/**
* The /ns ghost command.
* @param u The user who issued the command
* @param MOD_CONT to continue processing other modules, MOD_STOP to stop processing.
**/
static int do_ghost(User * u)
{
char *nick = strtok(NULL, " ");
char *pass = strtok(NULL, " ");
NickAlias *na;
User *u2;
if (!nick) {
syntax_error(s_NickServ, u, "GHOST", NICK_GHOST_SYNTAX);
} else if (!(u2 = finduser(nick))) {
notice_lang(s_NickServ, u, NICK_X_NOT_IN_USE, nick);
} else if (!(na = u2->na)) {
notice_lang(s_NickServ, u, NICK_X_NOT_REGISTERED, nick);
} else if (na->status & NS_VERBOTEN) {
notice_lang(s_NickServ, u, NICK_X_FORBIDDEN, na->nick);
} else if (na->nc->flags & NI_SUSPENDED) {
notice_lang(s_NickServ, u, NICK_X_SUSPENDED, na->nick);
} else if (stricmp(nick, u->nick) == 0) {
notice_lang(s_NickServ, u, NICK_NO_GHOST_SELF);
} else if (pass) {
int res = enc_check_password(pass, na->nc->pass);
if (res == 1) {
char buf[NICKMAX + 32];
snprintf(buf, sizeof(buf), "GHOST command used by %s",
u->nick);
send_event(EVENT_NICK_GHOSTED, 3, EVENT_START, u->nick, nick);
alog("%s: %s!%s@%s used GHOST on %s",
s_NickServ, u->nick, u->username, u->host, u2->nick);
kill_user(s_NickServ, nick, buf);
notice_lang(s_NickServ, u, NICK_GHOST_KILLED, nick);
send_event(EVENT_NICK_GHOSTED, 3, EVENT_STOP, u->nick, nick);
} else {
notice_lang(s_NickServ, u, ACCESS_DENIED);
if (res == 0) {
alog("%s: GHOST: invalid password for %s by %s!%s@%s",
s_NickServ, nick, u->nick, u->username, u->host);
bad_password(u);
}
}
} else {
if (group_identified(u, na->nc)
|| (!(na->nc->flags & NI_SECURE) && is_on_access(u, na->nc))) {
char buf[NICKMAX + 32];
snprintf(buf, sizeof(buf), "GHOST command used by %s",
u->nick);
send_event(EVENT_NICK_GHOSTED, 3, EVENT_START, u->nick, nick);
alog("%s: %s!%s@%s used GHOST on %s",
s_NickServ, u->nick, u->username, u->host, u2->nick);
kill_user(s_NickServ, nick, buf);
notice_lang(s_NickServ, u, NICK_GHOST_KILLED, nick);
send_event(EVENT_NICK_GHOSTED, 3, EVENT_STOP, u->nick, nick);
} else {
notice_lang(s_NickServ, u, ACCESS_DENIED);
}
}
return MOD_CONT;
}
void Execute(CommandSource &source, const std::vector<Anope::string> ¶ms)
{
const Anope::string &password = params[0];
Oper *o = source.u->Account()->o;
if (o == NULL)
source.Reply(_("No oper block for your nick."));
else if (o->password.empty())
source.Reply(_("Your oper block doesn't require logging in."));
else if (source.u->HasExt("os_login_password_correct"))
source.Reply(_("You are already identified."));
else if (o->password != password)
{
source.Reply(PASSWORD_INCORRECT);
bad_password(source.u);
}
else
{
Log(LOG_ADMIN, source.u, this) << "and successfully identified to " << source.owner->nick;
source.u->Extend("os_login_password_correct", NULL);
source.Reply(_("Password accepted."));
}
return;
}
/*
* atheme.login
*
* XML Inputs:
* account name, password, source ip (optional)
*
* XML Outputs:
* fault 1 - insufficient parameters
* fault 3 - account is not registered
* fault 5 - invalid username and password
* fault 6 - account is frozen
* default - success (authcookie)
*
* Side Effects:
* an authcookie ticket is created for the myuser_t.
