]>
Commit | Line | Data |
---|---|---|
1dd6d55d | 1 | /* Automatically generated by refactor.pl. |
2 | * | |
3 | * | |
4 | * CMDNAME: newpass | |
d353effa | 5 | * CMDALIASES: newpassword |
bace4964 | 6 | * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED |
1dd6d55d | 7 | * CMDARGS: 3 |
8 | * CMDDESC: Change your password. | |
9 | * CMDFUNC: csa_donewpw | |
10 | * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv); | |
d353effa | 11 | * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword> |
50cd26d6 | 12 | * CMDHELP: Changes your account password. Your new password must be at least 6 characters |
13 | * CMDHELP: long, contain at least one number and one letter, and may not contain sequences | |
43a5879e CP |
14 | * CMDHELP: of letters or numbers, also note that your password will be truncated to 10 |
15 | * CMDHELP: characters. | |
16 | * CMDHELP: Your new password will be sent to your registered email address. | |
17 | * CMDHELP: Where: | |
50cd26d6 | 18 | * CMDHELP: oldpassword - your existing account password |
19 | * CMDHELP: newpassword - your desired new password. Must be entered the same both times. | |
20 | * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to | |
21 | * CMDHELP: Q@CServe.quakenet.org when using it. | |
1dd6d55d | 22 | */ |
23 | ||
24 | #include "../chanserv.h" | |
25 | #include "../authlib.h" | |
26 | #include "../../lib/irc_string.h" | |
d72584f9 | 27 | #include "../../core/hooks.h" |
1dd6d55d | 28 | #include <stdio.h> |
29 | #include <string.h> | |
80d2de64 | 30 | #include <ctype.h> |
1dd6d55d | 31 | |
32 | int csa_donewpw(void *source, int cargc, char **cargv) { | |
33 | reguser *rup; | |
34 | nick *sender=source; | |
d72584f9 | 35 | unsigned int same=0; |
30a66d6c | 36 | time_t t; |
6ff65e48 | 37 | int pq; |
1dd6d55d | 38 | |
39 | if (cargc<3) { | |
40 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass"); | |
41 | return CMD_ERROR; | |
42 | } | |
43 | ||
44 | if (!(rup=getreguserfromnick(sender))) | |
45 | return CMD_ERROR; | |
46 | ||
2271ea8c | 47 | if (!checkpassword(rup, cargv[0])) { |
1dd6d55d | 48 | chanservstdmessage(sender, QM_AUTHFAIL); |
2271ea8c | 49 | cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]); |
1dd6d55d | 50 | return CMD_ERROR; |
51 | } | |
52 | ||
53 | if (strcmp(cargv[1],cargv[2])) { | |
54 | chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */ | |
55 | cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]); | |
56 | return CMD_ERROR; | |
57 | } | |
58 | ||
d72584f9 | 59 | if (!strcmp(cargv[0],cargv[1])) { |
60 | /* If they are the same then continue anyway but don't send the hook later. */ | |
61 | same=1; | |
62 | } | |
63 | ||
6ff65e48 CP |
64 | pq = csa_checkpasswordquality(cargv[1]); |
65 | if(pq == QM_PWTOSHORT) { | |
14dc6de9 CP |
66 | chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */ |
67 | cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1])); | |
6ff65e48 CP |
68 | return CMD_ERROR; |
69 | } else if(pq == QM_PWTOWEAK) { | |
cb7fb82d | 70 | chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */ |
14dc6de9 CP |
71 | cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]); |
72 | return CMD_ERROR; | |
73 | } else if(pq == QM_PWTOLONG) { | |
74 | chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */ | |
75 | cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]); | |
cb7fb82d | 76 | return CMD_ERROR; |
6ff65e48 CP |
77 | } else if(pq == -1) { |
78 | /* all good */ | |
79 | } else { | |
80 | chanservsendmessage(sender, "unknown error in newpass.c... contact #help"); | |
81 | return CMD_ERROR; | |
cb7fb82d P |
82 | } |
83 | ||
86d2bc73 | 84 | t=time(NULL); |
372e4f1d | 85 | if(!UHasStaffPriv(rup)) { |
59687380 | 86 | if(rup->lockuntil && rup->lockuntil > t) { |
79313d98 | 87 | chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil); |
59687380 CP |
88 | return CMD_ERROR; |
89 | } | |
90 | rup->lockuntil=t+7*24*3600; | |
039e298c CP |
91 | } else { |
92 | rup->lockuntil=0; | |
30a66d6c | 93 | } |
30a66d6c CP |
94 | |
95 | if(rup->lastemail) { | |
96 | freesstring(rup->lastemail); | |
97 | rup->lastemail=NULL; | |
98 | } | |
99 | ||
86d2bc73 | 100 | rup->lastpasschange=t; |
0f32b411 | 101 | csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL); |
1dd6d55d | 102 | setpassword(rup, cargv[1]); |
0f32b411 | 103 | |
1dd6d55d | 104 | rup->lastauth=time(NULL); |
105 | chanservstdmessage(sender, QM_PWCHANGED); | |
106 | cs_log(sender,"NEWPASS OK username %s", rup->username); | |
e9f49ea9 CP |
107 | |
108 | #ifdef AUTHGATE_WARNINGS | |
c90a3f1f CP |
109 | if(UHasOperPriv(rup)) |
110 | chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances."); | |
e9f49ea9 CP |
111 | #endif |
112 | ||
1dd6d55d | 113 | csdb_updateuser(rup); |
114 | csdb_createmail(rup, QMAIL_NEWPW); | |
d72584f9 | 115 | |
116 | if (!same) | |
117 | triggerhook(HOOK_CHANSERV_PWCHANGE, sender); | |
1dd6d55d | 118 | |
119 | return CMD_OK; | |
120 | } |