bsd-auth: oops i forgot some function definitions

1 files changed, 120 insertions, 2 deletions

diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index 5d4843d..aee3d3a 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -1460,9 +1460,31 @@
    :CUSTOM_ID: _auth_next_arg
    :END:
 
+   @@html: <details> <summary> @@
    #+BEGIN_SRC c
    static char *_auth_next_arg(auth_session_t *as)
    #+END_SRC
+   @@html: </summary> @@
+   #+begin_src c
+   {
+       char *arg;
+
+       if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) {
+           if ((arg = va_arg(as->ap0, char *)) != NULL)
+               return (arg);
+           va_end(as->ap0);
+           explicit_bzero(&(as->ap0), sizeof(as->ap0));
+       }
+       if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) {
+           if ((arg = va_arg(as->ap, char *)) != NULL)
+               return (arg);
+           va_end(as->ap);
+           explicit_bzero(&(as->ap), sizeof(as->ap));
+       }
+       return (NULL);
+   }
+   #+end_src
+   @@html: </details> @@
 
    First goes through =as->ap0=, returning one argument at a time
    until it hits the =NULL= character pointer. At which point it
@@ -1476,10 +1498,46 @@
    :PROPERTIES:
    :CUSTOM_ID: _auth_spool
    :END:
-
+   @@html: <details> <summary> @@
    #+begin_src c
    static void _auth_spool(auth_session_t *as, int fd)
    #+end_src
+   @@html: </summary> @@
+   #+begin_src c
+   {
+       ssize_t r;
+       char *b, *s;
+
+       for (s = as->spool + as->index; as->index < sizeof(as->spool) - 1; ) {
+           r = read(fd, as->spool + as->index,
+               sizeof(as->spool) - as->index);
+           if (r <= 0) {
+               as->spool[as->index] = '\0';
+               return;
+           }
+           b = as->spool + as->index;
+           as->index += r;
+           /*
+            ,* Convert newlines into NULs to allow easy scanning of the
+            ,* file and receive an fd if there is a BI_FDPASS message.
+            ,* XXX - checking for BI_FDPASS here is annoying but
+            ,*       we need to avoid the read() slurping in control data.
+            ,*/
+           while (r-- > 0) {
+               if (*b++ == '\n') {
+                   b[-1] = '\0';
+                   if (strcasecmp(s, BI_FDPASS) == 0)
+                       _recv_fd(as, fd);
+                   s = b;
+               }
+           }
+       }
+
+       syslog(LOG_ERR, "Overflowed backchannel spool buffer");
+       errx(1, "System error in authentication program");
+   }
+   #+end_src
+   @@html: </details> @@
 
    =_auth_spool='s job is to read data from =fd= and place it in
    =as->spool=, and to update =as->index= with the length of the data
@@ -1499,9 +1557,50 @@
    :CUSTOM_ID: _recv_fd
    :END:
 
+   @@html: <details> <summary> @@
    #+begin_src c
    static void _recv_fd(auth_session_t *as, int fd)
    #+end_src
+   @@html: </summary> @@
+   #+begin_src c
+   {
+       struct msghdr msg;
+       struct cmsghdr *cmp;
+       union {
+           struct cmsghdr hdr;
+           char buf[CMSG_SPACE(sizeof(int))];
+       } cmsgbuf;
+
+       memset(&msg, 0, sizeof(msg));
+       msg.msg_control = &cmsgbuf.buf;
+       msg.msg_controllen = sizeof(cmsgbuf.buf);
+       if (recvmsg(fd, &msg, 0) == -1)
+           syslog(LOG_ERR, "recvmsg: %m");
+       else if (msg.msg_flags & MSG_TRUNC)
+           syslog(LOG_ERR, "message truncated");
+       else if (msg.msg_flags & MSG_CTRUNC)
+           syslog(LOG_ERR, "control message truncated");
+       else if ((cmp = CMSG_FIRSTHDR(&msg)) == NULL)
+           syslog(LOG_ERR, "missing control message");
+       else {
+           if (cmp->cmsg_level != SOL_SOCKET)
+               syslog(LOG_ERR, "unexpected cmsg_level %d",
+                   cmp->cmsg_level);
+           else if (cmp->cmsg_type != SCM_RIGHTS)
+               syslog(LOG_ERR, "unexpected cmsg_type %d",
+                   cmp->cmsg_type);
+           else if (cmp->cmsg_len != CMSG_LEN(sizeof(int)))
+               syslog(LOG_ERR, "bad cmsg_len %d",
+                   cmp->cmsg_len);
+           else {
+               if (as->fd != -1)
+                   close(as->fd);
+               as->fd = *(int *)CMSG_DATA(cmp);
+           }
+       }
+   }
+   #+end_src
+   @@html: </details> @@
 
    =_recv_fd= reads control messages, also called ancillary data, from
    =fd= and tries to receive a file descriptor. It does this using the
@@ -1515,10 +1614,29 @@
    :PROPERTIES:
    :CUSTOM_ID: _add_rmlist
    :END:
-
+   @@html: <details> <summary> @@
    #+begin_src c
    static void _add_rmlist(auth_session_t *as, char *file)
    #+end_src
+   @@html: </summary> @@
+   #+begin_src c
+   {
+       struct rmfiles *rm;
+       size_t i = strlen(file) + 1;
+
+       // XXX should rangecheck i since we are about to add?
+
+       if ((rm = malloc(sizeof(struct rmfiles) + i)) == NULL) {
+           syslog(LOG_ERR, "Failed to allocate rmfiles: %m");
+           return;
+       }
+       rm->file = (char *)(rm + 1);
+       rm->next = as->rmlist;
+       strlcpy(rm->file, file, i);
+       as->rmlist = rm;
+   }
+   #+end_src
+   @@html: </details> @@
 
    =_add_rmlist= is used to add to the list of files to be removed
    after authentication is complete