* the user's lastlogin is updated
*/
static int xmlrpcmethod_login(void *conn, int parc, char *parv[])
{
myuser_t *mu;
authcookie_t *ac;
const char *sourceip;
if (parc < 2)
{
xmlrpc_generic_error(fault_needmoreparams, "Insufficient parameters.");
return 0;
}
sourceip = parc >= 3 && *parv[2] != '\0' ? parv[2] : NULL;
if (!(mu = myuser_find(parv[0])))
{
xmlrpc_generic_error(fault_nosuch_source, "The account is not registered.");
return 0;
}
if (metadata_find(mu, "private:freeze:freezer") != NULL)
{
logcommand_external(nicksvs.me, "xmlrpc", conn, sourceip, NULL, CMDLOG_LOGIN, "failed LOGIN to \2%s\2 (frozen)", entity(mu)->name);
xmlrpc_generic_error(fault_noprivs, "The account has been frozen.");
return 0;
}
if (!verify_password(mu, parv[1]))
{
sourceinfo_t *si;
logcommand_external(nicksvs.me, "xmlrpc", conn, sourceip, NULL, CMDLOG_LOGIN, "failed LOGIN to \2%s\2 (bad password)", entity(mu)->name);
xmlrpc_generic_error(fault_authfail, "The password is not valid for this account.");
si = sourceinfo_create();
si->service = NULL;
si->sourcedesc = parv[2] != NULL && *parv[2] ? parv[2] : NULL;
si->connection = conn;
si->v = &xmlrpc_vtable;
si->force_language = language_find("en");
bad_password(si, mu);
object_unref(si);
return 0;
}
mu->lastlogin = CURRTIME;
ac = authcookie_create(mu);
logcommand_external(nicksvs.me, "xmlrpc", conn, sourceip, mu, CMDLOG_LOGIN, "LOGIN");
xmlrpc_send_string(ac->ticket);
return 0;
}
/**
* The /ns release command.
* @param u The user who issued the command
* @param MOD_CONT to continue processing other modules, MOD_STOP to stop processing.
**/
int do_release(User * u)
{
char *nick = strtok(NULL, " ");
char *pass = strtok(NULL, " ");
NickAlias *na;
if (!nick) {
syntax_error(s_NickServ, u, "RELEASE", NICK_RELEASE_SYNTAX);
} else if (!(na = findnick(nick))) {
notice_lang(s_NickServ, u, NICK_X_NOT_REGISTERED, nick);
} else if (na->status & NS_VERBOTEN) {
notice_lang(s_NickServ, u, NICK_X_FORBIDDEN, na->nick);
} else if (na->nc->flags & NI_SUSPENDED) {
notice_lang(s_NickServ, u, NICK_X_SUSPENDED, na->nick);
} else if (!(na->status & NS_KILL_HELD)) {
notice_lang(s_NickServ, u, NICK_RELEASE_NOT_HELD, nick);
} else if (pass) {
int res = check_password(pass, na->nc->pass);
if (res == 1) {
release(na, 0);
notice_lang(s_NickServ, u, NICK_RELEASED);
} else {
notice_lang(s_NickServ, u, ACCESS_DENIED);
if (res == 0) {
alog("%s: RELEASE: invalid password for %s by %s!%s@%s",
s_NickServ, nick, u->nick, u->username, u->host);
bad_password(u);
}
}
} else {
if (group_identified(u, na->nc)
|| (!(na->nc->flags & NI_SECURE) && is_on_access(u, na->nc))) {
release(na, 0);
notice_lang(s_NickServ, u, NICK_RELEASED);
} else {
notice_lang(s_NickServ, u, ACCESS_DENIED);
}
}
return MOD_CONT;
}
void Execute(CommandSource &source, const std::vector<Anope::string> ¶ms)
{
User *u = source.u;
const Anope::string &nick = params.size() == 2 ? params[0] : u->nick;
Anope::string pass = params[params.size() - 1];
NickAlias *na = findnick(nick);
if (na && na->nc->HasFlag(NI_SUSPENDED))
source.Reply(NICK_X_SUSPENDED, na->nick.c_str());
else if (u->Account() && na && u->Account() == na->nc)
source.Reply(_("You are already identified."));
else
{
EventReturn MOD_RESULT;
FOREACH_RESULT(I_OnCheckAuthentication, OnCheckAuthentication(this, &source, params, na ? na->nc->display : nick, pass));
if (MOD_RESULT == EVENT_STOP)
return;
if (!na)
source.Reply(NICK_X_NOT_REGISTERED, nick.c_str());
else if (MOD_RESULT != EVENT_ALLOW)
{
Log(LOG_COMMAND, u, this) << "and failed to identify";
source.Reply(PASSWORD_INCORRECT);
bad_password(u);
}
else
{
if (u->IsIdentified())
Log(LOG_COMMAND, u, this) << "to log out of account " << u->Account()->display;
Log(LOG_COMMAND, u, this) << "and identified for account " << na->nc->display;
source.Reply(_("Password accepted - you are now recognized."));
u->Identify(na);
}
}
return;
}
/**
* The /ns identify command.
