search

emacs-circe / circe

Circe, a Client for IRC in Emacs
GNU General Public License v3.0
391 stars 51 forks source link

SASL Auth Fails #368

Closed 0x4d6165 closed 3 years ago

0x4d6165 commented 4 years ago

Hi! I'm using UNIX pass to store my password so I know the password is right but, for some reason, freenode says SASL auth fails.

wasamasa commented 3 years ago

Not nearly enough detail to tell what's going on. Does it work if you change your config to hardcode the password?

minikN commented 3 years ago

Hello, I have the same issue.

If I set my auth data manually, it works:

(setq circe-network-options
      '(("Freenode"
         :use-tls t
         :port 6697
         :nick "minikN"
         :host "chat.freenode.net"
         :channels ("#emacs" "#emacs-circe")
         :sasl-username "minikN"
         :sasl-password "SECRET")))
*** [sasl.login from minikN (user@hidden)] minikN
*** SASL: You are now logged in as minikN.
*** SASL authentication successful

If I do this:

(setq circe-network-options
      '(("Freenode"
         :use-tls t
         :port 6697
         :nick "minikN"
         :host "chat.freenode.net"
         :channels ("#emacs" "#emacs-circe")
         :sasl-username ,(+pass-get-user "IRC/freenode.net")
         :sasl-password (lambda (&rest _) (+pass-get-secret "IRC/freenode.net")))))

or this:

...
:sasl-password ,(+pass-get-secret "IRC/freenode.net")))))

it fails:

*** [904 from karatkievich.freenode.net] minikN SASL authentication failed
*** [906 from karatkievich.freenode.net] minikN SASL authentication aborted

Contents of IRC/freenode.net are:

SECRET
username: minikN

If I do (+pass-get-secret "IRC/freenode.net") in a scratch buffer it returns my password just fine (same for user).

wasamasa commented 3 years ago

Use backquote (`) instead of regular quote ('), otherwise unquote (,) won't work.

minikN commented 3 years ago

Use backquote (`) instead of regular quote ('), otherwise unquote (,) won't work.

It still doesn't work.

(setq circe-network-options
      `(("Freenode"
         :use-tls t
         :port 6697
         :nick "minikN"
         :host "chat.freenode.net"
         :channels ("#nyxt" "#emacs" "#voidlinux")
         :sasl-username ,(+pass-get-user "IRC/freenode.net")
         :sasl-password (lambda (&rest _) (+pass-get-secret "IRC/freenode.net")))))

Log:

