X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;f=common%2Fauth.c;h=e2f7407d9cbf8ce69c7b5a6908ceeb424e9d0d5f;hb=d67dd1bf5a247e20141b9907f5a452da73624235;hp=d460b418072c5e4a7e2a0ed891fe4710dcf2805d;hpb=3e3138025852408ef03f3213972e042e12841bed;p=blerg.git

diff --git a/common/auth.c b/common/auth.c
index d460b41..e2f7407 100644
--- a/common/auth.c
+++ b/common/auth.c
@@ -380,7 +380,36 @@ int auth_check_token(const char *username, const char *given_token) {
 		return 0;
 	}
 	ret = (stringring_find(sr, given_token, AUTHENTICATION_TIMEOUT) != -1);
+	if (ret == 1) {
+		/* Update token timestamp */
+		stringring_touch(sr, given_token);
+	}
 	stringring_close(sr);
 
 	return ret;
 }
+
+/* Return a 32-bit integer "counter" that will change when the password is
+ * updated.  Used to invalidate password recovery schemes after the password is
+ * updated.  Returns the counter in the "counter" argument, and returns
+ * true/false on success/failure. */
+int auth_get_counter(const char *username, uint32_t *counter) {
+	struct auth_v2 auth;
+	struct MD5Context ctx;
+	uint8_t md5hash[MD5_DIGEST_SIZE];
+
+	if (auth_get_data(username, (void *) &auth, sizeof(struct auth_v2)) == 0)
+		return 0;
+
+	/* There's probably going to be some question about using MD5 here.
+	 * All I really need is to quickly and repeatably scramble some bits.
+	 * MD5 can still do that. */
+	MD5Init(&ctx);
+	MD5Update(&ctx, auth.password, SCRYPT_OUTPUT_SIZE);
+	MD5Update(&ctx, auth.salt, SCRYPT_SALT_SIZE);
+	MD5Final((unsigned char *)md5hash, &ctx);
+
+	*counter = ((uint32_t *)md5hash)[0];
+
+	return 1;
+}