chanserv/authcmds/newpass.c

   1 /* Automatically generated by refactor.pl.
   2  *
   3  *
   4  * CMDNAME: newpass
   5  * CMDALIASES: newpassword
   6  * CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
   7  * CMDARGS: 3
   8  * CMDDESC: Change your password.
   9  * CMDFUNC: csa_donewpw
  10  * CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
  11  * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
  12  * CMDHELP: Changes your account password.  Your new password must be at least 6 characters
  13  * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
  14  * CMDHELP: of letters or numbers.  Your new password will be sent to your registered email
  15  * CMDHELP: address.  Where:
  16  * CMDHELP: oldpassword - your existing account password
  17  * CMDHELP: newpassword - your desired new password.  Must be entered the same both times.
  18  * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
  19  * CMDHELP: Q@CServe.quakenet.org when using it.
  20  */
  21
  22 #include "../chanserv.h"
  23 #include "../authlib.h"
  24 #include "../../lib/irc_string.h"
  25 #include "../../core/hooks.h"
  26 #include <stdio.h>
  27 #include <string.h>
  28 #include <ctype.h>
  29
  30 int csa_donewpw(void *source, int cargc, char **cargv) {
  31   reguser *rup;
  32   nick *sender=source;
  33   unsigned int same=0;
  34   time_t t;
  35   int pq;
  36
  37   if (cargc<3) {
  38     chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
  39     return CMD_ERROR;
  40   }
  41
  42   if (!(rup=getreguserfromnick(sender)))
  43     return CMD_ERROR;
  44
  45   if (!checkpassword(rup, cargv[0])) {
  46     chanservstdmessage(sender, QM_AUTHFAIL);
  47     cs_log(sender,"NEWPASS FAIL username %s bad password %s",rup->username,cargv[0]);
  48     return CMD_ERROR;
  49   }
  50
  51   if (strcmp(cargv[1],cargv[2])) {
  52     chanservstdmessage(sender, QM_PWDONTMATCH); /* Sorry, passwords do not match */
  53     cs_log(sender,"NEWPASS FAIL username %s new passwords don't match (%s vs %s)",rup->username,cargv[1],cargv[2]);
  54     return CMD_ERROR;
  55   }
  56
  57   if (!strcmp(cargv[0],cargv[1])) {
  58     /* If they are the same then continue anyway but don't send the hook later. */
  59     same=1;
  60   }
  61
  62   pq = csa_checkpasswordquality(cargv[1]);
  63   if(pq == QM_PWTOSHORT) {
  64     chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
  65     cs_log(sender,"NEWPASS FAIL username %s password to short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
  66     return CMD_ERROR;
  67   } else if(pq == QM_PWTOWEAK) {
  68     chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
  69     cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
  70     return CMD_ERROR;
  71   } else if(pq == -1) {
  72     /* all good */
  73   } else {
  74     chanservsendmessage(sender, "unknown error in newpass.c... contact #help");
  75     return CMD_ERROR;
  76   }
  77
  78   t=time(NULL);
  79   if(!UHasStaffPriv(rup)) {
  80     if(rup->lockuntil && rup->lockuntil > t) {
  81       chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
  82       return CMD_ERROR;
  83     }
  84     rup->lockuntil=t+7*24*3600;
  85   } else {
  86     rup->lockuntil=0;
  87   }
  88
  89   if(rup->lastemail) {
  90     freesstring(rup->lastemail);
  91     rup->lastemail=NULL;
  92   }
  93
  94   rup->lastpasschange=t;
  95   csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
  96   setpassword(rup, cargv[1]);
  97
  98   rup->lastauth=time(NULL);
  99   chanservstdmessage(sender, QM_PWCHANGED);
 100   cs_log(sender,"NEWPASS OK username %s", rup->username);
 101
 102 #ifdef AUTHGATE_WARNINGS
 103   if(UHasOperPriv(rup))
 104     chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
 105 #endif
 106
 107   csdb_updateuser(rup);
 108   csdb_createmail(rup, QMAIL_NEWPW);
 109
 110   if (!same)
 111     triggerhook(HOOK_CHANSERV_PWCHANGE, sender);
 112
 113   return CMD_OK;
 114 }