ircinch 2.4.0

data/lib/cinch/sasl/dh_blowfish.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require "base64"
+require "openssl"
+
+require_relative "mechanism"
+
+module Cinch
+  module SASL
+    # DH-BLOWFISH is a combination of Diffie-Hellman key exchange and
+    # the Blowfish encryption algorithm. Due to its nature it is more
+    # secure than transmitting the password unencrypted and can be
+    # used on potentially insecure networks.
+    class DhBlowfish < Mechanism
+      class << self
+        # @return [String]
+        def mechanism_name
+          "DH-BLOWFISH"
+        end
+
+        # @return [Array(Numeric, Numeric, Numeric)] p, g and y for DH
+        def unpack_payload(payload)
+          pgy = []
+          payload = payload.dup
+
+          3.times do
+            size = payload.unpack1("n")
+            payload.slice!(0, 2)
+            pgy << payload.unpack1("a#{size}")
+            payload.slice!(0, size)
+          end
+
+          pgy.map { |i| OpenSSL::BN.new(i, 2).to_i }
+        end
+
+        # @param [String] user
+        # @param [String] password
+        # @param [String] payload
+        # @return [String]
+        def generate(user, password, payload)
+          # duplicate the passed strings because we are modifying them
+          # later and they might come from the configuration store or
+          # similar
+          user = user.dup
+          password = password.dup
+
+          data = Base64.decode64(payload).force_encoding("ASCII-8BIT")
+
+          p, g, y = unpack_payload(data)
+
+          dh = DiffieHellman.new(p, g, 23)
+          pub_key = dh.generate
+          secret = OpenSSL::BN.new(dh.secret(y).to_s).to_s(2)
+          public = OpenSSL::BN.new(pub_key.to_s).to_s(2)
+
+          # Pad password so its length is a multiple of the cipher block size
+          password << "\0"
+          password << "." * (8 - (password.size % 8))
+
+          cipher = OpenSSL::Cipher.new("BF-ECB")
+          cipher.key_len = 32 # OpenSSL's default of 16 doesn't work
+          cipher.encrypt
+          cipher.key = secret
+
+          crypted = cipher.update(password) # we do not want the content of cipher.final
+
+          answer = [public.bytesize, public, user, crypted].pack("na*Z*a*")
+          Base64.strict_encode64(answer)
+        end
+      end
+    end
+  end
+end

data/lib/cinch/sasl/diffie_hellman.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Cinch
+  module SASL
+    class DiffieHellman
+      attr_reader :p, :g, :q, :x, :e
+
+      def initialize(p, g, q)
+        @p = p
+        @g = g
+        @q = q
+      end
+
+      def generate(tries = 16)
+        tries.times do
+          @x = rand(@q)
+          @e = mod_exp(@g, @x, @p)
+          return @e if valid?
+        end
+        raise ArgumentError, "can't generate valid e"
+      end
+
+      # compute the shared secret, given the public key
+      def secret(f)
+        mod_exp(f, @x, @p)
+      end
+
+      private
+
+      # validate a public key
+      def valid?
+        @e&.between?(2, @p - 2) && bits_set(@e) > 1
+      end
+
+      def bits_set(e)
+        ("%b" % e).count("1")
+      end
+
+      def mod_exp(b, e, m)
+        result = 1
+        while e > 0
+          result = (result * b) % m if e[0] == 1
+          e = e >> 1
+          b = (b * b) % m
+        end
+        result
+      end
+    end
+  end
+end

data/lib/cinch/sasl/mechanism.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Cinch
+  module SASL
+    class Mechanism
+    end
+  end
+end

data/lib/cinch/sasl/plain.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require "base64"
+
+require_relative "mechanism"
+
+module Cinch
+  module SASL
+    # The simplest mechanisms simply transmits the username and
+    # password without adding any encryption or hashing. As such it's more
+    # insecure than DH-BLOWFISH and should only be used in combination with
+    # SSL.
+    class Plain < Mechanism
+      class << self
+        # @return [String]
+        def mechanism_name
+          "PLAIN"
+        end
+
+        # @param [String] user
+        # @param [String] password
+        # @return [String]
+        def generate(user, password, _ = nil)
+          Base64.strict_encode64([user, user, password].join("\0"))
+        end
+      end
+    end
+  end
+end