*** Connecting...
     -Server- _ *** Looking up your hostname...
     -Server- _ *** Checking Ident
     -Server- _ *** Couldn't look up your hostname
     -Server- _ *** No Ident response
*** Welcome to the freenode Internet Relay Chat Network minikN
*** Your host is egan.freenode.net[2001:5a0:40:50:66:110:9:37/6697], running version ircd-seven-1.1.9
*** This server was created Fri May 1 2020 at 22:14:31 UTC
*** egan.freenode.net ircd-seven-1.1.9 DOQRSZaghilopsuwz CFILMPQSbcefgijklmnopqrstuvz bkloveqjfI
*** CHANTYPES=# EXCEPTS INVEX CHANMODES=eIbq,k,flj,CFLMPQScgimnprstuz CHANLIMIT=#:120 PREFIX=(ov)@+ MAXLIST=bqeI:100 MODES=4 NETWORK=freenode STATUSMSG=@+ CALLERID=g CASEMAPPING=rfc1459 are supported by this server
*** CHARSET=ascii NICKLEN=16 CHANNELLEN=50 TOPICLEN=390 DEAF=D FNC TARGMAX=NAMES:1,LIST:1,KICK:1,WHOIS:1,PRIVMSG:4,NOTICE:4,ACCEPT:,MONITOR: EXTBAN=$,ajrxz CLIENTVER=3.0 CPRIVMSG CNOTICE ETRACE are supported by this server
*** KNOCK SAFELIST ELIST=CTU MONITOR=100 WHOX are supported by this server
*** There are 97 users and 74935 invisible on 31 servers
*** 40 IRC Operators online
*** 1 unknown connection(s)
*** 43460 channels formed
*** I have 3707 clients and 1 servers
*** 3707 5422 Current local users 3707, max 5422
*** 75032 90930 Current global users 75032, max 90930
*** Highest connection count: 5423 (5422 clients) (854023 connections received)
*** - egan.freenode.net Message of the Day - 
*** - Welcome to freenode - supporting the free and open source
*** - software communities since 1998.
*** -  
*** - By connecting to freenode you indicate that you have read and
*** - accept our policies and guidelines as set out on https://freenode.net
*** -  
*** - In the event that you observe behaviour that contravenes our policies,
*** - please notify a volunteer staff member via private message, or send us an
*** - e-mail to complaints@freenode.net -- we will do our best to address the
*** - situation within a reasonable period of time, and we may request further
*** - information or, as appropriate, involve other parties such as channel operators 
*** - Group Contacts representing an on-topic group.
*** -  
*** - freenode runs an open proxy scanner.
*** -  
*** - If you are looking for assistance, you may be able to find a list of 
*** - volunteer staff on '/stats p' (shows only on-call staff) or by joining 
*** - #freenode and using the '/who freenode/staff/*' command. You may message
*** - any of us at any time. Please note that freenode predominantly provides 
*** - assistance via private message, and while we have a network channel the 
*** - primary venue for support requests is via private message to a member 
*** - of the volunteer staff team.
*** -  
*** - From time to time, volunteer staff may send server-wide notices relating to
*** - the project, or the communities that we host. The majority of such notices
*** - will be sent as wallops, and you can '/mode <yournick> +w' to ensure that you
*** - do not miss them. Important messages relating to the freenode project, including
*** - notices of upcoming maintenance and other scheduled downtime will be issued as
*** - global notices.
*** -  
*** - Representing an on-topic project? Don't forget to register, more information
*** - can be found on the https://freenode.net website under "Group Registration".
*** -  
*** - Thank you also to our server sponsors for the sustained support in keeping the
*** - network going for close to two decades.
*** -  
*** - Thank you for using freenode!
*** End of /MOTD command.
     *** Mode | +Zi on minikN by minikN (server)
     NickServ _ This nickname is registered. Please choose a different nickname, or identify via /msg NickServ identify <password>.
*** #emacs Cannot join channel (+r) - you need to be identified with services - see https://freenode.net/kb/answer/registration
wasamasa commented 3 years ago

That's the most obvious issue, from that point on you'll need to do some debugging yourself. Inspect the value of the variable with F1 v, simplify the values inside it (like by using a literal string for the password or a function returning a literal string for it), use edebug, call the functions manually, ...

jcmdln commented 3 years ago

@minikN The example listed in https://github.com/jorgenschaefer/circe/wiki/Configuration#safer-password-management should clarify how to do what you want. I would suggest moving your inline expressions to functions like so:

(defun my-authinfo-password(&rest params)
  (require 'auth-source)
  (let ((match (car (apply 'auth-source-search params))))
    (if match
        (let ((secret (plist-get match :secret)))
          (if (functionp secret)
              (funcall secret)
            secret))
      (error "Password not found for %S" params))))

(defun my-freenode-pass(server)
  (my-authinfo-password :host "chat.freenode.net" :login "my_irc_handle"))

(defun my-oftc-pass(server)
  (my-authinfo-password :host "irc.oftc.net" :login "my_irc_handle"))

(setq circe-network-options
      '(("Freenode"
         :host "chat.freenode.net" :port 6697 :tls t
         :nick "my_irc_handle"
         :sasl-username "my_irc_handle"
         :sasl-password my-freenode-pass)

        ("OFTC"
         :host "irc.oftc.net" :port 6697 :tls t
         :nick "my_irc_handle"
         :nickserv-password my-oftc-pass)
        ))