[irc/quakenet/newserv.git] / chanserv / authcmds / newpass.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: newpass
 * CMDALIASES: newpassword
 * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
 * CMDARGS: 3
 * CMDDESC: Change your password.
 * CMDFUNC: csa_donewpw
 * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
 * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
 * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
 * CMDHELP: of letters or numbers, also note that your password will be truncated to 10
 * CMDHELP: characters.
 * CMDHELP: Your new password will be sent to your registered email address.
 * CMDHELP: Where:
 * CMDHELP: oldpassword - your existing account password
 * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
 * CMDHELP: Q@CServe.quakenet.org when using it.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include "../../core/hooks.h"
#include <stdio.h>
#include <string.h>
#include <ctype.h>

int csa_donewpw(void *source, int cargc, char **cargv) {
  reguser *rup;
  nick *sender=source;
  unsigned int same=0;
  time_t t;
  int pq;

  if (cargc<3) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
    return CMD_ERROR;
  }

  if (!(rup=getreguserfromnick(sender)))
    return CMD_ERROR;

  if (!checkpassword(rup, cargv[0])) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
    return CMD_ERROR;
  }

  if (strcmp(cargv[1],cargv[2])) {
    chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
    cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
    return CMD_ERROR;
  }

  if (!strcmp(cargv[0],cargv[1])) {
    /* If they are the same then continue anyway but don't send the hook later. */
    same=1;
  }

  pq = csa_checkpasswordquality(cargv[1]);
  if(pq == QM_PWTOSHORT) {
    chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */
    cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
    return CMD_ERROR;
  } else if(pq == QM_PWTOWEAK) {
    chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
    cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]);
    return CMD_ERROR;
  } else if(pq == QM_PWTOLONG) {
    chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */
    cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]);
    return CMD_ERROR;
  } else if(pq == QM_PWINVALID) {
    chanservstdmessage(sender, QM_PWINVALID);
    cs_log(sender,"NEWPASS FAIL username %s password invalid %s",rup->username,cargv[1]);
    return CMD_ERROR;
  } else if(pq == -1) {
    /* all good */
  } else {
    chanservsendmessage(sender, "unknown error in newpass.c... contact #help");
    return CMD_ERROR;
  }

  t=time(NULL);
  if(!UHasStaffPriv(rup)) {
    if(rup->lockuntil && rup->lockuntil > t) {
      chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
      return CMD_ERROR;
    }
    rup->lockuntil=t+7*24*3600;
  } else {
    rup->lockuntil=0;
  }

  if(rup->lastemail) {
    freesstring(rup->lastemail);
    rup->lastemail=NULL;
  }

  rup->lastpasschange=t;
  csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
  setpassword(rup, cargv[1]);

  rup->lastauth=time(NULL);
  chanservstdmessage(sender, QM_PWCHANGED);
  cs_log(sender,"NEWPASS OK username %s", rup->username);

#ifdef AUTHGATE_WARNINGS
  if(UHasOperPriv(rup))
    chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
#endif

  csdb_updateuser(rup);
  csdb_createmail(rup, QMAIL_NEWPW);
  
  if (!same)
    triggerhook(HOOK_CHANSERV_PWCHANGE, sender);

