parsav  sec.t at [8648683aba]

Home Timeline Files Branches Tags Tickets Wiki Help
Annotate Artifact Blame Check-ins Using Download Hex

File render/conf/sec.t artifact 3bc273639f part of check-in 8648683aba

-- vim: ft=terra
local pstr = lib.mem.ptr(int8)
local pref = lib.mem.ref(int8)

local terra 
render_conf_sec(co: &lib.srv.convo, uid: uint64): pstr
	var time: lib.store.timepoint = co.who.source:auth_sigtime_user_fetch(uid)
	var tstr: int8[26]
	lib.osclock.ctime_r(&time, &tstr[0])
	var body = data.view.conf_sec {
		lastreset = pstr {
			ptr = &tstr[0], ct = lib.str.sz(&tstr[0])
		}
	}
	
	var a = co:stra(768) -- defer a:free()

	if co.srv.cfg.credmgd then
		var new = co:pgetv('new')
		if not new then
			body:append(&a)
			var credmgr = data.view.conf_sec_credmg {
				credlist = pstr{'',0};
			}
			var creds = co.srv:auth_enum_uid(uid)
			if creds.ct > 0 then defer creds:free()
				var cl = co:stra(256)
				for i=0, creds.ct do var c = creds(i).ptr
					if not c.blacklist then
						cl:lpush('<option value="'):shpush(c.aid):lpush('"> ['):push(c.kind,0):lpush('] '):push(c.comment,0)
						if c.netmask.pv ~= 0 then
							-- push string rep
						end
						cl:lpush('</option>')
					end
				end
				credmgr.credlist = cl:finalize()
			end
			credmgr:append(&a)
			--if credmgr.credlist.ct > 0 then credmgr.credlist:free() end
		else
			var time = lib.osclock.time(nil)
			var timestr: int8[26] lib.osclock.ctime_r(&time, &timestr[0])
			var cmt = co:stra(48)
			cmt:lpush('enrolled over http on '):push(&timestr[0],0)
			if new:cmp('pw') then
				var d: data.view.conf_sec_pwnew
				d.comment = cmt:finalize()

				var st = d:poolstr(&co.srv.pool)
				--d.comment:free()
				return st
			elseif new:cmp('rsa') then
				var c = co:stra(64)
				lib.crypt.cryptogram(&c, 8)
				var cptr = c:finalize();
				var hmac = lib.crypt.hmacp(&co.srv.pool, lib.crypt.alg.sha256, co.srv.cfg.secret:blob(), cptr); -- TODO should expire after 10min
				var hmacte: int8[lib.math.shorthand.maxlen]
				var hmacte_len = lib.math.shorthand.gen(lib.math.truncate64(hmac.ptr, hmac.ct), &hmacte[0])
				var d = data.view.conf_sec_keynew {
					comment = cmt:finalize();
					nonce = cptr;
					noncevld = pstr { ptr = &hmacte[0], ct = hmacte_len };
				}

				return d:poolstr(&co.srv.pool)
			-- we're going to break the rules a bit and do database munging from
			-- the rendering code, because doing otherwise in this case would be
			-- genuinely nightmarish
			elseif new:cmp('otp') then
			elseif new:cmp('api') then
			else return pstr.null() end
		end
	else body:append(&a) end

	return a:finalize()
end

terra lib.render.conf.sec_overlay
(co: &lib.srv.convo, path: lib.mem.ptr(pref)): pstr
 -- render the credential panel for the current user, allowing
 -- it to be reused in the administration UI
	return render_conf_sec(co,co.who.id)
end

return render_conf_sec
Fossil 2.17 [6b37b55f75] 2021-08-16 00:11:20