- snprintf(filename, FILENAME_MAX, "%s/%s/tokens/%s", blergconf.data_path, username, given_token);
+ snprintf(filename, FILENAME_MAX, "%s/%s/tokens", blergconf.data_path, username);
+ if (access(filename, F_OK) != 0) {
+ return 0;
+ }
+ sr = stringring_open(filename);
+ if (sr == NULL) {
+ return 0;
+ }
+ ret = (stringring_find(sr, given_token, AUTHENTICATION_TIMEOUT) != -1);
+ if (ret == 1) {
+ /* Update token timestamp */
+ stringring_touch(sr, given_token);
+ }
+ stringring_close(sr);
+
+ return ret;
+}
+
+/* Return a 32-bit integer "counter" that will change when the password is
+ * updated. Used to invalidate password recovery schemes after the password is
+ * updated. Returns the counter in the "counter" argument, and returns
+ * true/false on success/failure. */
+int auth_get_counter(const char *username, uint32_t *counter) {
+ struct auth_v2 auth;
+ struct MD5Context ctx;
+ uint8_t md5hash[MD5_DIGEST_SIZE];