On Tue, Oct 20, 2009 at 8:31 AM, James Hess <mysidia@gmail.com> wrote:
On Tue, Oct 20, 2009 at 5:09 AM, Trevor Talbot <quension@mac.com> wrote:
<snip>
The proper way to handle masking is to do it on connect, and not allow the masked status to change during the session.
Forcing mask status to be fixed upon connect (unless forcing all users to use masking), is a bit troublesome.
The main problem is IRC clients don't provide a way for the user to interact with the server in a general way _until_ the registration with IRC is done.
It's not really possible to simply add an option to the USER line for "request masking", and have it actually be usable by IRC users
This can actually be done before the server finishes registering the user, assuming we've received both NICK and USER. As seen in some other ircds, the client can pass its login credentials to a login service using PASS. A cookie could be used to verify replies from the login service, in case the client disconnects and the fd is reused. If everything checks out ok, the server simply introduces the user with their masked host. Should the login service be unable to verify the credentials supplied by the client, the server could prompt the user to reenter them using /QUOTE PASS. Or, should the server be unable to contact the login service, it could prompt the user to, for example, to enter /QUOTE PASS to continue connecting (alerting them that their host won't be automatically masked). You could also go with an SASL implementation, which more and more clients are starting to support. -SecretAgent