#include "autoconf.h"
+#include <sys/types.h>
+
+#include <ucw/clists.h>
#include <ucw/mainloop.h>
+#include <ucw/mempool.h>
#include <ucw-json/json.h>
#define SOCKET_TIMEOUT 60000 // in ms
-#define MAX_PACKET_SIZE 16384
#define MAX_OOB_DATA_SIZE 4096
struct client {
struct main_file socket;
struct main_timer timer;
int uid;
+ struct mempool *pool;
struct json_context *json;
struct json_node *request;
struct json_node *reply;
};
+extern clist zone_list; // of struct auth_zone
+extern char *database_name;
+extern char *temp_key_file;
+extern uint max_comment_size;
+
/* cmd.c */
-void cmd_error(struct client *c, const char *err);
+void cmd_dispatch(struct client *c);
+
+const char *get_string(struct json_node *n, const char *key);
+bool get_uint(struct json_node *n, const char *key, uint *dest);
+struct json_node **get_array(struct json_node *n, const char *key);
+struct json_node *get_object(struct json_node *n, const char *key);
+
+/* auth.c */
+
+#define DEFAULT_SALT_BYTES 8
+#define DEFAULT_IDENT_BYTES 2
+#define DEFAULT_GENERATED_BYTES 8
+#define HASH_BYTES 32 // We are using SHA-256
+#define DEFAULT_HASH_ITERATIONS 64 // Number of hash function iterations per PBKDF2
+#define MAX_TEXT_HASH_SIZE 256
+
+struct auth_zone {
+ cnode n;
+ char *name;
+ char *desc;
+ uint auto_create_acct;
+ uint allow_passwd;
+ uint allow_tokens;
+ uint max_temp_validity;
+};
+
+struct auth_user {
+ clist accounts; // of struct auth_acct
+ char login[1];
+};
+
+struct auth_acct {
+ cnode n;
+ struct auth_user *user;
+ struct auth_zone *zone;
+ clist tokens; // of struct auth_token
+};
+
+enum token_type {
+ TOKEN_UNDEFINED,
+ TOKEN_PASSWORD,
+ TOKEN_GENERATED,
+ TOKEN_NUM_TYPES,
+};
+
+struct auth_token {
+ cnode n;
+ struct auth_acct *acct;
+ enum token_type type;
+ char *salt;
+ char *hash;
+ char *ident;
+ char *comment;
+ time_t last_modified;
+ uint iterations;
+};
+
+void auth_init(void);
+void db_write(void);
+struct auth_zone *auth_find_zone(const char *name);
+struct auth_user *auth_find_user(const char *login, bool create);
+struct auth_acct *auth_find_acct(struct auth_user *au, struct auth_zone *az, bool create);
+struct auth_token *auth_find_token_passwd(struct auth_acct *aa);
+struct auth_token *auth_find_token_generated(struct auth_acct *aa, const char *ident);
+void auth_delete_user(struct auth_user *au);
+void auth_delete_acct(struct auth_acct *aa);
+void auth_delete_token(struct auth_token *at);
+struct auth_token *auth_create_token(struct auth_acct *aa);
+void auth_set_token_passwd(struct auth_token *at, const char *passwd);
+char *auth_set_token_generated(struct auth_token *at, const char *comment, struct mempool *pool);
+bool auth_check_token(struct auth_token *at, const char *passwd);
+
+extern struct auth_token *auth_fake_token;
+
+/* temp.c */
+
+void temp_init(void);
+char *temp_generate(const char *zone, const char *login, uint validity, struct mempool *pool);
+const char *temp_check(const char *zone, const char *login, const char *token, struct mempool *pool);
+const char *temp_shorten(const char *token, struct mempool *pool);