823	})
1824	}
1825	} else {
1826	var userMode string
1827	if uc := dc.upstream(); uc != nil {
1828	userMode = string(uc.modes)
1829	}
1830
1831	dc.SendMessage(&irc.Message{
1832	Prefix: dc.srv.prefix(),
1833	Command: irc.RPL_UMODEIS,
1834	Params: []string{dc.nick, "+" + userMode},
1835	})
1836	}
1837	return nil
1838	}
1839
1840	uc, upstreamName, err := dc.unmarshalEntity(name)
1841	if err != nil {
1842	return err
1843	}
1844
1845	if !uc.isChannel(upstreamName) {
1846	return ircError{&irc.Message{
1847	Command: irc.ERR_USERSDONTMATCH,
1848	Params: []string{dc.nick, "Cannot change mode for other users"},
1849	}}
1850	}
1851
1852	if modeStr != "" {
1853	params := []string{upstreamName, modeStr}
1854	params = append(params, msg.Params[2:]...)
1855	uc.SendMessageLabeled(dc.id, &irc.Message{
1856	Command: "MODE",
1857	Params: params,
1858	})
1859	} else {
1860	ch := uc.channels.Value(upstreamName)
1861	if ch == nil {
1862	return ircError{&irc.Message{
1863	Command: irc.ERR_NOSUCHCHANNEL,
1864	Params: []string{dc.nick, name, "No such channel"},
1865	}}
1866	}
1867
1868	if ch.modes == nil {
1869	// we haven't received the initial RPL_CHANNELMODEIS yet
1870	// ignore the request, we will broadcast the modes later when we receive RPL_CHANNELMODEIS
1871	return nil
1872	}
1873
1874	modeStr, modeParams := ch.modes.Format()
1875	params := []string{dc.nick, name, modeStr}
1876	params = append(params, modeParams...)
1877
1878	dc.SendMessage(&irc.Message{
1879	Prefix: dc.srv.prefix(),
1880	Command: irc.RPL_CHANNELMODEIS,
1881	Params: params,
1882	})
1883	if ch.creationTime != "" {
1884	dc.SendMessage(&irc.Message{
1885	Prefix: dc.srv.prefix(),
1886	Command: rpl_creationtime,
1887	Params: []string{dc.nick, name, ch.creationTime},
1888	})
1889	}
1890	}
1891	case "TOPIC":
1892	var channel string
1893	if err := parseMessageParams(msg, &channel); err != nil {
1894	return err
1895	}
1896
1897	uc, upstreamName, err := dc.unmarshalEntity(channel)
1898	if err != nil {
1899	return err
1900	}
1901
1902	if len(msg.Params) > 1 { // setting topic
1903	topic := msg.Params[1]
1904	uc.SendMessageLabeled(dc.id, &irc.Message{
1905	Command: "TOPIC",
1906	Params: []string{upstreamName, topic},
1907	})
1908	} else { // getting topic
1909	ch := uc.channels.Value(upstreamName)
1910	if ch == nil {
1911	return ircError{&irc.Message{
1912	Command: irc.ERR_NOSUCHCHANNEL,
1913	Params: []string{dc.nick, upstreamName, "No such channel"},
1914	}}
1915	}
1916	sendTopic(dc, ch)
1917	}
1918	case "LIST":
1919	network := dc.network
1920	if network == nil && len(msg.Params) > 0 {
1921	var err error
1922	network, msg.Params[0], err = dc.unmarshalEntityNetwork(msg.Params[0])
1923	if err != nil {
1924	return err
1925	}
1926	}
1927	if network == nil {
1928	dc.SendMessage(&irc.Message{
1929	Prefix: dc.srv.prefix(),
1930	Command: irc.RPL_LISTEND,
1931	Params: []string{dc.nick, "LIST without a network suffix is not supported in multi-upstream mode"},
1932	})
1933	return nil
1934	}
1935
1936	uc := network.conn
1937	if uc == nil {
1938	dc.SendMessage(&irc.Message{
1939	Prefix: dc.srv.prefix(),
1940	Command: irc.RPL_LISTEND,
1941	Params: []string{dc.nick, "Disconnected from upstream server"},
1942	})
1943	return nil
1944	}
1945
1946	uc.enqueueCommand(dc, msg)
1947	case "NAMES":
1948	if len(msg.Params) == 0 {
1949	dc.SendMessage(&irc.Message{
1950	Prefix: dc.srv.prefix(),
1951	Command: irc.RPL_ENDOFNAMES,
1952	Params: []string{dc.nick, "*", "End of /NAMES list"},
1953	})
1954	return nil
1955	}
1956
1957	channels := strings.Split(msg.Params[0], ",")
1958	for _, channel := range channels {
1959	uc, upstreamName, err := dc.unmarshalEntity(channel)
1960	if err != nil {
1961	return err
1962	}
1963
1964	ch := uc.channels.Value(upstreamName)
1965	if ch != nil {
1966	sendNames(dc, ch)
1967	} else {
1968	// NAMES on a channel we have not joined, ask upstream
1969	uc.SendMessageLabeled(dc.id, &irc.Message{
1970	Command: "NAMES",
1971	Params: []string{upstreamName},
1972	})
1973	}
1974	}
1975	// For WHOX docs, see:
1976	// - http://faerion.sourceforge.net/doc/irc/whox.var
1977	// - https://github.com/quakenet/snircd/blob/master/doc/readme.who
1978	// Note, many features aren't widely implemented, such as flags and mask2
1979	case "WHO":
1980	if len(msg.Params) == 0 {
1981	// TODO: support WHO without parameters
1982	dc.SendMessage(&irc.Message{
1983	Prefix: dc.srv.prefix(),
1984	Command: irc.RPL_ENDOFWHO,
1985	Params: []string{dc.nick, "*", "End of /WHO list"},
1986	})
1987	return nil
1988	}
1989
1990	// Clients will use the first mask to match RPL_ENDOFWHO
1991	endOfWhoToken := msg.Params[0]
1992
1993	// TODO: add support for WHOX mask2
1994	mask := msg.Params[0]
1995	var options string
1996	if len(msg.Params) > 1 {
1997	options = msg.Params[1]
1998	}
1999
2000	optionsParts := strings.SplitN(options, "%", 2)
2001	// TODO: add support for WHOX flags in optionsParts[0]
2002	var fields, whoxToken string
2003	if len(optionsParts) == 2 {
2004	optionsParts := strings.SplitN(optionsParts[1], ",", 2)
2005	fields = strings.ToLower(optionsParts[0])
2006	if len(optionsParts) == 2 && strings.Contains(fields, "t") {
2007	whoxToken = optionsParts[1]
2008	}
2009	}
2010
2011	// TODO: support mixed bouncer/upstream WHO queries
2012	maskCM := casemapASCII(mask)
2013	if dc.network == nil && maskCM == dc.nickCM {
2014	// TODO: support AWAY (H/G) in self WHO reply
2015	flags := "H"
2016	if dc.user.Admin {
2017	flags += "*"
2018	}
2019	info := whoxInfo{
2020	Token: whoxToken,
2021	Username: dc.user.Username,
2022	Hostname: dc.hostname,
2023	Server: dc.srv.Config().Hostname,
2024	Nickname: dc.nick,
2025	Flags: flags,
2026	Account: dc.user.Username,
2027	Realname: dc.realname,
2028	}
2029	dc.SendMessage(generateWHOXReply(dc.srv.prefix(), dc.nick, fields, &info))
2030	dc.SendMessage(&irc.Message{
2031	Prefix: dc.srv.prefix(),
2032	Command: irc.RPL_ENDOFWHO,
2033	Params: []string{dc.nick, endOfWhoToken, "End of /WHO list"},
2034	})
2035	return nil
2036	}
2037	if maskCM == serviceNickCM {
2038	info := whoxInfo{
2039	Token: whoxToken,
2040	Username: servicePrefix.User,
2041	Hostname: servicePrefix.Host,
2042	Server: dc.srv.Config().Hostname,
2043	Nickname: serviceNick,
2044	Flags: "H*",
2045	Account: serviceNick,
2046	Realname: serviceRealname,
2047	}
2048	dc.SendMessage(generateWHOXReply(dc.srv.prefix(), dc.nick, fields, &info))
2049	dc.SendMessage(&irc.Message{
2050	Prefix: dc.srv.prefix(),
2051	Command: irc.RPL_ENDOFWHO,
2052	Params: []string{dc.nick, endOfWhoToken, "End of /WHO list"},
2053	})
2054	return nil
2055	}
2056
2057	// TODO: properly support WHO masks
2058	uc, upstreamMask, err := dc.unmarshalEntity(mask)
2059	if err != nil {
2060	return err
2061	}
2062
2063	params := []string{upstreamMask}
2064	if options != "" {
2065	params = append(params, options)
2066	}
2067
2068	uc.enqueueCommand(dc, &irc.Message{
2069	Command: "WHO",
2070	Params: params,
2071	})
2072	case "WHOIS":
2073	if len(msg.Params) == 0 {
2074	return ircError{&irc.Message{
2075	Command: irc.ERR_NONICKNAMEGIVEN,
2076	Params: []string{dc.nick, "No nickname given"},
2077	}}
2078	}
2079
2080	var target, mask string
2081	if len(msg.Params) == 1 {
2082	target = ""
2083	mask = msg.Params[0]
2084	} else {
2085	target = msg.Params[0]
2086	mask = msg.Params[1]
2087	}
2088	// TODO: support multiple WHOIS users
2089	if i := strings.IndexByte(mask, ','); i >= 0 {
2090	mask = mask[:i]
2091	}
2092
2093	if dc.network == nil && casemapASCII(mask) == dc.nickCM {
2094	dc.SendMessage(&irc.Message{
2095	Prefix: dc.srv.prefix(),
2096	Command: irc.RPL_WHOISUSER,
2097	Params: []string{dc.nick, dc.nick, dc.user.Username, dc.hostname, "*", dc.realname},
2098	})
2099	dc.SendMessage(&irc.Message{
2100	Prefix: dc.srv.prefix(),
2101	Command: irc.RPL_WHOISSERVER,
2102	Params: []string{dc.nick, dc.nick, dc.srv.Config().Hostname, "soju"},
2103	})
2104	if dc.user.Admin {
2105	dc.SendMessage(&irc.Message{
2106	Prefix: dc.srv.prefix(),
2107	Command: irc.RPL_WHOISOPERATOR,
2108	Params: []string{dc.nick, dc.nick, "is a bouncer administrator"},
2109	})
2110	}
2111	dc.SendMessage(&irc.Message{
2112	Prefix: dc.srv.prefix(),
2113	Command: rpl_whoisaccount,
2114	Params: []string{dc.nick, dc.nick, dc.user.Username, "is logged in as"},
2115	})
2116	dc.SendMessage(&irc.Message{
2117	Prefix: dc.srv.prefix(),
2118	Command: irc.RPL_ENDOFWHOIS,
2119	Params: []string{dc.nick, dc.nick, "End of /WHOIS list"},
2120	})
2121	return nil
2122	}
2123	if casemapASCII(mask) == serviceNickCM {
2124	dc.SendMessage(&irc.Message{
2125	Prefix: dc.srv.prefix(),
2126	Command: irc.RPL_WHOISUSER,
2127	Params: []string{dc.nick, serviceNick, servicePrefix.User, servicePrefix.Host, "*", serviceRealname},
2128	})
2129	dc.SendMessage(&irc.Message{
2130	Prefix: dc.srv.prefix(),
2131	Command: irc.RPL_WHOISSERVER,
2132	Params: []string{dc.nick, serviceNick, dc.srv.Config().Hostname, "soju"},
2133	})
2134	dc.SendMessage(&irc.Message{
2135	Prefix: dc.srv.prefix(),
2136	Command: irc.RPL_WHOISOPERATOR,
2137	Params: []string{dc.nick, serviceNick, "is the bouncer service"},
2138	})
2139	dc.SendMessage(&irc.Message{
2140	Prefix: dc.srv.prefix(),
2141	Command: rpl_whoisaccount,
2142	Params: []string{dc.nick, serviceNick, serviceNick, "is logged in as"},
2143	})
2144	dc.SendMessage(&irc.Message{
2145	Prefix: dc.srv.prefix(),
2146	Command: irc.RPL_ENDOFWHOIS,
2147	Params: []string{dc.nick, serviceNick, "End of /WHOIS list"},
2148	})
2149	return nil
2150	}
2151
2152	// TODO: support WHOIS masks
2153	uc, upstreamNick, err := dc.unmarshalEntity(mask)
2154	if err != nil {
2155	return err
2156	}
2157
2158	var params []string
2159	if target != "" {
2160	if target == mask { // WHOIS nick nick
2161	params = []string{upstreamNick, upstreamNick}
2162	} else {
2163	params = []string{target, upstreamNick}
2164	}
2165	} else {
2166	params = []string{upstreamNick}
2167	}
2168
2169	uc.SendMessageLabeled(dc.id, &irc.Message{
2170	Command: "WHOIS",
2171	Params: params,
2172	})
2173	case "PRIVMSG", "NOTICE":
2174	var targetsStr, text string
2175	if err := parseMessageParams(msg, &targetsStr, &text); err != nil {
2176	return err
2177	}
2178	tags := copyClientTags(msg.Tags)
2179
2180	for _, name := range strings.Split(targetsStr, ",") {
2181	if name == "$"+dc.srv.Config().Hostname \|\| (name == "$*" && dc.network == nil) {
2182	// "$" means a server mask follows. If it's the bouncer's
2183	// hostname, broadcast the message to all bouncer users.
2184	if !dc.user.Admin {
2185	return ircError{&irc.Message{
2186	Prefix: dc.srv.prefix(),
2187	Command: irc.ERR_BADMASK,
2188	Params: []string{dc.nick, name, "Permission denied to broadcast message to all bouncer users"},
2189	}}
2190	}
2191
2192	dc.logger.Printf("broadcasting bouncer-wide %v: %v", msg.Command, text)
2193
2194	broadcastTags := tags.Copy()
2195	broadcastTags["time"] = irc.TagValue(time.Now().UTC().Format(serverTimeLayout))
2196	broadcastMsg := &irc.Message{
2197	Tags: broadcastTags,
2198	Prefix: servicePrefix,
2199	Command: msg.Command,
2200	Params: []string{name, text},
2201	}
2202	dc.srv.forEachUser(func(u *user) {
2203	u.events <- eventBroadcast{broadcastMsg}
2204	})
2205	continue
2206	}
2207
2208	if dc.network == nil && casemapASCII(name) == dc.nickCM {
2209	dc.SendMessage(&irc.Message{
2210	Tags: msg.Tags.Copy(),
2211	Prefix: dc.prefix(),
2212	Command: msg.Command,
2213	Params: []string{name, text},
2214	})
2215	continue
2216	}
2217
2218	if msg.Command == "PRIVMSG" && casemapASCII(name) == serviceNickCM {
2219	if dc.caps["echo-message"] {
2220	echoTags := tags.Copy()
2221	echoTags["time"] = irc.TagValue(time.Now().UTC().Format(serverTimeLayout))
2222	dc.SendMessage(&irc.Message{
2223	Tags: echoTags,
2224	Prefix: dc.prefix(),
2225	Command: msg.Command,
2226	Params: []string{name, text},
2227	})
2228	}
2229	handleServicePRIVMSG(ctx, dc, text)
2230	continue
2231	}
2232
2233	uc, upstreamName, err := dc.unmarshalEntity(name)
2234	if err != nil {
2235	return err
2236	}
2237
2238	if msg.Command == "PRIVMSG" && uc.network.casemap(upstreamName) == "nickserv" {
2239	dc.handleNickServPRIVMSG(ctx, uc, text)
2240	}
2241
2242	unmarshaledText := text
2243	if uc.isChannel(upstreamName) {
2244	unmarshaledText = dc.unmarshalText(uc, text)
2245	}
2246	uc.SendMessageLabeled(dc.id, &irc.Message{
2247	Tags: tags,
2248	Command: msg.Command,
2249	Params: []string{upstreamName, unmarshaledText},
2250	})
2251
2252	echoTags := tags.Copy()
2253	echoTags["time"] = irc.TagValue(time.Now().UTC().Format(serverTimeLayout))
2254	if uc.account != "" {
2255	echoTags["account"] = irc.TagValue(uc.account)
2256	}
2257	echoMsg := &irc.Message{
2258	Tags: echoTags,
2259	Prefix: &irc.Prefix{Name: uc.nick},
2260	Command: msg.Command,
2261	Params: []string{upstreamName, text},
2262	}
2263	uc.produce(upstreamName, echoMsg, dc)
2264
2265	uc.updateChannelAutoDetach(upstreamName)
2266	}
2267	case "TAGMSG":
2268	var targetsStr string
2269	if err := parseMessageParams(msg, &targetsStr); err != nil {
2270	return err
2271	}
2272	tags := copyClientTags(msg.Tags)
2273
2274	for _, name := range strings.Split(targetsStr, ",") {
2275	if dc.network == nil && casemapASCII(name) == dc.nickCM {
2276	dc.SendMessage(&irc.Message{
2277	Tags: msg.Tags.Copy(),
2278	Prefix: dc.prefix(),
2279	Command: "TAGMSG",
2280	Params: []string{name},
2281	})
2282	continue
2283	}
2284
2285	if casemapASCII(name) == serviceNickCM {
2286	continue
2287	}
2288
2289	uc, upstreamName, err := dc.unmarshalEntity(name)
2290	if err != nil {
2291	return err
2292	}
2293	if _, ok := uc.caps["message-tags"]; !ok {
2294	continue
2295	}
2296
2297	uc.SendMessageLabeled(dc.id, &irc.Message{
2298	Tags: tags,
2299	Command: "TAGMSG",
2300	Params: []string{upstreamName},
2301	})
2302
2303	uc.updateChannelAutoDetach(upstreamName)
2304	}
2305	case "INVITE":
2306	var user, channel string
2307	if err := parseMessageParams(msg, &user, &channel); err != nil {
2308	return err
2309	}
2310
2311	ucChannel, upstreamChannel, err := dc.unmarshalEntity(channel)
2312	if err != nil {