* @param u The user who issued the command
* @param MOD_CONT to continue processing other modules, MOD_STOP to stop processing.
**/
int do_identify(User * u)
{
char *pass = strtok(NULL, " ");
NickAlias *na;
NickRequest *nr;
int res;
char tsbuf[16];
char modes[512];
int len;
if (!pass) {
syntax_error(s_NickServ, u, "IDENTIFY", NICK_IDENTIFY_SYNTAX);
} else if (!(na = u->na)) {
if ((nr = findrequestnick(u->nick))) {
notice_lang(s_NickServ, u, NICK_IS_PREREG);
} else {
notice_lang(s_NickServ, u, NICK_NOT_REGISTERED);
}
} else if (na->status & NS_VERBOTEN) {
notice_lang(s_NickServ, u, NICK_X_FORBIDDEN, na->nick);
} else if (na->nc->flags & NI_SUSPENDED) {
notice_lang(s_NickServ, u, NICK_X_SUSPENDED, na->nick);
} else if (nick_identified(u)) {
notice_lang(s_NickServ, u, NICK_ALREADY_IDENTIFIED);
} else if (!(res = enc_check_password(pass, na->nc->pass))) {
alog("%s: Failed IDENTIFY for %s!%s@%s", s_NickServ, u->nick,
u->username, u->host);
notice_lang(s_NickServ, u, PASSWORD_INCORRECT);
bad_password(u);
} else if (res == -1) {
notice_lang(s_NickServ, u, NICK_IDENTIFY_FAILED);
} else {
if (!(na->status & NS_IDENTIFIED) && !(na->status & NS_RECOGNIZED)) {
if (na->last_usermask)
free(na->last_usermask);
na->last_usermask =
scalloc(strlen(common_get_vident(u)) +
strlen(common_get_vhost(u)) + 2, 1);
sprintf(na->last_usermask, "%s@%s", common_get_vident(u),
common_get_vhost(u));
if (na->last_realname)
free(na->last_realname);
na->last_realname = sstrdup(u->realname);
}
na->status |= NS_IDENTIFIED;
na->last_seen = time(NULL);
snprintf(tsbuf, sizeof(tsbuf), "%lu",
(unsigned long int) u->timestamp);
if (ircd->modeonreg) {
len = strlen(ircd->modeonreg);
strncpy(modes,ircd->modeonreg,512);
if(ircd->rootmodeonid && is_services_root(u)) {
strncat(modes,ircd->rootmodeonid,512-len);
} else if(ircd->adminmodeonid && is_services_admin(u)) {
strncat(modes,ircd->adminmodeonid,512-len);
} else if(ircd->opermodeonid && is_services_oper(u)) {
strncat(modes,ircd->opermodeonid,512-len);
}
if (ircd->tsonmode) {
common_svsmode(u, modes, tsbuf);
} else {
common_svsmode(u, modes, "");
}
}
send_event(EVENT_NICK_IDENTIFY, 1, u->nick);
alog("%s: %s!%s@%s identified for nick %s", s_NickServ, u->nick,
u->username, u->host, u->nick);
notice_lang(s_NickServ, u, NICK_IDENTIFY_SUCCEEDED);
if (ircd->vhost) {
do_on_id(u);
}
if (NSModeOnID) {
do_setmodes(u);
}
if (NSForceEmail && u->na && !u->na->nc->email) {
notice_lang(s_NickServ, u, NICK_IDENTIFY_EMAIL_REQUIRED);
notice_help(s_NickServ, u, NICK_IDENTIFY_EMAIL_HOWTO);
}
if (!(na->status & NS_RECOGNIZED))
check_memos(u);
/* Enable nick tracking if enabled */
if (NSNickTracking)
nsStartNickTracking(u);
/* Clear any timers */
if (na->nc->flags & NI_KILLPROTECT) {
del_ns_timeout(na, TO_COLLIDE);
}
}
return MOD_CONT;
}
int do_addnick(User * u)
{
NickAlias *na, *target;
NickCore *nc;
char *nick = strtok(NULL, " ");
char *pass = strtok(NULL, " ");
int i;
char tsbuf[16];
char modes[512];
int len;
if (NSEmailReg && (findrequestnick(u->nick))) {
notice_lang(s_NickServ, u, NS_REQUESTED);
return MOD_CONT;
}
if (readonly) {
notice_lang(s_NickServ, u, NS_ADDNICK_DISABLED);
return MOD_CONT;
}
if (checkDefCon(DEFCON_NO_NEW_NICKS)) {
notice_lang(s_NickServ, u, OPER_DEFCON_DENIED);
return MOD_CONT;
}
if (RestrictOperNicks) {
for (i = 0; i < RootNumber; i++) {
if (stristr(u->nick, ServicesRoots[i]) && !is_oper(u)) {
notice_lang(s_NickServ, u, NICK_CANNOT_BE_REGISTERED,
u->nick);
return MOD_CONT;
}
}
