bsd-auth: write more for auth_userchallenge

1 files changed, 25 insertions, 1 deletions

diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index f8c9a51..b741f17 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -864,7 +864,9 @@
   over SSH.
 
   A fair portion of this function is very similar to
-  [[#auth_usercheck][=auth_usercheck=]].
+  [[#auth_usercheck][=auth_usercheck=]]. Instead of having a password argument however, it
+  has a pointer to string, which is used to return the challenge to
+  the calling function.
 
   It first checks that =*name= is a valid username. This means that it
   doesn't begin with a hyphen, had a non-zero length.
@@ -885,6 +887,28 @@
   returned, which causes =auth_userchallenge= to return =NULL= as
   well.
 
+  This is where =auth_userchallenge= and [[#auth_usercheck][=auth_usercheck=]] begin to diverge.
+
+  It creates a new auth session using [[#auth_open][=auth_open=]] as variable =as=.
+
+  The =style=, =name= and =class= properties of the session are then
+  set using [[#auth_setitem][=auth_setitem=]].
+
+  It then calls [[#auth_challenge][=auth_challenge=]] with =as= as the argument. The return
+  value from that call is used to set =*challengep=, and =as= is
+  returned.
+
+  #+begin_src c
+  *challengep = auth_challenge(as);
+  return (as);
+  #+end_src
+
+
+* auth_challenge
+  :PROPERTIES:
+  :CUSTOM_ID: auth_challenge
+  :END:
+
 
 * auth_userresponse
   :PROPERTIES: