chanserv/authcmds/newpass.c

   1 /* Automatically generated by refactor.pl.
   2  *
   3  *
   4  * CMDNAME: newpass
   5  * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
   6  * CMDARGS: 3
   7  * CMDDESC: Change your password.
   8  * CMDFUNC: csa_donewpw
   9  * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
  10  * CMDHELP: Usage: NEWPASS <oldpassword> <newpassword> <newpassword>
  11  * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
  12  * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
  13  * CMDHELP: of letters or numbers.  Your new password will be sent to your registered email
  14  * CMDHELP: address.  Where:
  15  * CMDHELP: oldpassword - your existing account password
  16  * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
  17  * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
  18  * CMDHELP: Q@CServe.quakenet.org when using it.
  19  */
  20
  21 #include "../chanserv.h"
  22 #include "../authlib.h"
  23 #include "../../lib/irc_string.h"
  24 #include <stdio.h>
  25 #include <string.h>
  26 #include <ctype.h>
  27
  28 int csa_donewpw(void *source, int cargc, char **cargv) {
  29   reguser *rup;
  30   nick *sender=source;
  31   int i, cntweak = 0, cntdigits = 0, cntletters = 0;
  32   time_t t;
  33
  34   if (cargc<3) {
  35     chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
  36     return CMD_ERROR;
  37   }
  38
  39   if (!(rup=getreguserfromnick(sender)))
  40     return CMD_ERROR;
  41
  42   if (!checkpassword(rup, cargv[0])) {
  43     chanservstdmessage(sender, QM_AUTHFAIL);
  44     cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
  45     return CMD_ERROR;
  46   }
  47
  48   if (strcmp(cargv[1],cargv[2])) {
  49     chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
  50     cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
  51     return CMD_ERROR;
  52   }
  53
  54   if (strlen(cargv[1]) < 6) {
  55     chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
  56     cs_log(sender,"NEWPASS FAIL username %s password to short %s (%d characters)",rup->username,cargv[1],strlen(cargv[1]));
  57     return CMD_ERROR;
  58   }
  59
  60   for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
  61     if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] )
  62       cntweak++;
  63     if(isdigit(cargv[1][i]))
  64       cntdigits++;
  65     if(islower(cargv[1][i]) || isupper(cargv[1][i]))
  66       cntletters++;
  67   }
  68
  69   if( cntweak > 3 || !cntdigits || !cntletters) {
  70     chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
  71     cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
  72     return CMD_ERROR;
  73   }
  74
  75   if(!UHasHelperPriv(rup)) {
  76     t=time(NULL);
  77     if(rup->lockuntil && rup->lockuntil > t) {
  78       chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
  79       return CMD_ERROR;
  80     }
  81     rup->lockuntil=t+7*24*3600;
  82   }
  83
  84   if(rup->lastemail) {
  85     freesstring(rup->lastemail);
  86     rup->lastemail=NULL;
  87   }
  88
  89   setpassword(rup, cargv[1]);
  90   rup->lastauth=time(NULL);
  91   chanservstdmessage(sender, QM_PWCHANGED);
  92   cs_log(sender,"NEWPASS OK username %s", rup->username);
  93
  94 #ifdef AUTHGATE_WARNINGS
  95   if(UHasOperPriv(rup))
  96     chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
  97 #endif
  98
  99   csdb_updateuser(rup);
 100   csdb_createmail(rup, QMAIL_NEWPW);
 101
 102   return CMD_OK;
 103 }