Remove nickserv/getpass and Anope::Decrypt.

There is no point having these now plain text passwords are deprecated.
author: Sadie Powell <sadie@witchery.services> 2020-09-11 15:46:42 +0100
committer: Sadie Powell <sadie@witchery.services> 2020-09-28 15:28:26 +0100
commit: c7e26c5f679465304fb7ffb27d131857a1030b2e (patch)
tree: 9a1a3df952a7570dbe47780c17bd5a835da85260
parent: 8e0e1806a47e6fa78f884666b55c04edf11fd66c (diff)
8 files changed, 5 insertions, 130 deletions
diff --git a/data/example.conf b/data/example.conf
index 6704e4d72..d9cad96b4 100644
--- a/data/example.conf
+++ b/data/example.conf
@@ -792,8 +792,7 @@ log
  *
  *   memoserv/sendall        memoserv/staff
  *
- *   nickserv/getpass        nickserv/getemail      nickserv/suspend      nickserv/ajoin
- *   nickserv/list
+ *   nickserv/getemail         nickserv/suspend       nickserv/ajoin           nickserv/list
  *
  *   nickserv/saset/autoop     nickserv/saset/email   nickserv/saset/greet     nickserv/saset/password
  *   nickserv/saset/display    nickserv/saset/kill    nickserv/saset/language  nickserv/saset/message
diff --git a/data/nickserv.example.conf b/data/nickserv.example.conf
index 7f864ccf9..5614b7c51 100644
--- a/data/nickserv.example.conf
+++ b/data/nickserv.example.conf
@@ -129,8 +129,8 @@ module
 	expire = 21d
 
 	/*
-	 * Prevents the use of the ACCESS and CERT (excluding their LIST subcommand), DROP, FORBID, SUSPEND,
-	 * GETPASS and SET PASSWORD commands by services operators on other services operators.
+	 * Prevents the use of the ACCESS and CERT (excluding their LIST subcommand), DROP, FORBID, SUSPEND
+	 * and SET PASSWORD commands by services operators on other services operators.
 	 *
 	 * This directive is optional, but recommended.
 	 */
@@ -334,18 +334,6 @@ module { name = "ns_getemail" }
 command { service = "NickServ"; name = "GETEMAIL"; command = "nickserv/getemail"; permission = "nickserv/getemail"; group = "nickserv/admin"; }
 
 /*
- * ns_getpass
- *
- * Provides the command nickserv/getpass.
- *
- * Used for getting users passwords.
- *
- * Requires no encryption is being used.
- */
-#module { name = "ns_getpass" }
-#command { service = "NickServ"; name = "GETPASS"; command = "nickserv/getpass"; permission = "nickserv/getpass"; }
-
-/*
  * ns_group
  *
  * Provides the commands nickserv/group, nickserv/glist, and nickserv/ungroup.
diff --git a/include/anope.h b/include/anope.h
index d4a351a93..cbcd3e85a 100644
--- a/include/anope.h
+++ b/include/anope.h
@@ -462,14 +462,6 @@ namespace Anope
 	 */
 	extern CoreExport void Encrypt(const Anope::string &src, Anope::string &dest);
 
-	/** Decrypts what is in 'src' to 'dest'.
-	 * @param src The source string to decrypt
-	 * @param dest The destination where the decrypted string is placed
-	 * @return true if decryption was successful. This is usually not the case
-	 * as most encryption methods we use are one way.
-	 */
-	extern CoreExport bool Decrypt(const Anope::string &src, Anope::string &dest);
-
 	/** Hashes a buffer with SipHash-2-4
 	 * @param src The start of the buffer to hash
 	 * @param src_sz The total number of bytes in the buffer
diff --git a/include/modules.h b/include/modules.h
index bb387bb15..e385f4faa 100644
--- a/include/modules.h
+++ b/include/modules.h
@@ -405,7 +405,6 @@ class CoreExport Module : public Extensible
 	 *  see src/encrypt.c for detailed informations
 	 */
 	virtual EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) { throw NotImplementedException(); }
-	virtual EventReturn OnDecrypt(const Anope::string &hashm, const Anope::string &src, Anope::string &dest) { throw NotImplementedException(); }
 
 	/** Called on fantasy command
 	 * @param source The source of the command
diff --git a/modules/commands/ns_getpass.cpp b/modules/commands/ns_getpass.cpp
deleted file mode 100644
index 08338f62b..000000000
--- a/modules/commands/ns_getpass.cpp
+++ /dev/null
@@ -1,74 +0,0 @@
-/* NickServ core functions
- *
- * (C) 2003-2020 Anope Team
- * Contact us at team@anope.org
- *
- * Please read COPYING and README for further details.
- *
- * Based on the original code of Epona by Lara.
- * Based on the original code of Services by Andy Church.
- */
-
-#include "module.h"
-
-class CommandNSGetPass : public Command
-{
- public:
-	CommandNSGetPass(Module *creator) : Command(creator, "nickserv/getpass", 1, 1)
-	{
-		this->SetDesc(_("Retrieve the password for a nickname"));
-		this->SetSyntax(_("\037nickname\037"));
-	}
-
-	void Execute(CommandSource &source, const std::vector<Anope::string> &params) anope_override
-	{
-		const Anope::string &nick = params[0];
-		Anope::string tmp_pass;
-		const NickAlias *na;
-
-		if (!(na = NickAlias::Find(nick)))
-			source.Reply(NICK_X_NOT_REGISTERED, nick.c_str());
-		else if (Config->GetModule("nickserv")->Get<bool>("secureadmins", "yes") && na->nc->IsServicesOper())
-			source.Reply(_("You may not get the password of other Services Operators."));
-		else
-		{
-			if (Anope::Decrypt(na->nc->pass, tmp_pass) == 1)
-			{
-				Log(LOG_ADMIN, source, this) << "for " << nick;
-				source.Reply(_("Password for %s is \002%s\002."), nick.c_str(), tmp_pass.c_str());
-			}
-			else
-				source.Reply(_("GETPASS command unavailable because encryption is in use."));
-		}
-		return;
-	}
-
-	bool OnHelp(CommandSource &source, const Anope::string &subcommand) anope_override
-	{
-		this->SendSyntax(source);
-		source.Reply(" ");
-		source.Reply(_("Returns the password for the given nickname.  \002Note\002 that\n"
-				"whenever this command is used, a message including the\n"
-				"person who issued the command and the nickname it was used\n"
-				"on will be logged and sent out as a WALLOPS/GLOBOPS."));
-		return true;
-	}
-};
-
-class NSGetPass : public Module
-{
-	CommandNSGetPass commandnsgetpass;
-
- public:
-	NSGetPass(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, VENDOR),
-		commandnsgetpass(this)
-	{
-
-		Anope::string tmp_pass = "plain:tmp";
-		if (!Anope::Decrypt(tmp_pass, tmp_pass))
-			throw ModuleException("Incompatible with the encryption module being used");
-
-	}
-};
-
-MODULE_INIT(NSGetPass)
diff --git a/modules/commands/ns_register.cpp b/modules/commands/ns_register.cpp
index 669965fa2..22da55eaf 100644
--- a/modules/commands/ns_register.cpp
+++ b/modules/commands/ns_register.cpp
@@ -227,10 +227,6 @@ class CommandNSRegister : public Command
 			else
 				source.Reply(_("Nickname \002%s\002 registered."), u_nick.c_str());
 
-			Anope::string tmp_pass;
-			if (Anope::Decrypt(na->nc->pass, tmp_pass) == 1)
-				source.Reply(_("Your password is \002%s\002 - remember this for later use."), tmp_pass.c_str());
-
 			if (nsregister.equals_ci("admin"))
 			{
 				nc->Extend<bool>("UNCONFIRMED");
diff --git a/modules/commands/ns_set.cpp b/modules/commands/ns_set.cpp
index 4b4a09144..d1e9b481d 100644
--- a/modules/commands/ns_set.cpp
+++ b/modules/commands/ns_set.cpp
@@ -147,11 +147,7 @@ class CommandNSSetPassword : public Command
 		Log(LOG_COMMAND, source, this) << "to change their password";
 
 		Anope::Encrypt(param, source.nc->pass);
-		Anope::string tmp_pass;
-		if (Anope::Decrypt(source.nc->pass, tmp_pass) == 1)
-			source.Reply(_("Password for \002%s\002 changed to \002%s\002."), source.nc->display.c_str(), tmp_pass.c_str());
-		else
-			source.Reply(_("Password for \002%s\002 changed."), source.nc->display.c_str());
+		source.Reply(_("Password for \002%s\002 changed."), source.nc->display.c_str());
 	}
 
 	bool OnHelp(CommandSource &source, const Anope::string &) anope_override
@@ -214,10 +210,7 @@ class CommandNSSASetPassword : public Command
 
 		Anope::Encrypt(params[1], nc->pass);
 		Anope::string tmp_pass;
-		if (Anope::Decrypt(nc->pass, tmp_pass) == 1)
-			source.Reply(_("Password for \002%s\002 changed to \002%s\002."), nc->display.c_str(), tmp_pass.c_str());
-		else
-			source.Reply(_("Password for \002%s\002 changed."), nc->display.c_str());
+		source.Reply(_("Password for \002%s\002 changed."), nc->display.c_str());
 	}
 
 	bool OnHelp(CommandSource &source, const Anope::string &) anope_override
diff --git a/src/misc.cpp b/src/misc.cpp
index 0a53aeb82..e8bfe66fe 100644
--- a/src/misc.cpp
+++ b/src/misc.cpp
@@ -514,24 +514,6 @@ void Anope::Encrypt(const Anope::string &src, Anope::string &dest)
 	static_cast<void>(MOD_RESULT);
 }
 
-bool Anope::Decrypt(const Anope::string &src, Anope::string &dest)
-{
-	size_t pos = src.find(':');
-	if (pos == Anope::string::npos)
-	{
-		Log() << "Error: Anope::Decrypt() called with invalid password string (" << src << ")";
-		return false;
-	}
-	Anope::string hashm(src.begin(), src.begin() + pos);
-
-	EventReturn MOD_RESULT;
-	FOREACH_RESULT(OnDecrypt, MOD_RESULT, (hashm, src, dest));
-	if (MOD_RESULT == EVENT_ALLOW)
-		return true;
-
-	return false;
-}
-
 Anope::string Anope::printf(const char *fmt, ...)
 {
 	va_list args;
author	Sadie Powell <sadie@witchery.services>	2020-09-11 15:46:42 +0100
committer	Sadie Powell <sadie@witchery.services>	2020-09-28 15:28:26 +0100
commit	c7e26c5f679465304fb7ffb27d131857a1030b2e (patch)
tree	9a1a3df952a7570dbe47780c17bd5a835da85260
parent	8e0e1806a47e6fa78f884666b55c04edf11fd66c (diff)