- if ((user->username[0] == '\0')
- || ((user->username[0] == '~') && (user->username[1] == '\000')))
- return exit_client(cptr, sptr, &me, "USER: Bogus userid.");
-
- if (!EmptyString(aconf->passwd)
- && !(IsDigit(*aconf->passwd) && !aconf->passwd[1])
- && strcmp(cli_passwd(sptr), aconf->passwd))
- {
- ServerStats->is_ref++;
- IPcheck_connect_fail(cli_ip(sptr));
- send_reply(sptr, ERR_PASSWDMISMATCH);
- return exit_client(cptr, sptr, &me, "Bad Password");
- }
- memset(cli_passwd(sptr), 0, sizeof(cli_passwd(sptr)));
- /*
- * following block for the benefit of time-dependent K:-lines
- */
- if (find_kill(sptr)) {
- ServerStats->is_ref++;
- IPcheck_connect_fail(cli_ip(sptr));
- return exit_client(cptr, sptr, &me, "K-lined");
- }
- /*
- * Check for mixed case usernames, meaning probably hacked. Jon2 3-94
- * Summary of rules now implemented in this patch: Ensor 11-94
- * In a mixed-case name, if first char is upper, one more upper may
- * appear anywhere. (A mixed-case name *must* have an upper first
- * char, and may have one other upper.)
- * A third upper may appear if all 3 appear at the beginning of the
- * name, separated only by "others" (-/_/.).
- * A single group of digits is allowed anywhere.
- * Two groups of digits are allowed if at least one of the groups is
- * at the beginning or the end.
- * Only one '-', '_', or '.' is allowed (or two, if not consecutive).
- * But not as the first or last char.
- * No other special characters are allowed.
- * Name must contain at least one letter.
- */
- tmpstr2 = tmpstr = (username[0] == '~' ? &username[1] : username);
- while (*tmpstr && !badid)
- {
- pos++;
- c = *tmpstr;
- tmpstr++;
- if (IsLower(c))
- {
- lower++;
- }
- else if (IsUpper(c))
- {
- upper++;
- if ((leadcaps || pos == 1) && !lower && !digits)
- leadcaps++;
- }
- else if (IsDigit(c))
- {
- digits++;
- if (pos == 1 || !IsDigit(d))
- {
- digitgroups++;
- if (digitgroups > 2)
- badid = 1;
- }
- }
- else if (c == '-' || c == '_' || c == '.')
- {
- other++;
- if (pos == 1)
- badid = 1;
- else if (d == '-' || d == '_' || d == '.' || other > 2)
- badid = 1;
- }
- else
- badid = 1;
- d = c;
- }
- if (!badid)
- {
- if (lower && upper && (!leadcaps || leadcaps > 3 ||
- (upper > 2 && upper > leadcaps)))
- badid = 1;
- else if (digitgroups == 2 && !(IsDigit(tmpstr2[0]) || IsDigit(c)))
- badid = 1;
- else if ((!lower && !upper) || !IsAlnum(c))
- badid = 1;
- }
- if (badid && (!(cli_flags(sptr) & FLAGS_GOTID) ||
- strcmp(cli_username(sptr), username) != 0))
- {
- ServerStats->is_ref++;
-
- send_reply(cptr, SND_EXPLICIT | ERR_INVALIDUSERNAME,
- ":Your username is invalid.");
- send_reply(cptr, SND_EXPLICIT | ERR_INVALIDUSERNAME,
- ":Connect with your real username, in lowercase.");
- send_reply(cptr, SND_EXPLICIT | ERR_INVALIDUSERNAME,
- ":If your mail address were foo@bar.com, your username "
- "would be foo.");
- return exit_client(cptr, sptr, &me, "USER: Bad username");
- }