data/lib/cinch/sasl.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require_relative "sasl/diffie_hellman"
+require_relative "sasl/plain"
+require_relative "sasl/dh_blowfish"
+
+module Cinch
+  # SASL is a modern way of authentication in IRC, solving problems
+  # such as transmitting passwords as plain text (see the DH-BLOWFISH
+  # mechanism) and fully identifying before joining any channels.
+  #
+  # Cinch automatically detects which mechanisms are supported by the
+  # IRC network and uses the best available one.
+  #
+  # # Supported Mechanisms
+  #
+  # - {SASL::DhBlowfish DH-BLOWFISH}
+  # - {SASL::Plain PLAIN}
+  #
+  # # Configuration
+  # In order to use SASL one has to set the username and password
+  # options as follows:
+  #
+  #     configure do |c|
+  #        c.sasl.username = "foo"
+  #        c.sasl.password = "bar"
+  #     end
+  #
+  # @note All classes and modules in this module are for internal use by
+  #   Cinch only.
+  #
+  # @api private
+  # @since 2.0.0
+  module SASL
+  end
+end

data/lib/cinch/syncable.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+module Cinch
+  # Provide blocking access to user/channel information.
+  module Syncable
+    # Blocks until the object is synced.
+    #
+    # @return [void]
+    # @api private
+    def wait_until_synced(attr)
+      attr = attr.to_sym
+      waited = 0
+      loop do
+        return if attribute_synced?(attr)
+        waited += 1
+
+        if waited % 100 == 0
+          bot.loggers.warn "A synced attribute ('%s' for %s) has not been available for %d seconds, still waiting" % [attr, inspect, waited / 10]
+          bot.loggers.warn caller.map { |s| "  #{s}" }
+
+          if waited / 10 >= 30
+            bot.loggers.warn "  Giving up..."
+            raise Exceptions::SyncedAttributeNotAvailable, "'%s' for %s" % [attr, inspect]
+          end
+        end
+        sleep 0.1
+      end
+    end
+
+    # @api private
+    # @return [void]
+    def sync(attribute, value, data = false)
+      if data
+        @data[attribute] = value
+      else
+        instance_variable_set("@#{attribute}", value)
+      end
+      @synced_attributes << attribute
+    end
+
+    # @return [Boolean]
+    # @api private
+    def attribute_synced?(attribute)
+      @synced_attributes.include?(attribute)
+    end
+
+    # @return [void]
+    # @api private
+    def unsync(attribute)
+      @synced_attributes.delete(attribute)
+    end
+
+    # @return [void]
+    # @api private
+    # @since 1.0.1
+    def unsync_all
+      @synced_attributes.clear
+    end
+
+    # @param [Symbol] attribute
+    # @param [Boolean] data
+    # @param [Boolean] unsync
+    # @api private
+    def attr(attribute, data = false, unsync = false)
+      unless unsync
+        @when_requesting_synced_attribute&.call(attribute)
+        wait_until_synced(attribute)
+      end
+
+      if data
+        @data[attribute]
+      else
+        instance_variable_get("@#{attribute}")
+      end
+    end
+
+    # @api private
+    # @return [void]
+    def mark_as_synced(attribute)
+      @synced_attributes << attribute
+    end
+  end
+end

