X-Git-Url: https://jfr.im/git/irc/evilnet/x3.git/blobdiff_plain/d76ed9a966ee3d955c8ef00ecc02e643c2005e2e..d9cd0e9da05fe12d86da8ead3e358785fb8bb8f7:/src/nickserv.c?ds=sidebyside diff --git a/src/nickserv.c b/src/nickserv.c index 4d7b374..3944b46 100644 --- a/src/nickserv.c +++ b/src/nickserv.c @@ -130,6 +130,7 @@ static char handle_inverse_flags[256]; static unsigned int flag_access_levels[32]; static const struct message_entry msgtab[] = { { "NSMSG_HANDLE_EXISTS", "Account $b%s$b is already registered." }, + { "NSMSG_HANDLE_TOLONG", "The account name %s is too long. Account names must be %lu charactors or less."}, { "NSMSG_PASSWORD_SHORT", "Your password must be at least %lu characters long." }, { "NSMSG_PASSWORD_ACCOUNT", "Your password may not be the same as your account name." }, { "NSMSG_PASSWORD_DICTIONARY", "Your password should not be the word \"password\", or any other dictionary word." }, @@ -179,6 +180,7 @@ static const struct message_entry msgtab[] = { { "NSMSG_STAMPED_RESETPASS", "You have already authenticated to an account once this session; you may not reset your password to authenticate again." }, { "NSMSG_STAMPED_AUTHCOOKIE", "You have already authenticated to an account once this session; you may not use a cookie to authenticate to another account." }, { "NSMSG_TITLE_INVALID", "Titles cannot contain any dots; please choose another." }, + { "NSMSG_TITLE_TRUNCATED", "That title combined with the user's account name would result in a truncated host; please choose a shorter title." }, { "NSMSG_FAKEHOST_INVALID", "Fake hosts must be shorter than %d characters and cannot start with a dot." }, { "NSMSG_HANDLEINFO_ON", "Account information for $b%s$b:" }, { "NSMSG_HANDLEINFO_ID", " Account ID: %lu" }, @@ -427,13 +429,6 @@ register_nick(const char *nick, struct handle_info *owner) dict_insert(nickserv_nick_dict, ni->nick, ni); } -static void -free_nick_info(void *vni) -{ - struct nick_info *ni = vni; - free(ni); -} - static void delete_nick(struct nick_info *ni) { @@ -959,6 +954,12 @@ nickserv_register(struct userNode *user, struct userNode *settee, const char *ha return 0; } + if(strlen(handle) > 15) + { + send_message(user, nickserv, "NSMSG_HANDLE_TOLONG", handle, 15); + return 0; + } + if (!is_secure_password(handle, passwd, user)) return 0; @@ -1491,6 +1492,11 @@ static NICKSERV_FUNC(cmd_rename_handle) reply("NSMSG_HANDLE_EXISTS", argv[2]); return 0; } + if(strlen(argv[2]) > 15) + { + reply("NMSG_HANDLE_TOLONG", argv[2], 15); + return 0; + } dict_remove2(nickserv_handle_dict, old_handle = hi->handle, 1); hi->handle = strdup(argv[2]); @@ -1522,6 +1528,48 @@ reg_failpw_func(failpw_func_t func) failpw_func_list[failpw_func_used++] = func; } +/* + * Return 1 if the handle/pass pair matches, 0 if it doesnt. + * + * called by nefariouses enhanced AC login-on-connect code + * + */ +int loc_auth(struct userNode *user, char *handle, char *password) +{ + int pw_arg, used, maxlogins; + struct handle_info *hi; + /* + struct userNode *other; + */ + + hi = dict_find(nickserv_handle_dict, handle, NULL); + pw_arg = 2; + if (!hi) { + return 0; + } + /* Responses from here on look up the language used by the handle they asked about. */ + if (!checkpass(password, hi->passwd)) { + return 0; + } + if (HANDLE_FLAGGED(hi, SUSPENDED)) { + return 0; + } + maxlogins = hi->maxlogins ? hi->maxlogins : nickserv_conf.default_maxlogins; + /* Do we want to deny if they already have more logins? I dont see why but + * someone else might? -Rubin + for (used = 0, other = hi->users; other; other = other->next_authed) { + if (++used >= maxlogins) { + send_message_type(4, user, cmd->parent->bot, + handle_find_message(hi, "NSMSG_MAX_LOGINS"), + maxlogins); + argv[pw_arg] = "MAXLOGINS"; + return 1; + } + } + */ + return 1; +} + static NICKSERV_FUNC(cmd_auth) { int pw_arg, used, maxlogins; @@ -2443,6 +2491,12 @@ static OPTION_FUNC(opt_title) send_message(user, nickserv, "NSMSG_TITLE_INVALID"); return 0; } + if ((strlen(user->handle_info->handle) + strlen(title) + + strlen(nickserv_conf.titlehost_suffix) + 2) > HOSTLEN) { + send_message(user, nickserv, "NSMSG_TITLE_TRUNCATED"); + return 0; + } + free(hi->fakehost); if (!strcmp(title, "*")) { hi->fakehost = NULL; @@ -2474,7 +2528,7 @@ static OPTION_FUNC(opt_fakehost) if ((argc > 1) && oper_has_access(user, nickserv, nickserv_conf.set_fakehost_level, 0)) { fake = argv[1]; if ((strlen(fake) > HOSTLEN) || (fake[0] == '.')) { - send_message(user, nickserv, "NSMSG_FAKEHOST_INVALID"); + send_message(user, nickserv, "NSMSG_FAKEHOST_INVALID", HOSTLEN); return 0; } free(hi->fakehost); @@ -2595,7 +2649,7 @@ static NICKSERV_FUNC(cmd_ounregister) if (!(hi = get_victim_oper(user, argv[1]))) return 0; nickserv_unregister_handle(hi, user); - return 0; + return 1; } static NICKSERV_FUNC(cmd_status) @@ -3749,17 +3803,21 @@ init_nickserv(const char *nick) dict_set_free_data(nickserv_email_dict, nickserv_free_email_addr); nickserv_module = module_register("NickServ", NS_LOG, "nickserv.help", NULL); - modcmd_register(nickserv_module, "AUTH", cmd_auth, 2, MODCMD_KEEP_BOUND, "flags", "+qualified,+loghostmask", NULL); +/* Removed qualified_host as default requirement for AUTH, REGISTER, PASS, etc. nets + * can enable it per command using modcmd. (its a shitty default IMO, and now in 1.3 + * a big pain to disable since its nolonger in the config file. ) -Rubin + */ + modcmd_register(nickserv_module, "AUTH", cmd_auth, 2, MODCMD_KEEP_BOUND, "flags", "+loghostmask", NULL); nickserv_define_func("ALLOWAUTH", cmd_allowauth, 0, 1, 0); - nickserv_define_func("REGISTER", cmd_register, -1, 0, 1); + nickserv_define_func("REGISTER", cmd_register, -1, 0, 0); nickserv_define_func("OREGISTER", cmd_oregister, 0, 1, 0); - nickserv_define_func("UNREGISTER", cmd_unregister, -1, 1, 1); + nickserv_define_func("UNREGISTER", cmd_unregister, -1, 1, 0); nickserv_define_func("OUNREGISTER", cmd_ounregister, 0, 1, 0); nickserv_define_func("ADDMASK", cmd_addmask, -1, 1, 0); nickserv_define_func("OADDMASK", cmd_oaddmask, 0, 1, 0); nickserv_define_func("DELMASK", cmd_delmask, -1, 1, 0); nickserv_define_func("ODELMASK", cmd_odelmask, 0, 1, 0); - nickserv_define_func("PASS", cmd_pass, -1, 1, 1); + nickserv_define_func("PASS", cmd_pass, -1, 1, 0); nickserv_define_func("SET", cmd_set, -1, 1, 0); nickserv_define_func("OSET", cmd_oset, 0, 1, 0); nickserv_define_func("ACCOUNTINFO", cmd_handleinfo, -1, 0, 0); @@ -3778,8 +3836,8 @@ init_nickserv(const char *nick) } if (nickserv_conf.email_enabled) { nickserv_define_func("AUTHCOOKIE", cmd_authcookie, -1, 0, 0); - nickserv_define_func("RESETPASS", cmd_resetpass, -1, 0, 1); - nickserv_define_func("COOKIE", cmd_cookie, -1, 0, 1); + nickserv_define_func("RESETPASS", cmd_resetpass, -1, 0, 0); + nickserv_define_func("COOKIE", cmd_cookie, -1, 0, 0); nickserv_define_func("DELCOOKIE", cmd_delcookie, -1, 1, 0); dict_insert(nickserv_opt_dict, "EMAIL", opt_email); } @@ -3819,14 +3877,15 @@ init_nickserv(const char *nick) dict_set_free_keys(nickserv_id_dict, free); nickserv_nick_dict = dict_new(); - dict_set_free_data(nickserv_nick_dict, free_nick_info); + dict_set_free_data(nickserv_nick_dict, free); nickserv_allow_auth_dict = dict_new(); userList_init(&curr_helpers); if (nick) { - nickserv = AddService(nick, "Nick Services", NULL); + const char *modes = conf_get_data("services/nickserv/modes", RECDB_QSTRING); + nickserv = AddService(nick, modes ? modes : NULL, "Nick Services", NULL); nickserv_service = service_register(nickserv); } saxdb_register("NickServ", nickserv_saxdb_read, nickserv_saxdb_write);