]>
Commit | Line | Data |
---|---|---|
1dd6d55d | 1 | /* Automatically generated by refactor.pl. |
2 | * | |
3 | * | |
4 | * CMDNAME: newpass | |
d353effa | 5 | * CMDALIASES: newpassword |
bace4964 | 6 | * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED |
1dd6d55d | 7 | * CMDARGS: 3 |
8 | * CMDDESC: Change your password. | |
9 | * CMDFUNC: csa_donewpw | |
10 | * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv); | |
d353effa | 11 | * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword> |
50cd26d6 | 12 | * CMDHELP: Changes your account password. Your new password must be at least 6 characters |
13 | * CMDHELP: long, contain at least one number and one letter, and may not contain sequences | |
14 | * CMDHELP: of letters or numbers. Your new password will be sent to your registered email | |
15 | * CMDHELP: address. Where: | |
16 | * CMDHELP: oldpassword - your existing account password | |
17 | * CMDHELP: newpassword - your desired new password. Must be entered the same both times. | |
18 | * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to | |
19 | * CMDHELP: Q@CServe.quakenet.org when using it. | |
1dd6d55d | 20 | */ |
21 | ||
22 | #include "../chanserv.h" | |
23 | #include "../authlib.h" | |
24 | #include "../../lib/irc_string.h" | |
25 | #include <stdio.h> | |
26 | #include <string.h> | |
80d2de64 | 27 | #include <ctype.h> |
1dd6d55d | 28 | |
29 | int csa_donewpw(void *source, int cargc, char **cargv) { | |
30 | reguser *rup; | |
31 | nick *sender=source; | |
80d2de64 | 32 | int i, cntweak = 0, cntdigits = 0, cntletters = 0; |
30a66d6c | 33 | time_t t; |
1dd6d55d | 34 | |
35 | if (cargc<3) { | |
36 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass"); | |
37 | return CMD_ERROR; | |
38 | } | |
39 | ||
40 | if (!(rup=getreguserfromnick(sender))) | |
41 | return CMD_ERROR; | |
42 | ||
2271ea8c | 43 | if (!checkpassword(rup, cargv[0])) { |
1dd6d55d | 44 | chanservstdmessage(sender, QM_AUTHFAIL); |
2271ea8c | 45 | cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]); |
1dd6d55d | 46 | return CMD_ERROR; |
47 | } | |
48 | ||
49 | if (strcmp(cargv[1],cargv[2])) { | |
50 | chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */ | |
51 | cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]); | |
52 | return CMD_ERROR; | |
53 | } | |
54 | ||
55 | if (strlen(cargv[1]) < 6) { | |
56 | chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */ | |
16739dbe | 57 | cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1])); |
1dd6d55d | 58 | return CMD_ERROR; |
59 | } | |
60 | ||
cb7fb82d P |
61 | for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) { |
62 | if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] ) | |
63 | cntweak++; | |
64 | if(isdigit(cargv[1][i])) | |
65 | cntdigits++; | |
66 | if(islower(cargv[1][i]) || isupper(cargv[1][i])) | |
67 | cntletters++; | |
68 | } | |
69 | ||
70 | if( cntweak > 3 || !cntdigits || !cntletters) { | |
71 | chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */ | |
72 | cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]); | |
73 | return CMD_ERROR; | |
74 | } | |
75 | ||
86d2bc73 | 76 | t=time(NULL); |
59687380 | 77 | if(!UHasHelperPriv(rup)) { |
59687380 | 78 | if(rup->lockuntil && rup->lockuntil > t) { |
79313d98 | 79 | chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil); |
59687380 CP |
80 | return CMD_ERROR; |
81 | } | |
82 | rup->lockuntil=t+7*24*3600; | |
039e298c CP |
83 | } else { |
84 | rup->lockuntil=0; | |
30a66d6c | 85 | } |
30a66d6c CP |
86 | |
87 | if(rup->lastemail) { | |
88 | freesstring(rup->lastemail); | |
89 | rup->lastemail=NULL; | |
90 | } | |
91 | ||
86d2bc73 | 92 | rup->lastpasschange=t; |
0f32b411 | 93 | csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL); |
1dd6d55d | 94 | setpassword(rup, cargv[1]); |
0f32b411 | 95 | |
1dd6d55d | 96 | rup->lastauth=time(NULL); |
97 | chanservstdmessage(sender, QM_PWCHANGED); | |
98 | cs_log(sender,"NEWPASS OK username %s", rup->username); | |
e9f49ea9 CP |
99 | |
100 | #ifdef AUTHGATE_WARNINGS | |
c90a3f1f CP |
101 | if(UHasOperPriv(rup)) |
102 | chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances."); | |
e9f49ea9 CP |
103 | #endif |
104 | ||
1dd6d55d | 105 | csdb_updateuser(rup); |
106 | csdb_createmail(rup, QMAIL_NEWPW); | |
107 | ||
108 | return CMD_OK; | |
109 | } |