X-Git-Url: http://mj.ucw.cz/gitweb/?a=blobdiff_plain;f=server%2Fsubauthd.h;h=1e867541ef2991231f41f3434d186bfd2ce30097;hb=20f43a00e811ad1a16d3b2ce4c64d51224360077;hp=d1a1cf7409e5c16514a4a4403ff6e0bbba6fb089;hpb=0e14c062efbd52a0f3c4ce384f01a4d887bb483c;p=subauth.git

diff --git a/server/subauthd.h b/server/subauthd.h
index d1a1cf7..1e86754 100644
--- a/server/subauthd.h
+++ b/server/subauthd.h
@@ -10,16 +10,17 @@
 
 #include <ucw/clists.h>
 #include <ucw/mainloop.h>
+#include <ucw/mempool.h>
 #include <ucw-json/json.h>
 
 #define SOCKET_TIMEOUT 60000		// in ms
-#define MAX_PACKET_SIZE 16384
 #define MAX_OOB_DATA_SIZE 4096
 
 struct client {
   struct main_file socket;
   struct main_timer timer;
   int uid;
+  struct mempool *pool;
   struct json_context *json;
   struct json_node *request;
   struct json_node *reply;
@@ -27,6 +28,8 @@ struct client {
 
 extern clist zone_list;			// of struct auth_zone
 extern char *database_name;
+extern char *temp_key_file;
+extern uint max_comment_size;
 
 /* cmd.c */
 
@@ -39,12 +42,21 @@ struct json_node *get_object(struct json_node *n, const char *key);
 
 /* auth.c */
 
+#define DEFAULT_SALT_BYTES 8
+#define DEFAULT_IDENT_BYTES 2
+#define DEFAULT_GENERATED_BYTES 8
+#define HASH_BYTES 32			// We are using SHA-256
+#define DEFAULT_HASH_ITERATIONS 64	// Number of hash function iterations per PBKDF2
+#define MAX_TEXT_HASH_SIZE 256
+
 struct auth_zone {
   cnode n;
   char *name;
+  char *desc;
   uint auto_create_acct;
   uint allow_passwd;
   uint allow_tokens;
+  uint max_temp_validity;
 };
 
 struct auth_user {
@@ -60,6 +72,7 @@ struct auth_acct {
 };
 
 enum token_type {
+  TOKEN_UNDEFINED,
   TOKEN_PASSWORD,
   TOKEN_GENERATED,
   TOKEN_NUM_TYPES,
@@ -71,8 +84,10 @@ struct auth_token {
   enum token_type type;
   char *salt;
   char *hash;
+  char *ident;
   char *comment;
   time_t last_modified;
+  uint iterations;
 };
 
 void auth_init(void);
@@ -80,8 +95,21 @@ void db_write(void);
 struct auth_zone *auth_find_zone(const char *name);
 struct auth_user *auth_find_user(const char *login, bool create);
 struct auth_acct *auth_find_acct(struct auth_user *au, struct auth_zone *az, bool create);
+struct auth_token *auth_find_token_passwd(struct auth_acct *aa);
+struct auth_token *auth_find_token_generated(struct auth_acct *aa, const char *ident);
 void auth_delete_user(struct auth_user *au);
 void auth_delete_acct(struct auth_acct *aa);
 void auth_delete_token(struct auth_token *at);
 struct auth_token *auth_create_token(struct auth_acct *aa);
 void auth_set_token_passwd(struct auth_token *at, const char *passwd);
+char *auth_set_token_generated(struct auth_token *at, const char *comment, struct mempool *pool);
+bool auth_check_token(struct auth_token *at, const char *passwd);
+
+extern struct auth_token *auth_fake_token;
+
+/* temp.c */
+
+void temp_init(void);
+char *temp_generate(const char *zone, const char *login, uint validity, struct mempool *pool);
+const char *temp_check(const char *zone, const char *login, const char *token, struct mempool *pool);
+const char *temp_shorten(const char *token, struct mempool *pool);