ref: 3004f058f69a16f09c07c58d0e60a1732190f0d3
parent: a7974d96b7e510cba9ae4ef87fed8b0ded109f98
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun Jan 21 17:37:45 EST 2018
libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2
--- a/sys/include/ape/auth.h
+++ b/sys/include/ape/auth.h
@@ -135,7 +135,8 @@
extern int auth_chuid(AuthInfo *ai, char *ns);
extern Chalstate *auth_challenge(char*, ...);
extern AuthInfo* auth_response(Chalstate*);
-extern int auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
extern void auth_freechal(Chalstate*);
extern AuthInfo* auth_userpasswd(char *user, char *passwd);
extern UserPasswd* auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@@ -147,6 +148,7 @@
#pragma varargck argpos auth_proxy 3
#pragma varargck argpos auth_challenge 1
#pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
#pragma varargck argpos auth_getuserpasswd 2
#endif
--- a/sys/include/auth.h
+++ b/sys/include/auth.h
@@ -125,7 +125,8 @@
extern int auth_chuid(AuthInfo *ai, char *ns);
extern Chalstate *auth_challenge(char*, ...);
extern AuthInfo* auth_response(Chalstate*);
-extern int auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
extern void auth_freechal(Chalstate*);
extern AuthInfo* auth_userpasswd(char *user, char *passwd);
extern UserPasswd* auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@@ -137,4 +138,5 @@
#pragma varargck argpos auth_proxy 3
#pragma varargck argpos auth_challenge 1
#pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
#pragma varargck argpos auth_getuserpasswd 2
--- a/sys/man/2/auth
+++ b/sys/man/2/auth
@@ -1,6 +1,6 @@
.TH AUTH 2
.SH NAME
-amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
+amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_respondAI, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
.SH SYNOPSIS
.nf
.PP
@@ -68,6 +68,9 @@
int auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...);
.PP
.B
+int auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...);
+.PP
+.B
AuthInfo* auth_userpasswd(char*user, char*password);
.PP
.B
@@ -349,6 +352,20 @@
and it will use
.I factotum
to return the proper user and response.
+.PP
+.I Auth_respondAI
+is like
+.I auth_respond
+but has an additional
+.I ai
+output parameter to return an
+.I AuthInfo
+structure on success that holds protocol specific secret keys
+derived from the exchange. The returned
+.I AuthInfo
+structure should be freed with
+.I auth_freeAI
+by the caller.
.PP
.I Auth_userpasswd
verifies a simple user/password pair.
--- a/sys/src/libauth/auth_respond.c
+++ b/sys/src/libauth/auth_respond.c
@@ -22,11 +22,11 @@
}
}
-int
-auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...)
+static int
+dorespond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+ AuthInfo **ai, AuthGetkey *getkey, char *fmt, va_list arg)
{
char *p, *s;
- va_list arg;
int afd;
AuthRpc *rpc;
Attr *a;
@@ -40,11 +40,8 @@
}
quotefmtinstall(); /* just in case */
- va_start(arg, fmt);
- p = vsmprint(fmt, arg);
- va_end(arg);
-
- if(p==nil
+
+ if((p = vsmprint(fmt, arg))==nil
|| dorpc(rpc, "start", p, strlen(p), getkey) != ARok
|| dorpc(rpc, "write", chal, nchal, getkey) != ARok
|| dorpc(rpc, "read", nil, 0, getkey) != ARok){
@@ -59,6 +56,9 @@
nresp = rpc->narg;
memmove(resp, rpc->arg, nresp);
+ if(ai != nil)
+ *ai = auth_getinfo(rpc);
+
if((a = auth_attr(rpc)) != nil
&& (s = _strfindattr(a, "user")) != nil && strlen(s) < nuser)
strcpy(user, s);
@@ -69,4 +69,30 @@
close(afd);
auth_freerpc(rpc);
return nresp;
+}
+
+int
+auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+ AuthGetkey *getkey, char *fmt, ...)
+{
+ va_list arg;
+ int ret;
+
+ va_start(arg, fmt);
+ ret = dorespond(chal, nchal, user, nuser, resp, nresp, nil, getkey, fmt, arg);
+ va_end(arg);
+ return ret;
+}
+
+int
+auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+ AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...)
+{
+ va_list arg;
+ int ret;
+
+ va_start(arg, fmt);
+ ret = dorespond(chal, nchal, user, nuser, resp, nresp, ai, getkey, fmt, arg);
+ va_end(arg);
+ return ret;
}