chanserv/authcmds/auth.c

   1 /* Automatically generated by refactor.pl.
   2  *
   3  *
   4  * CMDNAME: auth
   5  * CMDALIASES: login
   6  * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
   7  * CMDARGS: 2
   8  * CMDDESC: Authenticates you on the bot.
   9  * CMDFUNC: csa_doauth
  10  * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
  11  * CMDHELP: Usage: @UCOMMAND@ <username> <password>
  12  * CMDHELP: Authenticates you on the bot, where:
  13  * CMDHELP: username - your username
  14  * CMDHELP: password - your password
  15  * CMDHELP: If you do not have a username and password, see HELLO.
  16  * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
  17  * CMDHELP: to Q@CServe.quakenet.org when using it.
  18  * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
  19  */
  20
  21 #include "../chanserv.h"
  22 #include "../authlib.h"
  23 #include "../../lib/irc_string.h"
  24 #include <stdio.h>
  25 #include <string.h>
  26
  27 int csa_completeauth(nick *sender, reguser *rup, char *authtype);
  28
  29 int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
  30   reguser *rup;
  31   activeuser *aup;
  32   nick *sender=source;
  33   int challenge=0;
  34   char *authtype = "AUTH";
  35
  36   if (alg) {
  37     challenge=1;
  38     authtype = "CHALLENGEAUTH";
  39   } else if (cargc<2) {
  40     chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "auth");
  41     return CMD_ERROR;
  42   }
  43
  44   if (!(aup = getactiveuserfromnick(sender)))
  45     return CMD_ERROR;
  46
  47   aup->authattempts++;
  48   if (aup->authattempts > MAXAUTHATTEMPT) {
  49 /*
  50     if ((aup->authattempts % 100) == 0)
  51       chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
  52         sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
  53 */
  54
  55     chanservstdmessage(sender, QM_AUTHFAIL);
  56     cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]);
  57     return CMD_ERROR;
  58   }
  59
  60   if (!(rup=findreguserbynick(cargv[0]))) {
  61     chanservstdmessage(sender, QM_AUTHFAIL);
  62     cs_log(sender,"%s FAIL bad username %s",authtype,cargv[0]);
  63     return CMD_ERROR;
  64   }
  65
  66   if (!challenge) {
  67     if (!checkpassword(rup, cargv[1])) {
  68       chanservstdmessage(sender, QM_AUTHFAIL);
  69       cs_log(sender,"%s FAIL username %s bad password %s",authtype,rup->username,cargv[1]);
  70       return CMD_ERROR;
  71     }
  72   } else {
  73     if (!checkresponse(rup, aup->entropy, cargv[1], alg)) {
  74       chanservstdmessage(sender, QM_AUTHFAIL);
  75       cs_log(sender,"%s FAIL username %s bad response",authtype,rup->username);
  76       return CMD_ERROR;
  77     }
  78   }
  79
  80   return csa_completeauth(sender, rup, authtype);
  81 }
  82
  83 int csa_completeauth(nick *sender, reguser *rup, char *authtype) {
  84   int toomanyauths=0;
  85   time_t now;
  86   char userhost[USERLEN+HOSTLEN+2];
  87   nick *onp;
  88   authname *anp;
  89
  90   /* This should never fail but do something other than crashing if it does. */
  91   if (!(anp=findauthname(rup->ID))) {
  92     chanservstdmessage(sender, QM_AUTHFAIL);
  93     return CMD_ERROR;
  94   }
  95
  96   /* Check for too many auths.  Don't return immediately, since we will still warn
  97    * other users on the acct in this case. */
  98   if (!UHasStaffPriv(rup) && !UIsNoAuthLimit(rup)) {
  99     if (anp->usercount >= MAXAUTHCOUNT) {
 100       chanservstdmessage(sender, QM_TOOMANYAUTHS);
 101       toomanyauths=1;
 102     }
 103   }
 104
 105   for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
 106     if (toomanyauths) {
 107       chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
 108     } else {
 109       chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
 110     }
 111   }
 112
 113   if (toomanyauths)
 114     return CMD_ERROR;
 115
 116   now=time(NULL);
 117
 118   if (UHasSuspension(rup) && rup->suspendexp && (now >= rup->suspendexp)) {
 119     /* suspension has expired, remove it */
 120     rup->flags&=(~(QUFLAG_SUSPENDED|QUFLAG_GLINE|QUFLAG_DELAYEDGLINE));
 121     rup->suspendby=0;
 122     rup->suspendexp=0;
 123     freesstring(rup->suspendreason);
 124     rup->suspendreason=0;
 125     csdb_updateuser(rup);
 126   }
 127
 128   if (UIsSuspended(rup)) {
 129     /* plain suspend */
 130     chanservstdmessage(sender, QM_AUTHSUSPENDED);
 131     if(rup->suspendreason)
 132       chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
 133     if (rup->suspendexp)
 134       chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
 135     return CMD_ERROR;
 136   }
 137
 138   /* Guarantee a unique auth timestamp for each account */
 139   if (rup->lastauth < now)
 140     rup->lastauth=now;
 141   else
 142     rup->lastauth++;
 143
 144   sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
 145   if (rup->lastuserhost)
 146     freesstring(rup->lastuserhost);
 147   rup->lastuserhost=getsstring(userhost,USERLEN+HOSTLEN+1);
 148
 149   csdb_updateuser(rup);
 150
 151   cs_log(sender,"%s OK username %s", authtype,rup->username);
 152
 153   localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
 154
 155   chanservstdmessage(sender, QM_AUTHOK, rup->username);
 156
 157   return CMD_OK;
 158 }
 159
 160 int csa_doauth(void *source, int cargc, char **cargv) {
 161   return csa_auth(source, cargc, cargv, NULL);
 162 }