  return CMD_OK;
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
	4	* CMDNAME: newpass
d353effa	5	* CMDALIASES: newpassword
bace4964	6	* CMDLEVEL: QCMD_SECURE \| QCMD_AUTHED
1dd6d55d	7	* CMDARGS: 3
	8	* CMDDESC: Change your password.
	9	* CMDFUNC: csa_donewpw
	10	* CMDPROTO: int csa_donewpw(void source, int cargc, char *cargv);
d353effa	11	* CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
50cd26d6	12	* CMDHELP: Changes your account password. Your new password must be at least 6 characters
50cd26d6	13	* CMDHELP: long, contain at least one number and one letter, and may not contain sequences
43a5879e CP	14	* CMDHELP: of letters or numbers, also note that your password will be truncated to 10
	15	* CMDHELP: characters.
	16	* CMDHELP: Your new password will be sent to your registered email address.
	17	* CMDHELP: Where:
50cd26d6	18	* CMDHELP: oldpassword - your existing account password
	19	* CMDHELP: newpassword - your desired new password. Must be entered the same both times.
	20	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
	21	* CMDHELP: Q@CServe.quakenet.org when using it.
1dd6d55d	22	*/
	23
	24	#include "../chanserv.h"
	25	#include "../authlib.h"
	26	#include "../../lib/irc_string.h"
d72584f9	27	#include "../../core/hooks.h"
1dd6d55d	28	#include <stdio.h>
1dd6d55d	29	#include <string.h>
80d2de64	30	#include <ctype.h>
1dd6d55d	31
	32	int csa_donewpw(void source, int cargc, char *cargv) {
	33	reguser *rup;
	34	nick *sender=source;
d72584f9	35	unsigned int same=0;
30a66d6c	36	time_t t;
6ff65e48	37	int pq;
1dd6d55d	38
	39	if (cargc<3) {
	40	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
	41	return CMD_ERROR;
	42	}
	43
	44	if (!(rup=getreguserfromnick(sender)))
	45	return CMD_ERROR;
	46
2271ea8c	47	if (!checkpassword(rup, cargv[0])) {
1dd6d55d	48	chanservstdmessage(sender, QM_AUTHFAIL);
2271ea8c	49	cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
1dd6d55d	50	return CMD_ERROR;
	51	}
	52
	53	if (strcmp(cargv[1],cargv[2])) {
	54	chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
	55	cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
	56	return CMD_ERROR;
	57	}
	58
d72584f9	59	if (!strcmp(cargv[0],cargv[1])) {
	60	/* If they are the same then continue anyway but don't send the hook later. */
	61	same=1;
	62	}
	63
6ff65e48 CP	64	pq = csa_checkpasswordquality(cargv[1]);
6ff65e48 CP	65	if(pq == QM_PWTOSHORT) {
14dc6de9 CP	66	chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */
14dc6de9 CP	67	cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
6ff65e48 CP	68	return CMD_ERROR;
6ff65e48 CP	69	} else if(pq == QM_PWTOWEAK) {
cb7fb82d	70	chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
14dc6de9 CP	71	cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]);
	72	return CMD_ERROR;
	73	} else if(pq == QM_PWTOLONG) {
	74	chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */
	75	cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]);
cb7fb82d	76	return CMD_ERROR;
f90b9908 CP	77	} else if(pq == QM_PWINVALID) {
	78	chanservstdmessage(sender, QM_PWINVALID);
	79	cs_log(sender,"NEWPASS FAIL username %s password invalid %s",rup->username,cargv[1]);
	80	return CMD_ERROR;
6ff65e48 CP	81	} else if(pq == -1) {
	82	/* all good */
	83	} else {
	84	chanservsendmessage(sender, "unknown error in newpass.c... contact #help");
	85	return CMD_ERROR;
cb7fb82d P	86	}
cb7fb82d P	87
86d2bc73	88	t=time(NULL);
372e4f1d	89	if(!UHasStaffPriv(rup)) {
59687380	90	if(rup->lockuntil && rup->lockuntil > t) {
79313d98	91	chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
59687380 CP	92	return CMD_ERROR;
	93	}
	94	rup->lockuntil=t+7243600;
039e298c CP	95	} else {
039e298c CP	96	rup->lockuntil=0;
30a66d6c	97	}
30a66d6c CP	98
	99	if(rup->lastemail) {
	100	freesstring(rup->lastemail);
	101	rup->lastemail=NULL;
	102	}
	103
86d2bc73	104	rup->lastpasschange=t;
0f32b411	105	csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
1dd6d55d	106	setpassword(rup, cargv[1]);
0f32b411	107
1dd6d55d	108	rup->lastauth=time(NULL);
	109	chanservstdmessage(sender, QM_PWCHANGED);
	110	cs_log(sender,"NEWPASS OK username %s", rup->username);
e9f49ea9 CP	111
e9f49ea9 CP	112	#ifdef AUTHGATE_WARNINGS
c90a3f1f CP	113	if(UHasOperPriv(rup))
c90a3f1f CP	114	chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
e9f49ea9 CP	115	#endif
e9f49ea9 CP	116
1dd6d55d	117	csdb_updateuser(rup);
1dd6d55d	118	csdb_createmail(rup, QMAIL_NEWPW);
d72584f9	119
	120	if (!same)
	121	triggerhook(HOOK_CHANSERV_PWCHANGE, sender);
1dd6d55d	122
	123	return CMD_OK;
	124	}