-When users connect, the IRC server sends a DoAuth request:
- FullAuth <uid> <nickname> <username> <hostname> <ip> <account> <password> <realname>
-<uid> is a text string up to 20 characters long that identifies the
-client, and is unique a BadAuth response is received or until an
-ExitUser command is sent with the same uid (see below for details on
-those messages). <uid> may not contain a colon character. <nickname>
-is the client's initially requested nickname. <username> is the
-username returned by the ident server (RFC 1413), or a tilde-prefixed
-username supplied by the user. <hostname> is a text hostname,
-possibly in the form of a dotted quad or IPv6 address, or the
-character '?'. <ip> is a dotted quad IPv4 address or an IPv6 hex
-address. <account> and <password> are optional, and are used when the
-client attempts login-on-connect. <realname> is the realname
-specified by the client's USER message, and may contain spaces.
-
-If the client is accepted, the IAUTH server responds:
- DoneAuth <uid> <username> <hostname> <class> [account]
-<username> is a replacement username, and <hostname> is a replacement
-hostname. If the <hostname> from DoAuth was ?, <hostname> is the
-result of a DNS lookup for the client. <class> is the name of a
-connection class for the client. <account> is optional and is
-provided if the user's login was successful.
-
-If the client is rejected, the IAUTH server responds:
- BadAuth <uid> :<reason>
-<reason> may include spaces, and should have a leading ':' sentinel.
-
-DISCONNECTS
-===========
-
-If ICLASS is enabled, the IRC server sends ExitUser when a client
-disconnects:
- ExitUser <uid>
-
-DIFFERENCES FROM IRCD-HYBRID
-============================
-
-The ircd-hybrid IAUTH code is slightly bitrotted and disabled in 7.0
-(through at least 7.0.1). This code added the following items:
- MyUsers, EndUsers and ExitUser commands
- Server passwords may contain whitespace and be prefixed by :
- DoneAuth may include an account name
- FullAuth command replaces DoAuth command and adds account, password,
- realname parameters
-The Class command is present in ircd-hybrid's code but not used here.
-IP addresses in ircd-hybrid are "in unsigned int format," which is
-limited to IPv4, and so it is not used here.
+X - Example Message Description
+Syntax: X <arguments>
+Example: X something
+Notify: yes
+States: N/A
+Next State: N/A
+Comments: This is an example message description. Each message is a
+ single character. If the Notify field is present and says yes,
+ interested operators (with SNO_AUTH set) should be notified of the
+ message. The States field, where present, indicate which states
+ accept this message. Clients in other states should ignore the
+ message or treat it as an error. The Next State field, where
+ present, indicates what the next state should be for the client.
+ This is an example, not a description of the actual X message.
+Compatibility: If we believe ircu behavior is different than ircd's,
+ this describes ircd's behavior or expectations.
+
+> - Operator Notification
+Syntax: > :<message text>
+Example: > :Hello Operators!
+Notify: yes
+Comments: Contains a message that the iauth instance wants to send to
+ interested operators.
+
+G - Set Debug Level
+Syntax: G <level>
+Example: G 1
+Notify: yes
+Comments: Sets a debug level for the server's end of the iauth
+ conversation. When enabled, debug messages should be sent to the
+ same channel (group, mask, etc) as other iauth notifications.
+ Debug level 0 suppresses iauth-related debug output, and positive
+ integers enable iauth debugging messages.
+
+O - Set Policy Options
+Syntax: O <options>
+Example: O RTAWU
+Notify: yes
+Comments: Sets policy options for the iauth conversation. Old policy
+ options should be forgotten. Valid policy options are:
+ A - Send username and password information.
+ This causes the server to send the U and P messages.
+ R - Require clients to be approved before registering them.
+ When this policy is in effect, it affects the behavior
+ of a registration timeout; for details, see the documentation
+ for the T server message.
+ T - When the R policy is in effect and the iauth service does not
+ respond for a client, this causes the server to count the number
+ of clients refused, to send a warning message to interested
+ operators periodically, and to send the count of rejected users
+ to interested operators when the iauth instance responds again.
+ U - Send nickname, confirmed username and hurry information.
+ This causes the server to send the n, u and H messages.
+ W - Allow extra time for iauth to respond based on hostname.
+ When this policy is in effect and a DNS message (N or d) is
+ sent for a client, that client's registration timeout is
+ extended or reset.
+Compatibility: The U policy is an Undernet extension and is not
+ recognized by ircd.
+
+V - iauth Program Version
+Syntax: V :<version string>
+Example: V :Undernet-iauthu v1.0
+Notify: yes
+Comments: Indicates the iauth program version. This should only be
+ used in diagnostic messages, and must not change protocol behavior.
+
+a - Start of new configuration
+Syntax: a
+Example: a
+Notify: yes
+Comments: Indicates that a new configuration is being loaded by the
+ iauth instance. Any cached configuration records should be cleared.
