*
*
* CMDNAME: newpass
+ * CMDALIASES: newpassword
* CMDLEVEL: QCMD_SECURE | QCMD_AUTHED
* CMDARGS: 3
* CMDDESC: Change your password.
* CMDFUNC: csa_donewpw
* CMDPROTO: int csa_donewpw(void *source, int cargc, char **cargv);
+ * CMDHELP: Usage: @UCOMMAND@ <oldpassword> <newpassword> <newpassword>
+ * CMDHELP: Changes your account password. Your new password must be at least 6 characters
+ * CMDHELP: long, contain at least one number and one letter, and may not contain sequences
+ * CMDHELP: of letters or numbers, also note that your password will be truncated to 10
+ * CMDHELP: characters.
+ * CMDHELP: Your new password will be sent to your registered email address.
+ * CMDHELP: Where:
+ * CMDHELP: oldpassword - your existing account password
+ * CMDHELP: newpassword - your desired new password. Must be entered the same both times.
+ * CMDHELP: Note: due to the sensitive nature of this command, you must send the message to
+ * CMDHELP: Q@CServe.quakenet.org when using it.
*/
#include "../chanserv.h"
#include "../authlib.h"
#include "../../lib/irc_string.h"
+#include "../../core/hooks.h"
#include <stdio.h>
#include <string.h>
#include <ctype.h>
int csa_donewpw(void *source, int cargc, char **cargv) {
reguser *rup;
nick *sender=source;
- int i, cntweak = 0, cntdigits = 0, cntletters = 0;
+ unsigned int same=0;
+ time_t t;
+ int pq;
if (cargc<3) {
chanservstdmessage(sender, QM_NOTENOUGHPARAMS, "newpass");
return CMD_ERROR;
}
- if (strlen(cargv[1]) < 6) {
- chanservstdmessage(sender, QM_PWTOSHORT); /* new password to short */
- cs_log(sender,"NEWPASS FAIL username %s password to short %s (%d characters)",rup->username,cargv[1],strlen(cargv[1]));
+ if (!strcmp(cargv[0],cargv[1])) {
+ /* If they are the same then continue anyway but don't send the hook later. */
+ same=1;
+ }
+
+ pq = csa_checkpasswordquality(cargv[1]);
+ if(pq == QM_PWTOSHORT) {
+ chanservstdmessage(sender, QM_PWTOSHORT); /* new password too short */
+ cs_log(sender,"NEWPASS FAIL username %s password too short %s (%zu characters)",rup->username,cargv[1],strlen(cargv[1]));
+ return CMD_ERROR;
+ } else if(pq == QM_PWTOWEAK) {
+ chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
+ cs_log(sender,"NEWPASS FAIL username %s password too weak %s",rup->username,cargv[1]);
+ return CMD_ERROR;
+ } else if(pq == QM_PWTOLONG) {
+ chanservstdmessage(sender, QM_PWTOLONG); /* new password too long */
+ cs_log(sender,"NEWPASS FAIL username %s password too long %s",rup->username,cargv[1]);
+ return CMD_ERROR;
+ } else if(pq == -1) {
+ /* all good */
+ } else {
+ chanservsendmessage(sender, "unknown error in newpass.c... contact #help");
return CMD_ERROR;
}
- for ( i = 0; cargv[1][i] && i < PASSLEN; i++ ) {
- if ( cargv[1][i] == cargv[1][i+1] || cargv[1][i] + 1 == cargv[1][i+1] || cargv[1][i] - 1 == cargv[1][i+1] )
- cntweak++;
- if(isdigit(cargv[1][i]))
- cntdigits++;
- if(islower(cargv[1][i]) || isupper(cargv[1][i]))
- cntletters++;
+ t=time(NULL);
+ if(!UHasStaffPriv(rup)) {
+ if(rup->lockuntil && rup->lockuntil > t) {
+ chanservstdmessage(sender, QM_ACCOUNTLOCKED, rup->lockuntil);
+ return CMD_ERROR;
+ }
+ rup->lockuntil=t+7*24*3600;
+ } else {
+ rup->lockuntil=0;
}
- if( cntweak > 3 || !cntdigits || !cntletters) {
- chanservstdmessage(sender, QM_PWTOWEAK); /* new password is weak */
- cs_log(sender,"NEWPASS FAIL username %s password to weak %s",rup->username,cargv[1]);
- return CMD_ERROR;
+ if(rup->lastemail) {
+ freesstring(rup->lastemail);
+ rup->lastemail=NULL;
}
+ rup->lastpasschange=t;
+ csdb_accounthistory_insert(sender, rup->password, cargv[1], NULL, NULL);
setpassword(rup, cargv[1]);
+
rup->lastauth=time(NULL);
chanservstdmessage(sender, QM_PWCHANGED);
cs_log(sender,"NEWPASS OK username %s", rup->username);
+
+#ifdef AUTHGATE_WARNINGS
+ if(UHasOperPriv(rup))
+ chanservsendmessage(sender, "WARNING FOR PRIVILEGED USERS: you MUST go to https://auth.quakenet.org and login successfully to update the cache, if you do not your old password will still be usable in certain circumstances.");
+#endif
+
csdb_updateuser(rup);
csdb_createmail(rup, QMAIL_NEWPW);
+
+ if (!same)
+ triggerhook(HOOK_CHANSERV_PWCHANGE, sender);
return CMD_OK;
}