summaryrefslogtreecommitdiffstats
path: root/content
diff options
context:
space:
mode:
Diffstat (limited to 'content')
-rw-r--r--content/posts/WIP-how-bsd-authentication-works/index.org48
1 files changed, 29 insertions, 19 deletions
diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index 4565580..3535cb2 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -289,33 +289,43 @@
format, and splits it accordingly.
It then gets the user's password database entry through
- [[https://man.openbsd.org/man3/getpwnam.3#getpwnam_r][=getpwman_r=]], which operates on the [[https://man.openbsd.org/passwd.5][=passwd(5)=]] database. It then
- uses that to retrieve the user's login class using [[https://man.openbsd.org/login_getclass#login_getclass][=login_getclass=]],
- which returns a =login_cap_t=. Login classes are stored in the
- [[https://man.openbsd.org/man5/login.conf.5][=login.conf(5)=]] database.
+ [[https://man.openbsd.org/man3/getpwnam.3#getpwnam_r][=getpwman_r(3)=]], which operates on the [[https://man.openbsd.org/passwd.5][=passwd(5)=]] database. It then
+ uses that to retrieve the user's login class using
+ [[https://man.openbsd.org/login_getclass#login_getclass][=login_getclass(3)=]], which returns a =login_cap_t=. Login classes
+ are stored in the [[https://man.openbsd.org/man5/login.conf.5][=login.conf(5)=]] database.
- That struct is then passed into [[https://man.openbsd.org/login_getclass#login_getstyle][=login_getstyle=]], which also
+ That struct is then passed into [[https://man.openbsd.org/login_getclass#login_getstyle][=login_getstyle(3)=]], which also
received the =*style= and =*type=. If =*type= is =NULL=, it returns
the first available login style for that class. If =*style= is
specified, it is returned if available, otherwise =NULL= is
returned, which causes =auch_usercheck= to return =NULL= as well.
- If the password is a string, then it creates a new session using
- =auth_open=. It then sets the session =service= to ="response"=, and
- adds the =password= string to the session's =data=. Here the newly
- created session is called =as=.
+ It then creates a pointer =as= of type =auth_session_t=, and handles
+ it differently based on whether =*password= is =NULL=.
- #+BEGIN_SRC c
- auth_setitem(as, AUTHV_SERVICE, "response");
- auth_setdata(as, "", 1);
- auth_setdata(as, password, strlen(password) + 1);
- #+END_SRC
+ - If the password is a string, it creates a new session using
+ =auth_open= and assigns it to =as=. It then sets the session
+ =service= to ="response"=, and adds the =password= string to the
+ session's =data=.
+
+ #+BEGIN_SRC c
+ auth_setitem(as, AUTHV_SERVICE, "response");
+ auth_setdata(as, "", 1);
+ auth_setdata(as, password, strlen(password) + 1);
+ #+END_SRC
+
+ - If =*password= is =NULL=, it sets =as= to =NULL=.
- If the password is =NULL=, it sets the =auth_session_t= pointer to
- =NULL=. It then passes the user name, style, login class, and =NULL=
- char pointer to =auth_verify=. The last two variables are received
- as variable arguments. It then returns the auth session pointer the
- call returns.
+ It then passes the =auth_session_t= (=as=) pointer, =*name=,
+ =*style=, login class (=lc=), and a =NULL= char pointer to
+ =auth_verify=. It then returns the auth session pointer the call
+ returns.
+
+ #+begin_src c
+ as = auth_verify(as, style, name, lc->lc_class, (char *)NULL);
+ // [...] some cleanup
+ return (as);
+ #+end_src
* auth_verify
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 09:53:56 +0000