Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash when using SASL plain with password over 400 characters #28

Open
progval opened this issue Sep 10, 2022 · 3 comments
Open

Crash when using SASL plain with password over 400 characters #28

progval opened this issue Sep 10, 2022 · 3 comments
Assignees
@ValwareIRC
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@progval
Copy link
Collaborator

progval commented Sep 10, 2022

Client traffic and services log (interleaved):

1662797615.506 1: connects to server.
1662797615.506 1 -> S: CAP LS 302
[SEND] @msgid=avct7WwIOXh/D/AS/7e+R/cP+aZnXQRT;time=2022-09-10T08:13:35.518Z :00AFFC916 PRIVMSG #services :chkNS (~chk@localhost) [127.0.0.1] disconnected from the network. (Quit: chkNS) (001)
1662797616.019 S -> 1: :My.Little.Server CAP * LS :unrealircd.org/link-security=2 unrealircd.org/plaintext-policy=user=allow,oper=deny,server=deny unrealircd.org/history-storage=memory away-notify invite-notify extended-join userhost-in-names multi-prefix cap-notify sasl=PLAIN,EXTERNAL setname tls chghost account-notify message-tags batch server-time account-tag echo-message labeled-response draft/chathistory draft/extended-monitor unrealircd.org/json-log
1662797616.020 1 -> S: CAP REQ :sasl
1662797616.020 S -> 1: :My.Little.Server CAP * ACK :sasl 
1662797616.020 1 -> S: AUTHENTICATE PLAIN
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 H 127.0.0.1 127.0.0.1
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 S PLAIN
[SEND] @msgid=aTfX50Ra9V24C75e0QoeXeUy7rqoJAK2;time=2022-09-10T08:13:36.03Z SASL My.Little.Server 001Y35N04 C +
1662797616.030 S -> 1: AUTHENTICATE +
1662797616.031 1 -> S: AUTHENTICATE Zm9vAGZvbwBiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJi
1662797616.031 1 -> S: AUTHENTICATE YXJiYXJiYXI=
[RECV] :My.Little.Server SASL services.example.org 001Y35N04 C Zm9vAGZvbwBiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJiYXJi
PHP Fatal error:  Uncaught Error: Call to a member function bind_param() on bool in /home/oragono/Dalek-Services/src/misc.php:429
Stack trace:
#0 /home/oragono/Dalek-Services/src/modules/sasl.php(347): is_invite()
#1 /home/oragono/Dalek-Services/src/modules/sasl.php(241): IRC_SASL->check_pass()
#2 /home/oragono/Dalek-Services/src/modules/sasl.php(163): IRC_SASL->__construct()
#3 /home/oragono/Dalek-Services/src/cmd.php(31): SASL::cmd_sasl()
#4 /home/oragono/Dalek-Services/src/cmd.php(108): cmd::run()
#5 /home/oragono/Dalek-Services/src/hook.php(78): {closure}()
#6 /home/oragono/Dalek-Services/src/main.php(197): hook::run()
#7 /home/oragono/Dalek-Services/src/dalek(2): include('/home/oragono/D...')
#8 {main}
  thrown in /home/oragono/Dalek-Services/src/misc.php on line 429

Adding print_r($conn->error); before the offending line shows the error is: Table 'pifpaf.dalek_invite' doesn't exist
@ValwareIRC ValwareIRC self-assigned this Sep 10, 2022
@ValwareIRC ValwareIRC added the bug Something isn't working label Sep 10, 2022
@ValwareIRC
Copy link
Member

There are two bugs here:

  • Table dalek_invite doesn't exist, as you show
  • Dalek does not take into account that it can receive AUTHENTICATE in multiple parts due to a long password.

Thank you so much for reporting these

ValwareIRC added a commit that referenced this issue Sep 10, 2022
@ValwareIRC
Update sql.php
c2a133f 
Fixes the table checking error reported in #28 by @progval
@progval progval mentioned this issue Sep 14, 2022
Merged
@ValwareIRC
Copy link
Member

sorry for the stupid question, how to check irctest if the sasl authenticate400 portion worked?

@ValwareIRC ValwareIRC added the help wanted Extra attention is needed label Dec 9, 2022
@progval
Copy link
Collaborator Author

progval commented Dec 10, 2022

Remove that part: https://github.com/progval/irctest/blob/master/irctest/server_tests/sasl.py#L179-L188 and run it locally

Running it with Dalek is a bit convoluted, you need to run these commands: https://github.com/progval/irctest/blob/master/workflows.yml#L335-L342 (replace ${{ github.workspace }} with the absolute path of directory that contains each of the things) then type make unrealircd-dlk

@ValwareIRC ValwareIRC assigned alicetries and unassigned alicetries Dec 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ValwareIRC ValwareIRC

Labels
bug Something isn't working help wanted Extra attention is needed
Projects
Dalek Roadmap
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
3 participants
@progval @ValwareIRC @alicetries