]>
Commit | Line | Data |
---|---|---|
bc6c8fbe CP |
1 | /* Automatically generated by refactor.pl. |
2 | * | |
3 | * | |
4 | * CMDNAME: ticketauth | |
5 | * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED | QCMD_HIDDEN | |
2a118041 | 6 | * CMDARGS: 1 |
bc6c8fbe CP |
7 | * CMDDESC: Authenticates you on the bot using a ticket. |
8 | * CMDFUNC: csa_doticketauth | |
9 | * CMDPROTO: int csa_doticketauth(void *source, int cargc, char **cargv); | |
10 | * CMDHELP: Usage: ticketauth <ticket> | |
11 | * CMDHELP: This is an internal QuakeNet function, there's no point in | |
12 | * CMDHELP: asking for details on how it works cos' you'll not get any! | |
13 | */ | |
14 | ||
15 | #include "../chanserv.h" | |
16 | #include <stdio.h> | |
17 | #include <time.h> | |
18 | ||
19 | int csa_completeauth(nick *sender, reguser *rup, char *authtype); | |
20 | ||
21 | int csa_doticketauth(void *source, int cargc, char **cargv) { | |
2a118041 | 22 | nick *sender = source; |
bc6c8fbe | 23 | |
2a118041 | 24 | if(cargc!=1) { |
bc6c8fbe CP |
25 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "ticketauth"); |
26 | return CMD_ERROR; | |
27 | } | |
28 | ||
2a118041 CP |
29 | char *ticket = cargv[0]; |
30 | size_t ticket_len = strlen(ticket); | |
bc6c8fbe | 31 | |
2a118041 CP |
32 | if(ticket_len < 65) { |
33 | chanservstdmessage(sender, QM_INVALIDHMAC); | |
bc6c8fbe CP |
34 | return CMD_ERROR; |
35 | } | |
36 | ||
2a118041 CP |
37 | char *digest = &ticket[ticket_len - 64]; |
38 | *(digest - 1) = '\0'; | |
bc6c8fbe | 39 | |
2a118041 | 40 | int ret = csc_verifyqticket(ticket, digest); |
bc6c8fbe CP |
41 | if(ret < 0) { |
42 | chanservstdmessage(sender, QM_CONFIGURATIONERROR); | |
43 | return CMD_ERROR; | |
44 | } else if(ret > 0) { | |
45 | chanservstdmessage(sender, QM_INVALIDHMAC); | |
46 | return CMD_ERROR; | |
47 | } | |
48 | ||
2a118041 CP |
49 | time_t logintimestamp, expiry; |
50 | long uid; | |
51 | { | |
52 | intmax_t logintimestamp_i, expiry_i; | |
53 | if(sscanf(ticket, "%ld %jd %jd ", &uid, &logintimestamp_i, &expiry_i) != 3) { | |
54 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "ticketauth"); | |
55 | return CMD_ERROR; | |
56 | } | |
57 | logintimestamp = (time_t)logintimestamp_i; | |
58 | expiry = (time_t)expiry_i; | |
59 | } | |
60 | ||
61 | time_t t = time(NULL); | |
62 | if(t < logintimestamp) { | |
63 | chanservstdmessage(sender, QM_TICKETNOTYETVALID); | |
64 | return CMD_ERROR; | |
65 | } | |
66 | if(t > expiry) { | |
67 | chanservstdmessage(sender, QM_TICKETEXPIRED); | |
68 | return CMD_ERROR; | |
69 | } | |
70 | ||
71 | reguser *rup; | |
bc6c8fbe CP |
72 | if(!(rup=findreguserbyID(uid))) { |
73 | chanservstdmessage(sender, QM_UNKNOWNUSER, "??"); | |
74 | return CMD_ERROR; | |
75 | } | |
76 | ||
77 | if(rup->lastpasschange >= logintimestamp) { | |
78 | chanservstdmessage(sender, QM_PASSEMAILCHANGED); | |
79 | return CMD_ERROR; | |
80 | } | |
81 | ||
82 | return csa_completeauth(sender, rup, "TICKETAUTH"); | |
83 | } |