View Issue Details

IDProjectCategoryView StatusLast Update
0005205unrealircdpublic2019-02-11 09:57
Reportersyzop Assigned Tosyzop  
Status resolvedResolutionfixed 
Product Version4.2.2-rc1 
Fixed in Version4.2.2-rc2 
Summary0005205: post-registration SASL not working
DescriptionIt seems the AUTHENTICATE command is not available to regular users.
TagsNo tags attached.
3rd party modules



2019-02-09 09:52

reporter   ~0020483

Dear syzop,

The way SASL authentication works, that is not a flaw but by design as SASL is only available DURING registration and NOT post registration. Thus, it is more of a feature or rather by design, rather than a bug.




2019-02-09 10:25

reporter   ~0020484

Hi Koragg

That's not the case -

The idea is that when services go offline, the server sends `CAP DEL :sasl`; when services come back online, the server sends `CAP NEW :sasl` thus allowing the users to automatically reauthenticate with nickserv.



2019-02-09 10:44

reporter   ~0020485

Hello jesopo,

Thank You for the clarification I was not taking this aspect into consideration. You are right with that of course, thanks a lot for the correction.




2019-02-09 15:32

administrator   ~0020486

Last edited: 2019-02-09 15:33

Right, so yeah, this feature is not new to me. I already decided in 2017 to announce CAP NEW sasl when services return to fix this problem when services link in (too late) after a server restart and users are already connected (post-handshake). See
It's just unfortunate that apparently the actual AUTHENTICATION was not tested and never worked ;)

Anyway, in order to fix this we need changes in both UnrealIRCd and anope. I have not checked other services.

1) UnrealIRCd:
Fixed in
commit 78cd122a050d32b1c352c7142a41e9264344f9aa (HEAD -> unreal42, origin/unreal42, origin/HEAD)
Author: Bram Matthys <[email protected]>
Date: Sat Feb 9 14:39:34 2019 +0100

    Allow SASL post-registration. Unfortunately the anope unreal4 protocol
    module also requires an update to support this.

2) anope
 Pull request available here
 This is necessary because anope assumes PUID's, but with above change in UnrealIRCd we use UID's for post-handshake users (otherwise anope would not know which user it targetted)

Issue History

Date Modified Username Field Change
2019-02-09 09:45 syzop New Issue
2019-02-09 09:52 Koragg Note Added: 0020483
2019-02-09 10:25 jesopo Note Added: 0020484
2019-02-09 10:44 Koragg Note Added: 0020485
2019-02-09 15:32 syzop Assigned To => syzop
2019-02-09 15:32 syzop Status new => resolved
2019-02-09 15:32 syzop Resolution open => fixed
2019-02-09 15:32 syzop Fixed in Version => 4.2.2-rc1
2019-02-09 15:32 syzop Note Added: 0020486
2019-02-09 15:33 syzop Note Edited: 0020486
2019-02-09 15:33 syzop Note Edited: 0020486
2019-02-11 09:57 syzop Product Version 4.2.2-rc1 => 4.2.2-rc2
2019-02-11 09:57 syzop Product Version 4.2.2-rc2 => 4.2.2-rc1
2019-02-11 09:57 syzop Fixed in Version 4.2.2-rc1 => 4.2.2-rc2