]>
Commit | Line | Data |
---|---|---|
1dd6d55d | 1 | /* Automatically generated by refactor.pl. |
2 | * | |
3 | * | |
4 | * CMDNAME: newpass | |
d353effa | 5 | * CMDALIASES: newpassword |
bace4964 | 6 | * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED |
1dd6d55d | 7 | * CMDARGS: 3 |
8 | * CMDDESC: Change your password. | |
9 | * CMDFUNC: csa_donewpw | |
10 | * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv); | |
d353effa | 11 | * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword> |
50cd26d6 | 12 | * CMDHELP: Changes your account password. Your new password must be at least 6 characters |
13 | * CMDHELP: long, contain at least one number and one letter, and may not contain sequences | |
14 | * CMDHELP: of letters or numbers. Your new password will be sent to your registered email | |
15 | * CMDHELP: address. Where: | |
16 | * CMDHELP: oldpassword - your existing account password | |
17 | * CMDHELP: newpassword - your desired new password. Must be entered the same both times. | |
18 | * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to | |
19 | * CMDHELP: Q@CServe.quakenet.org when using it. | |
1dd6d55d | 20 | */ |
21 | ||
22 | #include "../chanserv.h" | |
23 | #include "../authlib.h" | |
24 | #include "../../lib/irc_string.h" | |
d72584f9 | 25 | #include "../../core/hooks.h" |
1dd6d55d | 26 | #include <stdio.h> |
27 | #include <string.h> | |
80d2de64 | 28 | #include <ctype.h> |
1dd6d55d | 29 | |
30 | int csa_donewpw(void *source, int cargc, char **cargv) { | |
31 | reguser *rup; | |
32 | nick *sender=source; | |
d72584f9 | 33 | unsigned int same=0; |
30a66d6c | 34 | time_t t; |
6ff65e48 | 35 | int pq; |
1dd6d55d | 36 | |
37 | if (cargc<3) { | |
38 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass"); | |
39 | return CMD_ERROR; | |
40 | } | |
41 | ||
42 | if (!(rup=getreguserfromnick(sender))) | |
43 | return CMD_ERROR; | |
44 | ||
2271ea8c | 45 | if (!checkpassword(rup, cargv[0])) { |
1dd6d55d | 46 | chanservstdmessage(sender, QM_AUTHFAIL); |
2271ea8c | 47 | cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]); |
1dd6d55d | 48 | return CMD_ERROR; |
49 | } | |
50 | ||
51 | if (strcmp(cargv[1],cargv[2])) { | |
52 | chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */ | |
53 | cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]); | |
54 | return CMD_ERROR; | |
55 | } | |
56 | ||
d72584f9 | 57 | if (!strcmp(cargv[0],cargv[1])) { |
58 | /* If they are the same then continue anyway but don't send the hook later. */ | |
59 | same=1; | |
60 | } | |
61 | ||
6ff65e48 CP |
62 | pq = csa_checkpasswordquality(cargv[1]); |
63 | if(pq == QM_PWTOSHORT) { | |
64 | chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */ | |
65 | cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1])); | |
66 | return CMD_ERROR; | |
67 | } else if(pq == QM_PWTOWEAK) { | |
cb7fb82d P |
68 | chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */ |
69 | cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]); | |
70 | return CMD_ERROR; | |
6ff65e48 CP |
71 | } else if(pq == -1) { |
72 | /* all good */ | |
73 | } else { | |
74 | chanservsendmessage(sender, "unknown error in newpass.c... contact #help"); | |
75 | return CMD_ERROR; | |
cb7fb82d P |
76 | } |
77 | ||
86d2bc73 | 78 | t=time(NULL); |
372e4f1d | 79 | if(!UHasStaffPriv(rup)) { |
59687380 | 80 | if(rup->lockuntil && rup->lockuntil > t) { |
79313d98 | 81 | chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil); |
59687380 CP |
82 | return CMD_ERROR; |
83 | } | |
84 | rup->lockuntil=t+7*24*3600; | |
039e298c CP |
85 | } else { |
86 | rup->lockuntil=0; | |
30a66d6c | 87 | } |
30a66d6c CP |
88 | |
89 | if(rup->lastemail) { | |
90 | freesstring(rup->lastemail); | |
91 | rup->lastemail=NULL; | |
92 | } | |
93 | ||
86d2bc73 | 94 | rup->lastpasschange=t; |
0f32b411 | 95 | csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL); |
1dd6d55d | 96 | setpassword(rup, cargv[1]); |
0f32b411 | 97 | |
1dd6d55d | 98 | rup->lastauth=time(NULL); |
99 | chanservstdmessage(sender, QM_PWCHANGED); | |
100 | cs_log(sender,"NEWPASS OK username %s", rup->username); | |
e9f49ea9 CP |
101 | |
102 | #ifdef AUTHGATE_WARNINGS | |
c90a3f1f CP |
103 | if(UHasOperPriv(rup)) |
104 | chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances."); | |
e9f49ea9 CP |
105 | #endif |
106 | ||
1dd6d55d | 107 | csdb_updateuser(rup); |
108 | csdb_createmail(rup, QMAIL_NEWPW); | |
d72584f9 | 109 | |
110 | if (!same) | |
111 | triggerhook(HOOK_CHANSERV_PWCHANGE, sender); | |
1dd6d55d | 112 | |
113 | return CMD_OK; | |
114 | } |