static unsigned int flag_access_levels[32];
static const struct message_entry msgtab[] = {
{ "NSMSG_HANDLE_EXISTS", "Account $b%s$b is already registered." },
+ { "NSMSG_HANDLE_TOLONG", "The account name %s is too long. Account names must be %lu charactors or less."},
{ "NSMSG_PASSWORD_SHORT", "Your password must be at least %lu characters long." },
{ "NSMSG_PASSWORD_ACCOUNT", "Your password may not be the same as your account name." },
{ "NSMSG_PASSWORD_DICTIONARY", "Your password should not be the word \"password\", or any other dictionary word." },
{ "NSMSG_STAMPED_RESETPASS", "You have already authenticated to an account once this session; you may not reset your password to authenticate again." },
{ "NSMSG_STAMPED_AUTHCOOKIE", "You have already authenticated to an account once this session; you may not use a cookie to authenticate to another account." },
{ "NSMSG_TITLE_INVALID", "Titles cannot contain any dots; please choose another." },
+ { "NSMSG_TITLE_TRUNCATED", "That title combined with the user's account name would result in a truncated host; please choose a shorter title." },
{ "NSMSG_FAKEHOST_INVALID", "Fake hosts must be shorter than %d characters and cannot start with a dot." },
{ "NSMSG_HANDLEINFO_ON", "Account information for $b%s$b:" },
{ "NSMSG_HANDLEINFO_ID", " Account ID: %lu" },
dict_insert(nickserv_nick_dict, ni->nick, ni);
}
-static void
-free_nick_info(void *vni)
-{
- struct nick_info *ni = vni;
- free(ni);
-}
-
static void
delete_nick(struct nick_info *ni)
{
}
}
}
- StampUser(user, id);
+ StampUser(user, id, hi->registered);
}
if ((ni = get_nick_info(user->nick)) && (ni->owner == hi))
return 0;
}
+ if(strlen(handle) > 15)
+ {
+ send_message(user, nickserv, "NSMSG_HANDLE_TOLONG", handle, 15);
+ return 0;
+ }
+
if (!is_secure_password(handle, passwd, user))
return 0;
reply("NSMSG_HANDLE_EXISTS", argv[2]);
return 0;
}
+ if(strlen(argv[2]) > 15)
+ {
+ reply("NMSG_HANDLE_TOLONG", argv[2], 15);
+ return 0;
+ }
dict_remove2(nickserv_handle_dict, old_handle = hi->handle, 1);
hi->handle = strdup(argv[2]);
failpw_func_list[failpw_func_used++] = func;
}
+/*
+ * Return hi if the handle/pass pair matches, NULL if it doesnt.
+ *
+ * called by nefariouses enhanced AC login-on-connect code
+ *
+ */
+struct handle_info *loc_auth(char *handle, char *password)
+{
+ int pw_arg, used, maxlogins;
+ unsigned int ii;
+ int wildmask = 0;
+ struct handle_info *hi;
+ struct userNode *other;
+
+ hi = dict_find(nickserv_handle_dict, handle, NULL);
+ pw_arg = 2;
+ if (!hi) {
+ return NULL;
+ }
+
+ /* We don't know the users hostname, or anything because they
+ * havn't registered yet. So we can only allow LOC if your
+ * account has *@* as a hostmask.
+ */
+ for (ii=0; ii<hi->masks->used; ii++)
+ {
+ if (!strcmp(hi->masks->list[ii], "*@*"))
+ {
+ wildmask++;
+ break;
+ }
+ }
+ if(wildmask < 1)
+ return NULL;
+
+ /* Responses from here on look up the language used by the handle they asked about. */
+ if (!checkpass(password, hi->passwd)) {
+ return NULL;
+ }
+ if (HANDLE_FLAGGED(hi, SUSPENDED)) {
+ return NULL;
+ }
+ maxlogins = hi->maxlogins ? hi->maxlogins : nickserv_conf.default_maxlogins;
+ for (used = 0, other = hi->users; other; other = other->next_authed) {
+ if (++used >= maxlogins) {
+ return NULL;
+ }
+ }
+ return hi;
+}
+
static NICKSERV_FUNC(cmd_auth)
{
int pw_arg, used, maxlogins;
send_message(user, nickserv, "NSMSG_TITLE_INVALID");
return 0;
}
+ if ((strlen(user->handle_info->handle) + strlen(title) +
+ strlen(nickserv_conf.titlehost_suffix) + 2) > HOSTLEN) {
+ send_message(user, nickserv, "NSMSG_TITLE_TRUNCATED");
+ return 0;
+ }
+
free(hi->fakehost);
if (!strcmp(title, "*")) {
hi->fakehost = NULL;
