From 2e359a4847f4a2694582eb726790aa7d026894c8 Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Sat, 27 Jun 2020 23:32:14 -0400
Subject: More work on bsd auth

---
 .../posts/how-bsd-authentication-works/index.org   | 24 +++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/content/posts/how-bsd-authentication-works/index.org b/content/posts/how-bsd-authentication-works/index.org
index 28ceb2d..42e4b41 100644
--- a/content/posts/how-bsd-authentication-works/index.org
+++ b/content/posts/how-bsd-authentication-works/index.org
@@ -127,7 +127,8 @@ checks the login class against the =login.conf= db, along with
 confirming the login styles available.
 
 If the password is non-=NULL=, then an =auth_session_t= struct is
-created by calling =auth_open()=, then it calls
+created by calling =auth_open()=, then it calls (with the session
+struct as the variable =as=)
 
 #+BEGIN_SRC c
 auth_setitem(as, AUTHV_SERVICE, "response");
@@ -138,11 +139,19 @@ auth_setdata(as, password, strlen(password) + 1);
 setting the service protocol to =response=, adding an empty line to
 the session data, then adding the password as data. If the password is
 =NULL=, it sets the =auth_session_t= pointer to =NULL=. It then passes
-the user name, style, and login class to =auth_verify=, and returns
-the the auth session pointer the call returns.
-
+the user name, style, login class, and =NULL= char pointer to
+=auth_verify=. The last two variables are received as variable
+arguments. It then returns the auth session pointer the call
+returns.
 
+#+BEGIN_SRC c
+auth_session_t *auth_verify(auth_session_t *as, char *style, char *name, ...)
+#+END_SRC
 
+=auth_verify= creates an auth session if =as= is =NULL=. It then sets
+the user name and style of the session, if the respective arguments
+are non-=NULL=. It then copies its variable arguments to the auth
+session's =va_list ap=, which is used inside of =auth_call=.
 
 After that it constructs the path of the authentication module by
 combining =_PATH_AUTHPROG=, which is defined in =login_cap.h= as
@@ -152,13 +161,18 @@ case of auth style =passwd=, it would result in the path
 
 Then =auth_call= is called with the struct, the path to the auth
 module, the auth style, the "-s" flag followed by the service
-(login, challenge, response), a double dash, and the user name.
+(login, challenge, response), a double dash, the user name, and a
+=NULL= character pointer.
 
 #+BEGIN_SRC c
 auth_call(as, path, auth_getitem(as, AUTHV_STYLE), "-s",
     auth_getitem(as, AUTHV_SERVICE), "--", name, (char *)NULL);
 #+END_SRC
 
+#+BEGIN_SRC c
+int auth_call(auth_session_t *as, char *path, ...)
+#+END_SRC
+
 Inside of =auth_call=, a socket pair of type =PF_LOCAL,
 SOCK_STREAM= is created. This is called the "back channel", and is
 used to communicate between with the authentication module. The
-- 
cgit v1.2.3