[irc/quakenet/newserv.git] / chanserv / authcmds / auth.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: auth
 * CMDALIASES: login
 * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
 * CMDARGS: 2
 * CMDDESC: Authenticates you on the bot.
 * CMDFUNC: csa_doauth
 * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: @UCOMMAND@ <username> <password>
 * CMDHELP: Authenticates you on the bot, where:
 * CMDHELP: username - your username
 * CMDHELP: password - your password
 * CMDHELP: If you do not have a username and password, see HELLO.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
 * CMDHELP: to Q@CServe.quakenet.org when using it.
 * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include <stdio.h>
#include <string.h>

int csa_completeauth(nick *sender, reguser *rup, char *authtype);

int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
  reguser *rup;
  activeuser *aup;
  nick *sender=source;
  int challenge=0;
  char *authtype = "AUTH";

  if (alg) {
    challenge=1;
    authtype = "CHALLENGEAUTH";
  } else if (cargc<2) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
    return CMD_ERROR;
  }
  
  if (!(aup = getactiveuserfromnick(sender)))
    return CMD_ERROR;
  
  aup->authattempts++;
  if (aup->authattempts > MAXAUTHATTEMPT) {
/*
    if ((aup->authattempts % 100) == 0)
      chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
        sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
*/

    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]); 
    return CMD_ERROR;
  }

  if (!(rup=findreguserbynick(cargv[0]))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]); 
    return CMD_ERROR;
  }

  if (!challenge) {
    if (!checkpassword(rup, cargv[1])) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
      return CMD_ERROR;
    }
  } else {
    if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
      return CMD_ERROR;
    }
  }

  return csa_completeauth(sender, rup, authtype);
}

int csa_completeauth(nick *sender, reguser *rup, char *authtype) {
  int toomanyauths=0;
  time_t now;
  char userhost[USERLEN+HOSTLEN+2];
  nick *onp;
  authname *anp;

  /* This should never fail but do something other than crashing if it does. */
  if (!(anp=findauthname(rup->ID))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    return CMD_ERROR;
  }

  /* Check for too many auths.  Don't return immediately, since we will still warn
   * other users on the acct in this case. */
  if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
    if (anp->usercount >= MAXAUTHCOUNT) {
      chanservstdmessage(sender, QM_TOOMANYAUTHS);
      toomanyauths=1;
    }
  }
  
  for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
    if (toomanyauths) {
      chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
    } else {
      chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
    }
  }
  
  if (toomanyauths)
    return CMD_ERROR;

  now=time(NULL);

  if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
    /* suspension has expired, remove it */
    rup->flags&=(~(QUFLAG_SUSPENDED|QUFLAG_GLINE|QUFLAG_DELAYEDGLINE));
    rup->suspendby=0;
    rup->suspendexp=0;
    freesstring(rup->suspendreason);
    rup->suspendreason=0;
    csdb_updateuser(rup);  
  }
  
  if (UIsSuspended(rup)) {
    /* plain suspend */
    chanservstdmessage(sender, QM_AUTHSUSPENDED);
    if(rup->suspendreason)
      chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
    if (rup->suspendexp)
      chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
    return CMD_ERROR;
  }
  
  /* Guarantee a unique auth timestamp for each account */
  if (rup->lastauth < now) 
    rup->lastauth=now;
  else
    rup->lastauth++;

  sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
  if (rup->lastuserhost)
    freesstring(rup->lastuserhost);
  rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
  
  csdb_updateuser(rup);  

  cs_log(sender,"%s OK username %s", authtype,rup->username);

  localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);

  chanservstdmessage(sender, QM_AUTHOK, rup->username);

