diff --git a/include/application/application.h b/include/application/application.h index 8a89c10..12ea3a2 100644 --- a/include/application/application.h +++ b/include/application/application.h @@ -29,7 +29,7 @@ #include "session.h" #include "queue.h" #include "auth/credential.h" -#include "storage.h" +#include "storage/storage.h" #include "session.h" #include "user.h" diff --git a/include/auth/storage.h b/include/auth/storage.h index 26501da..7fb6d24 100644 --- a/include/auth/storage.h +++ b/include/auth/storage.h @@ -28,8 +28,7 @@ #include #include "class.h" -#include // storage must move to storage/storage.h - // to be loadable with " +#include "storage/storage.h" #define SALT_SIZE 32 diff --git a/include/storage.h b/include/storage/storage.h similarity index 100% rename from include/storage.h rename to include/storage/storage.h diff --git a/include/user.h b/include/user.h index 8aa7c62..147677e 100644 --- a/include/user.h +++ b/include/user.h @@ -26,7 +26,7 @@ #include #include "class.h" -#include "storage.h" +#include "storage/storage.h" CLASS(User) { diff --git a/signuptest.html b/signuptest.html new file mode 100644 index 0000000..2b0ddc5 --- /dev/null +++ b/signuptest.html @@ -0,0 +1,32 @@ + + + + + + Signuptest + + + +
+ + +
+ + +
+ + +
+ + +
+ + +
+ +
+ + + + diff --git a/src/application/adapter/http/update.c b/src/application/adapter/http/update.c index 01eb375..b0c872f 100644 --- a/src/application/adapter/http/update.c +++ b/src/application/adapter/http/update.c @@ -195,14 +195,14 @@ signupAdapter(Application application, HttpWorker worker, Session session) NULL == firstname || NULL == surname) { // maybe this is not a 500...have to check repsonse codes. - worker->current_response = httpResponse500(); + worker->current_response = (HttpMessage)httpResponse500(); return; } if (password->nvalue != pwrepeat->nvalue || 0 != memcmp(password->value, pwrepeat->value, password->nvalue)) { // maybe this is not a 500...have to check repsonse codes. - worker->current_response = httpResponse500(); + worker->current_response = (HttpMessage)httpResponse500(); return; } @@ -217,7 +217,7 @@ signupAdapter(Application application, HttpWorker worker, Session session) (char *)(surname->value), surname->nvalue); if (! applicationSignup(application, credential, user, session)) { - worker->current_response = httpResponse500(); + worker->current_response = (HttpMessage)httpResponse500(); } else { loginAdapter(application, worker, session); } diff --git a/src/application/application.c b/src/application/application.c index d038370..e7c469e 100644 --- a/src/application/application.c +++ b/src/application/application.c @@ -27,7 +27,7 @@ #include "class.h" #include "queue.h" #include "application/application.h" -#include "storage.h" +#include "storage/storage.h" #include "utils/memory.h" @@ -40,6 +40,16 @@ applicationCtor(void * _this, va_list * params) this->val = va_arg(*params, struct randval *); + /* + * @TODO for both of these...each user should be identified + * by a number...that way I could use that number in the + * passwords db and no direct association between email and + * password could be made when someone get the hands on the + * password database. + */ + this->users = va_arg(*params, Storage); + this->passwords = va_arg(*params, Storage); + // initialize authenticators to use. this->nauth = va_arg(*params, size_t); this->auth = memMalloc(this->nauth * sizeof(void*)); @@ -49,16 +59,6 @@ applicationCtor(void * _this, va_list * params) this->active_sessions = new(Queue); - /* - * @TODO for both of these...each user should be identified - * by a number...that way I could use that number in the - * passwords db and no direct association between email and - * password could be made when someone get the hands on the - * password database. - */ - this->users = new(Storage, "./run/users.db"); - this->passwords = new(Storage, "./run/passwords.db"); - return 0; } @@ -69,8 +69,6 @@ applicationDtor(void * _this) Application this = _this; size_t i; - delete(this->passwords); - delete(this->users); delete(this->active_sessions); for (i=0; inauth; i++) { diff --git a/src/application/signup.c b/src/application/signup.c index 8e3afe3..e4347b5 100644 --- a/src/application/signup.c +++ b/src/application/signup.c @@ -41,8 +41,8 @@ applicationSignup( Session session) { unsigned char hash_data[SALT_SIZE+HASH_SIZE]; - unsigned char * salt = hash_data; - unsigned char * hash = hash_data + SALT_SIZE; + unsigned char * salt = NULL; + unsigned char * hash = hash_data+SALT_SIZE; if (NULL != userLoad(user, this->users)) { /* @@ -67,6 +67,10 @@ applicationSignup( return 