Allow forbidding passwords.

include/modules/operserv/forbid.h

@@ -20,6 +20,7 @@ enum ForbidType
 	FT_CHAN,
 	FT_EMAIL,
 	FT_REGISTER,
+	FT_PASSWORD,
 	FT_SIZE
 };
 

language/anope.en_US.po

@@ -16,8 +16,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Anope\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-11-18 01:12+0000\n"
-"PO-Revision-Date: 2025-11-18 01:12+0000\n"
+"POT-Creation-Date: 2025-11-20 12:43+0000\n"
+"PO-Revision-Date: 2025-11-20 12:43+0000\n"
 "Last-Translator: Sadie Powell <sadie@witchery.services>\n"
 "Language-Team: English\n"
 "Language: en_US\n"
@@ -1291,7 +1291,7 @@ msgstr ""
 msgid "ADD [+expiry] vhost [reason]"
 msgstr ""
 
-msgid "ADD {NICK|CHAN|EMAIL|REGISTER} [+expiry] entry reason"
+msgid "ADD {CHAN|EMAIL|NICK|PASSWORD|REGISTER} [+expiry] entry reason"
 msgstr ""
 
 msgid "ADDIP server.name ip"
@@ -2460,7 +2460,7 @@ msgstr ""
 msgid "DEL {vhost | entry-num | list}"
 msgstr ""
 
-msgid "DEL {NICK|CHAN|EMAIL|REGISTER} entry"
+msgid "DEL {CHAN|EMAIL|NICK|PASSWORD|REGISTER} entry"
 msgstr ""
 
 msgid "DELIP server.name ip"
@@ -5544,6 +5544,13 @@ msgstr ""
 msgid "The password reset request for %s has expired."
 msgstr ""
 
+#, c-format
+msgid "The password you specified is forbidden by %s: %s"
+msgstr ""
+
+msgid "The password you specified is forbidden."
+msgstr ""
+
 #, c-format
 msgid "The registration confirmation code you specified for %s is incorrect."
 msgstr ""

modules/operserv/os_forbid.cpp

@@ -29,6 +29,8 @@ namespace
 				return "EMAIL";
 			case FT_REGISTER:
 				return "REGISTER";
+			case FT_PASSWORD:
+				return "PASSWORD";
 			default:
 				return "UNKNOWN"; // Should never happen.
 		}
@@ -44,6 +46,8 @@ namespace
 			return FT_EMAIL;
 		if (ft.equals_ci("REGISTER") || ft.equals_ci("4"))
 			return FT_REGISTER;
+		if (ft.equals_ci("PASSWORD"))
+			return FT_PASSWORD;
 
 		return FT_SIZE; // Should never happen.
 	}
@@ -212,9 +216,9 @@ public:
 	CommandOSForbid(Module *creator) : Command(creator, "operserv/forbid", 1, 5), fs("ForbidService", "forbid")
 	{
 		this->SetDesc(_("Forbid usage of nicknames, channels, and emails"));
-		this->SetSyntax(_("ADD {NICK|CHAN|EMAIL|REGISTER} [+\037expiry\037] \037entry\037 \037reason\037"));
-		this->SetSyntax(_("DEL {NICK|CHAN|EMAIL|REGISTER} \037entry\037"));
-		this->SetSyntax("LIST [NICK|CHAN|EMAIL|REGISTER]");
+		this->SetSyntax(_("ADD {CHAN|EMAIL|NICK|PASSWORD|REGISTER} [+\037expiry\037] \037entry\037 \037reason\037"));
+		this->SetSyntax(_("DEL {CHAN|EMAIL|NICK|PASSWORD|REGISTER} \037entry\037"));
+		this->SetSyntax("LIST {CHAN|EMAIL|NICK|PASSWORD|REGISTER}");
 	}
 
 	void Execute(CommandSource &source, const std::vector<Anope::string> &params) override
@@ -546,6 +550,20 @@ public:
 		return EVENT_CONTINUE;
 	}
 
+	EventReturn OnPasswordValidate(CommandSource &source, NickCore *nc, const Anope::string &pass) override
+	{
+		const auto* forbid = this->forbidService.FindForbid(pass, FT_PASSWORD);
+		if (forbid != nullptr)
+		{
+			if (source.IsOper())
+				source.Reply(_("The password you specified is forbidden by %s: %s"), forbid->creator.c_str(), forbid->reason.c_str());
+			else
+				source.Reply(_("The password you specified is forbidden."));
+			return EVENT_STOP;
+		}
+		return EVENT_CONTINUE;
+	}
+
 	EventReturn OnPreCommand(CommandSource &source, Command *command, std::vector<Anope::string> &params) override
 	{
 		if (command->name == "nickserv/info" && !params.empty() && params[0][0] != '=')