for (i = 0; i < servadmins.count && (nc = servadmins.list[i]); i++) {
if (stristr(u->nick, nc->display) && !is_oper(u)) {
notice_lang(s_NickServ, u, NICK_CANNOT_BE_REGISTERED,
u->nick);
return MOD_CONT;
}
}
for (i = 0; i < servopers.count && (nc = servopers.list[i]); i++) {
if (stristr(u->nick, nc->display) && !is_oper(u)) {
notice_lang(s_NickServ, u, NICK_CANNOT_BE_REGISTERED,
u->nick);
return MOD_CONT;
}
}
}
if (!nick || !pass) {
syntax_error(s_NickServ, u, "ADDNICK", NS_ADDNICK_SYNTAX);
} else if (!(target = findnick(nick))) {
notice_lang(s_NickServ, u, NICK_X_NOT_REGISTERED, nick);
} else if (time(NULL) < u->lastnickreg + NSRegDelay) {
notice_lang(s_NickServ, u, NS_ADDNICK_PLEASE_WAIT, NSRegDelay);
} else if (u->na && (u->na->status & NS_VERBOTEN)) {
alog("%s: %s@%s tried to use ADDNICK from forbidden nick %s.",
s_NickServ, u->username, u->host, u->nick);
notice_lang(s_NickServ, u, NICK_X_FORBIDDEN, u->nick);
} else if (u->na && (u->na->nc->flags & NI_SUSPENDED)) {
alog("%s: %s!%s@%s tried to use ADDNICK from suspended nick %s.",
s_NickServ, u->nick, u->username, u->host, target->nick);
notice_lang(s_NickServ, u, NICK_X_SUSPENDED, u->nick);
} else if (u->na && NSNoGroupChange) {
notice_lang(s_NickServ, u, NS_ADDNICK_CHANGE_DISABLED, s_NickServ);
} else if (u->na && !nick_identified(u)) {
notice_lang(s_NickServ, u, NICK_IDENTIFY_REQUIRED, s_NickServ);
} else if (target && (target->nc->flags & NI_SUSPENDED)) {
alog("%s: %s!%s@%s tried to use GROUP from SUSPENDED nick %s",
s_NickServ, u->nick, u->username, u->host, target->nick);
notice_lang(s_NickServ, u, NICK_X_SUSPENDED, target->nick);
} else if (target->status & NS_VERBOTEN) {
notice_lang(s_NickServ, u, NICK_X_FORBIDDEN, nick);
} else if (u->na && target->nc == u->na->nc) {
notice_lang(s_NickServ, u, NS_ADDNICK_SAME, target->nick);
} else if (NSMaxAliases && (target->nc->aliases.count >= NSMaxAliases)
&& !nick_is_services_admin(target->nc)) {
notice_lang(s_NickServ, u, NS_ADDNICK_TOO_MANY, target->nick,
s_NickServ, s_NickServ);
} else if (enc_check_password(pass, target->nc->pass) != 1) {
alog("%s: Failed ADDNICK for %s!%s@%s (invalid password).",
s_NickServ, u->nick, u->username, u->host);
notice_lang(s_NickServ, u, PASSWORD_INCORRECT);
bad_password(u);
} else {
/* If the nick is already registered, drop it.
* If not, check that it is valid.
*/
if (u->na) {
delnick(u->na);
} else {
int prefixlen = strlen(NSGuestNickPrefix);
int nicklen = strlen(u->nick);
if (nicklen <= prefixlen + 7 && nicklen >= prefixlen + 1
&& stristr(u->nick, NSGuestNickPrefix) == u->nick
&& strspn(u->nick + prefixlen,
"1234567890") == nicklen - prefixlen) {
notice_lang(s_NickServ, u, NICK_CANNOT_BE_REGISTERED,
u->nick);
return MOD_CONT;
}
}
na = makealias(u->nick, target->nc);
if (na) {
na->last_usermask =
scalloc(strlen(common_get_vident(u)) +
strlen(common_get_vhost(u)) + 2, 1);
sprintf(na->last_usermask, "%s@%s", common_get_vident(u),
common_get_vhost(u));
na->last_realname = sstrdup(u->realname);
na->time_registered = na->last_seen = time(NULL);
na->status = (int16) (NS_IDENTIFIED | NS_RECOGNIZED);
if (!(na->nc->flags & NI_SERVICES_ROOT)) {
for (i = 0; i < RootNumber; i++) {
if (!stricmp(ServicesRoots[i], u->nick)) {
na->nc->flags |= NI_SERVICES_ROOT;
break;
}
}
}
u->na = na;
na->u = u;
#ifdef USE_RDB
/* Is this really needed? Since this is a new alias it will get
* its unique id on the next update, since it was previously
* deleted by delnick. Must observe...
