1 files changed, 31 insertions, 32 deletions

diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index 352a353..01919e8 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -2127,37 +2127,6 @@
   Interestingly, this function will return =0= if an account doesn't
   exist, instead of =-1=.
 
-  <<here>>
-
-* _auth_validuser
-  :PROPERTIES:
-  :CUSTOM_ID: _auth_validuser
-  :END:
-
-  @@html: <details> <summary> @@
-  #+begin_src c
-  int _auth_validuser(const char *name)
-  #+end_src
-  @@html: </summary> @@
-  #+begin_src c
-  {
-      /* User name must be specified and may not start with a '-'. */
-      if (*name == '\0' || *name == '-') {
-          syslog(LOG_ERR, "invalid user name %s", name);
-          return 0;
-      }
-      return 1;
-  }
-  #+end_src
-  @@html: </details> @@
-
-  =_auth_validuser= is a small helper function used to check if a
-  username passes some very basic validity criteria. Those being that
-  it must not be an empty sting, and that it doesn't start with a
-  hyphen.
-
-  If a username is invalid, it is logged in the syslog.
-
 * auth_approval
   :PROPERTIES:
   :CUSTOM_ID: auth_approval
@@ -2303,10 +2272,40 @@
   #+end_src
   @@html: </details> @@
 
-  =auth_approval= is
+  =auth_approval= is used to check user =name= against approval script
+  for service =type=.
 
   <<here>>
 
+* _auth_validuser
+  :PROPERTIES:
+  :CUSTOM_ID: _auth_validuser
+  :END:
+
+  @@html: <details> <summary> @@
+  #+begin_src c
+  int _auth_validuser(const char *name)
+  #+end_src
+  @@html: </summary> @@
+  #+begin_src c
+  {
+      /* User name must be specified and may not start with a '-'. */
+      if (*name == '\0' || *name == '-') {
+          syslog(LOG_ERR, "invalid user name %s", name);
+          return 0;
+      }
+      return 1;
+  }
+  #+end_src
+  @@html: </details> @@
+
+  =_auth_validuser= is a small helper function used to check if a
+  username passes some very basic validity criteria. Those being that
+  it must not be an empty sting, and that it doesn't start with a
+  hyphen.
+
+  If a username is invalid, it is logged in the syslog.
+
 * COMMENT note                                                     :noexport:
 
  ---