  return CMD_OK;
}

int csa_doauth(void *source, int cargc, char **cargv) {
  return csa_auth(source, cargc, cargv, NULL);
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
56f0d0f8 CP	4	* CMDNAME: auth
	5	* CMDALIASES: login
	6	* CMDLEVEL: QCMD_SECURE \| QCMD_NOTAUTHED
1dd6d55d	7	* CMDARGS: 2
	8	* CMDDESC: Authenticates you on the bot.
	9	* CMDFUNC: csa_doauth
	10	* CMDPROTO: int csa_doauth(void source, int cargc, char *cargv);
56f0d0f8	11	* CMDHELP: Usage: @UCOMMAND@ <username> <password>
dd258305	12	* CMDHELP: Authenticates you on the bot, where:
	13	* CMDHELP: username - your username
	14	* CMDHELP: password - your password
	15	* CMDHELP: If you do not have a username and password, see HELLO.
	16	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message
	17	* CMDHELP: to Q@CServe.quakenet.org when using it.
	18	* CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
1dd6d55d	19	*/
	20
	21	#include "../chanserv.h"
	22	#include "../authlib.h"
	23	#include "../../lib/irc_string.h"
	24	#include <stdio.h>
	25	#include <string.h>
	26
bc6c8fbe CP	27	int csa_completeauth(nick sender, reguser rup, char *authtype);
bc6c8fbe CP	28
b7a95f03	29	int csa_auth(void source, int cargc, char *cargv, CRAlgorithm alg) {
1dd6d55d	30	reguser *rup;
23b85e10	31	activeuser *aup;
bc6c8fbe	32	nick *sender=source;
b7a95f03 CP	33	int challenge=0;
b7a95f03 CP	34	char *authtype = "AUTH";
1dd6d55d	35
b7a95f03 CP	36	if (alg) {
	37	challenge=1;
	38	authtype = "CHALLENGEAUTH";
	39	} else if (cargc<2) {
1dd6d55d	40	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
	41	return CMD_ERROR;
	42	}
	43
	44	if (!(aup = getactiveuserfromnick(sender)))
	45	return CMD_ERROR;
	46
	47	aup->authattempts++;
	48	if (aup->authattempts > MAXAUTHATTEMPT) {
81f75fea	49	/*
1dd6d55d	50	if ((aup->authattempts % 100) == 0)
b7a95f03	51	chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
c0181971	52	sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
81f75fea CP	53	*/
81f75fea CP	54
1dd6d55d	55	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	56	cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]);
1dd6d55d	57	return CMD_ERROR;
	58	}
	59
	60	if (!(rup=findreguserbynick(cargv[0]))) {
	61	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	62	cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]);
1dd6d55d	63	return CMD_ERROR;
	64	}
	65
b7a95f03 CP	66	if (!challenge) {
	67	if (!checkpassword(rup, cargv[1])) {
	68	chanservstdmessage(sender, QM_AUTHFAIL);
	69	cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
	70	return CMD_ERROR;
	71	}
	72	} else {
	73	if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
	74	chanservstdmessage(sender, QM_AUTHFAIL);
	75	cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
	76	return CMD_ERROR;
	77	}
1dd6d55d	78	}
1dd6d55d	79
bc6c8fbe CP	80	return csa_completeauth(sender, rup, authtype);
	81	}
	82
	83	int csa_completeauth(nick sender, reguser rup, char *authtype) {
	84	int toomanyauths=0;
	85	time_t now;
	86	char userhost[USERLEN+HOSTLEN+2];
	87	nick *onp;
	88	authname *anp;
	89
f3b0017b	90	/* This should never fail but do something other than crashing if it does. */
	91	if (!(anp=findauthname(rup->ID))) {
	92	chanservstdmessage(sender, QM_AUTHFAIL);
	93	return CMD_ERROR;
	94	}
	95
	96	/* Check for too many auths. Don't return immediately, since we will still warn
	97	* other users on the acct in this case. */
372e4f1d	98	if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
f3b0017b	99	if (anp->usercount >= MAXAUTHCOUNT) {
	100	chanservstdmessage(sender, QM_TOOMANYAUTHS);
	101	toomanyauths=1;
	102	}
	103	}
	104
	105	for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
	106	if (toomanyauths) {
	107	chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
	108	} else {
	109	chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
	110	}
	111	}
	112
	113	if (toomanyauths)
	114	return CMD_ERROR;
	115
152583d5	116	now=time(NULL);
152583d5	117
063103ed	118	if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
1dd6d55d	119	/* suspension has expired, remove it */
	120	rup->flags&=(~(QUFLAG_SUSPENDED\|QUFLAG_GLINE\|QUFLAG_DELAYEDGLINE));
	121	rup->suspendby=0;
	122	rup->suspendexp=0;
	123	freesstring(rup->suspendreason);
	124	rup->suspendreason=0;
063103ed	125	csdb_updateuser(rup);
1dd6d55d	126	}
1dd6d55d	127
c0587316	128	if (UIsSuspended(rup)) {
1dd6d55d	129	/* plain suspend */
1dd6d55d	130	chanservstdmessage(sender, QM_AUTHSUSPENDED);
fc567a69 P	131	if(rup->suspendreason)
fc567a69 P	132	chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
79313d98 CP	133	if (rup->suspendexp)
79313d98 CP	134	chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
1dd6d55d	135	return CMD_ERROR;
	136	}
	137
063103ed CP	138	/* Guarantee a unique auth timestamp for each account */
	139	if (rup->lastauth < now)
	140	rup->lastauth=now;
	141	else
	142	rup->lastauth++;
	143
	144	sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
	145	if (rup->lastuserhost)
	146	freesstring(rup->lastuserhost);
	147	rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
	148
	149	csdb_updateuser(rup);
	150
b7a95f03	151	cs_log(sender,"%s OK username %s", authtype,rup->username);
3294b10b CP	152
3294b10b CP	153	localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
1dd6d55d	154
ef4b2323	155	chanservstdmessage(sender, QM_AUTHOK, rup->username);
ef4b2323	156
1dd6d55d	157	return CMD_OK;
1dd6d55d	158	}
b7a95f03 CP	159
	160	int csa_doauth(void source, int cargc, char *cargv) {
	161	return csa_auth(source, cargc, cargv, NULL);
	162	}