irc: send SASL username with mechanism EXTERNAL (closes #2270)

The SASL username is sent if set, otherwise "+" is still sent.
2026-06-12 14:14:48 +02:00 · 2025-10-12 16:11:33 +02:00
parent b066f713d7
commit 72b2242135
5 changed files with 47 additions and 1 deletions
@@ -16,6 +16,7 @@ SPDX-License-Identifier: GPL-3.0-or-later

 - api: add support of date like ISO 8601 but with spaces and lower `t` and `z` in function util_parse_time ([#886](https://github.com/weechat/weechat/issues/886))
 - irc: request and perform SASL authentication when the server advertises SASL support with message "CAP NEW" ([#2277](https://github.com/weechat/weechat/issues/2277))
+- irc: send SASL username with mechanism EXTERNAL ([#2270](https://github.com/weechat/weechat/issues/2270))
 - logger: change default time format to `%@%F %T.%fZ` (UTC) ([#886](https://github.com/weechat/weechat/issues/886))
 - logger: use function util_parse_time to parse date/time in log files ([#886](https://github.com/weechat/weechat/issues/886))
 - xfer: add buffer local variable "server" in DCC CHAT buffers
@@ -591,7 +591,7 @@ IRC_PROTOCOL_CALLBACK(authenticate)
                sasl_username, sasl_key, &sasl_error);
            break;
        case IRC_SASL_MECHANISM_EXTERNAL:
-            answer = strdup ("+");
+            answer = irc_sasl_mechanism_external (sasl_username);
            break;
    }
    if (answer)
@@ -684,3 +684,32 @@ irc_sasl_mechanism_ecdsa_nist256p_challenge (struct t_irc_server *server,

    return answer_base64;
 }
+
+/*
+ * Builds answer for SASL authentication, using mechanism "EXTERNAL".
+ *
+ * Note: result must be freed after use.
+ */
+
+char *
+irc_sasl_mechanism_external (const char *sasl_username)
+{
+    char *answer_base64;
+    int length;
+
+    if (!sasl_username || !sasl_username[0])
+        return strdup ("+");
+
+    length = strlen (sasl_username);
+    answer_base64 = malloc ((length * 4) + 1);
+    if (answer_base64)
+    {
+        if (weechat_string_base_encode ("64", sasl_username, length, answer_base64) < 0)
+        {
+            free (answer_base64);
+            answer_base64 = NULL;
+        }
+    }
+
+    return answer_base64;
+}
@@ -56,5 +56,6 @@ extern char *irc_sasl_mechanism_ecdsa_nist256p_challenge (struct t_irc_server *s
                                                          const char *sasl_username,
                                                          const char *sasl_key,
                                                          char **sasl_error);
+extern char *irc_sasl_mechanism_external (const char *sasl_username);

 #endif /* WEECHAT_PLUGIN_IRC_SASL_H */
@@ -114,3 +114,18 @@ TEST(IrcSasl, MechanismEcdsaNist256pChallenge)
 {
    /* TODO: write tests */
 }
+
+/*
+ * Tests functions:
+ *   irc_sasl_mechanism_external
+ */
+
+TEST(IrcSasl, MechanismExternal)
+{
+    char *str;
+
+    WEE_TEST_STR("+", irc_sasl_mechanism_external (NULL));
+    WEE_TEST_STR("+", irc_sasl_mechanism_external (""));
+
+    WEE_TEST_STR("YWxpY2U=", irc_sasl_mechanism_external ("alice"));
+}