X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;f=common%2Fauth.c;h=cdfbf85f396fed3cbb2d640db412baa8c5815b73;hb=213e6e64dd863fd39d0db7c6fb4ccf1970a868fb;hp=1b6ecb67f7da615e610bbf4d4a85e7ca51a1d942;hpb=e2f51ade69169968d9d54d3b601527a51c66f6ba;p=blerg.git

diff --git a/common/auth.c b/common/auth.c
index 1b6ecb6..cdfbf85 100644
--- a/common/auth.c
+++ b/common/auth.c
@@ -6,6 +6,7 @@
 #include <stdlib.h>
 #include "config.h"
 #include "auth.h"
+#include "util.h"
 
 #define TOKEN_SIZE 16
 
@@ -13,7 +14,7 @@ int auth_set_password(const char *username, const char *password) {
 	char filename[512];
 	int fd;
 
-	if (!blerg_exists(username))
+	if (!valid_name(username) || !blerg_exists(username))
 		return 0;
 
 	snprintf(filename, 512, "%s/%s/password", DATA_PATH, username);
@@ -29,6 +30,9 @@ int auth_get_password(const char *username, char *password) {
 	int fd;
 	int len = 0;
 
+	if (!valid_name(username))
+		return 0;
+
 	sprintf(filename, "%s/%s/password", DATA_PATH, username);
 	fd = open(filename, O_RDONLY);
 	if (fd == -1)
@@ -107,6 +111,10 @@ int auth_login(const char *username, const char *password) {
 
 int auth_logout(const char *username) {
 	char filename[512];
+
+	if (!valid_name(username))
+		return 0;
+
 	sprintf(filename, "%s/%s/token", DATA_PATH, username);
 	if (unlink(filename) == -1)
 		return 0;
@@ -119,6 +127,9 @@ char *auth_get_token(const char *username) {
 	char *token;
 	int token_fd;
 
+	if (!valid_name(username))
+		return 0;
+
 	sprintf(filename, "%s/%s/token", DATA_PATH, username);
 	token_fd = open(filename, O_RDONLY, 0600);
 	if (token_fd == -1) {