#include "imp.h"
#include <assert.h>
+#include <ctype.h>
#include <stdlib.h>
+#include <string.h>
#include <strings.h>
#include "conn-func.h"
Client_ID(Client));
}
- Client_SetPassword(Client, Req->argv[0]);
+ Conn_SetPassword(Client_Conn(Client), Req->argv[0]);
/* Protocol version */
if (Req->argc >= 2 && strlen(Req->argv[1]) >= 4) {
IRC_USER(CLIENT * Client, REQUEST * Req)
{
CLIENT *c;
-#ifdef IDENTAUTH
char *ptr;
-#endif
assert(Client != NULL);
assert(Req != NULL);
Client_ID(Client),
Req->command);
- /* User name */
+ /* User name: only alphanumeric characters and limited
+ punctuation is allowed.*/
+ ptr = Req->argv[0];
+ while (*ptr) {
+ if (!isalnum(*ptr) &&
+ *ptr != '+' && *ptr != '-' &&
+ *ptr != '.' && *ptr != '_') {
+ Conn_Close(Client_Conn(Client), NULL,
+ "Invalid user name", true);
+ return DISCONNECTED;
+ }
+ ptr++;
+ }
+
#ifdef IDENTAUTH
ptr = Client_User(Client);
if (!ptr || !*ptr || *ptr == '~')
hops = atoi(Req->argv[4]);
info = Req->argv[5];
- /* Validate service name ("nick name") */
+ /* Validate service name ("nickname") */
c = Client_Search(nick);
if(c) {
- /* Nick name collission: disconnect (KILL) both clients! */
+ /* Nickname collission: disconnect (KILL) both clients! */
Log(LOG_ERR, "Server %s introduces already registered service \"%s\"!",
Client_ID(Client), nick);
Kill_Nick(nick, "Nick collision");
/**
- * Kill all users with a specific nick name in the network.
+ * Kill all users with a specific nickname in the network.
*
- * @param Nick Nick name.
+ * @param Nick Nickname.
* @param Reason Reason for the KILL.
*/
static void