use hashed passwords in all commands (#4493)

* protocol changes

* server changes

* client changes for password reset and registration

* add hashed password to change password in client

* always use hashed password to log in

* add warning to client when using plain text password

* require real password for changing email on server

this is backwards compatible as users logged in with a real password on
older clients will not need this, only users logged in with a hashed
password

* implement password dialog when changing email

* require min password length

* use qstringlist to build query instead

* use clear instead of = ""

* add max to password dialog

* use proper const ness in abstractclient

* reject too long passwords instead of trimming

common/server_database_interface.h

@@ -115,6 +115,7 @@ public:
     virtual bool registerUser(const QString & /* userName */,
                               const QString & /* realName */,
                               const QString & /* password */,
+                              bool /* passwordNeedsHash */,
                               const QString & /* emailAddress */,
                               const QString & /* country */,
                               bool /* active = false */)
@@ -151,10 +152,16 @@ public:
     {
         return 0;
     };
+    virtual bool
+    changeUserPassword(const QString & /* user */, const QString & /* password */, bool /* passwordNeedsHash */)
+    {
+        return false;
+    };
     virtual bool changeUserPassword(const QString & /* user */,
                                     const QString & /* oldPassword */,
+                                    bool /* oldPasswordNeedsHash */,
                                     const QString & /* newPassword */,
-                                    const bool & /* force */)
+                                    bool /* newPasswordNeedsHash */)
     {
         return false;
     };