*/
if (rdb_open()) {
rdb_save_ns_alias(na);
rdb_close();
}
#endif
send_event(EVENT_GROUP, 1, u->nick);
alog("%s: %s!%s@%s makes %s join group of %s (%s) (e-mail: %s)", s_NickServ, u->nick, u->username, u->host, u->nick, target->nick, target->nc->display, (target->nc->email ? target->nc->email : "none"));
notice_lang(s_NickServ, u, NS_ADDNICK_SUCCESS, target->nick);
u->lastnickreg = time(NULL);
snprintf(tsbuf, sizeof(tsbuf), "%lu",
(unsigned long int) u->timestamp);
if (ircd->modeonreg) {
len = strlen(ircd->modeonreg);
strncpy(modes,ircd->modeonreg,512);
if(ircd->rootmodeonid && is_services_root(u)) {
strncat(modes,ircd->rootmodeonid,512-len);
} else if(ircd->adminmodeonid && is_services_admin(u)) {
strncat(modes,ircd->adminmodeonid,512-len);
} else if(ircd->opermodeonid && is_services_oper(u)) {
strncat(modes,ircd->opermodeonid,512-len);
}
if (ircd->tsonmode) {
common_svsmode(u, modes, tsbuf);
} else {
common_svsmode(u, modes, NULL);
}
}
check_memos(u);
} else {
alog("%s: makealias(%s) failed", s_NickServ, u->nick);
notice_lang(s_NickServ, u, NS_ADDNICK_FAILED);
}
}
return MOD_CONT;
}
static void ns_cmd_register(sourceinfo_t *si, int parc, char *parv[])
{
myuser_t *mu;
mynick_t *mn = NULL;
mowgli_node_t *n;
const char *account;
const char *pass;
const char *email;
char lau[BUFSIZE], lao[BUFSIZE];
hook_user_register_check_t hdata;
hook_user_req_t req;
if (si->smu)
{
command_fail(si, fault_already_authed, _("You are already logged in as \2%s\2."), entity(si->smu)->name);
if (si->su != NULL && !mynick_find(si->su->nick) &&
command_find(si->service->commands, "GROUP"))
command_fail(si, fault_already_authed, _("Use %s to register %s to your account."), "GROUP", si->su->nick);
return;
}
if (nicksvs.no_nick_ownership || si->su == NULL)
account = parv[0], pass = parv[1], email = parv[2];
else
account = si->su->nick, pass = parv[0], email = parv[1];
if (!account || !pass || !email)
{
command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "REGISTER");
if (nicksvs.no_nick_ownership || si->su == NULL)
command_fail(si, fault_needmoreparams, _("Syntax: REGISTER <account> <password> <email>"));
else
command_fail(si, fault_needmoreparams, _("Syntax: REGISTER <password> <email>"));
return;
}
if (strlen(pass) >= PASSLEN)
{
command_fail(si, fault_badparams, STR_INVALID_PARAMS, "REGISTER");
command_fail(si, fault_badparams, _("Registration passwords may not be longer than \2%d\2 characters."), PASSLEN - 1);
return;
}
if (!nicksvs.no_nick_ownership && si->su == NULL && user_find_named(account))
{
command_fail(si, fault_noprivs, _("A user matching this account is already on IRC."));
return;
}
if (!nicksvs.no_nick_ownership && IsDigit(*account))
{
command_fail(si, fault_badparams, _("For security reasons, you can't register your UID."));
command_fail(si, fault_badparams, _("Please change to a real nickname, and try again."));
return;
}
if (nicksvs.no_nick_ownership || si->su == NULL)
{
if (strchr(account, ' ') || strchr(account, '\n') || strchr(account, '\r') || account[0] == '=' || account[0] == '#' || account[0] == '@' || account[0] == '+' || account[0] == '%' || account[0] == '!' || strchr(account, ','))
{
command_fail(si, fault_badparams, _("The account name \2%s\2 is invalid."), account);
return;
}
}
if (strlen(account) >= NICKLEN)
{
command_fail(si, fault_badparams, _("The account name \2%s\2 is invalid."), account);
return;
}