+
+A - Configuration Information
+Syntax: A <hosts?> <module> :<options>
+Example: A * rfc931
+Notify: yes
+Comments: Indicates new configuration information.
+
+s - Start of new statistics
+Syntax: s
+Example: s
+Notify: yes
+Comments: Indicates a new set of statistics will be sent. Any cached
+ statistics records should be cleared.
+
+S - Statistics Information
+Syntax: S <module> :<module information>
+Example: S rfc931 connected 0 unix 0 other 0 bad 0 out of 0
+Notify: yes
+Comments: Indicates new or additional statistics information.
+
+o - Forced Username
+Syntax: o <id> <remoteip> <remoteport> <username>
+Example: o 5 192.168.1.10 23367 bubba
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the username should be used for the specified
+ client even if the normal sanity-checking would prohibit the
+ username.
+
+U - Trusted Username
+Syntax: U <id> <remoteip> <remoteport> <username>
+Example: U 5 192.168.1.10 23367 buddha
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the iauth instance believes <username> is
+ accurate for the specified client.
+
+u - Untrusted Username
+Syntax: u <id> <remoteip> <remoteport> <username>
+Example: u 5 192.168.1.10 23367 enlightened_one
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the iauth instance does not strongly trust
+ <username> to be accurate, but has no more trusted username.
+
+N - Client Hostname
+Syntax: N <id> <remoteip> <remoteport> <hostname>
+Example: N 5 192.168.1.10 23367 buddha.example.org
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the iauth instance believes the specified
+ client should use the hostname given.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.
+
+I - Client IP Address
+Syntax: I <id> <currentip> <remoteport> <newip>
+Example: I 5 192.168.1.10 23367 127.128.129.130
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the iauth instance wants the server to
+ present and treat the client as using <newip>. This means that
+ future iauth messages relating to the client must use <newip>
+ as the <remoteip> parameter.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.
+
+M - Adjust User Mode
+Syntax: M <id> <remoteip> <remoteport> +<mode changes>
+Example: M 5 192.168.1.10 23367 +iwg
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates a set of user mode changes to be applied to the
+ client.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.
+
+C - Challenge User
+Syntax: C <id> <remoteip> <remoteport> :<challenge string>
+Example: C 5 192.168.1.10 23367 :In which year did Columbus sail the ocean blue?
+States: REGISTER, HURRY
+Next State: -
+Comments: Indicates that the challenge string should be sent to the
+ specified user, for example via NOTICE AUTH :*** <challenge string>.
+ The client responds by sending PASS :<response>, which should be
+ relayed via the P server message. This requires that the A policy
+ be in effect.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.
+
+k - Quietly Kill Client
+Syntax: k <id> <remoteip> <remoteport> :<reason>
+Example: k 5 192.168.1.10 23367 :Open proxy found.
+States: REGISTER, HURRY, NORMAL
+Next State: GONE
+Comments: Indicates that the specified client should be disconnected
+ for the reason given without notifying operators.
+Compatibility: ircu does not use the same notification mechanism as
+ ircd, so operators are notified using SNO_CONNEXIT anyway.
+
+K - Kill Client
+Syntax: K <id> <remoteip> <remoteport> :<reason>
+Example: K 5 192.168.1.10 23367 :We don't like you.
+States: REGISTER, HURRY, NORMAL
+Next State: GONE
+Comments: Indicates that the specified client should be disconnected
+ for the reason given. Operators should be notified.
+
+D - Done Checking
+Syntax: D <id> <remoteip> <remoteport> [class]
+Example: D 5 192.168.1.10 23367
+States: REGISTER, HURRY
+Next State: NORMAL
+Comments: Indicates that the iauth instance believes the specified
+ client should be allowed onto the network. If a class parameter is
+ given, the client should be assigned to that class.
+Compatibility: Specifying the class is an Undernet extension and ircd
+ does not support that parameter.
+
+R - Registered User
+Syntax: R <id> <remoteip> <remoteport> <account> [class]
+Example: R 5 192.168.1.10 23367 Buddha
+States: REGISTER, HURRY
+Next State: NORMAL
+Comments: Indicates that the iauth instance believes the specified
+ client should be allowed onto the network, pre-authenticated to
+ the account listed. If a class parameter is given, the client
+ should be assigned to that class.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.
+
+X - Extension Query
+Syntax: X <servername> <routing> :<query>
+Example: X channels.undernet.org 5/127.0.0.1/6667 :login kev pass
+Comments: Used by the iauth instance to send an extension query to
+ the server specified by <servername>. The <routing> parameter is
+ not interpreted by the servers; it will be returned unchanged in
+ the extension query reply message (the X server message) and may be
+ used to pair the query with its reply. The <query> parameter is
+ sent to <servername>.
+Compatibility: This is an Undernet extension and ircd does not support
+ this message.