From ee4fd4c7841eb4be7969572eb56b029d91b2895c Mon Sep 17 00:00:00 2001 From: Dante Catalfamo Date: Tue, 22 Dec 2020 18:26:33 -0500 Subject: bsd-auth: Finish auth_challenge writeup --- .../WIP-how-bsd-authentication-works/index.org | 32 ++++++++++++++++++++-- 1 file changed, 29 insertions(+), 3 deletions(-) (limited to 'content/posts/WIP-how-bsd-authentication-works') diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org index de2b651..dfdc3a3 100644 --- a/content/posts/WIP-how-bsd-authentication-works/index.org +++ b/content/posts/WIP-how-bsd-authentication-works/index.org @@ -1,12 +1,12 @@ #+TITLE: How BSD Authentication Works #+DATE: 2020-11-02T16:49:46-05:00 #+DRAFT: true +#+SHOWTOC: true #+DESCRIPTION: #+TAGS[]: openbsd #+KEYWORDS[]: openbsd #+SLUG: #+SUMMARY: -#+SHOWTOC: true [[https://web.archive.org/web/20170327150148/http://www.penzin.net/bsdauth/]] * History @@ -903,7 +903,6 @@ return (as); #+end_src - * auth_challenge :PROPERTIES: :CUSTOM_ID: auth_challenge @@ -921,7 +920,34 @@ =NULL=, =as->name= is =NULL=, or if the username begins with a hyphen, or has a length of zero, the function returns =NULL=. - <> + Then the path to the auth module is created. + + #+begin_src c + snprintf(path, sizeof(path), _PATH_AUTHPROG "%s", as->style); + #+end_src + + =as->state= and =as->challenge= are then reset, in case they were + already set. + + Then [[#auth_call][=auth_call=]] is called, with the challenge style set. + + #+begin_src c + auth_call(as, path, as->style, "-s", "challenge", "--", as->name, as->class, (char *)NULL); + #+end_src + + =as->state= is checked for the =AUTH_CHALLENGE= bit, and if it's + present, the challenge is extracted from the back channel output, + and used to set =as->challenge=. + + #+begin_src c + if (as->state & AUTH_CHALLENGE) + as->challenge = auth_getvalue(as, "challenge"); + #+end_src + + =as->state= and =as->index= are then set to zero, discarding the + data. + + =as->challenge= is then returned. * auth_userresponse :PROPERTIES: -- cgit v1.2.3