/* auth.c */
+#define DEFAULT_SALT_BYTES 8
+#define DEFAULT_IDENT_BYTES 2
+#define DEFAULT_GENERATED_BYTES 8
+#define HASH_BYTES 32 // We are using SHA-256
+#define DEFAULT_HASH_ITERATIONS 64 // Number of hash function iterations per PBKDF2
+#define MAX_TEXT_HASH_SIZE 256
+
struct auth_zone {
cnode n;
char *name;
};
enum token_type {
+ TOKEN_UNDEFINED,
TOKEN_PASSWORD,
TOKEN_GENERATED,
TOKEN_NUM_TYPES,
enum token_type type;
char *salt;
char *hash;
+ char *ident;
char *comment;
time_t last_modified;
+ uint iterations;
};
void auth_init(void);
struct auth_zone *auth_find_zone(const char *name);
struct auth_user *auth_find_user(const char *login, bool create);
struct auth_acct *auth_find_acct(struct auth_user *au, struct auth_zone *az, bool create);
+struct auth_token *auth_find_token_passwd(struct auth_acct *aa);
+struct auth_token *auth_find_token_generated(struct auth_acct *aa, char *ident);
void auth_delete_user(struct auth_user *au);
void auth_delete_acct(struct auth_acct *aa);
void auth_delete_token(struct auth_token *at);
struct auth_token *auth_create_token(struct auth_acct *aa);
void auth_set_token_passwd(struct auth_token *at, const char *passwd);
+char *auth_set_token_generated(struct auth_token *at, const char *comment);
+bool auth_check_token(struct auth_token *at, const char *passwd);
+
+extern struct auth_token *auth_fake_token;