[irc/quakenet/newserv.git] / chanserv / authcmds / newpass.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: newpass
 * CMDALIASES: newpassword
 * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
 * CMDARGS: 3
 * CMDDESC: Change your password.
 * CMDFUNC: csa_donewpw
 * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
 * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
 * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
 * CMDHELP: of letters or numbers.  Your new password will be sent to your registered email
 * CMDHELP: address.  Where:
 * CMDHELP: oldpassword - your existing account password
 * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
 * CMDHELP: Q@CServe.quakenet.org when using it.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include <stdio.h>
#include <string.h>
#include <ctype.h>

int csa_donewpw(void *source, int cargc, char **cargv) {
  reguser *rup;
  nick *sender=source;
  int i, cntweak = 0, cntdigits = 0, cntletters = 0;
  time_t t;

  if (cargc<3) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
    return CMD_ERROR;
  }

  if (!(rup=getreguserfromnick(sender)))
    return CMD_ERROR;

  if (!checkpassword(rup, cargv[0])) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
    return CMD_ERROR;
  }

  if (strcmp(cargv[1],cargv[2])) {
    chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
    cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
    return CMD_ERROR;
  }

  if (strlen(cargv[1]) < 6) {
    chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
    cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
    return CMD_ERROR;
  }

  for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
    if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] )
      cntweak++;
    if(isdigit(cargv[1][i]))
      cntdigits++;
    if(islower(cargv[1][i]) || isupper(cargv[1][i]))
      cntletters++;
  }

  if( cntweak > 3 || !cntdigits || !cntletters) {
    chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
    cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
    return CMD_ERROR;
  }

  t=time(NULL);
  if(!UHasHelperPriv(rup)) {
    if(rup->lockuntil && rup->lockuntil > t) {
      chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
      return CMD_ERROR;
    }
    rup->lockuntil=t+7*24*3600;
  } else {
    rup->lockuntil=0;
  }

  if(rup->lastemail) {
    freesstring(rup->lastemail);
    rup->lastemail=NULL;
  }

  rup->lastpasschange=t;
  csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
  setpassword(rup, cargv[1]);

  rup->lastauth=time(NULL);
  chanservstdmessage(sender, QM_PWCHANGED);
  cs_log(sender,"NEWPASS OK username %s", rup->username);

#ifdef AUTHGATE_WARNINGS
  if(UHasOperPriv(rup))
    chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
#endif

  csdb_updateuser(rup);
  csdb_createmail(rup, QMAIL_NEWPW);

  return CMD_OK;
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
	4	* CMDNAME: newpass
d353effa	5	* CMDALIASES: newpassword
bace4964	6	* CMDLEVEL: QCMD_SECURE \| QCMD_AUTHED
1dd6d55d	7	* CMDARGS: 3
	8	* CMDDESC: Change your password.
	9	* CMDFUNC: csa_donewpw
	10	* CMDPROTO: int csa_donewpw(void source, int cargc, char *cargv);
d353effa	11	* CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
50cd26d6	12	* CMDHELP: Changes your account password. Your new password must be at least 6 characters
	13	* CMDHELP: long, contain at least one number and one letter, and may not contain sequences
	14	* CMDHELP: of letters or numbers. Your new password will be sent to your registered email
	15	* CMDHELP: address. Where:
	16	* CMDHELP: oldpassword - your existing account password
	17	* CMDHELP: newpassword - your desired new password. Must be entered the same both times.
	18	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
	19	* CMDHELP: Q@CServe.quakenet.org when using it.
1dd6d55d	20	*/
	21
	22	#include "../chanserv.h"
	23	#include "../authlib.h"
	24	#include "../../lib/irc_string.h"
	25	#include <stdio.h>
	26	#include <string.h>
80d2de64	27	#include <ctype.h>
1dd6d55d	28
	29	int csa_donewpw(void source, int cargc, char *cargv) {
	30	reguser *rup;
	31	nick *sender=source;
80d2de64	32	int i, cntweak = 0, cntdigits = 0, cntletters = 0;
30a66d6c	33	time_t t;
1dd6d55d	34
	35	if (cargc<3) {
	36	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
	37	return CMD_ERROR;
	38	}
	39
	40	if (!(rup=getreguserfromnick(sender)))
	41	return CMD_ERROR;
	42
2271ea8c	43	if (!checkpassword(rup, cargv[0])) {
1dd6d55d	44	chanservstdmessage(sender, QM_AUTHFAIL);
2271ea8c	45	cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
1dd6d55d	46	return CMD_ERROR;
	47	}
	48
	49	if (strcmp(cargv[1],cargv[2])) {
	50	chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
	51	cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
	52	return CMD_ERROR;
	53	}
	54
	55	if (strlen(cargv[1]) < 6) {
	56	chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
16739dbe	57	cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
1dd6d55d	58	return CMD_ERROR;
	59	}
	60
cb7fb82d P	61	for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
	62	if ( cargv[1][i] == cargv[1][i+1] \|\| cargv[1][i] + 1 == cargv[1][i+1] \|\| cargv[1][i] - 1 == cargv[1][i+1] )
	63	cntweak++;
	64	if(isdigit(cargv[1][i]))
	65	cntdigits++;
	66	if(islower(cargv[1][i]) \|\| isupper(cargv[1][i]))
	67	cntletters++;
	68	}
	69
	70	if( cntweak > 3 \|\| !cntdigits \|\| !cntletters) {
	71	chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
	72	cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
	73	return CMD_ERROR;
	74	}
	75
86d2bc73	76	t=time(NULL);
59687380	77	if(!UHasHelperPriv(rup)) {
59687380	78	if(rup->lockuntil && rup->lockuntil > t) {
79313d98	79	chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
59687380 CP	80	return CMD_ERROR;
	81	}
	82	rup->lockuntil=t+7243600;
039e298c CP	83	} else {
039e298c CP	84	rup->lockuntil=0;
30a66d6c	85	}
30a66d6c CP	86
	87	if(rup->lastemail) {
	88	freesstring(rup->lastemail);
	89	rup->lastemail=NULL;
	90	}
	91
86d2bc73	92	rup->lastpasschange=t;
0f32b411	93	csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
1dd6d55d	94	setpassword(rup, cargv[1]);
0f32b411	95
1dd6d55d	96	rup->lastauth=time(NULL);
	97	chanservstdmessage(sender, QM_PWCHANGED);
	98	cs_log(sender,"NEWPASS OK username %s", rup->username);
e9f49ea9 CP	99
e9f49ea9 CP	100	#ifdef AUTHGATE_WARNINGS
c90a3f1f CP	101	if(UHasOperPriv(rup))
c90a3f1f CP	102	chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
e9f49ea9 CP	103	#endif
e9f49ea9 CP	104
1dd6d55d	105	csdb_updateuser(rup);
	106	csdb_createmail(rup, QMAIL_NEWPW);
	107
	108	return CMD_OK;
	109	}