X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;f=common%2Fauth.c;h=0d4045520b26a6f2812535c4faa6d76bef069637;hb=782bdd9400ccdef901463f1bb5788c31275cd007;hp=7e63f968881f0455146ca96c914970153ff9fb79;hpb=54789cc8538714fc3622646721f6f2ecceae94ac;p=blerg.git diff --git a/common/auth.c b/common/auth.c index 7e63f96..0d40455 100644 --- a/common/auth.c +++ b/common/auth.c @@ -10,19 +10,32 @@ #include "config.h" #include "auth.h" #include "util.h" +#include "md5.h" #define TOKEN_SIZE 16 +#define MAX_PASSWORD_LENGTH 64 int auth_set_password(const char *username, const char *password) { char filename[512]; - int fd; + unsigned char md5pass[MD5_DIGEST_SIZE]; + struct MD5Context ctx; + int fd, n; if (!valid_name(username) || !blerg_exists(username)) return 0; + n = strlen(password); + if (n > MAX_PASSWORD_LENGTH) + return 0; + + MD5Init(&ctx); + MD5Update(&ctx, username, strlen(username)); + MD5Update(&ctx, password, n); + MD5Final(md5pass, &ctx); + snprintf(filename, 512, "%s/%s/password", DATA_PATH, username); fd = open(filename, O_WRONLY | O_CREAT, 0600); - write(fd, password, strlen(password)); + write(fd, md5pass, MD5_DIGEST_SIZE); close(fd); return 1; @@ -40,7 +53,7 @@ int auth_get_password(const char *username, char *password) { fd = open(filename, O_RDONLY); if (fd == -1) return 0; - len = read(fd, password, 32); + len = read(fd, password, MD5_DIGEST_SIZE); close(fd); password[len] = 0; @@ -49,12 +62,19 @@ int auth_get_password(const char *username, char *password) { } int auth_check_password(const char *username, const char *password) { - char epw[33]; + char epw[MD5_DIGEST_SIZE + 1]; + unsigned char givenpw[MD5_DIGEST_SIZE]; + struct MD5Context ctx; if (auth_get_password(username, epw) == 0) return 0; - if (strncmp(password, epw, 32) == 0) + MD5Init(&ctx); + MD5Update(&ctx, username, strlen(username)); + MD5Update(&ctx, password, strlen(password)); + MD5Final(givenpw, &ctx); + + if (strncmp(givenpw, epw, MD5_DIGEST_SIZE) == 0) return 1; else return 0; @@ -90,70 +110,56 @@ char *create_random_token() { return token; } -int auth_login(const char *username, const char *password) { +char * auth_login(const char *username, const char *password) { char filename[512]; int token_fd; if (!auth_check_password(username, password)) - return 0; + return NULL; + + char *token = create_random_token(); + + sprintf(filename, "%s/%s/tokens", DATA_PATH, username); + if (access(filename, F_OK) != 0) { + if (mkdir(filename, 0700) == -1) { + perror("Could not create auth token dir"); + return NULL; + } + } - sprintf(filename, "%s/%s/token", DATA_PATH, username); + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token); token_fd = open(filename, O_WRONLY | O_CREAT, 0600); if (token_fd == -1) { perror("Could not open token"); - return 0; + return NULL; } - - char *token = create_random_token(); - write(token_fd, token, TOKEN_SIZE * 2); close(token_fd); - free(token); - return 1; + return token; } -int auth_logout(const char *username) { +int auth_logout(const char *username, const char *token) { char filename[512]; if (!valid_name(username)) return 0; - sprintf(filename, "%s/%s/token", DATA_PATH, username); + sprintf(filename, "%s/%s/tokens", DATA_PATH, username); + if (access(filename, F_OK) != 0) { + return 0; + } + + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token); if (unlink(filename) == -1) return 0; return 1; } -char *auth_get_token(const char *username) { +int auth_check_token(const char *username, const char *given_token) { char filename[512]; - char *token; - int token_fd; - - if (!valid_name(username)) - return 0; - sprintf(filename, "%s/%s/token", DATA_PATH, username); - token_fd = open(filename, O_RDONLY, 0600); - if (token_fd == -1) { - perror("Could not open token"); - return NULL; - } + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, given_token); - token = malloc(TOKEN_SIZE * 2 + 1); - read(token_fd, token, TOKEN_SIZE * 2); - close(token_fd); - - return token; -} - -int auth_check_token(const char *username, const char *given_token) { - char *token = auth_get_token(username); - if (token != NULL && given_token != NULL) { - int ret = (strncmp(token, given_token, TOKEN_SIZE * 2) == 0); - free(token); - return ret; - } else { - return 0; - } + return (access(filename, F_OK) == 0); }