Lines Matching full:as
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
38 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
150 void auth_setstate(auth_session_t *as, int s){ as->state = s; } in auth_setstate() argument
151 void auth_set_va_list(auth_session_t *as, va_list ap) { va_copy(as->ap, ap); } in auth_set_va_list() argument
152 int auth_getstate(auth_session_t *as) { return (as->state); } in auth_getstate() argument
153 struct passwd *auth_getpwd(auth_session_t *as) { return (as->pwd); } in auth_getpwd() argument
166 auth_session_t *as; in auth_open() local
168 if ((as = calloc(1, sizeof(auth_session_t))) != NULL) { in auth_open()
169 as->service = defservice; in auth_open()
170 as->fd = -1; in auth_open()
173 return (as); in auth_open()
181 auth_clean(auth_session_t *as) in auth_clean() argument
186 as->state = 0; in auth_clean()
188 auth_clrenv(as); in auth_clean()
193 while ((rm = as->rmlist) != NULL) { in auth_clean()
194 as->rmlist = rm->next; in auth_clean()
202 while ((data = as->data) != NULL) { in auth_clean()
203 if (as->data->len) in auth_clean()
204 explicit_bzero(as->data->ptr, as->data->len); in auth_clean()
205 as->data = data->next; in auth_clean()
209 auth_setitem(as, AUTHV_ALL, NULL); in auth_clean()
211 if (as->pwd != NULL) { in auth_clean()
212 explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd)); in auth_clean()
213 free(as->pwd); in auth_clean()
214 as->pwd = NULL; in auth_clean()
217 if (as->fd != -1) { in auth_clean()
218 close(as->fd); in auth_clean()
219 as->fd = -1; in auth_clean()
229 auth_close(auth_session_t *as) in auth_close() argument
239 s = as->state & AUTH_ALLOW; in auth_close()
242 as->index = 0; in auth_close()
244 auth_setenv(as); in auth_close()
251 while ((rm = as->rmlist) != NULL) { in auth_close()
252 as->rmlist = rm->next; in auth_close()
261 while ((opt = as->optlist) != NULL) { in auth_close()
262 as->optlist = opt->next; in auth_close()
269 while ((data = as->data) != NULL) { in auth_close()
270 if (as->data->len) in auth_close()
271 explicit_bzero(as->data->ptr, as->data->len); in auth_close()
272 as->data = data->next; in auth_close()
276 if (as->pwd != NULL) { in auth_close()
277 explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd)); in auth_close()
278 free(as->pwd); in auth_close()
279 as->pwd = NULL; in auth_close()
285 if (as->service && as->service != defservice) in auth_close()
286 free(as->service); in auth_close()
287 free(as->challenge); in auth_close()
288 free(as->class); in auth_close()
289 free(as->style); in auth_close()
290 free(as->name); in auth_close()
292 free(as); in auth_close()
302 auth_challenge(auth_session_t *as) in auth_challenge() argument
307 if (as == NULL || as->style == NULL || as->name == NULL || in auth_challenge()
308 !_auth_validuser(as->name)) in auth_challenge()
311 len = snprintf(path, sizeof(path), _PATH_AUTHPROG "%s", as->style); in auth_challenge()
315 as->state = 0; in auth_challenge()
317 free(as->challenge); in auth_challenge()
318 as->challenge = NULL; in auth_challenge()
320 auth_call(as, path, as->style, "-s", "challenge", "--", as->name, in auth_challenge()
321 as->class, (char *)NULL); in auth_challenge()
322 if (as->state & AUTH_CHALLENGE) in auth_challenge()
323 as->challenge = auth_getvalue(as, "challenge"); in auth_challenge()
324 as->state = 0; in auth_challenge()
325 as->index = 0; /* toss our data */ in auth_challenge()
326 return (as->challenge); in auth_challenge()
332 * Mark the variables as set so they will not be set a second time.
