[IRCServices] RE: my recent feature request

Craig Edwards brain at winbot.co.uk
Thu Jan 13 13:06:28 PST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you read RFC 1459 there is a BNF specification for a nickname, it's
actually a pretty small number of valid characters, also you cant start
a nick with a number, or with a -, but these can follow on in the nickname.

Also BE VERY CAREFUL to check for forbidden nicknames etc, you can
segfault services if you try and do things with a forbidden or suspended
nickname.

youph at earthlink.net wrote:
| Chris Jenkinson wrote:
|
|> On Wed, January 12, 2005 6:25 am, youph at earthlink.net said:
|>
|>
|>> I would like the ability for Services Admins to be able to set a user
|>> password using an MD5 hash, when using MD5 encrypted passwords with
|>> services. Normally, a user registers a nick and provides a plaintext
|>> password. This plaintext pass is then hashed and stored in the db (if
|>> encryption is enabled which I am saying is true in this instance.) I
|>> would like the ability for Services Admins to be able to *directly* set
|>> this parameter in a nick record. I.E. I would like to be able to change
|>> the *hashed* passwords of users. The only command for dealing with MD5
|>> passwords is resetting. It would seem trivial to add the ability to
|>> simply overwrite the MD5 hash parameter in the nick record. The reason
|>> being I am trying to automate a registration process that starts with a
|>> web forum registration and will (hopefully) also register a nick name on
|>> IRC for the user. I would only have the MD5 hash of the user's password
|>> though, which leads me to this request.
|>>
|>
|>
|> Kind of off-topic here and out of curiousity, how do you aim to handle a
|> situation where someone registers an account on your website which isn't
|> usable as an IRC nick (for example "Hello Bob")? I've been considering a
|> problem like this for some time and I'd like to see how someone else is
|> aiming to do it.
|>
|> Chris
|>
|>
|>
| Chris,
|
| I realized my response to your question was incomplete so let me expound
| further.
|
| The general idea for validating a user name from our bulletin board
| software would be something like this:
| a) check length against max nick length and shorten as required
| b) search for incompatible characters such as * or @ in the user name
| and simply remove
| c) check for space in the user name and replace them with and underscore
| character _
| d) remember this nick (if it differs from the user name for the forums)
| and email the nick with instructions on how to connect to IRC to the new
| user
| I may have forgot some details but it?s totally doable.
|
| ------------------------------------------------------------------
| To unsubscribe or change your subscription options, visit:
| http://lists.ircservices.za.net/mailman/listinfo/ircservices
|
|

- --
WinBot IRC client developer: http://www.winbot.co.uk
ChatSpike - The users network: http://www.chatspike.net
InspIRCd - Modular IRC server: http://www.inspircd.org
Online RPG Developer: http://www.ssod.org
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB5uLU0k42Wxli/BARAut2AJ0W1G0gt+9TMPe9ugWTKFsf7fm1FwCfdEvT
RaurRTXx3cuitYxzWi6AHEo=
=l4lm
-----END PGP SIGNATURE-----