Genericize and extend url_info

[blerg.git] / common / auth.c

diff --git a/common/auth.c b/common/auth.c
index cdfbf85..26569fd 100644 (file)
--- a/common/auth.c
+++ b/common/auth.c
@@ -1,3 +1,6 @@
+/* Blerg is (C) 2011 The Dominion of Awesome, and is distributed under a
+ * BSD-style license.  Please see the COPYING file for details.
+ */
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
@@ -9,17 +12,22 @@
 #include "util.h"
 
 #define TOKEN_SIZE 16
+#define MAX_PASSWORD_LENGTH 64
 
 int auth_set_password(const char *username, const char *password) {
        char filename[512];
-       int fd;
+       int fd, n;
 
        if (!valid_name(username) || !blerg_exists(username))
                return 0;
 
+       n = strlen(password);
+       if (n > MAX_PASSWORD_LENGTH)
+               return 0;
+
        snprintf(filename, 512, "%s/%s/password", DATA_PATH, username);
        fd = open(filename, O_WRONLY | O_CREAT, 0600);
-       write(fd, password, strlen(password));
+       write(fd, password, n);
        close(fd);
        
        return 1;
@@ -37,7 +45,7 @@ int auth_get_password(const char *username, char *password) {
        fd = open(filename, O_RDONLY);
        if (fd == -1)
                return 0;
-       len = read(fd, password, 32);
+       len = read(fd, password, MAX_PASSWORD_LENGTH);
        close(fd);
 
        password[len] = 0;
@@ -51,7 +59,7 @@ int auth_check_password(const char *username, const char *password) {
        if (auth_get_password(username, epw) == 0)
                return 0;
 
-       if (strncmp(password, epw, 32) == 0)
+       if (strncmp(password, epw, MAX_PASSWORD_LENGTH) == 0)
                return 1;
        else
                return 0;