336 auth_setenv(auth_session_t *as) in auth_setenv() argument
343 for (line = as->spool; line < as->spool + as->index;) { in auth_setenv()
391 auth_clrenv(auth_session_t *as) in auth_clrenv() argument
395 for (line = as->spool; line < as->spool + as->index;) { in auth_clrenv()
413 auth_getitem(auth_session_t *as, auth_item_t item) in auth_getitem() argument
415 if (as != NULL) { in auth_getitem()
418 return (as->challenge); in auth_getitem()
420 return (as->class); in auth_getitem()
422 return (as->name); in auth_getitem()
424 return (as->service ? as->service : defservice); in auth_getitem()
426 return (as->style); in auth_getitem()
428 return ((as->flags & AF_INTERACTIVE) ? "True" : NULL); in auth_getitem()
438 auth_setitem(auth_session_t *as, auth_item_t item, char *value) in auth_setitem() argument
440 if (as == NULL) { in auth_setitem()
451 auth_setitem(as, AUTHV_CHALLENGE, NULL); in auth_setitem()
452 auth_setitem(as, AUTHV_CLASS, NULL); in auth_setitem()
453 auth_setitem(as, AUTHV_NAME, NULL); in auth_setitem()
454 auth_setitem(as, AUTHV_SERVICE, NULL); in auth_setitem()
455 auth_setitem(as, AUTHV_STYLE, NULL); in auth_setitem()
456 auth_setitem(as, AUTHV_INTERACTIVE, NULL); in auth_setitem()
460 if (value == as->challenge) in auth_setitem()
464 free(as->challenge); in auth_setitem()
465 as->challenge = value; in auth_setitem()
469 if (value == as->class) in auth_setitem()
473 free(as->class); in auth_setitem()
474 as->class = value; in auth_setitem()
478 if (value == as->name) in auth_setitem()
486 free(as->name); in auth_setitem()
487 as->name = value; in auth_setitem()
491 if (value == as->service) in auth_setitem()
497 if (as->service && as->service != defservice) in auth_setitem()
498 free(as->service); in auth_setitem()
499 as->service = value; in auth_setitem()
503 if (value == as->style) in auth_setitem()
508 free(as->style); in auth_setitem()
509 as->style = value; in auth_setitem()
514 as->flags &= ~AF_INTERACTIVE; in auth_setitem()
516 as->flags |= ~AF_INTERACTIVE; in auth_setitem()
527 auth_setoption(auth_session_t *as, char *n, char *v) in auth_setoption() argument
544 opt->next = as->optlist; in auth_setoption()
545 as->optlist = opt; in auth_setoption()
551 auth_clroptions(auth_session_t *as) in auth_clroptions() argument
555 while ((opt = as->optlist) != NULL) { in auth_clroptions()
556 as->optlist = opt->next; in auth_clroptions()
563 auth_clroption(auth_session_t *as, char *option) in auth_clroption() argument
570 if ((opt = as->optlist) == NULL) in auth_clroption()
575 as->optlist = opt->next; in auth_clroption()
593 auth_setdata(auth_session_t *as, void *ptr, size_t len) in auth_setdata() argument
608 if (as->data == NULL) in auth_setdata()
609 as->data = data; in auth_setdata()
611 for (dp = as->data; dp->next != NULL; dp = dp->next) in auth_setdata()
620 auth_setpwd(auth_session_t *as, struct passwd *pwd) in auth_setpwd() argument
625 if (pwd == NULL && as->pwd == NULL && as->name == NULL) in auth_setpwd()
638 if (as->name == NULL) in auth_setpwd()
640 getpwnam_r(as->name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); in auth_setpwd()
642 instance = strchr(as->name, '/'); in auth_setpwd()
644 return (as->pwd ? 0 : 1); in auth_setpwd()
650 return (as->pwd ? 0 : 1); in auth_setpwd()
655 if (as->pwd) { in auth_setpwd()
656 explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd)); in auth_setpwd()
657 free(as->pwd); in auth_setpwd()
659 as->pwd = pwd; in auth_setpwd()
665 auth_getvalue(auth_session_t *as, char *what) in auth_getvalue() argument
672 for (line = as->spool; line < as->spool + as->index;) { in auth_getvalue()
742 auth_check_expire(auth_session_t *as) in auth_check_expire() argument
744 if (as->pwd == NULL && auth_setpwd(as, NULL) < 0) { in auth_check_expire()
745 as->state &= ~AUTH_ALLOW; in auth_check_expire()
746 as->state |= AUTH_EXPIRED; /* XXX */ in auth_check_expire()
750 if (as->pwd == NULL) in auth_check_expire()
753 if (as->pwd && (quad_t)as->pwd->pw_expire != 0) { in auth_check_expire()
754 if (as->now.tv_sec == 0) in auth_check_expire()
755 WRAP(gettimeofday)(&as->now, NULL); in auth_check_expire()
756 if ((quad_t)as->now.tv_sec >= (quad_t)as->pwd->pw_expire) { in auth_check_expire()
757 as->state &= ~AUTH_ALLOW; in auth_check_expire()
758 as->state |= AUTH_EXPIRED; in auth_check_expire()
760 if ((quad_t)as->now.tv_sec == (quad_t)as->pwd->pw_expire) in auth_check_expire()
762 return ((quad_t)as->pwd->pw_expire - (quad_t)as->now.tv_sec); in auth_check_expire()
769 auth_check_change(auth_session_t *as) in auth_check_change() argument
