diff options
| author | Dante Catalfamo | 2021-05-28 15:30:16 -0400 |
|---|---|---|
| committer | Dante Catalfamo | 2021-05-28 15:30:16 -0400 |
| commit | 55433eb5096f01b86e01e0bb76e353e8c7dfc18f (patch) | |
| tree | 31dd2cf147909ea7cae205a7302b344365cea1c9 | |
| parent | 22b2dcc54ef2485bf926c69f150f6a9aab021460 (diff) | |
| download | blog-55433eb5096f01b86e01e0bb76e353e8c7dfc18f.tar.gz blog-55433eb5096f01b86e01e0bb76e353e8c7dfc18f.tar.bz2 blog-55433eb5096f01b86e01e0bb76e353e8c7dfc18f.zip | |
bsd-auth: Add more function source code
| -rw-r--r-- | content/posts/WIP-how-bsd-authentication-works/index.org | 209 |
1 files changed, 204 insertions, 5 deletions
diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org index 8bbc474..4090a95 100644 --- a/content/posts/WIP-how-bsd-authentication-works/index.org +++ b/content/posts/WIP-how-bsd-authentication-works/index.org @@ -16,7 +16,6 @@ details > summary::-webkit-details-marker { display: none; } - </style> #+end_export @@ -145,6 +144,10 @@ [[https://man.openbsd.org/authenticate][=authenticate(3)=]], with the lower level functions being described in [[https://man.openbsd.org/auth_subr][=auth_subr(3)=]]. + Click on any function prototype in this post to see the full source + code of that function. + All code snippets from this blog post belong to the OpenBSD contributors. + * auth_userokay :PROPERTIES: :CUSTOM_ID: auth_userokay @@ -157,9 +160,21 @@ This function lives inside =/lib/libc/gen/authenticate.c= + @@html: <details> <summary> @@ #+BEGIN_SRC c int auth_userokay(char *name, char *style, char *type, char *password); #+END_SRC + @@html: </summary> @@ + #+begin_src c + { + auth_session_t *as; + + as = auth_usercheck(name, style, type, password); + + return (as != NULL ? auth_close(as) : 0); + } + #+end_src + @@html: </details> @@ - =name= is the name of the user to be authenticated - =style= is the login method to be used @@ -248,10 +263,37 @@ :PROPERTIES: :CUSTOM_ID: auth_setdata :END: - + @@html: <details> <summary> @@ #+begin_src c int auth_setdata(auth_session_t *as, void *ptr, size_t len) #+end_src + @@html: </summary> @@ + #+begin_src c + { + struct authdata *data, *dp; + + if (len <= 0) + return (0); + + if ((data = malloc(sizeof(*data) + len)) == NULL) + return (-1); + + data->next = NULL; + data->len = len; + data->ptr = data + 1; + memcpy(data->ptr, ptr, len); + + if (as->data == NULL) + as->data = data; + else { + for (dp = as->data; dp->next != NULL; dp = dp->next) + ; + dp->next = data; + } + return (0); + } + #+end_src + @@html: </details> @@ =auth_setdata= allocates and initializes a new =authdata= struct, storing a copy of the data from =*ptr= and =len=. It then point the @@ -262,10 +304,99 @@ :PROPERTIES: :CUSTOM_ID: auth_setitem :END: - + @@html: <details> <summary> @@ #+begin_src c int auth_setitem(auth_session_t *as, auth_item_t item, char *value) #+end_src + @@html: </summary> @@ + #+begin_src c + { + if (as == NULL) { + errno = EINVAL; + return (-1); + } + + switch (item) { + case AUTHV_ALL: + if (value != NULL) { + errno = EINVAL; + return (-1); + } + auth_setitem(as, AUTHV_CHALLENGE, NULL); + auth_setitem(as, AUTHV_CLASS, NULL); + auth_setitem(as, AUTHV_NAME, NULL); + auth_setitem(as, AUTHV_SERVICE, NULL); + auth_setitem(as, AUTHV_STYLE, NULL); + auth_setitem(as, AUTHV_INTERACTIVE, NULL); + return (0); + + case AUTHV_CHALLENGE: + if (value == as->challenge) + return (0); + if (value != NULL && (value = strdup(value)) == NULL) + return (-1); + free(as->challenge); + as->challenge = value; + return (0); + + case AUTHV_CLASS: + if (value == as->class) + return (0); + if (value != NULL && (value = strdup(value)) == NULL) + return (-1); + free(as->class); + as->class = value; + return (0); + + case AUTHV_NAME: + if (value == as->name) + return (0); + if (value != NULL && !_auth_validuser(value)) { + errno = EINVAL; + return (-1); + } + if (value != NULL && (value = strdup(value)) == NULL) + return (-1); + free(as->name); + as->name = value; + return (0); + + case AUTHV_SERVICE: + if (value == as->service) + return (0); + if (value == NULL || strcmp(value, defservice) == 0) + value = defservice; + else if ((value = strdup(value)) == NULL) + return (-1); + if (as->service && as->service != defservice) + free(as->service); + as->service = value; + return (0); + + case AUTHV_STYLE: + if (value == as->style) + return (0); + if (value == NULL || strchr(value, '/') != NULL || + (value = strdup(value)) == NULL) + return (-1); + free(as->style); + as->style = value; + return (0); + + case AUTHV_INTERACTIVE: + if (value == NULL) + as->flags &= ~AF_INTERACTIVE; + else + as->flags |= ~AF_INTERACTIVE; + return (0); + + default: + errno = EINVAL; + return (-1); + } + } + #+end_src + @@html: </details> @@ =auth_setitem= is used to set one of several different fields of =*as= to =*value=. Depending on the value of =item=, it can be the @@ -274,9 +405,35 @@ =AUTHV_ALL= and =*value= is =NULL=, all fields are cleared. It returns =0= on success. + @@html: <details> <summary> @@ #+begin_src c char *auth_getitem(auth_session_t *as, auth_item_t item) #+end_src + @@html: </summary> @@ + #+begin_src c + { + if (as != NULL) { + switch (item) { + case AUTHV_CHALLENGE: + return (as->challenge); + case AUTHV_CLASS: + return (as->class); + case AUTHV_NAME: + return (as->name); + case AUTHV_SERVICE: + return (as->service ? as->service : defservice); + case AUTHV_STYLE: + return (as->style); + case AUTHV_INTERACTIVE: + return ((as->flags & AF_INTERACTIVE) ? "True" : NULL); + default: + break; + } + } + return (NULL); + } + #+end_src + @@html: </details> @@ =auth_getitem= is used to return the value of the fields listed above. @@ -303,10 +460,35 @@ :PROPERTIES: :CUSTOM_ID: auth_setoption :END: - + @@html: <details> <summary> @@ #+begin_src c int auth_setoption(auth_session_t *as, char *n, char *v) #+end_src + @@html: </summary> @@ + #+begin_src c + { + struct authopts *opt; + size_t len = strlen(n) + strlen(v) + 2; + int ret; + + if ((opt = malloc(sizeof(*opt) + len)) == NULL) + return (-1); + + opt->opt = (char *)(opt + 1); + + ret = snprintf(opt->opt, len, "%s=%s", n, v); + if (ret < 0 || ret >= len) { + free(opt); + errno = ENAMETOOLONG; + return (-1); + } + opt->next = as->optlist; + as->optlist = opt; + return(0); + } + + #+end_src + @@html: </details> @@ =auth_setoption= initializes a new =authopts= struct, and sets the =*opt= field to a string formatted as =sprintf(%s=%s, n, v)=. It @@ -317,16 +499,27 @@ :PROPERTIES: :CUSTOM_ID: auth_setstate :END: - + @@html: <details> <summary> @@ #+begin_src c void auth_setstate(auth_session_t *as, int s) #+end_src + @@html: </summary> @@ + #+begin_src c + { as->state = s; } + #+end_src + @@html: </details> @@ =auth_setstate= sets the =state= of =*as= to =s=. + @@html: <details> <summary> @@ #+begin_src c int auth_getstate(auth_session_t *as) #+end_src + @@html: </summary> @@ + #+begin_src c + { return (as->state); } + #+end_src + @@html: </details> @@ =auth_getstate= return the =state= of =*as=. @@ -392,9 +585,15 @@ :CUSTOM_ID: auth_set_va_list :END: + @@html: <details> <summary> @@ #+begin_src c void auth_set_va_list(auth_session_t *as, va_list ap) #+end_src + @@html: </summary> @@ + #+begin_src c + { va_copy(as->ap, ap); } + #+end_src + @@html: </details> @@ =auth_set_va_list= copies =ap= to the =ap= field in =*as= |