From fa9730eaa94460f9e64c55f10bc9be38db228c87 Mon Sep 17 00:00:00 2001 From: Chip Black Date: Thu, 3 Jul 2014 16:15:42 -0500 Subject: [PATCH] Make auth use new stringring storage --- common/auth.c | 55 ++++++++++++++++++++++++++++++--------------------- config.h | 2 ++ 2 files changed, 35 insertions(+), 22 deletions(-) diff --git a/common/auth.c b/common/auth.c index 6638748..ca4017e 100644 --- a/common/auth.c +++ b/common/auth.c @@ -1,6 +1,7 @@ /* Blerg is (C) 2011 The Dominion of Awesome, and is distributed under a * BSD-style license. Please see the COPYING file for details. */ +#include #include #include #include @@ -14,6 +15,7 @@ #include "database.h" #include "auth.h" #include "util.h" +#include "stringring.h" #include "md5.h" int auth_set_password(const char *username, const char *password) { @@ -225,7 +227,7 @@ int auth_check_scrypt(struct auth_v2 *auth, const char *username, const char *pa unsigned char givenpw[SCRYPT_OUTPUT_SIZE]; int r; - r = crypto_scrypt(password, strlen(password), auth->salt, SCRYPT_SALT_SIZE, SCRYPT_N, SCRYPT_r, SCRYPT_p, givenpw, SCRYPT_OUTPUT_SIZE); + r = crypto_scrypt((const uint8_t *)password, strlen(password), auth->salt, SCRYPT_SALT_SIZE, SCRYPT_N, SCRYPT_r, SCRYPT_p, givenpw, SCRYPT_OUTPUT_SIZE); if (r != 0) { fprintf(stderr, "Failure in scrypt for %s\n", username); return 0; @@ -239,7 +241,6 @@ int auth_check_scrypt(struct auth_v2 *auth, const char *username, const char *pa int auth_check_password_v1(const char *username, const char *password) { struct auth_v2 auth; - int r; if (auth_get_password(username, (char *)auth.password) == 0) return 0; @@ -252,7 +253,6 @@ int auth_check_password_v1(const char *username, const char *password) { int auth_check_password_v2(const char *username, const char *password) { struct auth_v2 auth; - int r; if (auth_get_data(username, (void *) &auth, sizeof(struct auth_v2)) == 0) return 0; @@ -321,34 +321,32 @@ char *create_random_token() { char * auth_login(const char *username, const char *password) { char filename[FILENAME_MAX]; - int token_fd; + struct stringring *sr; + char *token; + if (!auth_check_password(username, password)) return NULL; - char *token = create_random_token(); - snprintf(filename, FILENAME_MAX, "%s/%s/tokens", blergconf.data_path, username); - if (access(filename, F_OK) != 0) { - if (mkdir(filename, 0700) == -1) { - perror("Could not create auth token dir"); - return NULL; - } + sr = stringring_open(filename); + if (sr == NULL) { + return NULL; } - - snprintf(filename, FILENAME_MAX, "%s/%s/tokens/%s", blergconf.data_path, username, token); - token_fd = open(filename, O_WRONLY | O_CREAT, 0600); - if (token_fd == -1) { - perror("Could not open token"); + token = create_random_token(); + if (!stringring_add(sr, token)) { + free(token); + stringring_close(sr); return NULL; } - close(token_fd); + stringring_close(sr); return token; } int auth_logout(const char *username, const char *token) { char filename[FILENAME_MAX]; + struct stringring *sr; if (!valid_name(username)) return 0; @@ -357,18 +355,31 @@ int auth_logout(const char *username, const char *token) { if (access(filename, F_OK) != 0) { return 0; } - - snprintf(filename, FILENAME_MAX, "%s/%s/tokens/%s", blergconf.data_path, username, token); - if (unlink(filename) == -1) + sr = stringring_open(filename); + if (sr == NULL) { return 0; + } + stringring_remove(sr, token); + stringring_close(sr); return 1; } int auth_check_token(const char *username, const char *given_token) { char filename[FILENAME_MAX]; + struct stringring *sr; + int ret; - snprintf(filename, FILENAME_MAX, "%s/%s/tokens/%s", blergconf.data_path, username, given_token); + snprintf(filename, FILENAME_MAX, "%s/%s/tokens", blergconf.data_path, username); + if (access(filename, F_OK) != 0) { + return 0; + } + sr = stringring_open(filename); + if (sr == NULL) { + return 0; + } + ret = (stringring_find(sr, given_token, AUTHENTICATION_TIMEOUT) != -1); + stringring_close(sr); - return (access(filename, F_OK) == 0); + return ret; } diff --git a/config.h b/config.h index b0e00bd..c907f35 100644 --- a/config.h +++ b/config.h @@ -14,4 +14,6 @@ #define MAX_TAG_LENGTH 64 #define MAX_TAGS_PER_RECORD 1024 +#define AUTHENTICATION_TIMEOUT 3600 /* Time out the user's session after one hour */ + #endif //_CONFIG_H -- 2.34.1