| | 1 | /* Automatically generated by refactor.pl. |
| | 2 | * |
| | 3 | * |
| | 4 | * CMDNAME: newpass |
| | 5 | * CMDALIASES: newpassword |
| | 6 | * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED |
| | 7 | * CMDARGS: 3 |
| | 8 | * CMDDESC: Change your password. |
| | 9 | * CMDFUNC: csa_donewpw |
| | 10 | * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv); |
| | 11 | * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword> |
| | 12 | * CMDHELP: Changes your account password. Your new password must be at least 6 characters |
| | 13 | * CMDHELP: long, contain at least one number and one letter, and may not contain sequences |
| | 14 | * CMDHELP: of letters or numbers, also note that your password will be truncated to 10 |
| | 15 | * CMDHELP: characters. |
| | 16 | * CMDHELP: Your new password will be sent to your registered email address. |
| | 17 | * CMDHELP: Where: |
| | 18 | * CMDHELP: oldpassword - your existing account password |
| | 19 | * CMDHELP: newpassword - your desired new password. Must be entered the same both times. |
| | 20 | * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to |
| | 21 | * CMDHELP: Q@CServe.quakenet.org when using it. |
| | 22 | */ |
| | 23 | |
| | 24 | #include "../chanserv.h" |
| | 25 | #include "../authlib.h" |
| | 26 | #include "../../lib/irc_string.h" |
| | 27 | #include "../../core/hooks.h" |
| | 28 | #include <stdio.h> |
| | 29 | #include <string.h> |
| | 30 | #include <ctype.h> |
| | 31 | |
| | 32 | int csa_donewpw(void *source, int cargc, char **cargv) { |
| | 33 | reguser *rup; |
| | 34 | nick *sender=source; |
| | 35 | unsigned int same=0; |
| | 36 | time_t t; |
| | 37 | int pq; |
| | 38 | |
| | 39 | if (cargc<3) { |
| | 40 | chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass"); |
| | 41 | return CMD_ERROR; |
| | 42 | } |
| | 43 | |
| | 44 | if (!(rup=getreguserfromnick(sender))) |
| | 45 | return CMD_ERROR; |
| | 46 | |
| | 47 | if (!checkpassword(rup, cargv[0])) { |
| | 48 | chanservstdmessage(sender, QM_AUTHFAIL); |
| | 49 | cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]); |
| | 50 | return CMD_ERROR; |
| | 51 | } |
| | 52 | |
| | 53 | if (strcmp(cargv[1],cargv[2])) { |
| | 54 | chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */ |
| | 55 | cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]); |
| | 56 | return CMD_ERROR; |
| | 57 | } |
| | 58 | |
| | 59 | if (!strcmp(cargv[0],cargv[1])) { |
| | 60 | /* If they are the same then continue anyway but don't send the hook later. */ |
| | 61 | same=1; |
| | 62 | } |
| | 63 | |
| | 64 | pq = csa_checkpasswordquality(cargv[1]); |
| | 65 | if(pq == QM_PWTOSHORT) { |
| | 66 | chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */ |
| | 67 | cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1])); |
| | 68 | return CMD_ERROR; |
| | 69 | } else if(pq == QM_PWTOWEAK) { |
| | 70 | chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */ |
| | 71 | cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]); |
| | 72 | return CMD_ERROR; |
| | 73 | } else if(pq == QM_PWTOLONG) { |
| | 74 | chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */ |
| | 75 | cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]); |
| | 76 | return CMD_ERROR; |
| | 77 | } else if(pq == QM_PWINVALID) { |
| | 78 | chanservstdmessage(sender, QM_PWINVALID); |
| | 79 | cs_log(sender,"NEWPASS FAIL username %s password invalid %s",rup->username,cargv[1]); |
| | 80 | return CMD_ERROR; |
| | 81 | } else if(pq == -1) { |
| | 82 | /* all good */ |
| | 83 | } else { |
| | 84 | chanservsendmessage(sender, "unknown error in newpass.c... contact #help"); |
| | 85 | return CMD_ERROR; |
| | 86 | } |
| | 87 | |
| | 88 | t=time(NULL); |
| | 89 | if(!UHasStaffPriv(rup)) { |
| | 90 | if(rup->lockuntil && rup->lockuntil > t) { |
| | 91 | chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil); |
| | 92 | return CMD_ERROR; |
| | 93 | } |
| | 94 | rup->lockuntil=t+7*24*3600; |
| | 95 | } else { |
| | 96 | rup->lockuntil=0; |
| | 97 | } |
| | 98 | |
| | 99 | if(rup->lastemail) { |
| | 100 | freesstring(rup->lastemail); |
| | 101 | rup->lastemail=NULL; |
| | 102 | } |
| | 103 | |
| | 104 | rup->lastpasschange=t; |
| | 105 | csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL); |
| | 106 | setpassword(rup, cargv[1]); |
| | 107 | |
| | 108 | rup->lastauth=time(NULL); |
| | 109 | chanservstdmessage(sender, QM_PWCHANGED); |
| | 110 | cs_log(sender,"NEWPASS OK username %s", rup->username); |
| | 111 | |
| | 112 | #ifdef AUTHGATE_WARNINGS |
| | 113 | if(UHasOperPriv(rup)) |
| | 114 | chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances."); |
| | 115 | #endif |
| | 116 | |
| | 117 | csdb_updateuser(rup); |
| | 118 | csdb_createmail(rup, QMAIL_NEWPW); |
| | 119 | |
| | 120 | if (!same) |
| | 121 | triggerhook(HOOK_CHANSERV_PWCHANGE, sender); |
| | 122 | |
| | 123 | return CMD_OK; |
| | 124 | } |
projects / irc / quakenet / newserv.git / blame_incremental