[irc/quakenet/newserv.git] / chanserv / authcmds / newpass.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: newpass
 * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
 * CMDARGS: 3
 * CMDDESC: Change your password.
 * CMDFUNC: csa_donewpw
 * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: NEWPASS <oldpassword> <newpassword> <newpassword>
 * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
 * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
 * CMDHELP: of letters or numbers.  Your new password will be sent to your registered email
 * CMDHELP: address.  Where:
 * CMDHELP: oldpassword - your existing account password
 * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
 * CMDHELP: Q@CServe.quakenet.org when using it.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include <stdio.h>
#include <string.h>
#include <ctype.h>

int csa_donewpw(void *source, int cargc, char **cargv) {
  reguser *rup;
  nick *sender=source;
  int i, cntweak = 0, cntdigits = 0, cntletters = 0;
  time_t t;

  if (cargc<3) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
    return CMD_ERROR;
  }

  if (!(rup=getreguserfromnick(sender)))
    return CMD_ERROR;

  if (!checkpassword(rup, cargv[0])) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
    return CMD_ERROR;
  }

  if (strcmp(cargv[1],cargv[2])) {
    chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
    cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
    return CMD_ERROR;
  }

  if (strlen(cargv[1]) < 6) {
    chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
    cs_log(sender,"NEWPASS FAIL username %s password to short %s (%d characters)",rup->username,cargv[1],strlen(cargv[1]));
    return CMD_ERROR;
  }

  for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
    if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] )
      cntweak++;
    if(isdigit(cargv[1][i]))
      cntdigits++;
    if(islower(cargv[1][i]) || isupper(cargv[1][i]))
      cntletters++;
  }

  if( cntweak > 3 || !cntdigits || !cntletters) {
    chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
    cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
    return CMD_ERROR;
  }

  if(!UHasHelperPriv(rup)) {
    t=time(NULL);
    if(rup->lockuntil && rup->lockuntil > t) {
      char buf[100];
      strftime(buf, 15, "%d/%m/%y %H:%M", gmtime(&(rup->lockuntil)));
      chanservstdmessage(sender, QM_ACCOUNTLOCKED, buf);
      return CMD_ERROR;
    }
    rup->lockuntil=t+7*24*3600;
  }

  if(rup->lastemail) {
    freesstring(rup->lastemail);
    rup->lastemail=NULL;
  }

  setpassword(rup, cargv[1]);
  rup->lastauth=time(NULL);
  chanservstdmessage(sender, QM_PWCHANGED);
  cs_log(sender,"NEWPASS OK username %s", rup->username);

#ifdef AUTHGATE_WARNINGS
  if(UHasHelperPriv(rup))
    chanservsendmessage(sender, "You MUST go to https://auth.quakenet.org and login successfully to update the cache.");
#endif

  csdb_updateuser(rup);
  csdb_createmail(rup, QMAIL_NEWPW);

  return CMD_OK;
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
	4	* CMDNAME: newpass
bace4964	5	* CMDLEVEL: QCMD_SECURE \| QCMD_AUTHED
1dd6d55d	6	* CMDARGS: 3
	7	* CMDDESC: Change your password.
	8	* CMDFUNC: csa_donewpw
	9	* CMDPROTO: int csa_donewpw(void source, int cargc, char *cargv);
50cd26d6	10	* CMDHELP: Usage: NEWPASS <oldpassword> <newpassword> <newpassword>
	11	* CMDHELP: Changes your account password. Your new password must be at least 6 characters
	12	* CMDHELP: long, contain at least one number and one letter, and may not contain sequences
	13	* CMDHELP: of letters or numbers. Your new password will be sent to your registered email
	14	* CMDHELP: address. Where:
	15	* CMDHELP: oldpassword - your existing account password
	16	* CMDHELP: newpassword - your desired new password. Must be entered the same both times.
	17	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
	18	* CMDHELP: Q@CServe.quakenet.org when using it.
1dd6d55d	19	*/
	20
	21	#include "../chanserv.h"
	22	#include "../authlib.h"
	23	#include "../../lib/irc_string.h"
	24	#include <stdio.h>
	25	#include <string.h>
80d2de64	26	#include <ctype.h>
1dd6d55d	27
	28	int csa_donewpw(void source, int cargc, char *cargv) {
	29	reguser *rup;
	30	nick *sender=source;
80d2de64	31	int i, cntweak = 0, cntdigits = 0, cntletters = 0;
30a66d6c	32	time_t t;
1dd6d55d	33
	34	if (cargc<3) {
	35	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
	36	return CMD_ERROR;
	37	}
	38
	39	if (!(rup=getreguserfromnick(sender)))
	40	return CMD_ERROR;
	41
2271ea8c	42	if (!checkpassword(rup, cargv[0])) {
1dd6d55d	43	chanservstdmessage(sender, QM_AUTHFAIL);
2271ea8c	44	cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
1dd6d55d	45	return CMD_ERROR;
	46	}
	47
	48	if (strcmp(cargv[1],cargv[2])) {
	49	chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
	50	cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
	51	return CMD_ERROR;
	52	}
	53
	54	if (strlen(cargv[1]) < 6) {
	55	chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
	56	cs_log(sender,"NEWPASS FAIL username %s password to short %s (%d characters)",rup->username,cargv[1],strlen(cargv[1]));
	57	return CMD_ERROR;
	58	}
	59
cb7fb82d P	60	for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
	61	if ( cargv[1][i] == cargv[1][i+1] \|\| cargv[1][i] + 1 == cargv[1][i+1] \|\| cargv[1][i] - 1 == cargv[1][i+1] )
	62	cntweak++;
	63	if(isdigit(cargv[1][i]))
	64	cntdigits++;
	65	if(islower(cargv[1][i]) \|\| isupper(cargv[1][i]))
	66	cntletters++;
	67	}
	68
	69	if( cntweak > 3 \|\| !cntdigits \|\| !cntletters) {
	70	chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
	71	cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
	72	return CMD_ERROR;
	73	}
	74
59687380 CP	75	if(!UHasHelperPriv(rup)) {
	76	t=time(NULL);
	77	if(rup->lockuntil && rup->lockuntil > t) {
	78	char buf[100];
	79	strftime(buf, 15, "%d/%m/%y %H:%M", gmtime(&(rup->lockuntil)));
	80	chanservstdmessage(sender, QM_ACCOUNTLOCKED, buf);
	81	return CMD_ERROR;
	82	}
	83	rup->lockuntil=t+7243600;
30a66d6c	84	}
30a66d6c CP	85
	86	if(rup->lastemail) {
	87	freesstring(rup->lastemail);
	88	rup->lastemail=NULL;
	89	}
	90
1dd6d55d	91	setpassword(rup, cargv[1]);
	92	rup->lastauth=time(NULL);
	93	chanservstdmessage(sender, QM_PWCHANGED);
	94	cs_log(sender,"NEWPASS OK username %s", rup->username);
e9f49ea9 CP	95
	96	#ifdef AUTHGATE_WARNINGS
	97	if(UHasHelperPriv(rup))
	98	chanservsendmessage(sender, "You MUST go to https://auth.quakenet.org and login successfully to update the cache.");
	99	#endif
	100
1dd6d55d	101	csdb_updateuser(rup);
	102	csdb_createmail(rup, QMAIL_NEWPW);
	103
	104	return CMD_OK;
	105	}