0; } + memcpy(hash_data, salt, SALT_SIZE); + + MEM_FREE(salt); + storagePut( this->passwords, CRED_PWD(cred).user, diff --git a/src/auth/storage/storage.c b/src/auth/storage/storage.c index 86373d3..f8eef61 100644 --- a/src/auth/storage/storage.c +++ b/src/auth/storage/storage.c @@ -21,7 +21,7 @@ */ #include "class.h" -#include "storage.h" +#include "storage/storage.h" #include "auth.h" #include "commons.h" #include "utils/memory.h" @@ -90,6 +90,6 @@ authStorageAuthenticate(void * _this, Credential cred) INIT_IFACE(Class, authStorageCtor, authStorageDtor, NULL); INIT_IFACE(Auth, authStorageAuthenticate); -CREATE_CLASS(AuthLdap, NULL, IFACE(Class), IFACE(Auth)); +CREATE_CLASS(AuthStorage, NULL, IFACE(Class), IFACE(Auth)); // vim: set ts=4 sw=4: diff --git a/src/storage/get.c b/src/storage/get.c index 39aba82..0053a2e 100644 --- a/src/storage/get.c +++ b/src/storage/get.c @@ -25,8 +25,8 @@ #include #include -#include "storage.h" #include "class.h" +#include "storage/storage.h" #include "utils/memory.h" diff --git a/src/storage/put.c b/src/storage/put.c index 387fa58..d902a51 100644 --- a/src/storage/put.c +++ b/src/storage/put.c @@ -24,8 +24,8 @@ #include #include -#include "storage.h" #include "class.h" +#include "storage/storage.h" #include "utils/memory.h" diff --git a/src/storage/storage.c b/src/storage/storage.c index c275793..efb372e 100644 --- a/src/storage/storage.c +++ b/src/storage/storage.c @@ -24,8 +24,8 @@ #include #include -#include "storage.h" #include "class.h" +#include "storage/storage.h" #include "utils/memory.h" diff --git a/src/storage/update.c b/src/storage/update.c index 3cbaeb2..283171e 100644 --- a/src/storage/update.c +++ b/src/storage/update.c @@ -24,8 +24,8 @@ #include #include -#include "storage.h" #include "class.h" +#include "storage/storage.h" #include "utils/memory.h" diff --git a/src/taskrambler.c b/src/taskrambler.c index c0eada7..27722e5 100644 --- a/src/taskrambler.c +++ b/src/taskrambler.c @@ -140,7 +140,10 @@ main() default: { - AuthLdap ldap; + Storage users; + Storage passwords; + AuthLdap authLdap; + AuthStorage authStorage; Application application; ApplicationAdapterHttp adapterHttp; HttpWorker worker; @@ -154,12 +157,27 @@ main() logger = new(LoggerSyslog, LOGGER_DEBUG); - worker = new(HttpWorker, "testserver"); - ldap = new( - AuthLdap, "ldap://hosted/", CSTRA(LDAP_BASE)); - application = new(Application, value, 1, ldap); + authLdap = new( + AuthLdap, + "ldap://hosted/", + CSTRA(LDAP_BASE)); + + users = new(Storage, "./run/users.db"); + passwords = new(Storage, "./run/passwords.db"); + authStorage = new(AuthStorage, passwords); + + application = new( + Application, + value, + users, + passwords, + 2, + authLdap, + authStorage); adapterHttp = new(ApplicationAdapterHttp, application); + + worker = new(HttpWorker, "testserver"); subjectAttach(worker, adapterHttp); server = new(Server, logger, worker, 11212, SOMAXCONN); @@ -210,6 +228,10 @@ main() delete(worker); delete(adapterHttp); delete(application); + delete(authStorage); + delete(passwords); + delete(users); + delete(authLdap); delete(logger); clearMimeTypes(); diff --git a/src/user/load.c b/src/user/load.c index ed6547f..614dd29 100644 --- a/src/user/load.c +++ b/src/user/load.c @@ -24,7 +24,7 @@ #include #include "user.h" -#include "storage.h" +#include "storage/storage.h" #include "class.h" #include "utils/memory.h" diff --git a/src/user/save.c b/src/user/save.c index acb268f..5f7a505 100644 --- a/src/user/save.c +++ b/src/user/save.c @@ -24,7 +24,7 @@ #include #include "user.h" -#include "storage.h" +#include "storage/storage.h" #include "class.h" #include "utils/memory.h" diff --git a/src/user/user.c b/src/user/user.c index 1dac923..db77a10 100644 --- a/src/user/user.c +++ b/src/user/user.c @@ -21,7 +21,7 @@ */ #include "user.h" -#include "storage.h" +#include "storage/storage.h" #include "class.h" #include "utils/memory.h" diff --git a/src/utils/hash.c b/src/utils/hash.c index aef07bc..448b4fb 100644 --- a/src/utils/hash.c +++ b/src/utils/hash.c @@ -52,21 +52,4 @@ sdbm(const unsigned char * str, size_t len) return hash; } - -/* - * this will use openssl to hash a given password with a given salt. - * If salt is NULL a random salt is generated and returned in salt. - * The memory for this is allocated via memMalloc and has to be freed - * by the caller via MEM_FREE. - * The size of the salt is always SALT_SIZE and that of hash is always - * hash size. Both are defined in auth/storage.h - */ -int -hash_pw( - const char * password, - const size_t npassword, - unsigned char * pw_hash, - unsigned char ** salt) -{ -} // vim: set ts=4 sw=4: