[irc/quakenet/newserv.git] / chanserv / authcmds / auth.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: auth
 * CMDALIASES: login
 * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
 * CMDARGS: 2
 * CMDDESC: Authenticates you on the bot.
 * CMDFUNC: csa_doauth
 * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: @UCOMMAND@ <username> <password>
 * CMDHELP: Authenticates you on the bot, where:
 * CMDHELP: username - your username
 * CMDHELP: password - your password
 * CMDHELP: If you do not have a username and password, see HELLO.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
 * CMDHELP: to Q@CServe.quakenet.org when using it.
 * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include <stdio.h>
#include <string.h>

int csa_completeauth(nick *sender, reguser *rup, char *authtype);

int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
  reguser *rup;
  activeuser *aup;
  nick *sender=source;
  int challenge=0;
  char *authtype = "AUTH";

  if (alg) {
    challenge=1;
    authtype = "CHALLENGEAUTH";
  } else if (cargc<2) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
    return CMD_ERROR;
  }
  
  if (!(aup = getactiveuserfromnick(sender)))
    return CMD_ERROR;
  
  aup->authattempts++;
  if (aup->authattempts > MAXAUTHATTEMPT) {
    if ((aup->authattempts % 100) == 0)
      chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
        sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]); 
    return CMD_ERROR;
  }

  if (!(rup=findreguserbynick(cargv[0]))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]); 
    return CMD_ERROR;
  }

  if (!challenge) {
    if (!checkpassword(rup, cargv[1])) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
      return CMD_ERROR;
    }
  } else {
    if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
      return CMD_ERROR;
    }
  }

  return csa_completeauth(sender, rup, authtype);
}

int csa_completeauth(nick *sender, reguser *rup, char *authtype) {
  int toomanyauths=0;
  time_t now;
  char userhost[USERLEN+HOSTLEN+2];
  nick *onp;
  authname *anp;

  /* This should never fail but do something other than crashing if it does. */
  if (!(anp=findauthname(rup->ID))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    return CMD_ERROR;
  }

  /* Check for too many auths.  Don't return immediately, since we will still warn
   * other users on the acct in this case. */
  if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
    if (anp->usercount >= MAXAUTHCOUNT) {
      chanservstdmessage(sender, QM_TOOMANYAUTHS);
      toomanyauths=1;
    }
  }
  
  for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
    if (toomanyauths) {
      chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
    } else {
      chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
    }
  }
  
  if (toomanyauths)
    return CMD_ERROR;

  now=time(NULL);

  if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
    /* suspension has expired, remove it */
    rup->flags&=(~(QUFLAG_SUSPENDED|QUFLAG_GLINE|QUFLAG_DELAYEDGLINE));
    rup->suspendby=0;
    rup->suspendexp=0;
    freesstring(rup->suspendreason);
    rup->suspendreason=0;
    csdb_updateuser(rup);  
  }
  
  if (UIsSuspended(rup)) {
    /* plain suspend */
    chanservstdmessage(sender, QM_AUTHSUSPENDED);
    if(rup->suspendreason)
      chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
    if (rup->suspendexp)
      chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
    return CMD_ERROR;
  }
  
  /* Guarantee a unique auth timestamp for each account */
  if (rup->lastauth < now) 
    rup->lastauth=now;
  else
    rup->lastauth++;

  sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
  if (rup->lastuserhost)
    freesstring(rup->lastuserhost);
  rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
  
  csdb_updateuser(rup);  

  cs_log(sender,"%s OK username %s", authtype,rup->username);

  localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);

  chanservstdmessage(sender, QM_AUTHOK, rup->username);