2313	return err
2314	}
2315
2316	ucUser, upstreamUser, err := dc.unmarshalEntity(user)
2317	if err != nil {
2318	return err
2319	}
2320
2321	if ucChannel != ucUser {
2322	return ircError{&irc.Message{
2323	Command: irc.ERR_USERNOTINCHANNEL,
2324	Params: []string{dc.nick, user, channel, "They are on another network"},
2325	}}
2326	}
2327	uc := ucChannel
2328
2329	uc.SendMessageLabeled(dc.id, &irc.Message{
2330	Command: "INVITE",
2331	Params: []string{upstreamUser, upstreamChannel},
2332	})
2333	case "MONITOR":
2334	// MONITOR is unsupported in multi-upstream mode
2335	uc := dc.upstream()
2336	if uc == nil {
2337	return newUnknownCommandError(msg.Command)
2338	}
2339
2340	var subcommand string
2341	if err := parseMessageParams(msg, &subcommand); err != nil {
2342	return err
2343	}
2344
2345	switch strings.ToUpper(subcommand) {
2346	case "+", "-":
2347	var targets string
2348	if err := parseMessageParams(msg, nil, &targets); err != nil {
2349	return err
2350	}
2351	for _, target := range strings.Split(targets, ",") {
2352	if subcommand == "+" {
2353	// Hard limit, just to avoid having downstreams fill our map
2354	if len(dc.monitored.innerMap) >= 1000 {
2355	dc.SendMessage(&irc.Message{
2356	Prefix: dc.srv.prefix(),
2357	Command: irc.ERR_MONLISTFULL,
2358	Params: []string{dc.nick, "1000", target, "Bouncer monitor list is full"},
2359	})
2360	continue
2361	}
2362
2363	dc.monitored.SetValue(target, nil)
2364
2365	if uc.monitored.Has(target) {
2366	cmd := irc.RPL_MONOFFLINE
2367	if online := uc.monitored.Value(target); online {
2368	cmd = irc.RPL_MONONLINE
2369	}
2370
2371	dc.SendMessage(&irc.Message{
2372	Prefix: dc.srv.prefix(),
2373	Command: cmd,
2374	Params: []string{dc.nick, target},
2375	})
2376	}
2377	} else {
2378	dc.monitored.Delete(target)
2379	}
2380	}
2381	uc.updateMonitor()
2382	case "C": // clear
2383	dc.monitored = newCasemapMap(0)
2384	uc.updateMonitor()
2385	case "L": // list
2386	// TODO: be less lazy and pack the list
2387	for _, entry := range dc.monitored.innerMap {
2388	dc.SendMessage(&irc.Message{
2389	Prefix: dc.srv.prefix(),
2390	Command: irc.RPL_MONLIST,
2391	Params: []string{dc.nick, entry.originalKey},
2392	})
2393	}
2394	dc.SendMessage(&irc.Message{
2395	Prefix: dc.srv.prefix(),
2396	Command: irc.RPL_ENDOFMONLIST,
2397	Params: []string{dc.nick, "End of MONITOR list"},
2398	})
2399	case "S": // status
2400	// TODO: be less lazy and pack the lists
2401	for _, entry := range dc.monitored.innerMap {
2402	target := entry.originalKey
2403
2404	cmd := irc.RPL_MONOFFLINE
2405	if online := uc.monitored.Value(target); online {
2406	cmd = irc.RPL_MONONLINE
2407	}
2408
2409	dc.SendMessage(&irc.Message{
2410	Prefix: dc.srv.prefix(),
2411	Command: cmd,
2412	Params: []string{dc.nick, target},
2413	})
2414	}
2415	}
2416	case "CHATHISTORY":
2417	var subcommand string
2418	if err := parseMessageParams(msg, &subcommand); err != nil {
2419	return err
2420	}
2421	var target, limitStr string
2422	var boundsStr [2]string
2423	switch subcommand {
2424	case "AFTER", "BEFORE", "LATEST":
2425	if err := parseMessageParams(msg, nil, &target, &boundsStr[0], &limitStr); err != nil {
2426	return err
2427	}
2428	case "BETWEEN":
2429	if err := parseMessageParams(msg, nil, &target, &boundsStr[0], &boundsStr[1], &limitStr); err != nil {
2430	return err
2431	}
2432	case "TARGETS":
2433	if dc.network == nil {
2434	// Either an unbound bouncer network, in which case we should return no targets,
2435	// or a multi-upstream downstream, but we don't support CHATHISTORY TARGETS for those yet.
