libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2

4 files changed, 58 insertions, 11 deletions

diff --git a/sys/include/ape/auth.h b/sys/include/ape/auth.h
index 317d08298..f5b5327a0 100644
--- a/sys/include/ape/auth.h
+++ b/sys/include/ape/auth.h
@@ -135,7 +135,8 @@ extern void		auth_freeAI(AuthInfo *ai);
 extern int		auth_chuid(AuthInfo *ai, char *ns);
 extern Chalstate	*auth_challenge(char*, ...);
 extern AuthInfo*	auth_response(Chalstate*);
-extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int		auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
 extern void		auth_freechal(Chalstate*);
 extern AuthInfo*	auth_userpasswd(char *user, char *passwd);
 extern UserPasswd*	auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@@ -147,6 +148,7 @@ extern uint		auth_rpc(AuthRpc *rpc, char *verb, void *a, int n);
 #pragma varargck argpos auth_proxy 3
 #pragma varargck argpos auth_challenge 1
 #pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
 #pragma varargck argpos auth_getuserpasswd 2
 
 #endif
diff --git a/sys/include/auth.h b/sys/include/auth.h
index 27aebb28f..d7f58035e 100644
--- a/sys/include/auth.h
+++ b/sys/include/auth.h
@@ -125,7 +125,8 @@ extern void		auth_freeAI(AuthInfo *ai);
 extern int		auth_chuid(AuthInfo *ai, char *ns);
 extern Chalstate	*auth_challenge(char*, ...);
 extern AuthInfo*	auth_response(Chalstate*);
-extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey *getkey, char*, ...);
+extern int		auth_respond(void*, uint, char*, uint, void*, uint, AuthGetkey*, char*, ...);
+extern int		auth_respondAI(void *, uint, char*, uint, void*, uint, AuthInfo**, AuthGetkey*, char*, ...);
 extern void		auth_freechal(Chalstate*);
 extern AuthInfo*	auth_userpasswd(char *user, char *passwd);
 extern UserPasswd*	auth_getuserpasswd(AuthGetkey *getkey, char*, ...);
@@ -137,4 +138,5 @@ extern uint		auth_rpc(AuthRpc *rpc, char *verb, void *a, int n);
 #pragma varargck argpos auth_proxy 3
 #pragma varargck argpos auth_challenge 1
 #pragma varargck argpos auth_respond 8
+#pragma varargck argpos auth_respondAI 9
 #pragma varargck argpos auth_getuserpasswd 2
diff --git a/sys/man/2/auth b/sys/man/2/auth
index 691671eb2..e518a99c7 100644
--- a/sys/man/2/auth
+++ b/sys/man/2/auth
@@ -1,6 +1,6 @@
 .TH AUTH 2
 .SH NAME
-amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
+amount, newns, addns, login, noworld, auth_proxy, fauth_proxy, auth_allocrpc, auth_freerpc, auth_rpc, auth_getkey, amount_getkey, auth_freeAI, auth_chuid, auth_challenge, auth_response, auth_freechal, auth_respond, auth_respondAI, auth_userpasswd, auth_getuserpasswd, auth_getinfo \- routines for authenticating users
 .SH SYNOPSIS
 .nf
 .PP
@@ -68,6 +68,9 @@ void		auth_freechal(Chalstate*);
 int			auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...);
 .PP
 .B
+int			auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...);
+.PP
+.B
 AuthInfo*	auth_userpasswd(char*user, char*password);
 .PP
 .B
@@ -350,6 +353,20 @@ and it will use
 .I factotum
 to return the proper user and response.
 .PP
+.I Auth_respondAI
+is like
+.I auth_respond
+but has an additional
+.I ai
+output parameter to return an
+.I AuthInfo
+structure on success that holds protocol specific secret keys
+derived from the exchange. The returned
+.I AuthInfo
+structure should be freed with
+.I auth_freeAI
+by the caller.
+.PP
 .I Auth_userpasswd
 verifies a simple user/password pair.
 .I Auth_getuserpasswd
diff --git a/sys/src/libauth/auth_respond.c b/sys/src/libauth/auth_respond.c
index bc9fd2034..cab4446e0 100644
--- a/sys/src/libauth/auth_respond.c
+++ b/sys/src/libauth/auth_respond.c
@@ -22,11 +22,11 @@ dorpc(AuthRpc *rpc, char *verb, char *val, int len, AuthGetkey *getkey)
 	}
 }
 
-int
-auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...)
+static int
+dorespond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthInfo **ai, AuthGetkey *getkey, char *fmt, va_list arg)
 {
 	char *p, *s;
-	va_list arg;
 	int afd;
 	AuthRpc *rpc;
 	Attr *a;
@@ -40,11 +40,8 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 	}
 
 	quotefmtinstall();	/* just in case */
-	va_start(arg, fmt);
-	p = vsmprint(fmt, arg);
-	va_end(arg);
-
-	if(p==nil
+	
+	if((p = vsmprint(fmt, arg))==nil
 	|| dorpc(rpc, "start", p, strlen(p), getkey) != ARok
 	|| dorpc(rpc, "write", chal, nchal, getkey) != ARok
 	|| dorpc(rpc, "read", nil, 0, getkey) != ARok){
@@ -59,6 +56,9 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 		nresp = rpc->narg;
 	memmove(resp, rpc->arg, nresp);
 
+	if(ai != nil)
+		*ai = auth_getinfo(rpc);
+
 	if((a = auth_attr(rpc)) != nil
 	&& (s = _strfindattr(a, "user")) != nil && strlen(s) < nuser)
 		strcpy(user, s);
@@ -70,3 +70,29 @@ auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nr
 	auth_freerpc(rpc);
 	return nresp;	
 }
+
+int
+auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthGetkey *getkey, char *fmt, ...)
+{
+	va_list arg;
+	int ret;
+
+	va_start(arg, fmt);
+	ret = dorespond(chal, nchal, user, nuser, resp, nresp, nil, getkey, fmt, arg);
+	va_end(arg);
+	return ret;
+}
+
+int
+auth_respondAI(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp,
+	AuthInfo **ai, AuthGetkey *getkey, char *fmt, ...)
+{
+	va_list arg;
+	int ret;
+
+	va_start(arg, fmt);
+	ret = dorespond(chal, nchal, user, nuser, resp, nresp, ai, getkey, fmt, arg);
+	va_end(arg);
+	return ret;
+}