]>
Commit | Line | Data |
---|---|---|
1dd6d55d | 1 | /* Automatically generated by refactor.pl. |
2 | * | |
3 | * | |
4 | * CMDNAME: newpass | |
bace4964 | 5 | * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED |
1dd6d55d | 6 | * CMDARGS: 3 |
7 | * CMDDESC: Change your password. | |
8 | * CMDFUNC: csa_donewpw | |
9 | * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv); | |
50cd26d6 | 10 | * CMDHELP: Usage: NEWPASS <oldpassword> <newpassword> <newpassword> |
11 | * CMDHELP: Changes your account password. Your new password must be at least 6 characters | |
12 | * CMDHELP: long, contain at least one number and one letter, and may not contain sequences | |
13 | * CMDHELP: of letters or numbers. Your new password will be sent to your registered email | |
14 | * CMDHELP: address. Where: | |
15 | * CMDHELP: oldpassword - your existing account password | |
16 | * CMDHELP: newpassword - your desired new password. Must be entered the same both times. | |
17 | * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to | |
18 | * CMDHELP: Q@CServe.quakenet.org when using it. | |
1dd6d55d | 19 | */ |
20 | ||
21 | #include "../chanserv.h" | |
22 | #include "../authlib.h" | |
23 | #include "../../lib/irc_string.h" | |
24 | #include <stdio.h> | |
25 | #include <string.h> | |
80d2de64 | 26 | #include <ctype.h> |
1dd6d55d | 27 | |
28 | int csa_donewpw(void *source, int cargc, char **cargv) { | |
29 | reguser *rup; | |
30 | nick *sender=source; | |
80d2de64 | 31 | int i, cntweak = 0, cntdigits = 0, cntletters = 0; |
30a66d6c | 32 | time_t t; |
1dd6d55d | 33 | |
34 | if (cargc<3) { | |
35 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass"); | |
36 | return CMD_ERROR; | |
37 | } | |
38 | ||
39 | if (!(rup=getreguserfromnick(sender))) | |
40 | return CMD_ERROR; | |
41 | ||
2271ea8c | 42 | if (!checkpassword(rup, cargv[0])) { |
1dd6d55d | 43 | chanservstdmessage(sender, QM_AUTHFAIL); |
2271ea8c | 44 | cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]); |
1dd6d55d | 45 | return CMD_ERROR; |
46 | } | |
47 | ||
48 | if (strcmp(cargv[1],cargv[2])) { | |
49 | chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */ | |
50 | cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]); | |
51 | return CMD_ERROR; | |
52 | } | |
53 | ||
54 | if (strlen(cargv[1]) < 6) { | |
55 | chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */ | |
16739dbe | 56 | cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1])); |
1dd6d55d | 57 | return CMD_ERROR; |
58 | } | |
59 | ||
cb7fb82d P |
60 | for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) { |
61 | if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] ) | |
62 | cntweak++; | |
63 | if(isdigit(cargv[1][i])) | |
64 | cntdigits++; | |
65 | if(islower(cargv[1][i]) || isupper(cargv[1][i])) | |
66 | cntletters++; | |
67 | } | |
68 | ||
69 | if( cntweak > 3 || !cntdigits || !cntletters) { | |
70 | chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */ | |
71 | cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]); | |
72 | return CMD_ERROR; | |
73 | } | |
74 | ||
59687380 CP |
75 | if(!UHasHelperPriv(rup)) { |
76 | t=time(NULL); | |
77 | if(rup->lockuntil && rup->lockuntil > t) { | |
79313d98 | 78 | chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil); |
59687380 CP |
79 | return CMD_ERROR; |
80 | } | |
81 | rup->lockuntil=t+7*24*3600; | |
039e298c CP |
82 | } else { |
83 | rup->lockuntil=0; | |
30a66d6c | 84 | } |
30a66d6c CP |
85 | |
86 | if(rup->lastemail) { | |
87 | freesstring(rup->lastemail); | |
88 | rup->lastemail=NULL; | |
89 | } | |
90 | ||
0f32b411 | 91 | csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL); |
1dd6d55d | 92 | setpassword(rup, cargv[1]); |
0f32b411 | 93 | |
1dd6d55d | 94 | rup->lastauth=time(NULL); |
95 | chanservstdmessage(sender, QM_PWCHANGED); | |
96 | cs_log(sender,"NEWPASS OK username %s", rup->username); | |
e9f49ea9 CP |
97 | |
98 | #ifdef AUTHGATE_WARNINGS | |
c90a3f1f CP |
99 | if(UHasOperPriv(rup)) |
100 | chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances."); | |
e9f49ea9 CP |
101 | #endif |
102 | ||
1dd6d55d | 103 | csdb_updateuser(rup); |
104 | csdb_createmail(rup, QMAIL_NEWPW); | |
105 | ||
106 | return CMD_OK; | |
107 | } |