static bool verify_operserv_password(soper_t *so, char *password) { if (so == NULL || password == NULL) return false; return crypt_verify_password(password, so->password) != NULL; }
static bool verify_operserv_password(soper_t *so, char *password) { if (so == NULL || password == NULL) return false; if (crypto_module_loaded) return crypt_verify_password(password, so->password); else return !strcmp(password, so->password); }
bool verify_password(myuser_t *mu, const char *password) { if (mu == NULL || password == NULL) return false; if (auth_module_loaded && auth_user_custom) return auth_user_custom(mu, password); if (mu->flags & MU_CRYPTPASS) if (crypto_module_loaded) { const crypt_impl_t *ci, *ci_default; ci = crypt_verify_password(password, mu->pass); if (ci == NULL) return false; if (ci == (ci_default = crypt_get_default_provider())) { if (ci->needs_param_upgrade != NULL && ci->needs_param_upgrade(mu->pass)) { slog(LG_INFO, "verify_password(): transitioning to newer parameters for crypt scheme '%s' for account '%s'", ci->id, entity(mu)->name); mowgli_strlcpy(mu->pass, ci->crypt(password, ci->salt()), PASSLEN); } } else { slog(LG_INFO, "verify_password(): transitioning from crypt scheme '%s' to '%s' for account '%s'", ci->id, ci_default->id, entity(mu)->name); mowgli_strlcpy(mu->pass, ci_default->crypt(password, ci_default->salt()), PASSLEN); } return true; } else { /* not good! * but don't complain about crypted password '*', * this is supposed to never match */ if (strcmp(password, "*")) slog(LG_ERROR, "check_password(): can't check crypted password -- no crypto module!"); return false; } else return (strcmp(mu->pass, password) == 0); }
static void ns_cmd_setpass(sourceinfo_t *si, int parc, char *parv[]) { myuser_t *mu; metadata_t *md; char *nick = parv[0]; char *key = parv[1]; char *password = parv[2]; if (!nick || !key || !password) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "SETPASS"); command_fail(si, fault_needmoreparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } if (strchr(password, ' ')) { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SETPASS"); command_fail(si, fault_badparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } if (!(mu = myuser_find(nick))) { command_fail(si, fault_nosuch_target, _("\2%s\2 is not registered."), nick); return; } if (strlen(password) >= PASSLEN) { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SETPASS"); command_fail(si, fault_badparams, _("Registration passwords may not be longer than \2%d\2 characters."), PASSLEN - 1); return; } if (!strcasecmp(password, entity(mu)->name)) { command_fail(si, fault_badparams, _("You cannot use your nickname as a password.")); command_fail(si, fault_badparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } md = metadata_find(mu, "private:setpass:key"); if (md != NULL && crypt_verify_password(key, md->value) != NULL) { logcommand(si, CMDLOG_SET, "SETPASS: \2%s\2", entity(mu)->name); set_password(mu, password); metadata_delete(mu, "private:setpass:key"); command_success_nodata(si, _("The password for \2%s\2 has been changed to \2%s\2."), entity(mu)->name, password); return; } if (md != NULL) { logcommand(si, CMDLOG_SET, "failed SETPASS (invalid key)"); } command_fail(si, fault_badparams, _("Verification failed. Invalid key for \2%s\2."), entity(mu)->name); return; }
static void ns_cmd_setpass(struct sourceinfo *si, int parc, char *parv[]) { struct myuser *mu; struct metadata *md; char *nick = parv[0]; char *key = parv[1]; char *password = parv[2]; if (!nick || !key || !password) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "SETPASS"); command_fail(si, fault_needmoreparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } if (strchr(password, ' ')) { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SETPASS"); command_fail(si, fault_badparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } if (!(mu = myuser_find(nick))) { command_fail(si, fault_nosuch_target, STR_IS_NOT_REGISTERED, nick); return; } if (si->smu == mu) { command_fail(si, fault_already_authed, _("You are logged in and can change your password using the SET PASSWORD command.")); return; } if (strlen(password) > PASSLEN) { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SETPASS"); command_fail(si, fault_badparams, _("Registration passwords may not be longer than \2%u\2 characters."), PASSLEN); return; } if (!strcasecmp(password, entity(mu)->name)) { command_fail(si, fault_badparams, _("You cannot use your nickname as a password.")); command_fail(si, fault_badparams, _("Syntax: SETPASS <account> <key> <newpass>")); return; } md = metadata_find(mu, "private:setpass:key"); if (md == NULL || crypt_verify_password(key, md->value, NULL) == NULL) { if (md != NULL) logcommand(si, CMDLOG_SET, "failed SETPASS (invalid key)"); command_fail(si, fault_badparams, _("Verification failed. Invalid key for \2%s\2."), entity(mu)->name); return; } logcommand(si, CMDLOG_SET, "SETPASS: \2%s\2", entity(mu)->name); metadata_delete(mu, "private:setpass:key"); metadata_delete(mu, "private:sendpass:sender"); metadata_delete(mu, "private:sendpass:timestamp"); set_password(mu, password); command_success_nodata(si, _("The password for \2%s\2 has been successfully changed."), entity(mu)->name); if (mu->flags & MU_NOPASSWORD) { mu->flags &= ~MU_NOPASSWORD; command_success_nodata(si, _("The \2%s\2 flag has been removed for account \2%s\2."), "NOPASSWORD", entity(mu)->name); } }