771 if (as->pwd == NULL && auth_setpwd(as, NULL) < 0) { in auth_check_change()
772 as->state &= ~AUTH_ALLOW; in auth_check_change()
773 as->state |= AUTH_PWEXPIRED; /* XXX */ in auth_check_change()
777 if (as->pwd == NULL) in auth_check_change()
780 if (as->pwd && (quad_t)as->pwd->pw_change) { in auth_check_change()
781 if (as->now.tv_sec == 0) in auth_check_change()
782 WRAP(gettimeofday)(&as->now, NULL); in auth_check_change()
783 if (as->now.tv_sec >= (quad_t)as->pwd->pw_change) { in auth_check_change()
784 as->state &= ~AUTH_ALLOW; in auth_check_change()
785 as->state |= AUTH_PWEXPIRED; in auth_check_change()
787 if ((quad_t)as->now.tv_sec == (quad_t)as->pwd->pw_change) in auth_check_change()
789 return ((quad_t)as->pwd->pw_change - (quad_t)as->now.tv_sec); in auth_check_change()
800 * Internally additional trailing arguments can be read from as->ap
806 auth_call(auth_session_t *as, char *path, ...) in auth_call() argument
819 va_start(as->ap0, path); in auth_call()
822 if ((argv[argc] = _auth_next_arg(as)) != NULL) in auth_call()
825 if (as->fd != -1) { in auth_call()
830 for (opt = as->optlist; opt != NULL; opt = opt->next) { in auth_call()
839 while (argc < Nargc - 1 && (argv[argc] = _auth_next_arg(as))) in auth_call()
842 if (argc >= Nargc - 1 && _auth_next_arg(as)) { in auth_call()
843 if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) { in auth_call()
844 va_end(as->ap0); in auth_call()
845 explicit_bzero(&(as->ap0), sizeof(as->ap0)); in auth_call()
847 if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) { in auth_call()
848 va_end(as->ap); in auth_call()
849 explicit_bzero(&(as->ap), sizeof(as->ap)); in auth_call()
875 if (as->fd != -1) { in auth_call()
876 if (dup2(as->fd, AUTH_FD) == -1) in auth_call()
886 if (as->fd != -1) { in auth_call()
887 close(as->fd); /* so child has only ref */ in auth_call()
888 as->fd = -1; in auth_call()
890 while ((data = as->data) != NULL) { in auth_call()
891 as->data = data->next; in auth_call()
898 as->index = 0; in auth_call()
899 _auth_spool(as, pfd[0]); in auth_call()
919 for (line = as->spool; line < as->spool + as->index;) { in auth_call()
926 as->state = AUTH_SILENT; in auth_call()
930 as->state = AUTH_CHALLENGE; in auth_call()
934 as->state = AUTH_EXPIRED; in auth_call()
938 as->state = AUTH_PWEXPIRED; in auth_call()
949 as->state |= AUTH_OKAY; in auth_call()
951 as->state |= AUTH_ROOTOKAY; in auth_call()
953 as->state |= AUTH_SECURE; in auth_call()
960 _add_rmlist(as, line); in auth_call()
967 as->state &= ~AUTH_ALLOW; in auth_call()
969 okay = as->state & AUTH_ALLOW; in auth_call()
972 auth_clrenv(as); in auth_call()
976 auth_clrenv(as); in auth_call()
977 as->state = 0; in auth_call()
981 while ((data = as->data) != NULL) { in auth_call()
982 as->data = data->next; in auth_call()
986 if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) { in auth_call()
987 va_end(as->ap0); in auth_call()
988 explicit_bzero(&(as->ap0), sizeof(as->ap0)); in auth_call()
991 if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) { in auth_call()
992 va_end(as->ap); in auth_call()
993 explicit_bzero(&(as->ap), sizeof(as->ap)); in auth_call()
1000 _recv_fd(auth_session_t *as, int fd) in _recv_fd() argument
1031 if (as->fd != -1) in _recv_fd()
1032 close(as->fd); in _recv_fd()
1033 as->fd = *(int *)CMSG_DATA(cmp); in _recv_fd()
1039 _auth_spool(auth_session_t *as, int fd) in _auth_spool() argument
1044 for (s = as->spool + as->index; as->index < sizeof(as->spool) - 1; ) { in _auth_spool()
1045 r = read(fd, as->spool + as->index, in _auth_spool()
1046 sizeof(as->spool) - as->index); in _auth_spool()
1048 as->spool[as->index] = '\0'; in _auth_spool()
1051 b = as->spool + as->index; in _auth_spool()
1052 as->index += r; in _auth_spool()
1063 _recv_fd(as, fd); in _auth_spool()
1074 _add_rmlist(auth_session_t *as, char *file) in _add_rmlist() argument
1086 rm->next = as->rmlist; in _add_rmlist()
1088 as->rmlist = rm; in _add_rmlist()
1092 _auth_next_arg(auth_session_t *as) in _auth_next_arg() argument
1096 if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) { in _auth_next_arg()
1097 if ((arg = va_arg(as->ap0, char *)) != NULL) in _auth_next_arg()
1099 va_end(as->ap0); in _auth_next_arg()
1100 explicit_bzero(&(as->ap0), sizeof(as->ap0)); in _auth_next_arg()
1102 if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) { in _auth_next_arg()
1103 if ((arg = va_arg(as->ap, char *)) != NULL) in _auth_next_arg()
1105 va_end(as->ap); in _auth_next_arg()
1106 explicit_bzero(&(as->ap), sizeof(as->ap)); in _auth_next_arg()