Differences From
Artifact [157639932a]:
35 35 end
36 36 end
37 37 credmgr.credlist = cl:finalize()
38 38 end
39 39 credmgr:append(&a)
40 40 --if credmgr.credlist.ct > 0 then credmgr.credlist:free() end
41 41 else
42 + var time = lib.osclock.time(nil)
43 + var timestr: int8[26] lib.osclock.ctime_r(&time, ×tr[0])
44 + var cmt = co:stra(48)
45 + cmt:lpush('enrolled over http on '):push(×tr[0],0)
42 46 if new:cmp('pw') then
43 47 var d: data.view.conf_sec_pwnew
44 - var time = lib.osclock.time(nil)
45 - var timestr: int8[26] lib.osclock.ctime_r(&time, ×tr[0])
46 - var cmt = co:stra(48)
47 - cmt:lpush('enrolled over http on '):push(×tr[0],0)
48 48 d.comment = cmt:finalize()
49 49
50 50 var st = d:poolstr(&co.srv.pool)
51 51 --d.comment:free()
52 52 return st
53 - elseif new:cmp('challenge') then
53 + elseif new:cmp('rsa') then
54 + var c = co:stra(64)
55 + lib.crypt.cryptogram(&c, 8)
56 + var cptr = c:finalize();
57 + var hmac = lib.crypt.hmacp(&co.srv.pool, lib.crypt.alg.sha256, co.srv.cfg.secret:blob(), cptr); -- TODO should expire after 10min
58 + var hmacte: int8[lib.math.shorthand.maxlen]
59 + var hmacte_len = lib.math.shorthand.gen(lib.math.truncate64(hmac.ptr, hmac.ct), &hmacte[0])
60 + var d = data.view.conf_sec_keynew {
61 + comment = cmt:finalize();
62 + nonce = cptr;
63 + noncevld = pstr { ptr = &hmacte[0], ct = hmacte_len };
64 + }
65 +
66 + return d:poolstr(&co.srv.pool)
54 67 -- we're going to break the rules a bit and do database munging from
55 68 -- the rendering code, because doing otherwise in this case would be
56 69 -- genuinely nightmarish
57 70 elseif new:cmp('otp') then
58 71 elseif new:cmp('api') then
59 72 else return pstr.null() end
60 73 end