chanserv/authcmds/auth.c

   1 /* Automatically generated by refactor.pl.
   2  *
   3  *
   4  * CMDNAME: auth
   5  * CMDALIASES: login
   6  * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
   7  * CMDARGS: 2
   8  * CMDDESC: Authenticates you on the bot.
   9  * CMDFUNC: csa_doauth
  10  * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
  11  * CMDHELP: Usage: @UCOMMAND@ <username> <password>
  12  * CMDHELP: Authenticates you on the bot, where:
  13  * CMDHELP: username - your username
  14  * CMDHELP: password - your password
  15  * CMDHELP: If you do not have a username and password, see HELLO.
  16  * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
  17  * CMDHELP: to Q@CServe.quakenet.org when using it.
  18  * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
  19  */
  20
  21 #include "../chanserv.h"
  22 #include "../authlib.h"
  23 #include "../../lib/irc_string.h"
  24 #include <stdio.h>
  25 #include <string.h>
  26
  27 int csa_completeauth(nick *sender, reguser *rup, char *authtype);
  28
  29 int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
  30   reguser *rup;
  31   activeuser *aup;
  32   nick *sender=source;
  33   int challenge=0;
  34   char *authtype = "AUTH";
  35
  36   if (alg) {
  37     challenge=1;
  38     authtype = "CHALLENGEAUTH";
  39   } else if (cargc<2) {
  40     chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
  41     return CMD_ERROR;
  42   }
  43
  44   if (!(aup = getactiveuserfromnick(sender)))
  45     return CMD_ERROR;
  46
  47   aup->authattempts++;
  48   if (aup->authattempts > MAXAUTHATTEMPT) {
  49     if ((aup->authattempts % 100) == 0)
  50       chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
  51         sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
  52     chanservstdmessage(sender, QM_AUTHFAIL);
  53     cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]);
  54     return CMD_ERROR;
  55   }
  56
  57   if (!(rup=findreguserbynick(cargv[0]))) {
  58     chanservstdmessage(sender, QM_AUTHFAIL);
  59     cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]);
  60     return CMD_ERROR;
  61   }
  62
  63   if (!challenge) {
  64     if (!checkpassword(rup, cargv[1])) {
  65       chanservstdmessage(sender, QM_AUTHFAIL);
  66       cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
  67       return CMD_ERROR;
  68     }
  69   } else {
  70     if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
  71       chanservstdmessage(sender, QM_AUTHFAIL);
  72       cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
  73       return CMD_ERROR;
  74     }
  75   }
  76
  77   return csa_completeauth(sender, rup, authtype);
  78 }
  79
  80 int csa_completeauth(nick *sender, reguser *rup, char *authtype) {
  81   int toomanyauths=0;
  82   time_t now;
  83   char userhost[USERLEN+HOSTLEN+2];
  84   nick *onp;
  85   authname *anp;
  86
  87   /* This should never fail but do something other than crashing if it does. */
  88   if (!(anp=findauthname(rup->ID))) {
  89     chanservstdmessage(sender, QM_AUTHFAIL);
  90     return CMD_ERROR;
  91   }
  92
  93   /* Check for too many auths.  Don't return immediately, since we will still warn
  94    * other users on the acct in this case. */
  95   if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
  96     if (anp->usercount >= MAXAUTHCOUNT) {
  97       chanservstdmessage(sender, QM_TOOMANYAUTHS);
  98       toomanyauths=1;
  99     }
 100   }
 101
 102   for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
 103     if (toomanyauths) {
 104       chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
 105     } else {
 106       chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
 107     }
 108   }
 109
 110   if (toomanyauths)
 111     return CMD_ERROR;
 112
 113   now=time(NULL);
 114
 115   if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
 116     /* suspension has expired, remove it */
 117     rup->flags&=(~(QUFLAG_SUSPENDED|QUFLAG_GLINE|QUFLAG_DELAYEDGLINE));
 118     rup->suspendby=0;
 119     rup->suspendexp=0;
 120     freesstring(rup->suspendreason);
 121     rup->suspendreason=0;
 122     csdb_updateuser(rup);
 123   }
 124
 125   if (UIsSuspended(rup)) {
 126     /* plain suspend */
 127     chanservstdmessage(sender, QM_AUTHSUSPENDED);
 128     if(rup->suspendreason)
 129       chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
 130     if (rup->suspendexp)
 131       chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
 132     return CMD_ERROR;
 133   }
 134
 135   /* Guarantee a unique auth timestamp for each account */
 136   if (rup->lastauth < now)
 137     rup->lastauth=now;
 138   else
 139     rup->lastauth++;
 140
 141   sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
 142   if (rup->lastuserhost)
 143     freesstring(rup->lastuserhost);
 144   rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
 145
 146   csdb_updateuser(rup);
 147
 148   cs_log(sender,"%s OK username %s", authtype,rup->username);
 149
 150   localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
 151
 152   chanservstdmessage(sender, QM_AUTHOK, rup->username);
 153
 154   return CMD_OK;
 155 }
 156
 157 int csa_doauth(void *source, int cargc, char **cargv) {
 158   return csa_auth(source, cargc, cargv, NULL);
 159 }