If we use the Adr struct we need to add port num to it


Client Routines
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

token layer (token.c)
======================================================================
int get_token(&token)		retrieve token
int extract_token(&token)

======================================================================


authenticate layer
======================================================================
int authenticate(&Packet)       make a packet authenticated  


send ktext with request and get token back     		(NORMAL INITIALIZATION)
or
send token with request					(SERVER DIED)
or
just send packet with checksum generated by session key 
======================================================================



Server Routines
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
test_conn (ping client refered to by token to see if it still exists
token layer  (token.c)
======================================================================
int token_valid(token,Adr) 	test to see if a token is valid, test checksum
				correct host, timestamp etc

int test_token_chksum(token,secret)	make sure the checksum works


int make_token(&token,Adr,secret)	make a new token
int store_token(&token)			add to list of valid tokens
int invalidate_token(token)		invalidate a token (add to list of 
					bad and remove from list of valid)
int return_token(token,&Packet)		add token to return packet
int find_token(&token)          	see if this token exists already

int flush_tokens()              get rid of all tokens which have been 
				invalidated & are older then we would 
				consider valid anyway	

we keep a list of invalid tokens so that someone cannot keep presenting
what was a valid token.

keep a list of valid tokens in case the client crashes.

we check list of bad tokens before accepting one presented by client, we
don't check only list of valid ones because this might be incomplete.

How about pinging to see if it is still there?
======================================================================


authenticate layer
======================================================================
int authenticate(&Packet)	test that a packet is authentic

======================================================================


Whats in a token?
 some of this kind of stuff ??? in what format???
	date/time stamp
	ip addr
	port
	vendor
	program
	version
	username
	shared (by servers) key used to generate checksum

	
Server to client authentication:


Client keeps a token in memory, so it can be presented to server if:

	1) Server fails or network broken. (New server)
	2) To maintain place in queue 


Server to server authentication:

	Servers need to share a secret

	The secret need to change periodically.

	If secret changes servers will still need to accept clients with tokens
	based on old secret for some period of time.

Need to protect against:

	1) Denial of service attacks -- User might keep claiming they have
	licenses until a server can't grant any because it thinks they are all 
	out.

	2) Inflation of licenses able to be granted in the case of multiple
	servers. The user pretends to have a valid licenses and then gives them
	up. The server thinks it is in control of the majority of licences and
	starts over granting.

*both these attacks probably require modifying client code.	

Other Issues:

What if user want more than one client running at the same time?

What about timing out of tokens?

Programs could make the license calls themselves intead of using a wraper
