From a19acd5ffde418585dd8d093eadda4fb118b0669 Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Thu, 29 Oct 2020 17:00:21 -0400
Subject: bsd-auth: more on auth_verify

---
 .../WIP-how-bsd-authentication-works/index.org     | 32 ++++++++++++++--------
 1 file changed, 21 insertions(+), 11 deletions(-)

(limited to 'content/posts/WIP-how-bsd-authentication-works')

diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index aec5d5a..5872eba 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -360,24 +360,34 @@
   It sets the =name= and =style= of the session, if the
   =*style= and/or =*name= are non-=NULL=.
 
-  It then copies its variable arguments to the auth session's =va_list
-  ap=, which is used inside of =auth_call=.
-
-  After that it constructs the path of the authentication module by
-  combining =_PATH_AUTHPROG=, which is defined in =login_cap.h= as
+  After that it constructs the path of the authentication module,
+  placing it in the variable =path=. It is constructed by combining
+  =_PATH_AUTHPROG=, which is defined in =login_cap.h= as
   =/usr/libexec/auth/login_=, and the authentication style. For the
   case of auth style =passwd=, it would result in the path
   =/usr/libexec/auth/login_passwd=.
 
-  Then =auth_call= is called with the struct, the path to the auth
-  module, the auth style, the "-s" flag followed by the service (login,
-  challenge, response), a double dash, the user name, and a =NULL=
-  character pointer. The return value of =auth_call= is ignored and a
-  pointer to the auth session is returned immediately afterwards.
+  #+begin_src c
+  snprintf(path, sizeof(path), _PATH_AUTHPROG "%s", style);
+  #+end_src
+
+  It then copies its variable arguments to the auth session using
+  =auth_set_va_list=.
+
+  Then =auth_call= is called with the session struct, the path to the
+  auth module, the auth style, the "-s" flag followed by the service
+  (=login=, =challenge=, or =response=), a double dash, the user name,
+  and a =NULL= character pointer. The return value of =auth_call= is
+  ignored and a pointer to the auth session is returned immediately
+  afterwards.
 
   #+BEGIN_SRC c
+  va_start(ap, name);
+  auth_set_va_list(as, ap);
   auth_call(as, path, auth_getitem(as, AUTHV_STYLE), "-s",
-      auth_getitem(as, AUTHV_SERVICE), "--", name, (char *)NULL);
+            auth_getitem(as, AUTHV_SERVICE), "--", name, (char *)NULL);
+  va_end(ap);
+  return (as);
   #+END_SRC
 
 * auth_call
-- 
cgit v1.2.3