  return CMD_OK;
}

int csa_doauth(void *source, int cargc, char **cargv) {
  return csa_auth(source, cargc, cargv, NULL);
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
56f0d0f8 CP	4	* CMDNAME: auth
	5	* CMDALIASES: login
	6	* CMDLEVEL: QCMD_SECURE \| QCMD_NOTAUTHED
1dd6d55d	7	* CMDARGS: 2
	8	* CMDDESC: Authenticates you on the bot.
	9	* CMDFUNC: csa_doauth
	10	* CMDPROTO: int csa_doauth(void source, int cargc, char *cargv);
56f0d0f8	11	* CMDHELP: Usage: @UCOMMAND@ <username> <password>
dd258305	12	* CMDHELP: Authenticates you on the bot, where:
	13	* CMDHELP: username - your username
	14	* CMDHELP: password - your password
	15	* CMDHELP: If you do not have a username and password, see HELLO.
	16	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message
	17	* CMDHELP: to Q@CServe.quakenet.org when using it.
	18	* CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
1dd6d55d	19	*/
	20
	21	#include "../chanserv.h"
	22	#include "../authlib.h"
	23	#include "../../lib/irc_string.h"
	24	#include <stdio.h>
	25	#include <string.h>
	26
bc6c8fbe CP	27	int csa_completeauth(nick sender, reguser rup, char *authtype);
bc6c8fbe CP	28
b7a95f03	29	int csa_auth(void source, int cargc, char *cargv, CRAlgorithm alg) {
1dd6d55d	30	reguser *rup;
23b85e10	31	activeuser *aup;
bc6c8fbe	32	nick *sender=source;
b7a95f03 CP	33	int challenge=0;
b7a95f03 CP	34	char *authtype = "AUTH";
1dd6d55d	35
b7a95f03 CP	36	if (alg) {
	37	challenge=1;
	38	authtype = "CHALLENGEAUTH";
	39	} else if (cargc<2) {
1dd6d55d	40	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
	41	return CMD_ERROR;
	42	}
	43
	44	if (!(aup = getactiveuserfromnick(sender)))
	45	return CMD_ERROR;
	46
	47	aup->authattempts++;
	48	if (aup->authattempts > MAXAUTHATTEMPT) {
	49	if ((aup->authattempts % 100) == 0)
b7a95f03	50	chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
c0181971	51	sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
1dd6d55d	52	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	53	cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]);
1dd6d55d	54	return CMD_ERROR;
	55	}
	56
	57	if (!(rup=findreguserbynick(cargv[0]))) {
	58	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	59	cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]);
1dd6d55d	60	return CMD_ERROR;
	61	}
	62
b7a95f03 CP	63	if (!challenge) {
	64	if (!checkpassword(rup, cargv[1])) {
	65	chanservstdmessage(sender, QM_AUTHFAIL);
	66	cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
	67	return CMD_ERROR;
	68	}
	69	} else {
	70	if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
	71	chanservstdmessage(sender, QM_AUTHFAIL);
	72	cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
	73	return CMD_ERROR;
	74	}
1dd6d55d	75	}
1dd6d55d	76
bc6c8fbe CP	77	return csa_completeauth(sender, rup, authtype);
	78	}
	79
	80	int csa_completeauth(nick sender, reguser rup, char *authtype) {
	81	int toomanyauths=0;
	82	time_t now;
	83	char userhost[USERLEN+HOSTLEN+2];
	84	nick *onp;
	85	authname *anp;
	86
f3b0017b	87	/* This should never fail but do something other than crashing if it does. */
	88	if (!(anp=findauthname(rup->ID))) {
	89	chanservstdmessage(sender, QM_AUTHFAIL);
	90	return CMD_ERROR;
	91	}
	92
	93	/* Check for too many auths. Don't return immediately, since we will still warn
	94	* other users on the acct in this case. */
372e4f1d	95	if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
f3b0017b	96	if (anp->usercount >= MAXAUTHCOUNT) {
	97	chanservstdmessage(sender, QM_TOOMANYAUTHS);
	98	toomanyauths=1;
	99	}
	100	}
	101
	102	for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
	103	if (toomanyauths) {
	104	chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
	105	} else {
	106	chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
	107	}
	108	}
	109
	110	if (toomanyauths)
	111	return CMD_ERROR;
	112
152583d5	113	now=time(NULL);
152583d5	114
063103ed	115	if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
1dd6d55d	116	/* suspension has expired, remove it */
	117	rup->flags&=(~(QUFLAG_SUSPENDED\|QUFLAG_GLINE\|QUFLAG_DELAYEDGLINE));
	118	rup->suspendby=0;
	119	rup->suspendexp=0;
	120	freesstring(rup->suspendreason);
	121	rup->suspendreason=0;
063103ed	122	csdb_updateuser(rup);
1dd6d55d	123	}
1dd6d55d	124
c0587316	125	if (UIsSuspended(rup)) {
1dd6d55d	126	/* plain suspend */
1dd6d55d	127	chanservstdmessage(sender, QM_AUTHSUSPENDED);
fc567a69 P	128	if(rup->suspendreason)
fc567a69 P	129	chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
79313d98 CP	130	if (rup->suspendexp)
79313d98 CP	131	chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
1dd6d55d	132	return CMD_ERROR;
	133	}
	134
063103ed CP	135	/* Guarantee a unique auth timestamp for each account */
	136	if (rup->lastauth < now)
	137	rup->lastauth=now;
	138	else
	139	rup->lastauth++;
	140
	141	sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
	142	if (rup->lastuserhost)
	143	freesstring(rup->lastuserhost);
	144	rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
	145
	146	csdb_updateuser(rup);
	147
b7a95f03	148	cs_log(sender,"%s OK username %s", authtype,rup->username);
3294b10b CP	149
3294b10b CP	150	localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
1dd6d55d	151
ef4b2323	152	chanservstdmessage(sender, QM_AUTHOK, rup->username);
ef4b2323	153
1dd6d55d	154	return CMD_OK;
1dd6d55d	155	}
b7a95f03 CP	156
	157	int csa_doauth(void source, int cargc, char *cargv) {
	158	return csa_auth(source, cargc, cargv, NULL);
	159	}