chanserv/authcmds/newpass.c

   1 /* Automatically generated by refactor.pl.
   2  *
   3  *
   4  * CMDNAME: newpass
   5  * CMDALIASES: newpassword
   6  * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
   7  * CMDARGS: 3
   8  * CMDDESC: Change your password.
   9  * CMDFUNC: csa_donewpw
  10  * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
  11  * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
  12  * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
  13  * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
  14  * CMDHELP: of letters or numbers, also note that your password will be truncated to 10
  15  * CMDHELP: characters.
  16  * CMDHELP: Your new password will be sent to your registered email address.
  17  * CMDHELP: Where:
  18  * CMDHELP: oldpassword - your existing account password
  19  * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
  20  * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
  21  * CMDHELP: Q@CServe.quakenet.org when using it.
  22  */
  23
  24 #include "../chanserv.h"
  25 #include "../authlib.h"
  26 #include "../../lib/irc_string.h"
  27 #include "../../core/hooks.h"
  28 #include <stdio.h>
  29 #include <string.h>
  30 #include <ctype.h>
  31
  32 int csa_donewpw(void *source, int cargc, char **cargv) {
  33   reguser *rup;
  34   nick *sender=source;
  35   unsigned int same=0;
  36   time_t t;
  37   int pq;
  38
  39   if (cargc<3) {
  40     chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
  41     return CMD_ERROR;
  42   }
  43
  44   if (!(rup=getreguserfromnick(sender)))
  45     return CMD_ERROR;
  46
  47   if (!checkpassword(rup, cargv[0])) {
  48     chanservstdmessage(sender, QM_AUTHFAIL);
  49     cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
  50     return CMD_ERROR;
  51   }
  52
  53   if (strcmp(cargv[1],cargv[2])) {
  54     chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
  55     cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
  56     return CMD_ERROR;
  57   }
  58
  59   if (!strcmp(cargv[0],cargv[1])) {
  60     /* If they are the same then continue anyway but don't send the hook later. */
  61     same=1;
  62   }
  63
  64   pq = csa_checkpasswordquality(cargv[1]);
  65   if(pq == QM_PWTOSHORT) {
  66     chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */
  67     cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
  68     return CMD_ERROR;
  69   } else if(pq == QM_PWTOWEAK) {
  70     chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
  71     cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]);
  72     return CMD_ERROR;
  73   } else if(pq == QM_PWTOLONG) {
  74     chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */
  75     cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]);
  76     return CMD_ERROR;
  77   } else if(pq == -1) {
  78     /* all good */
  79   } else {
  80     chanservsendmessage(sender, "unknown error in newpass.c... contact #help");
  81     return CMD_ERROR;
  82   }
  83
  84   t=time(NULL);
  85   if(!UHasStaffPriv(rup)) {
  86     if(rup->lockuntil && rup->lockuntil > t) {
  87       chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
  88       return CMD_ERROR;
  89     }
  90     rup->lockuntil=t+7*24*3600;
  91   } else {
  92     rup->lockuntil=0;
  93   }
  94
  95   if(rup->lastemail) {
  96     freesstring(rup->lastemail);
  97     rup->lastemail=NULL;
  98   }
  99
 100   rup->lastpasschange=t;
 101   csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
 102   setpassword(rup, cargv[1]);
 103
 104   rup->lastauth=time(NULL);
 105   chanservstdmessage(sender, QM_PWCHANGED);
 106   cs_log(sender,"NEWPASS OK username %s", rup->username);
 107
 108 #ifdef AUTHGATE_WARNINGS
 109   if(UHasOperPriv(rup))
 110     chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
 111 #endif
 112
 113   csdb_updateuser(rup);
 114   csdb_createmail(rup, QMAIL_NEWPW);
 115
 116   if (!same)
 117     triggerhook(HOOK_CHANSERV_PWCHANGE, sender);
 118
 119   return CMD_OK;
 120 }