[irc/quakenet/newserv.git] / chanserv / authcmds / auth.c

/* Automatically generated by refactor.pl.
 *
 *
 * CMDNAME: auth
 * CMDALIASES: login ircdauth
 * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
 * CMDARGS: 2
 * CMDDESC: Authenticates you on the bot.
 * CMDFUNC: csa_doauth
 * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
 * CMDHELP: Usage: @UCOMMAND@ <username> <password>
 * CMDHELP: Authenticates you on the bot, where:
 * CMDHELP: username - your username
 * CMDHELP: password - your password
 * CMDHELP: If you do not have a username and password, see HELLO.
 * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
 * CMDHELP: to Q@CServe.quakenet.org when using it.
 * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
 */

#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
#include <stdio.h>
#include <string.h>

int csa_completeauth(nick *sender, reguser *rup, char *authtype);

int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
  reguser *rup;
  activeuser *aup;
  nick *sender=source;
  int challenge=0;
  char *authtype = "AUTH";

  if (alg) {
    challenge=1;
    authtype = "CHALLENGEAUTH";
  } else if (cargc<2) {
    chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
    return CMD_ERROR;
  }
  
  if (!(aup = getactiveuserfromnick(sender)))
    return CMD_ERROR;
  
  aup->authattempts++;
  if (aup->authattempts > MAXAUTHATTEMPT) {
/*
    if ((aup->authattempts % 100) == 0)
      chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
        sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
*/

    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]); 
    return CMD_ERROR;
  }

  if (!(rup=findreguserbynick(cargv[0]))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]); 
    return CMD_ERROR;
  }

  if (!challenge) {
    if (!checkpassword(rup, cargv[1])) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
      return CMD_ERROR;
    }
  } else {
    if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
      chanservstdmessage(sender, QM_AUTHFAIL);
      cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
      return CMD_ERROR;
    }
  }

  return csa_completeauth(sender, rup, authtype);
}

int csa_completeauth(nick *sender, reguser *rup, char *authtype) {
  int toomanyauths=0;
  time_t now, oldlastauth;
  char userhost[USERLEN+HOSTLEN+2];
  nick *onp;
  void *args[2];
  authname *anp;

  /* This should never fail but do something other than crashing if it does. */
  if (!(anp=findauthname(rup->ID))) {
    chanservstdmessage(sender, QM_AUTHFAIL);
    return CMD_ERROR;
  }

  /* Check for too many auths.  Don't return immediately, since we will still warn
   * other users on the acct in this case. */
  if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
    if (anp->usercount >= MAXAUTHCOUNT) {
      chanservstdmessage(sender, QM_TOOMANYAUTHS);
      toomanyauths=1;
    }
  }
  
  for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
    if (toomanyauths) {
      chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
    } else {
      chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
    }
  }
  
  if (toomanyauths)
    return CMD_ERROR;

  now=time(NULL);

  if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
    /* suspension has expired, remove it */
    rup->flags&=(~(QUFLAG_SUSPENDED|QUFLAG_GLINE|QUFLAG_DELAYEDGLINE));
    rup->suspendby=0;
    rup->suspendexp=0;
    freesstring(rup->suspendreason);
    rup->suspendreason=0;
    csdb_updateuser(rup);  
  }
  
  if (UIsSuspended(rup)) {
    /* plain suspend */
    chanservstdmessage(sender, QM_AUTHSUSPENDED);
    if(rup->suspendreason)
      chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
    if (rup->suspendexp)
      chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
    return CMD_ERROR;
  }
  if (UIsInactive(rup)) {
    chanservstdmessage(sender, QM_INACTIVEACCOUNT);
    return CMD_ERROR;
  }
  
  /* Guarantee a unique auth timestamp for each account */
  oldlastauth=rup->lastauth;
  
  if (rup->lastauth < now) 
    rup->lastauth=now;
  else
    rup->lastauth++;

  sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
  if (rup->lastuserhost)
    freesstring(rup->lastuserhost);
  rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
  
  csdb_updateuser(rup);  

  cs_log(sender,"%s OK username %s", authtype,rup->username);

  localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);

  chanservstdmessage(sender, QM_AUTHOK, rup->username);

  args[0]=sender;
  args[1]=(void *)oldlastauth;
  triggerhook(HOOK_CHANSERV_AUTH, args);

  return CMD_OK;
}

int csa_doauth(void *source, int cargc, char **cargv) {
  return csa_auth(source, cargc, cargv, NULL);
}
Commit	Line	Data
1dd6d55d	1	/* Automatically generated by refactor.pl.
	2	*
	3	*
56f0d0f8	4	* CMDNAME: auth
ffc280ba	5	* CMDALIASES: login ircdauth
56f0d0f8	6	* CMDLEVEL: QCMD_SECURE \| QCMD_NOTAUTHED
1dd6d55d	7	* CMDARGS: 2
	8	* CMDDESC: Authenticates you on the bot.
	9	* CMDFUNC: csa_doauth
	10	* CMDPROTO: int csa_doauth(void source, int cargc, char *cargv);
56f0d0f8	11	* CMDHELP: Usage: @UCOMMAND@ <username> <password>
dd258305	12	* CMDHELP: Authenticates you on the bot, where:
	13	* CMDHELP: username - your username
	14	* CMDHELP: password - your password
	15	* CMDHELP: If you do not have a username and password, see HELLO.
	16	* CMDHELP: Note: due to the sensitive nature of this command, you must send the message
	17	* CMDHELP: to Q@CServe.quakenet.org when using it.
	18	* CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
1dd6d55d	19	*/
	20
	21	#include "../chanserv.h"
	22	#include "../authlib.h"
	23	#include "../../lib/irc_string.h"
	24	#include <stdio.h>
	25	#include <string.h>
	26
bc6c8fbe CP	27	int csa_completeauth(nick sender, reguser rup, char *authtype);
bc6c8fbe CP	28
b7a95f03	29	int csa_auth(void source, int cargc, char *cargv, CRAlgorithm alg) {
1dd6d55d	30	reguser *rup;
23b85e10	31	activeuser *aup;
bc6c8fbe	32	nick *sender=source;
b7a95f03 CP	33	int challenge=0;
b7a95f03 CP	34	char *authtype = "AUTH";
1dd6d55d	35
b7a95f03 CP	36	if (alg) {
	37	challenge=1;
	38	authtype = "CHALLENGEAUTH";
	39	} else if (cargc<2) {
1dd6d55d	40	chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
	41	return CMD_ERROR;
	42	}
	43
	44	if (!(aup = getactiveuserfromnick(sender)))
	45	return CMD_ERROR;
	46
	47	aup->authattempts++;
	48	if (aup->authattempts > MAXAUTHATTEMPT) {
81f75fea	49	/*
1dd6d55d	50	if ((aup->authattempts % 100) == 0)
b7a95f03	51	chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
c0181971	52	sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
81f75fea CP	53	*/
81f75fea CP	54
1dd6d55d	55	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	56	cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]);
1dd6d55d	57	return CMD_ERROR;
	58	}
	59
	60	if (!(rup=findreguserbynick(cargv[0]))) {
	61	chanservstdmessage(sender, QM_AUTHFAIL);
b7a95f03	62	cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]);
1dd6d55d	63	return CMD_ERROR;
	64	}
	65
b7a95f03 CP	66	if (!challenge) {
	67	if (!checkpassword(rup, cargv[1])) {
	68	chanservstdmessage(sender, QM_AUTHFAIL);
	69	cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
	70	return CMD_ERROR;
	71	}
	72	} else {
