Mercurial > hg > rlgwebd
comparison sqlickrypt.c @ 17:d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
The quickrypt utility is replaced with sqlickrypt, which takes a username
and password pair and checks them against the SQLite password database
used by dgamelaunch. This will be more extensible to using rlgwebd to
register, change passwords, etc.
| author | John "Elwin" Edwards <elwin@sdf.org> |
|---|---|
| date | Sun, 20 May 2012 15:52:07 -0700 |
| parents | |
| children | 59ea628abb81 |
comparison
equal
deleted
inserted
replaced
| 16:ef6127ed6da3 | 17:d3e3d6b4016b |
|---|---|
| 1 #include <stdio.h> | |
| 2 #include <stdlib.h> | |
| 3 #include <string.h> | |
| 4 #include <ctype.h> | |
| 5 #include <sqlite3.h> | |
| 6 #include <unistd.h> | |
| 7 #include <crypt.h> | |
| 8 | |
| 9 #define DATABASE "/dgldir/dgamelaunch.db" | |
| 10 | |
| 11 int xcallback(void *targ, int ncols, char **vals, char **colnames) { | |
| 12 char *pws; | |
| 13 int j; | |
| 14 pws = *((char **) targ); | |
| 15 if (pws == NULL) { | |
| 16 for (j = 0; j < ncols; j++) { | |
| 17 if (!strcmp(colnames[j], "password")) | |
| 18 *((char **) targ) = strdup(vals[j]); | |
| 19 } | |
| 20 } | |
| 21 /* Otherwise, this isn't the first row. */ | |
| 22 return 0; | |
| 23 } | |
| 24 | |
| 25 int main(int argc, char *argv[]) { | |
| 26 char ibuf[160], *uname, *pw, *pwhash = NULL, *comphash; | |
| 27 char finduser_sql[160]; | |
| 28 char *cptr; // Utility pointer | |
| 29 sqlite3 *db; | |
| 30 int status; | |
| 31 | |
| 32 /* Read in the username and password */ | |
| 33 fgets(ibuf, 160, stdin); | |
| 34 uname = ibuf; | |
| 35 pw = strchr(uname, '\n'); | |
| 36 if (pw == NULL) | |
| 37 exit(4); /* Truncated */ | |
| 38 *pw = '\0'; | |
| 39 pw++; | |
| 40 fgets(pw, 160 - (pw - ibuf), stdin); | |
| 41 if (pw[strlen(pw) - 1] == '\n') | |
| 42 pw[strlen(pw) - 1] = '\0'; | |
| 43 else | |
| 44 exit(4); /* Truncated */ | |
| 45 /* Sanitize the username, because it gets put into a query. */ | |
| 46 for (cptr = uname; *cptr != '\0'; cptr++) { | |
| 47 if (!isalnum(*cptr)) { | |
| 48 exit(4); | |
| 49 } | |
| 50 } | |
| 51 /* Construct the query */ | |
| 52 strcpy(finduser_sql, "SELECT * FROM dglusers WHERE username='"); | |
| 53 strncat(finduser_sql, uname, 40); | |
| 54 strcat(finduser_sql, "';"); | |
| 55 | |
| 56 status = sqlite3_open(DATABASE, &db); | |
| 57 if (status) { | |
| 58 sqlite3_close(db); | |
| 59 return 1; | |
| 60 } | |
| 61 sqlite3_exec(db, finduser_sql, xcallback, (void *) &pwhash, NULL); | |
| 62 | |
| 63 sqlite3_close(db); | |
| 64 | |
| 65 /* Now check the password. */ | |
| 66 if (pwhash == NULL) { | |
| 67 return 2; | |
| 68 } | |
| 69 comphash = crypt(pw, pwhash); | |
| 70 if (!strcmp(pwhash, comphash)) | |
| 71 return 0; | |
| 72 return 1; | |
| 73 } |