Nickserv passwd command does not allow a user to change their password to * (Passwords do not match). However, a server op can still do this with the PASSWD <user> <new_password> syntax

Notes: go version go version go1.17.5 darwin/amd64 MacOS Catalina 10.15.7, git commit 24ad245,

Steps to reproduce: (Create a new user account with arbitrary password, attempt to change password to *. Then create a client certificate, add that to nickserv, than attempt to change password to *)

clone ergo repository.

cp traditional.yaml ircd.yaml

make and make build

./ergo mkcerts

./ergo run

Configure your IRC client of choice to connect to localhost:6697 with ssl (remember to disable ssl verification in the client due to ergo's self-signed certs. For example, on weechat, type /set irc.server.<SERVER NAME>.ssl_verify off).

Connect to the server.

Register yourself to nickserv, setting an arbitrary password. /msg nickserv register applebanana

Now try to change the password to star, "*". This will cause an error.

/msg nickserv passwd applebanana * *

Responce: NickServ (NickServ@localhost): Passwords do not match

Create a client certificate and configure your client to use this client certificate. For example, follow this guide to generate the cert and enable it on weechat: https://weechat.org/files/doc/stable/weechat_user.en.html#irc_connect_oftc_with_certfp

Configure your client to use PLAIN sasl with your username and password applebanana

Reconnect to the server. At this point you should be able to /msg nickserv cert add, and the client certificate will be added.

Now attempt to remove your password again.

/msg nickserv passwd applebanana * *

Responce: NickServ (NickServ@localhost): Passwords do not match