2436	dc.SendBatch("draft/chathistory-targets", nil, nil, func(batchRef irc.TagValue) {})
2437	return nil
2438	}
2439	if err := parseMessageParams(msg, nil, &boundsStr[0], &boundsStr[1], &limitStr); err != nil {
2440	return err
2441	}
2442	default:
2443	// TODO: support AROUND
2444	return ircError{&irc.Message{
2445	Command: "FAIL",
2446	Params: []string{"CHATHISTORY", "INVALID_PARAMS", subcommand, "Unknown command"},
2447	}}
2448	}
2449
2450	// We don't save history for our service
2451	if casemapASCII(target) == serviceNickCM {
2452	dc.SendBatch("chathistory", []string{target}, nil, func(batchRef irc.TagValue) {})
2453	return nil
2454	}
2455
2456	store, ok := dc.user.msgStore.(chatHistoryMessageStore)
2457	if !ok {
2458	return ircError{&irc.Message{
2459	Command: irc.ERR_UNKNOWNCOMMAND,
2460	Params: []string{dc.nick, "CHATHISTORY", "Unknown command"},
2461	}}
2462	}
2463
2464	network, entity, err := dc.unmarshalEntityNetwork(target)
2465	if err != nil {
2466	return err
2467	}
2468	entity = network.casemap(entity)
2469
2470	// TODO: support msgid criteria
2471	var bounds [2]time.Time
2472	bounds[0] = parseChatHistoryBound(boundsStr[0])
2473	if subcommand == "LATEST" && boundsStr[0] == "*" {
2474	bounds[0] = time.Now()
2475	} else if bounds[0].IsZero() {
2476	return ircError{&irc.Message{
2477	Command: "FAIL",
2478	Params: []string{"CHATHISTORY", "INVALID_PARAMS", subcommand, boundsStr[0], "Invalid first bound"},
2479	}}
2480	}
2481
2482	if boundsStr[1] != "" {
2483	bounds[1] = parseChatHistoryBound(boundsStr[1])
2484	if bounds[1].IsZero() {
2485	return ircError{&irc.Message{
2486	Command: "FAIL",
2487	Params: []string{"CHATHISTORY", "INVALID_PARAMS", subcommand, boundsStr[1], "Invalid second bound"},
2488	}}
2489	}
2490	}
2491
2492	limit, err := strconv.Atoi(limitStr)
2493	if err != nil \|\| limit < 0 \|\| limit > chatHistoryLimit {
2494	return ircError{&irc.Message{
2495	Command: "FAIL",
2496	Params: []string{"CHATHISTORY", "INVALID_PARAMS", subcommand, limitStr, "Invalid limit"},
2497	}}
2498	}
2499
2500	eventPlayback := dc.caps["draft/event-playback"]
2501
2502	var history []*irc.Message
2503	switch subcommand {
2504	case "BEFORE", "LATEST":
2505	history, err = store.LoadBeforeTime(ctx, &network.Network, entity, bounds[0], time.Time{}, limit, eventPlayback)
2506	case "AFTER":
2507	history, err = store.LoadAfterTime(ctx, &network.Network, entity, bounds[0], time.Now(), limit, eventPlayback)
2508	case "BETWEEN":
2509	if bounds[0].Before(bounds[1]) {
2510	history, err = store.LoadAfterTime(ctx, &network.Network, entity, bounds[0], bounds[1], limit, eventPlayback)
2511	} else {
2512	history, err = store.LoadBeforeTime(ctx, &network.Network, entity, bounds[0], bounds[1], limit, eventPlayback)
2513	}
2514	case "TARGETS":
2515	// TODO: support TARGETS in multi-upstream mode
2516	targets, err := store.ListTargets(ctx, &network.Network, bounds[0], bounds[1], limit, eventPlayback)
2517	if err != nil {
2518	dc.logger.Printf("failed fetching targets for chathistory: %v", err)
2519	return ircError{&irc.Message{
2520	Command: "FAIL",
2521	Params: []string{"CHATHISTORY", "MESSAGE_ERROR", subcommand, "Failed to retrieve targets"},
2522	}}
2523	}
2524
2525	dc.SendBatch("draft/chathistory-targets", nil, nil, func(batchRef irc.TagValue) {
2526	for _, target := range targets {
