diff options
Diffstat (limited to '')
| -rw-r--r-- | data.c | 2 | ||||
| -rw-r--r-- | snac.c | 6 | ||||
| -rw-r--r-- | snac.h | 10 | ||||
| -rw-r--r-- | utils.c | 26 |
4 files changed, 26 insertions, 18 deletions
| @@ -120,7 +120,7 @@ void user_free(snac *snac) | |||
| 120 | } | 120 | } |
| 121 | 121 | ||
| 122 | 122 | ||
| 123 | int user_open(snac *snac, char *uid) | 123 | int user_open(snac *snac, const char *uid) |
| 124 | /* opens a user */ | 124 | /* opens a user */ |
| 125 | { | 125 | { |
| 126 | int ret = 0; | 126 | int ret = 0; |
| @@ -57,7 +57,7 @@ double ftime(void) | |||
| 57 | } | 57 | } |
| 58 | 58 | ||
| 59 | 59 | ||
| 60 | int validate_uid(char *uid) | 60 | int validate_uid(const char *uid) |
| 61 | /* returns if uid is a valid identifier */ | 61 | /* returns if uid is a valid identifier */ |
| 62 | { | 62 | { |
| 63 | while (*uid) { | 63 | while (*uid) { |
| @@ -103,7 +103,7 @@ void snac_debug(snac *snac, int level, d_char *str) | |||
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | 105 | ||
| 106 | d_char *hash_password(char *uid, char *passwd, char *nonce) | 106 | d_char *hash_password(const char *uid, const char *passwd, const char *nonce) |
| 107 | /* hashes a password */ | 107 | /* hashes a password */ |
| 108 | { | 108 | { |
| 109 | xs *d_nonce = NULL; | 109 | xs *d_nonce = NULL; |
| @@ -120,7 +120,7 @@ d_char *hash_password(char *uid, char *passwd, char *nonce) | |||
| 120 | } | 120 | } |
| 121 | 121 | ||
| 122 | 122 | ||
| 123 | int check_password(char *uid, char *passwd, char *hash) | 123 | int check_password(const char *uid, const char *passwd, const char *hash) |
| 124 | /* checks a password */ | 124 | /* checks a password */ |
| 125 | { | 125 | { |
| 126 | int ret = 0; | 126 | int ret = 0; |
| @@ -36,17 +36,17 @@ typedef struct _snac { | |||
| 36 | d_char *md5; /* actor url md5 */ | 36 | d_char *md5; /* actor url md5 */ |
| 37 | } snac; | 37 | } snac; |
| 38 | 38 | ||
| 39 | int user_open(snac *snac, char *uid); | 39 | int user_open(snac *snac, const char *uid); |
| 40 | void user_free(snac *snac); | 40 | void user_free(snac *snac); |
| 41 | d_char *user_list(void); | 41 | d_char *user_list(void); |
| 42 | 42 | ||
| 43 | void snac_debug(snac *snac, int level, d_char *str); | 43 | void snac_debug(snac *snac, int level, d_char *str); |
| 44 | #define snac_log(snac, str) snac_debug(snac, 0, str) | 44 | #define snac_log(snac, str) snac_debug(snac, 0, str) |
| 45 | 45 | ||
| 46 | int validate_uid(char *uid); | 46 | int validate_uid(const char *uid); |
| 47 | 47 | ||
| 48 | d_char *hash_password(char *uid, char *passwd, char *nonce); | 48 | d_char *hash_password(const char *uid, const char *passwd, const char *nonce); |
| 49 | int check_password(char *uid, char *passwd, char *hash); | 49 | int check_password(const char *uid, const char *passwd, const char *hash); |
| 50 | 50 | ||
| 51 | void srv_archive(char *direction, char *req, char *payload, int p_size, | 51 | void srv_archive(char *direction, char *req, char *payload, int p_size, |
| 52 | int status, char *headers, char *body, int b_size); | 52 | int status, char *headers, char *body, int b_size); |
| @@ -173,4 +173,4 @@ int html_post_handler(d_char *req, char *q_path, d_char *payload, int p_size, | |||
| 173 | char **body, int *b_size, char **ctype); | 173 | char **body, int *b_size, char **ctype); |
| 174 | 174 | ||
| 175 | int initdb(const char *_basedir); | 175 | int initdb(const char *_basedir); |
| 176 | int adduser(char *uid); | 176 | int adduser(const char *uid); |
| @@ -187,13 +187,27 @@ int initdb(const char *basedir) | |||
| 187 | } | 187 | } |
| 188 | 188 | ||
| 189 | 189 | ||
| 190 | int adduser(char *uid) | 190 | void new_password(const char *uid, d_char **clear_pwd, d_char **hashed_pwd) |
| 191 | /* creates a random password */ | ||
| 192 | { | ||
| 193 | int rndbuf[3]; | ||
| 194 | |||
| 195 | srandom(time(NULL) ^ getpid()); | ||
| 196 | rndbuf[0] = random() & 0xffffffff; | ||
| 197 | rndbuf[1] = random() & 0xffffffff; | ||
| 198 | rndbuf[2] = random() & 0xffffffff; | ||
| 199 | |||
| 200 | *clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf)); | ||
| 201 | *hashed_pwd = hash_password(uid, *clear_pwd, NULL); | ||
| 202 | } | ||
| 203 | |||
| 204 | |||
| 205 | int adduser(const char *uid) | ||
| 191 | /* creates a new user */ | 206 | /* creates a new user */ |
| 192 | { | 207 | { |
| 193 | snac snac; | 208 | snac snac; |
| 194 | xs *config = xs_dict_new(); | 209 | xs *config = xs_dict_new(); |
| 195 | xs *date = xs_str_utctime(0, "%Y-%m-%dT%H:%M:%SZ"); | 210 | xs *date = xs_str_utctime(0, "%Y-%m-%dT%H:%M:%SZ"); |
| 196 | int rndbuf[3]; | ||
| 197 | xs *pwd = NULL; | 211 | xs *pwd = NULL; |
| 198 | xs *pwd_f = NULL; | 212 | xs *pwd_f = NULL; |
| 199 | xs *key = NULL; | 213 | xs *key = NULL; |
| @@ -214,13 +228,7 @@ int adduser(char *uid) | |||
| 214 | return 1; | 228 | return 1; |
| 215 | } | 229 | } |
| 216 | 230 | ||
| 217 | srandom(time(NULL) ^ getpid()); | 231 | new_password(uid, &pwd, &pwd_f); |
| 218 | rndbuf[0] = random() & 0xffffffff; | ||
| 219 | rndbuf[1] = random() & 0xffffffff; | ||
| 220 | rndbuf[2] = random() & 0xffffffff; | ||
| 221 | |||
| 222 | pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf)); | ||
| 223 | pwd_f = hash_password(uid, pwd, NULL); | ||
| 224 | 232 | ||
| 225 | config = xs_dict_append(config, "uid", uid); | 233 | config = xs_dict_append(config, "uid", uid); |
| 226 | config = xs_dict_append(config, "name", uid); | 234 | config = xs_dict_append(config, "name", uid); |