	73	if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
	74	chanservstdmessage(sender, QM_AUTHFAIL);
	75	cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
	76	return CMD_ERROR;
	77	}
1dd6d55d	78	}
1dd6d55d	79
bc6c8fbe CP	80	return csa_completeauth(sender, rup, authtype);
	81	}
	82
	83	int csa_completeauth(nick sender, reguser rup, char *authtype) {
	84	int toomanyauths=0;
d72584f9	85	time_t now, oldlastauth;
bc6c8fbe CP	86	char userhost[USERLEN+HOSTLEN+2];
bc6c8fbe CP	87	nick *onp;
d72584f9	88	void *args[2];
bc6c8fbe CP	89	authname *anp;
bc6c8fbe CP	90
f3b0017b	91	/* This should never fail but do something other than crashing if it does. */
	92	if (!(anp=findauthname(rup->ID))) {
	93	chanservstdmessage(sender, QM_AUTHFAIL);
	94	return CMD_ERROR;
	95	}
	96
	97	/* Check for too many auths. Don't return immediately, since we will still warn
	98	* other users on the acct in this case. */
372e4f1d	99	if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
f3b0017b	100	if (anp->usercount >= MAXAUTHCOUNT) {
	101	chanservstdmessage(sender, QM_TOOMANYAUTHS);
	102	toomanyauths=1;
	103	}
	104	}
	105
	106	for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
	107	if (toomanyauths) {
	108	chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
	109	} else {
	110	chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
	111	}
	112	}
	113
	114	if (toomanyauths)
	115	return CMD_ERROR;
	116
152583d5	117	now=time(NULL);
152583d5	118
063103ed	119	if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
1dd6d55d	120	/* suspension has expired, remove it */
	121	rup->flags&=(~(QUFLAG_SUSPENDED\|QUFLAG_GLINE\|QUFLAG_DELAYEDGLINE));
	122	rup->suspendby=0;
	123	rup->suspendexp=0;
	124	freesstring(rup->suspendreason);
	125	rup->suspendreason=0;
063103ed	126	csdb_updateuser(rup);
1dd6d55d	127	}
1dd6d55d	128
c0587316	129	if (UIsSuspended(rup)) {
1dd6d55d	130	/* plain suspend */
1dd6d55d	131	chanservstdmessage(sender, QM_AUTHSUSPENDED);
fc567a69 P	132	if(rup->suspendreason)
fc567a69 P	133	chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
79313d98 CP	134	if (rup->suspendexp)
79313d98 CP	135	chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
1dd6d55d	136	return CMD_ERROR;
1dd6d55d	137	}
caee16ec CP	138	if (UIsInactive(rup)) {
	139	chanservstdmessage(sender, QM_INACTIVEACCOUNT);
	140	return CMD_ERROR;
	141	}
1dd6d55d	142
063103ed	143	/* Guarantee a unique auth timestamp for each account */
d72584f9	144	oldlastauth=rup->lastauth;
d72584f9	145
063103ed CP	146	if (rup->lastauth < now)
	147	rup->lastauth=now;
	148	else
	149	rup->lastauth++;
	150
	151	sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
	152	if (rup->lastuserhost)
	153	freesstring(rup->lastuserhost);
	154	rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
	155
	156	csdb_updateuser(rup);
	157
b7a95f03	158	cs_log(sender,"%s OK username %s", authtype,rup->username);
3294b10b CP	159
3294b10b CP	160	localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
1dd6d55d	161
ef4b2323	162	chanservstdmessage(sender, QM_AUTHOK, rup->username);
ef4b2323	163
d72584f9	164	args[0]=sender;
	165	args[1]=(void *)oldlastauth;
	166	triggerhook(HOOK_CHANSERV_AUTH, args);
	167
1dd6d55d	168	return CMD_OK;
1dd6d55d	169	}
b7a95f03 CP	170
	171	int csa_doauth(void source, int cargc, char *cargv) {
	172	return csa_auth(source, cargc, cargv, NULL);
	173	}