2527	if ch := network.channels.Value(target.Name); ch != nil && ch.Detached {
2528	continue
2529	}
2530
2531	dc.SendMessage(&irc.Message{
2532	Tags: irc.Tags{"batch": batchRef},
2533	Prefix: dc.srv.prefix(),
2534	Command: "CHATHISTORY",
2535	Params: []string{"TARGETS", target.Name, target.LatestMessage.UTC().Format(serverTimeLayout)},
2536	})
2537	}
2538	})
2539
2540	return nil
2541	}
2542	if err != nil {
2543	dc.logger.Printf("failed fetching %q messages for chathistory: %v", target, err)
2544	return newChatHistoryError(subcommand, target)
2545	}
2546
2547	dc.SendBatch("chathistory", []string{target}, nil, func(batchRef irc.TagValue) {
2548	for _, msg := range history {
2549	msg.Tags["batch"] = batchRef
2550	dc.SendMessage(dc.marshalMessage(msg, network))
2551	}
2552	})
2553	case "BOUNCER":
2554	var subcommand string
2555	if err := parseMessageParams(msg, &subcommand); err != nil {
2556	return err
2557	}
2558
2559	switch strings.ToUpper(subcommand) {
2560	case "BIND":
2561	return ircError{&irc.Message{
2562	Command: "FAIL",
2563	Params: []string{"BOUNCER", "REGISTRATION_IS_COMPLETED", "BIND", "Cannot bind to a network after registration"},
2564	}}
2565	case "LISTNETWORKS":
2566	dc.SendBatch("soju.im/bouncer-networks", nil, nil, func(batchRef irc.TagValue) {
2567	dc.user.forEachNetwork(func(network *network) {
2568	idStr := fmt.Sprintf("%v", network.ID)
2569	attrs := getNetworkAttrs(network)
2570	dc.SendMessage(&irc.Message{
2571	Tags: irc.Tags{"batch": batchRef},
2572	Prefix: dc.srv.prefix(),
2573	Command: "BOUNCER",
2574	Params: []string{"NETWORK", idStr, attrs.String()},
2575	})
2576	})
2577	})
2578	case "ADDNETWORK":
2579	var attrsStr string
2580	if err := parseMessageParams(msg, nil, &attrsStr); err != nil {
2581	return err
2582	}
2583	attrs := irc.ParseTags(attrsStr)
2584
2585	record := &Network{Nick: dc.nick, Enabled: true}
2586	if err := updateNetworkAttrs(record, attrs, subcommand); err != nil {
2587	return err
2588	}
2589
2590	if record.Nick == dc.user.Username {
2591	record.Nick = ""
2592	}
2593	if record.Realname == dc.user.Realname {
2594	record.Realname = ""
2595	}
2596
2597	network, err := dc.user.createNetwork(ctx, record)
2598	if err != nil {
2599	return ircError{&irc.Message{
2600	Command: "FAIL",
2601	Params: []string{"BOUNCER", "UNKNOWN_ERROR", subcommand, fmt.Sprintf("Failed to create network: %v", err)},
2602	}}
2603	}
2604
2605	dc.SendMessage(&irc.Message{
2606	Prefix: dc.srv.prefix(),
2607	Command: "BOUNCER",
2608	Params: []string{"ADDNETWORK", fmt.Sprintf("%v", network.ID)},
2609	})
2610	case "CHANGENETWORK":
2611	var idStr, attrsStr string
2612	if err := parseMessageParams(msg, nil, &idStr, &attrsStr); err != nil {
2613	return err
2614	}
2615	id, err := parseBouncerNetID(subcommand, idStr)
2616	if err != nil {
2617	return err
2618	}
2619	attrs := irc.ParseTags(attrsStr)
2620
2621	net := dc.user.getNetworkByID(id)
2622	if net == nil {
2623	return ircError{&irc.Message{
2624	Command: "FAIL",
2625	Params: []string{"BOUNCER", "INVALID_NETID", subcommand, idStr, "Invalid network ID"},
2626	}}
2627	}
2628
2629	record := net.Network // copy network record because we'll mutate it
2630	if err := updateNetworkAttrs(&record, attrs, subcommand); err != nil {
2631	return err
2632	}
2633
2634	if record.Nick == dc.user.Username {
2635	record.Nick = ""