if ((argc > 1) && oper_has_access(user, nickserv, nickserv_conf.set_fakehost_level, 0)) {
fake = argv[1];
if ((strlen(fake) > HOSTLEN) || (fake[0] == '.')) {
- send_message(user, nickserv, "NSMSG_FAKEHOST_INVALID");
+ send_message(user, nickserv, "NSMSG_FAKEHOST_INVALID", HOSTLEN);
return 0;
}
free(hi->fakehost);
if (!(hi = get_victim_oper(user, argv[1])))
return 0;
nickserv_unregister_handle(hi, user);
- return 0;
+ return 1;
}
static NICKSERV_FUNC(cmd_status)
handle_account(struct userNode *user, const char *stamp)
{
struct handle_info *hi;
+ char *colon;
#ifdef WITH_PROTOCOL_P10
+ time_t timestamp = 0;
+
+ colon = strchr(stamp, ':');
+ if(colon && colon[1])
+ {
+ *colon = 0;
+ timestamp = atoi(colon+1);
+ }
hi = dict_find(nickserv_handle_dict, stamp, NULL);
+ if(hi && timestamp && hi->registered != timestamp)
+ {
+ log_module(MAIN_LOG, LOG_WARNING, "%s using account %s but timestamp does not match %lu is not %lu.", user->nick, stamp, timestamp, hi->registered);
+ return;
+ }
#else
hi = dict_find(nickserv_id_dict, stamp, NULL);
+ log_module(MAIN_LOG, LOG_WARNING, "Using non-P10 code in accounts, not tested at all!");
#endif
if (hi) {
dict_set_free_data(nickserv_email_dict, nickserv_free_email_addr);
nickserv_module = module_register("NickServ", NS_LOG, "nickserv.help", NULL);
- modcmd_register(nickserv_module, "AUTH", cmd_auth, 2, MODCMD_KEEP_BOUND, "flags", "+qualified,+loghostmask", NULL);
+/* Removed qualified_host as default requirement for AUTH, REGISTER, PASS, etc. nets
+ * can enable it per command using modcmd. (its a shitty default IMO, and now in 1.3
+ * a big pain to disable since its nolonger in the config file. ) -Rubin
+ */
+ modcmd_register(nickserv_module, "AUTH", cmd_auth, 2, MODCMD_KEEP_BOUND, "flags", "+loghostmask", NULL);
nickserv_define_func("ALLOWAUTH", cmd_allowauth, 0, 1, 0);
- nickserv_define_func("REGISTER", cmd_register, -1, 0, 1);
+ nickserv_define_func("REGISTER", cmd_register, -1, 0, 0);
nickserv_define_func("OREGISTER", cmd_oregister, 0, 1, 0);
- nickserv_define_func("UNREGISTER", cmd_unregister, -1, 1, 1);
+ nickserv_define_func("UNREGISTER", cmd_unregister, -1, 1, 0);
nickserv_define_func("OUNREGISTER", cmd_ounregister, 0, 1, 0);
nickserv_define_func("ADDMASK", cmd_addmask, -1, 1, 0);
nickserv_define_func("OADDMASK", cmd_oaddmask, 0, 1, 0);
nickserv_define_func("DELMASK", cmd_delmask, -1, 1, 0);
nickserv_define_func("ODELMASK", cmd_odelmask, 0, 1, 0);
- nickserv_define_func("PASS", cmd_pass, -1, 1, 1);
+ nickserv_define_func("PASS", cmd_pass, -1, 1, 0);
nickserv_define_func("SET", cmd_set, -1, 1, 0);
nickserv_define_func("OSET", cmd_oset, 0, 1, 0);
nickserv_define_func("ACCOUNTINFO", cmd_handleinfo, -1, 0, 0);
}
if (nickserv_conf.email_enabled) {
nickserv_define_func("AUTHCOOKIE", cmd_authcookie, -1, 0, 0);
- nickserv_define_func("RESETPASS", cmd_resetpass, -1, 0, 1);
- nickserv_define_func("COOKIE", cmd_cookie, -1, 0, 1);
+ nickserv_define_func("RESETPASS", cmd_resetpass, -1, 0, 0);
+ nickserv_define_func("COOKIE", cmd_cookie, -1, 0, 0);
nickserv_define_func("DELCOOKIE", cmd_delcookie, -1, 1, 0);
dict_insert(nickserv_opt_dict, "EMAIL", opt_email);
}
dict_set_free_keys(nickserv_id_dict, free);
nickserv_nick_dict = dict_new();
- dict_set_free_data(nickserv_nick_dict, free_nick_info);
+ dict_set_free_data(nickserv_nick_dict, free);
nickserv_allow_auth_dict = dict_new();
userList_init(&curr_helpers);
if (nick) {
- nickserv = AddService(nick, "Nick Services", NULL);
+ const char *modes = conf_get_data("services/nickserv/modes", RECDB_QSTRING);
+ nickserv = AddService(nick, modes ? modes : NULL, "Nick Services", NULL);
nickserv_service = service_register(nickserv);
}
saxdb_register("NickServ", nickserv_saxdb_read, nickserv_saxdb_write);