Fix ordering in perl subscription_list

[blerg.git] / common / auth.c

diff --git a/common/auth.c b/common/auth.c
index ca4017e..e2f7407 100644 (file)
--- a/common/auth.c
+++ b/common/auth.c
@@ -347,6 +347,7 @@ char * auth_login(const char *username, const char *password) {
 int auth_logout(const char *username, const char *token) {
        char filename[FILENAME_MAX];
        struct stringring *sr;
+       int ret;
 
        if (!valid_name(username))
                return 0;
@@ -359,10 +360,10 @@ int auth_logout(const char *username, const char *token) {
        if (sr == NULL) {
                return 0;
        }
-       stringring_remove(sr, token);
+       ret = stringring_remove(sr, token);
        stringring_close(sr);
 
-       return 1;
+       return ret;
 }
 
 int auth_check_token(const char *username, const char *given_token) {
@@ -379,7 +380,36 @@ int auth_check_token(const char *username, const char *given_token) {
                return 0;
        }
        ret = (stringring_find(sr, given_token, AUTHENTICATION_TIMEOUT) != -1);
+       if (ret == 1) {
+               /* Update token timestamp */
+               stringring_touch(sr, given_token);
+       }
        stringring_close(sr);
 
        return ret;
 }
+
+/* Return a 32-bit integer "counter" that will change when the password is
+ * updated.  Used to invalidate password recovery schemes after the password is
+ * updated.  Returns the counter in the "counter" argument, and returns
+ * true/false on success/failure. */
+int auth_get_counter(const char *username, uint32_t *counter) {
+       struct auth_v2 auth;
+       struct MD5Context ctx;
+       uint8_t md5hash[MD5_DIGEST_SIZE];
+
+       if (auth_get_data(username, (void *) &auth, sizeof(struct auth_v2)) == 0)
+               return 0;
+
+       /* There's probably going to be some question about using MD5 here.
+        * All I really need is to quickly and repeatably scramble some bits.
+        * MD5 can still do that. */
+       MD5Init(&ctx);
+       MD5Update(&ctx, auth.password, SCRYPT_OUTPUT_SIZE);
+       MD5Update(&ctx, auth.salt, SCRYPT_SALT_SIZE);
+       MD5Final((unsigned char *)md5hash, &ctx);
+
+       *counter = ((uint32_t *)md5hash)[0];
+
+       return 1;
+}