2636	}
2637	if record.Realname == dc.user.Realname {
2638	record.Realname = ""
2639	}
2640
2641	_, err = dc.user.updateNetwork(ctx, &record)
2642	if err != nil {
2643	return ircError{&irc.Message{
2644	Command: "FAIL",
2645	Params: []string{"BOUNCER", "UNKNOWN_ERROR", subcommand, fmt.Sprintf("Failed to update network: %v", err)},
2646	}}
2647	}
2648
2649	dc.SendMessage(&irc.Message{
2650	Prefix: dc.srv.prefix(),
2651	Command: "BOUNCER",
2652	Params: []string{"CHANGENETWORK", idStr},
2653	})
2654	case "DELNETWORK":
2655	var idStr string
2656	if err := parseMessageParams(msg, nil, &idStr); err != nil {
2657	return err
2658	}
2659	id, err := parseBouncerNetID(subcommand, idStr)
2660	if err != nil {
2661	return err
2662	}
2663
2664	net := dc.user.getNetworkByID(id)
2665	if net == nil {
2666	return ircError{&irc.Message{
2667	Command: "FAIL",
2668	Params: []string{"BOUNCER", "INVALID_NETID", subcommand, idStr, "Invalid network ID"},
2669	}}
2670	}
2671
2672	if err := dc.user.deleteNetwork(ctx, net.ID); err != nil {
2673	return err
2674	}
2675
2676	dc.SendMessage(&irc.Message{
2677	Prefix: dc.srv.prefix(),
2678	Command: "BOUNCER",
2679	Params: []string{"DELNETWORK", idStr},
2680	})
2681	default:
2682	return ircError{&irc.Message{
2683	Command: "FAIL",
2684	Params: []string{"BOUNCER", "UNKNOWN_COMMAND", subcommand, "Unknown subcommand"},
2685	}}
2686	}
2687	default:
2688	dc.logger.Printf("unhandled message: %v", msg)
2689
2690	// Only forward unknown commands in single-upstream mode
2691	uc := dc.upstream()
2692	if uc == nil {
2693	return newUnknownCommandError(msg.Command)
2694	}
2695
2696	uc.SendMessageLabeled(dc.id, msg)
2697	}
2698	return nil
2699	}
2700
2701	func (dc downstreamConn) handleNickServPRIVMSG(ctx context.Context, uc upstreamConn, text string) {
2702	username, password, ok := parseNickServCredentials(text, uc.nick)
2703	if !ok {
2704	return
2705	}
2706
2707	// User may have e.g. EXTERNAL mechanism configured. We do not want to
2708	// automatically erase the key pair or any other credentials.
2709	if uc.network.SASL.Mechanism != "" && uc.network.SASL.Mechanism != "PLAIN" {
2710	return
2711	}
2712
2713	dc.logger.Printf("auto-saving NickServ credentials with username %q", username)
2714	n := uc.network
2715	n.SASL.Mechanism = "PLAIN"
2716	n.SASL.Plain.Username = username
2717	n.SASL.Plain.Password = password
2718	if err := dc.srv.db.StoreNetwork(ctx, dc.user.ID, &n.Network); err != nil {
2719	dc.logger.Printf("failed to save NickServ credentials: %v", err)
2720	}
2721	}
2722
2723	func parseNickServCredentials(text, nick string) (username, password string, ok bool) {
2724	fields := strings.Fields(text)
2725	if len(fields) < 2 {
2726	return "", "", false
2727	}
2728	cmd := strings.ToUpper(fields[0])
2729	params := fields[1:]
2730	switch cmd {
2731	case "REGISTER":
2732	username = nick
2733	password = params[0]
2734	case "IDENTIFY":
2735	if len(params) == 1 {
2736	username = nick
2737	password = params[0]
2738	} else {
2739	username = params[0]
2740	password = params[1]
2741	}
2742	case "SET":
2743	if len(params) == 2 && strings.EqualFold(params[0], "PASSWORD") {
2744	username = nick
2745	password = params[1]
2746	}
2747	default:
2748	return "", "", false
2749	}
2750	return username, password, true
2751	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: