libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2

2018-01-21 22:37:45 +01:00 · 2018-01-21 22:37:45 +01:00 · 3004f058f6
commit 3004f058f6
parent a7974d96b7
4 changed files with 58 additions and 11 deletions
--- a/sys/include/ape/auth.h
+++ b/sys/include/ape/auth.h
@ -135,7 +135,8 @@ extern void		auth_freeAI(AuthInfo *ai);
 extern int		auth_chuid(AuthInfo *ai, char *ns);
 extern Chalstate	*auth_challenge(char*, ...);
 extern AuthInfo*	auth_response(Chalstate*);
-extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int		auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
 extern void		auth_freechal(Chalstate*);
 extern AuthInfo*	auth_userpasswd(char *user, char *passwd);
 extern UserPasswd*	auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@ -147,6 +148,7 @@ extern uint		auth_rpc(AuthRpc *rpc, char *verb, void *a, int n);
 #pragma varargck argpos auth_proxy 3
 #pragma varargck argpos auth_challenge 1
 #pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
 #pragma varargck argpos auth_getuserpasswd 2

 #endif
--- a/sys/include/auth.h
+++ b/sys/include/auth.h
@ -125,7 +125,8 @@ extern void		auth_freeAI(AuthInfo *ai);
 extern int		auth_chuid(AuthInfo *ai, char *ns);
 extern Chalstate	*auth_challenge(char*, ...);
 extern AuthInfo*	auth_response(Chalstate*);
-extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int		auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
 extern void		auth_freechal(Chalstate*);
 extern AuthInfo*	auth_userpasswd(char *user, char *passwd);
 extern UserPasswd*	auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@ -137,4 +138,5 @@ extern uint		auth_rpc(AuthRpc *rpc, char *verb, void *a, int n);
 #pragma varargck argpos auth_proxy 3
 #pragma varargck argpos auth_challenge 1
 #pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
 #pragma varargck argpos auth_getuserpasswd 2
--- a/sys/man/2/auth
+++ b/sys/man/2/auth
@ -1,6 +1,6 @@
 .TH AUTH 2
 .SH NAME
-amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
+amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_respondAI, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
 .SH SYNOPSIS
 .nf
 .PP
@ -68,6 +68,9 @@ void		auth_freechal(Chalstate*);
 int			auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...);
 .PP
 .B
+int			auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...);
+.PP
+.B
 AuthInfo*	auth_userpasswd(char*user, char*password);
 .PP
 .B
@ -350,6 +353,20 @@ and it will use
 .I factotum
 to return the proper user and response.
 .PP
+.I Auth_respondAI
+is like
+.I auth_respond
+but has an additional
+.I ai
+output parameter to return an
+.I AuthInfo
+structure on success that holds protocol specific secret keys
+derived from the exchange. The returned
+.I AuthInfo
+structure should be freed with
+.I auth_freeAI
+by the caller.
+.PP
 .I Auth_userpasswd
 verifies a simple user/password pair.
 .I Auth_getuserpasswd
--- a/sys/src/libauth/auth_respond.c
+++ b/sys/src/libauth/auth_respond.c
@ -22,11 +22,11 @@ dorpc(AuthRpc *rpc, char *verb, char *val, int len, AuthGetkey *getkey)
 	}
 }

-int
-auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...)
+static int
+dorespond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthInfo **ai, AuthGetkey *getkey, char *fmt, va_list arg)
 {
 	char *p, *s;
-	va_list arg;
 	int afd;
 	AuthRpc *rpc;
 	Attr *a;
@ -40,11 +40,8 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 	}

 	quotefmtinstall();	/* just in case */
-	va_start(arg, fmt);
-	p = vsmprint(fmt, arg);
-	va_end(arg);
-
-	if(p==nil
+	
+	if((p = vsmprint(fmt, arg))==nil
 	|| dorpc(rpc, "start", p, strlen(p), getkey) != ARok
 	|| dorpc(rpc, "write", chal, nchal, getkey) != ARok
 	|| dorpc(rpc, "read", nil, 0, getkey) != ARok){
@ -59,6 +56,9 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 		nresp = rpc->narg;
 	memmove(resp, rpc->arg, nresp);

+	if(ai != nil)
+		*ai = auth_getinfo(rpc);
+
 	if((a = auth_attr(rpc)) != nil
 	&& (s = _strfindattr(a, "user")) != nil && strlen(s) < nuser)
 		strcpy(user, s);
@ -70,3 +70,29 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 	auth_freerpc(rpc);
 	return nresp;	
 }
+
+int
+auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthGetkey *getkey, char *fmt, ...)
+{
+	va_list arg;
+	int ret;
+
+	va_start(arg, fmt);
+	ret = dorespond(chal, nchal, user, nuser, resp, nresp, nil, getkey, fmt, arg);
+	va_end(arg);
+	return ret;
+}
+
+int
+auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...)
+{
+	va_list arg;
+	int ret;
+
+	va_start(arg, fmt);
+	ret = dorespond(chal, nchal, user, nuser, resp, nresp, ai, getkey, fmt, arg);
+	va_end(arg);
+	return ret;
+}