if ((si->su != NULL && !strcasecmp(pass, si->su->nick)) || !strcasecmp(pass, account))
{
command_fail(si, fault_badparams, _("You cannot use your nickname as a password."));
if (nicksvs.no_nick_ownership || si->su == NULL)
command_fail(si, fault_needmoreparams, _("Syntax: REGISTER <account> <password> <email>"));
else
command_fail(si, fault_needmoreparams, _("Syntax: REGISTER <password> <email>"));
return;
}
/* make sure it isn't registered already */
if (nicksvs.no_nick_ownership ? myuser_find(account) != NULL : mynick_find(account) != NULL)
{
command_fail(si, fault_alreadyexists, _("\2%s\2 is already registered."), account);
return;
}
if ((unsigned int)(CURRTIME - ratelimit_firsttime) > config_options.ratelimit_period)
ratelimit_count = 0, ratelimit_firsttime = CURRTIME;
/* Still do flood priv checking because the user may be in the ircop operclass */
if (ratelimit_count > config_options.ratelimit_uses && !has_priv(si, PRIV_FLOOD))
{
command_fail(si, fault_toomany, _("The system is currently too busy to process your registration, please try again later."));
slog(LG_INFO, "NICKSERV:REGISTER:THROTTLED: \2%s\2 by \2%s\2", account, si->su != NULL ? si->su->nick : get_source_name(si));
return;
}
hdata.si = si;
hdata.account = account;
hdata.email = email;
hdata.password = pass;
hdata.approved = 0;
hook_call_user_can_register(&hdata);
if (hdata.approved != 0)
return;
if (!nicksvs.no_nick_ownership)
{
hook_call_nick_can_register(&hdata);
if (hdata.approved != 0)
return;
}
if (!validemail(email))
{
command_fail(si, fault_badparams, _("\2%s\2 is not a valid email address."), email);
return;
}
if (!email_within_limits(email))
{
command_fail(si, fault_toomany, _("\2%s\2 has too many accounts registered."), email);
return;
}
mu = myuser_add(account, auth_module_loaded ? "*" : pass, email, config_options.defuflags | MU_NOBURSTLOGIN | (auth_module_loaded ? MU_CRYPTPASS : 0));
mu->registered = CURRTIME;
mu->lastlogin = CURRTIME;
if (!nicksvs.no_nick_ownership)
{
mn = mynick_add(mu, entity(mu)->name);
mn->registered = CURRTIME;
mn->lastseen = CURRTIME;
}
if (config_options.ratelimit_uses && config_options.ratelimit_period)
ratelimit_count++;
if (auth_module_loaded)
{
if (!verify_password(mu, pass))
{
command_fail(si, fault_authfail, _("Invalid password for \2%s\2."), entity(mu)->name);
bad_password(si, mu);
object_unref(mu);
return;
}
}
if (me.auth == AUTH_EMAIL)
{
char *key = random_string(12);
mu->flags |= MU_WAITAUTH;
metadata_add(mu, "private:verify:register:key", key);
metadata_add(mu, "private:verify:register:timestamp", number_to_string(time(NULL)));
if (!sendemail(si->su != NULL ? si->su : si->service->me, mu, EMAIL_REGISTER, mu->email, key))
{
command_fail(si, fault_emailfail, _("Sending email failed, sorry! Registration aborted."));
object_unref(mu);
free(key);
return;
}
command_success_nodata(si, _("An email containing nickname activation instructions has been sent to \2%s\2."), mu->email);
command_success_nodata(si, _("If you do not complete registration within one day, your nickname will expire."));
free(key);
}
if (si->su != NULL)
{
si->su->myuser = mu;
n = mowgli_node_create();
mowgli_node_add(si->su, n, &mu->logins);
if (!(mu->flags & MU_WAITAUTH))
/* only grant ircd registered status if it's verified */
ircd_on_login(si->su, mu, NULL);
}
command_add_flood(si, FLOOD_MODERATE);
if (!nicksvs.no_nick_ownership && si->su != NULL)
logcommand(si, CMDLOG_REGISTER, "REGISTER: \2%s\2 to \2%s\2", account, email);
else
logcommand(si, CMDLOG_REGISTER, "REGISTER: \2%s\2 to \2%s\2 by \2%s\2", account, email, si->su != NULL ? si->su->nick : get_source_name(si));
if (is_soper(mu))
{
wallops("%s registered the nick \2%s\2 and gained services operator privileges.", get_oper_name(si), entity(mu)->name);
logcommand(si, CMDLOG_ADMIN, "SOPER: \2%s\2 as \2%s\2", get_oper_name(si), entity(mu)->name);
}
command_success_nodata(si, _("\2%s\2 is now registered to \2%s\2, with the password \2%s\2."), entity(mu)->name, mu->email, pass);
hook_call_user_register(mu);
if (si->su != NULL)
{
snprintf(lau, BUFSIZE, "%s@%s", si->su->user, si->su->vhost);
metadata_add(mu, "private:host:vhost", lau);
snprintf(lao, BUFSIZE, "%s@%s", si->su->user, si->su->host);
metadata_add(mu, "private:host:actual", lao);
}
if (!(mu->flags & MU_WAITAUTH))
{
req.si = si;
req.mu = mu;
req.mn = mn;
hook_call_user_verify_register(&req);
}
}
void ns_cmd_ghost(sourceinfo_t *si, int parc, char *parv[])
{
myuser_t *mu;
char *target = parv[0];
char *password = parv[1];
user_t *target_u;
mynick_t *mn;
if (!target)
{
command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "GHOST");
command_fail(si, fault_needmoreparams, _("Syntax: GHOST <target> [password]"));
return;
}
if (nicksvs.no_nick_ownership)
mn = NULL, mu = myuser_find(target);
else
{
mn = mynick_find(target);
mu = mn != NULL ? mn->owner : NULL;
}
target_u = user_find_named(target);
if (!target_u)
{
command_fail(si, fault_nosuch_target, _("\2%s\2 is not online."), target);
return;
}
else if (!mu && !target_u->myuser)
{
command_fail(si, fault_nosuch_target, _("\2%s\2 is not a registered nickname."), target);
return;
}
else if (target_u == si->su)
{
command_fail(si, fault_badparams, _("You may not ghost yourself."));
return;
}
/* At this point, we're now checking metadata associated with the target's account.
* If the target nick is unregistered, mu will be unset thus far. */
if (target_u->myuser && !mu)
mu = target_u->myuser;
if (password && metadata_find(mu, "private:freeze:freezer"))
{
command_fail(si, fault_authfail, "You cannot ghost users as \2%s\2 because the account has been frozen.", entity(mu)->name);
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (frozen)", target);
return;
}
if (password && (mu->flags & MU_NOPASSWORD))
{
command_fail(si, fault_authfail, _("Password authentication is disabled for this account."));
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (password authentication disabled)", target);
return;
}
if ((target_u->myuser && target_u->myuser == si->smu) || /* they're identified under our account */
(!nicksvs.no_nick_ownership && mn && mu == si->smu) || /* we're identified under their nick's account */
(!nicksvs.no_nick_ownership && password && verify_password(mu, password))) /* we have the correct password */
{
logcommand(si, CMDLOG_DO, "GHOST: \2%s!%s@%s\2", target_u->nick, target_u->user, target_u->vhost);
kill_user(si->service->me, target_u, "GHOST command used by %s",
si->su != NULL && !strcmp(si->su->user, target_u->user) && !strcmp(si->su->vhost, target_u->vhost) ? si->su->nick : get_source_mask(si));
command_success_nodata(si, _("\2%s\2 has been ghosted."), target);
/* Update the account's last seen time.
* Perhaps the ghosted nick belonged to someone else, but we were identified to it?
* Try this first. */
if (target_u->myuser && target_u->myuser == si->smu)
target_u->myuser->lastlogin = CURRTIME;
else
mu->lastlogin = CURRTIME;
return;
}
if (password)
{
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (bad password)", target);
command_fail(si, fault_authfail, _("Invalid password for \2%s\2."), entity(mu)->name);
bad_password(si, mu);
}
else
{
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (invalid login)", target);
command_fail(si, fault_noprivs, _("You may not ghost \2%s\2."), target);
}
}
static void ns_cmd_drop(sourceinfo_t *si, int parc, char *parv[])
{
myuser_t *mu;
mynick_t *mn;
char *acc = parv[0];
char *pass = parv[1];
if (!acc || !pass)
{
command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "DROP");
command_fail(si, fault_needmoreparams, _("Syntax: DROP <account> <password>"));
return;
}
if (!(mu = myuser_find(acc)))
{
if (!nicksvs.no_nick_ownership)
{
mn = mynick_find(acc);
if (mn != NULL && command_find(si->service->cmdtree, "UNGROUP"))
{
command_fail(si, fault_nosuch_target, _("\2%s\2 is a grouped nick, use %s to remove it."), acc, "UNGROUP");
return;
}
}
command_fail(si, fault_nosuch_target, _("\2%s\2 is not registered."), acc);
return;
}
if (metadata_find(mu, "private:freeze:freezer"))
{
command_fail(si, fault_authfail, nicksvs.no_nick_ownership ? "You cannot login as \2%s\2 because the account has been frozen." : "You cannot identify to \2%s\2 because the nickname has been frozen.", mu->name);
return;
}
if (!verify_password(mu, pass))
{
command_fail(si, fault_authfail, _("Authentication failed. Invalid password for \2%s\2."), mu->name);
bad_password(si, mu);
return;
}
if (!nicksvs.no_nick_ownership &&
LIST_LENGTH(&mu->nicks) > 1 &&
command_find(si->service->cmdtree, "UNGROUP"))
{
command_fail(si, fault_noprivs, _("Account \2%s\2 has %d other nick(s) grouped to it, remove those first."),
mu->name, LIST_LENGTH(&mu->nicks) - 1);
return;
}
if (is_soper(mu))
{
command_fail(si, fault_noprivs, _("The nickname \2%s\2 belongs to a services operator; it cannot be dropped."), acc);
return;
}
if (mu->flags & MU_HOLD)
{
command_fail(si, fault_noprivs, _("The account \2%s\2 is held; it cannot be dropped."), acc);
return;
}
snoop("DROP: \2%s\2 by \2%s\2", mu->name, get_source_name(si));
command_add_flood(si, FLOOD_MODERATE);
logcommand(si, CMDLOG_REGISTER, "DROP %s", mu->name);
hook_call_user_drop(mu);
command_success_nodata(si, _("The account \2%s\2 has been dropped."), mu->name);
object_unref(mu);
}
void ns_cmd_ghost(sourceinfo_t *si, int parc, char *parv[])
{
myuser_t *mu;
char *target = parv[0];
char *password = parv[1];
user_t *target_u;
mynick_t *mn;
if (!target)
{
command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "GHOST");
command_fail(si, fault_needmoreparams, _("Syntax: GHOST <target> [password]"));
return;
}
if (nicksvs.no_nick_ownership)
mn = NULL, mu = myuser_find(target);
else
{
mn = mynick_find(target);
mu = mn != NULL ? mn->owner : NULL;
}
target_u = user_find_named(target);
if (!mu && (!target_u || !target_u->myuser))
{
command_fail(si, fault_nosuch_target, _("\2%s\2 is not a registered nickname."), target);
return;
}
if (!target_u)
{
command_fail(si, fault_nosuch_target, _("\2%s\2 is not online."), target);
return;
}
else if (target_u == si->su)
{
command_fail(si, fault_badparams, _("You may not ghost yourself."));
return;
}
if (password && metadata_find(mu, "private:freeze:freezer"))
{
command_fail(si, fault_authfail, "You cannot ghost users as \2%s\2 because the account has been frozen.", entity(mu)->name);
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (frozen)", target);
return;
}
if ((target_u->myuser && target_u->myuser == si->smu) || /* they're identified under our account */
(!nicksvs.no_nick_ownership && mn && mu == si->smu) || /* we're identified under their nick's account */
(!nicksvs.no_nick_ownership && password && mn && verify_password(mu, password))) /* we have their nick's password */
{
/* If we're ghosting an unregistered nick, mu will be unset,
* however if it _is_ registered, we still need to set it or
* the wrong user will have their last seen time updated... */
if(target_u->myuser && target_u->myuser == si->smu)
mu = target_u->myuser;
logcommand(si, CMDLOG_DO, "GHOST: \2%s!%s@%s\2", target_u->nick, target_u->user, target_u->vhost);
kill_user(si->service->me, target_u, "GHOST command used by %s",
si->su != NULL && !strcmp(si->su->user, target_u->user) && !strcmp(si->su->vhost, target_u->vhost) ? si->su->nick : get_source_mask(si));
command_success_nodata(si, _("\2%s\2 has been ghosted."), target);
/* don't update the nick's last seen time */
mu->lastlogin = CURRTIME;
return;
}
if (password && mu)
{
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (bad password)", target);
command_fail(si, fault_authfail, _("Invalid password for \2%s\2."), entity(mu)->name);
bad_password(si, mu);
}
else
{
logcommand(si, CMDLOG_DO, "failed GHOST \2%s\2 (invalid login)", target);
command_fail(si, fault_noprivs, _("You may not ghost \2%s\2."), target);
}
}