Honor SASL v3.2 mechanism lists

From https://ircv3.net/specs/extensions/sasl-3.2#usage : > Clients SHOULD pick a mechanism present in the CAP LS reply they get from the server and attempt to use that mechanism for authentication after they request the sasl capability.
kiwiirc · Feb 14, 2022 · d323da0 · d323da0
1 parent 15a3b87
commit d323da0
Showing 1 changed file with 11 additions and 5 deletions.
diff --git a/src/commands/handlers/registration.js b/src/commands/handlers/registration.js
@@ -197,13 +197,19 @@ const handlers = {
                 );
             }
             if (handler.network.cap.negotiating) {
+                let authenticating = false;
                 if (handler.network.cap.isEnabled('sasl')) {
-                    if (typeof handler.connection.options.sasl_mechanism === 'string') {
-                        handler.connection.write('AUTHENTICATE ' + handler.connection.options.sasl_mechanism);
-                    } else {
-                        handler.connection.write('AUTHENTICATE PLAIN');
+                    const mechanism = (typeof handler.connection.options.sasl_mechanism === 'string') ? handler.connection.options.sasl_mechanism : 'PLAIN';
+                    const mechanisms = handler.network.cap.available.get('sasl');
+                    if (
+                        !mechanisms || // SASL v3.1
+                        mechanisms.toUpperCase().split(',').includes(mechanism.toUpperCase()) // SASL v3.2
+                    ) {
+                        handler.connection.write('AUTHENTICATE ' + mechanism);
+                        authenticating = true;
                     }
-                } else if (handler.network.cap.requested.length === 0) {
+                }
+                if (!authenticating && handler.network.cap.requested.length === 0) {
                     // If all of our requested CAPs have been handled, end CAP negotiation
                     handler.connection.write('CAP END');
                     handler.network.cap.negotiating = false;