@@ -2,6 +2,7 @@ WEBKERNEL=../../webkernel/src

 CC=gcc

 CFLAGS=-g -Wall -I$(WEBKERNEL) -I../res

 LDFLAGS=

+LDFLAGS_KAKUMEI=$(LDFLAGS) -lscrypt -lm

 all: kakumei kakumei-invite

@@ -11,7 +12,7 @@ clean:

 kakumei: kakumei.o loglib.o parselib.o sbuf.o \

 		socklib.o webkernel.o gen_res.o \

 		kakumei_session.o kakumei_pass.o

-	$(CC) $(LDFLAGS) kakumei.o loglib.o parselib.o sbuf.o \

+	$(CC) $(LDFLAGS_KAKUMEI) kakumei.o loglib.o parselib.o sbuf.o \

 		socklib.o webkernel.o gen_res.o \

 		kakumei_session.o kakumei_pass.o \

 		-o kakumei

@@ -63,6 +63,34 @@ main(int argc, char *argv[])

         return(0);

 }

+int

+kakumei_uservalid(kakumei *ka, char *username)

+{

+        if(username==NULL)

+                return(-1);

+        if(strchr(username,'/')!=NULL)

+                return(-1);

+        if(strcmp(username,".")==0 || strcmp(username,"..")==0)

+                return(-1);

+        return(0);

+}

+

+int

+kakumei_userexists(kakumei *ka, char *username)

+{

+        char filename[1024];

+        struct stat st;

+        if(kakumei_uservalid(ka,username)!=0)

+                return(-1);

+        snprintf(filename,sizeof(filename),"%s/%s/passwd",USERSDIR,username);

+        filename[sizeof(filename)-1]='\0';

+        if(stat(filename,&st)!=0 || !S_ISREG(st.st_mode))

+                return(-1);

+        return(0);

+}

+

+

+

 wk_action

 callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

 {

@@ -27,4 +27,7 @@ typedef struct kakumei {

         wk *web;

 } kakumei;

+int kakumei_uservalid(kakumei *ka, char *username); /* no unallowed characters */

+int kakumei_userexists(kakumei *ka, char *username); /* it has a directory with a passwd file */

+

 #endif

@@ -7,19 +7,57 @@

  * This progran is licensed under the terms of the Affero GPL v1+

  */

+#include <stdio.h>

+#include <stdlib.h>

+#include <unistd.h>

+#include <string.h>

+#include <sys/types.h>

+#include <sys/stat.h>

+#include <fcntl.h>

 #include "kakumei.h"

+#include "libscrypt.h"

 int

 pass_new(kakumei *ka, char *user, char *passwd)

 {

-#warning TODO

-        return(-1);

+        int fd;

+        char filename[1024];

+        char mcf[SCRYPT_MCF_LEN+1];

+        int len;

+        if(kakumei_uservalid(ka,user)!=0)

+                return(-1);

+        snprintf(filename,sizeof(filename)-1,"%s/%s/passwd",USERSDIR,user);

+        filename[sizeof(filename)-1]='\0';

+        memset(mcf,0,sizeof(mcf));

+        libscrypt_hash(mcf,passwd,SCRYPT_N,SCRYPT_r,SCRYPT_p);

+        if((fd=open(filename,O_WRONLY|O_TRUNC|O_CREAT,0600))==-1)

+                return(-1);

+        len=strlen(mcf);

+        if(write(fd,mcf,len)!=len) {

+                close(fd),fd=-1;

+                return(-1);

+        }

+        close(fd),fd=-1;

+        return(0);

 }

 int

 pass_check(kakumei *ka, char *user, char *passwd)

 {

-#warning TODO

-        return(-1);

+        int fd;

+        char filename[1024];

+        char mcf[SCRYPT_MCF_LEN+1];

+        if(kakumei_userexists(ka,user)!=0)

+                return(-1);

+        snprintf(filename,sizeof(filename)-1,"%s/%s/passwd",USERSDIR,user);

+        filename[sizeof(filename)-1]='\0';

+        if((fd=open(filename,O_RDONLY))==-1)

+                return(-1);

+        memset(mcf,0,sizeof(mcf));

+        read(fd,mcf,sizeof(mcf)-1);

+        close(fd),fd=-1;

+        if(libscrypt_check(mcf,passwd)<=0)

+                return(-1);

+        return(0);

 }

@@ -7,12 +7,16 @@

  * This progran is licensed under the terms of the Affero GPL v1+

  */

+#include <sys/stat.h>

+#include <sys/types.h>

 #include "kakumei.h"

 #include "kakumei_session.h"

 char *

 session_new(kakumei *ka, char *user, char *session, int sessionsize)

 {

+        mkdir(DATADIR,0700);

+        mkdir(SESSIONSDIR,0700);

 }