data/lib/cinch/target.rb

@@ -0,0 +1,199 @@
+# frozen_string_literal: true
+
+module Cinch
+  # @since 2.0.0
+  class Target
+    include Comparable
+
+    # @return [String]
+    attr_reader :name
+    # @return [Bot]
+    attr_reader :bot
+    def initialize(name, bot)
+      @name = name
+      @bot = bot
+    end
+
+    # Sends a NOTICE to the target.
+    #
+    # @param [#to_s] text the message to send
+    # @return [void]
+    # @see #safe_notice
+    def notice(text)
+      send(text, true)
+    end
+
+    # Sends a PRIVMSG to the target.
+    #
+    # @param [#to_s] text the message to send
+    # @param [Boolean] notice Use NOTICE instead of PRIVMSG?
+    # @return [void]
+    # @see #safe_msg
+    # @note The aliases `msg` and `privmsg` are deprecated and will be
+    #   removed in a future version.
+    def send(text, notice = false)
+      # TODO deprecate `notice` argument, put splitting into own
+      # method
+      text = text.to_s
+      split_start = @bot.config.message_split_start || ""
+      split_end = @bot.config.message_split_end || ""
+      command = notice ? "NOTICE" : "PRIVMSG"
+      prefix = ":#{@bot.mask} #{command} #{@name} :"
+
+      text.lines.map(&:chomp).each do |line|
+        splitted = split_message(line, prefix, split_start, split_end)
+
+        splitted[0, (@bot.config.max_messages || splitted.size)].each do |string|
+          @bot.irc.send("#{command} #{@name} :#{string}")
+        end
+      end
+    end
+    alias_method :msg, :send # deprecated
+    alias_method :privmsg, :send # deprecated
+    undef_method(:msg) # yardoc hack
+    undef_method(:privmsg) # yardoc hack
+
+    # @deprecated
+    def msg(*args)
+      Cinch::Utilities::Deprecation.print_deprecation("2.2.0", "Target#msg", "Target#send")
+      send(*args)
+    end
+
+    # @deprecated
+    def privmsg(*args)
+      Cinch::Utilities::Deprecation.print_deprecation("2.2.0", "Target#privmsg", "Target#send")
+      send(*args)
+    end
+
+    # Like {#send}, but remove any non-printable characters from
+    # `text`. The purpose of this method is to send text of untrusted
+    # sources, like other users or feeds.
+    #
+    # Note: this will **break** any mIRC color codes embedded in the
+    # string. For more fine-grained control, use
+    # {Helpers#Sanitize} and
+    # {Formatting.unformat} directly.
+    #
+    # @return (see #send)
+    # @param (see #send)
+    # @see #send
+    def safe_send(text, notice = false)
+      send(Cinch::Helpers.sanitize(text), notice)
+    end
+    alias_method :safe_msg, :safe_send # deprecated
+    alias_method :safe_privmsg, :safe_msg # deprecated
+    undef_method(:safe_msg) # yardoc hack
+    undef_method(:safe_privmsg) # yardoc hack
+
+    # @deprecated
+    def safe_msg(*args)
+      Cinch::Utilities::Deprecation.print_deprecation("2.2.0", "Target#safe_msg", "Target#safe_send")
+      send(*args)
+    end
+
+    # @deprecated
+    def safe_privmsg(*args)
+      Cinch::Utilities::Deprecation.print_deprecation("2.2.0", "Target#safe_privmsg", "Target#safe_send")
+      send(*args)
+    end
+
+    # Like {#safe_msg} but for notices.
+    #
+    # @return (see #safe_msg)
+    # @param (see #safe_msg)
+    # @see #safe_notice
+    # @see #notice
+    def safe_notice(text)
+      safe_send(text, true)
+    end
+
+    # Invoke an action (/me) in/to the target.
+    #
+    # @param [#to_s] text the message to send
+    # @return [void]
+    # @see #safe_action
+    def action(text)
+      line = text.to_s.each_line.first.chomp
+      @bot.irc.send("PRIVMSG #{@name} :\001ACTION #{line}\001")
+    end
+
+    # Like {#action}, but remove any non-printable characters from
+    # `text`. The purpose of this method is to send text from
+    # untrusted sources, like other users or feeds.
+    #
+    # Note: this will **break** any mIRC color codes embedded in the
+    # string. For more fine-grained control, use
+    # {Helpers#Sanitize} and
+    # {Formatting.unformat} directly.
+    #
+    # @param (see #action)
+    # @return (see #action)
+    # @see #action
+    def safe_action(text)
+      action(Cinch::Helpers.sanitize(text))
+    end
+
+    # Send a CTCP to the target.
+    #
+    # @param [#to_s] message the ctcp message
+    # @return [void]
+    def ctcp(message)
+      send "\001#{message}\001"
+    end
+
+    def concretize
+      if @bot.isupport["CHANTYPES"].include?(@name[0])
+        @bot.channel_list.find_ensured(@name)
+      else
+        @bot.user_list.find_ensured(@name)
+      end
+    end
+
+    # @return [Boolean]
+    def eql?(other)
+      self == other
+    end
+
+    # @param [Target, String] other
+    # @return [-1, 0, 1, nil]
+    def <=>(other)
+      casemapping = @bot.irc.isupport["CASEMAPPING"]
+      left = @name.irc_downcase(casemapping)
+
+      if other.is_a?(Target)
+        left <=> other.name.irc_downcase(casemapping)
+      elsif other.is_a?(String)
+        left <=> other.irc_downcase(casemapping)
+      end
+    end
+
+    private
+
+    def split_message(msg, prefix, split_start, split_end)
+      max_bytesize = 510 - prefix.bytesize
+      max_bytesize_without_end = max_bytesize - split_end.bytesize
+
+      if msg.bytesize <= max_bytesize
+        return [msg]
+      end
+
+      splitted = []
+      while msg.bytesize > max_bytesize_without_end
+        acc = 0
+        acc_rune_sizes = msg.each_char.map { |ch|
+          acc += ch.bytesize
+        }
+
+        max_rune = acc_rune_sizes.rindex { |bs| bs <= max_bytesize_without_end } || 0
+        r = [msg.rindex(/\s/, max_rune) || (max_rune + 1), 1].max
+
+        splitted << (msg[0...r] + split_end)
+        msg = split_start.tr(" ", "\cz") + msg[r..].lstrip
+      end
+      splitted << msg
+
+      # clean string from any substitute characters
+      splitted.map { |string| string.tr("\cz", " ") }
+    end
+  end
+end

data/lib/cinch/timer.rb

@@ -0,0 +1,147 @@
+# frozen_string_literal: true
+
+require_relative "helpers"
+
+module Cinch
+  # Timers are used for executing code in the future, either
+  # repeatedly or only once.
+  #
+  # In Cinch, two ways for creating timers are available:
+  #
+  # - The first way is by declaring them for a plugin, in which case
+  #   they will start as soon as the bot connects to a server.
+  #
+  # - The second way is to dynamically create new timers in response
+  #   to user input. A common example for this is an alarm clock
+  #   plugin, which has to execute at a specific time.
+  #
+  # @see Helpers#Timer For dynamically creating timers
+  # @see Plugin::ClassMethods#timer For declaring timers in plugins
+  # @note It is possible to directly create instances of this class,
+  #   but the referenced methods should suffice.
+  # @since 2.0.0
+  class Timer
+    include Helpers
+
+    # @return [Bot]
+    attr_reader :bot
+
+    # @return [Numeric] The interval (in seconds) of the timer
+    attr_accessor :interval
+
+    # @return [Boolean] If true, each invocation will be
+    #   executed in a thread of its own.
+    attr_accessor :threaded
+
+    # @return [Proc]
+    attr_reader :block
+
+    # @return [Boolean]
+    attr_reader :started
+
+    # @return [Integer] The remaining number of shots before this timer
+    #   will stop. This value will automatically reset after
+    #   restarting the timer.
+    attr_accessor :shots
+    alias_method :threaded?, :threaded
+    alias_method :started?, :started
+
+    # @return [ThreadGroup]
+    # @api private
+    attr_reader :thread_group
+
+    # @param [Bot] bot The instance of {Bot} the timer is associated
+    #   with
+    # @option options [Numeric] :interval The interval (in seconds) of
+    #   the timer
+    # @option options [Integer] :shots (Float::INFINITY) How often should the
+    #   timer fire?
+    # @option options [Boolean] :threaded (true) If true, each invocation will be
+    #   executed in a thread of its own.
+    # @option options [Boolean] :start_automatically (true) If true,
+    #   the timer will automatically start after the bot finished
+    #   connecting.
+    # @option options [Boolean] :stop_automaticall (true) If true, the
+    #   timer will automatically stop when the bot disconnects.
+    def initialize(bot, options, &block)
+      options = {threaded: true, shots: Float::INFINITY, start_automatically: true, stop_automatically: true}.merge(options)
+
+      @bot = bot
+      @interval = options[:interval].to_f
+      @threaded = options[:threaded]
+      @orig_shots = options[:shots]
+      # Setting @shots here so the attr_reader won't return nil
+      @shots = @orig_shots
+      @block = block
+
+      @started = false
+      @thread_group = ThreadGroup.new
+
+      if options[:start_automatically]
+        @bot.on :connect, //, self do |m, timer|
+          timer.start
+        end
+      end
+
+      if options[:stop_automatically]
+        @bot.on :disconnect, //, self do |m, timer|
+          timer.stop
+        end
+      end
+    end
+
+    # @return [Boolean]
+    def stopped?
+      !@started
+    end
+
+    # Start the timer
+    #
+    # @return [void]
+    def start
+      return if @started
+
+      @bot.loggers.debug "[timer] Starting timer #{self}"
+
+      @shots = @orig_shots
+
+      @thread_group.add Thread.new {
+        while @shots > 0
+          sleep @interval
+          if threaded?
+            Thread.new do
+              rescue_exception do
+                @block.call
+              end
+            end
+          else
+            rescue_exception do
+              @block.call
+            end
+          end
+
+          @shots -= 1
+        end
+      }
+
+      @started = true
+    end
+
+    # Stop the timer
+    #
+    # @return [void]
+    def stop
+      return unless @started
+
+      @bot.loggers.debug "[timer] Stopping timer #{self}"
+
+      @thread_group.list.each { |thread| thread.kill }
+      @started = false
+    end
+
+    # @return [String]
+    def to_s
+      "<Cinch::Timer %s/%s shots, %ds interval, %sthreaded, %sstarted, block: %s>" % [@orig_shots - @shots, @orig_shots, @interval, @threaded ? "" : "not ", @started ? "" : "not ", @block]
+    end
+  end
+end