#include <sys/wait.h>
#include <string.h>
#include <limits.h>
-#include <crypt.h>
#include <libcitadel.h>
#include "../../citadel_defs.h"
#include "../../server.h"
// The confirmation token will be generated by combining the room name and email address with the host key,
-// and then generating an encrypted hash of that string. The encrypted hash is included as part of the
-// confirmation link.
+// and then generating a one-way hash of that string. The hash is included as part of the confirmation link.
void generate_confirmation_token(char *token_buf, size_t token_buf_len, char *roomname, char *emailaddr) {
char string_to_hash[1024];
- struct crypt_data cd;
- char *ptr;
snprintf(string_to_hash, sizeof string_to_hash, "%s|%s|%s", roomname, emailaddr, CtdlGetConfigStr("host_key"));
- memset(&cd, 0, sizeof cd);
-
- strncpy(token_buf, crypt_r(string_to_hash, "$1$ctdl", &cd), token_buf_len);
-
- for (ptr=token_buf; *ptr; ++ptr) {
- if (!isalnum((char)*ptr)) *ptr='X';
- }
+ snprintf(token_buf, token_buf_len, "%lx", FourHash(string_to_hash, strlen(string_to_hash)));
}