Skip to content

Commit

Permalink
Merge pull request #686 from openziti/mfa-fixes
Browse files Browse the repository at this point in the history
minor MFA clean up and fixes
  • Loading branch information
ekoby authored Jul 9, 2024
2 parents 57d9f9b + a90566c commit 2eb3ed7
Show file tree
Hide file tree
Showing 9 changed files with 331 additions and 10 deletions.
4 changes: 2 additions & 2 deletions includes/ziti/ziti.h
Original file line number Diff line number Diff line change
Expand Up @@ -883,7 +883,7 @@ extern void ziti_mfa_enroll(ziti_context ztx, ziti_mfa_enroll_cb enroll_cb, void
* @param ctx additional context to be passed into the remove_cb callback
*/
ZITI_FUNC
extern void ziti_mfa_remove(ziti_context ztx, char *code, ziti_mfa_cb remove_cb, void *ctx);
extern void ziti_mfa_remove(ziti_context ztx, const char *code, ziti_mfa_cb remove_cb, void *ctx);

/**
* @brief Attempts to verify MFA enrollment
Expand Down Expand Up @@ -919,7 +919,7 @@ extern void ziti_mfa_verify(ziti_context ztx, char *code, ziti_mfa_cb verify_cb,
* @param ctx additional context to be passed into the get_cb callback
*/
ZITI_FUNC
extern void ziti_mfa_get_recovery_codes(ziti_context ztx, char *code, ziti_mfa_recovery_codes_cb get_cb, void *ctx);
extern void ziti_mfa_get_recovery_codes(ziti_context ztx, const char *code, ziti_mfa_recovery_codes_cb get_cb, void *ctx);

/**
* @brief Attempts to generate new recovery codes and retrieve the new recovery codes for MFA
Expand Down
4 changes: 2 additions & 2 deletions library/auth_queries.c
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ void ziti_mfa_remove_internal_cb(void *empty, const ziti_error *err, void *ctx)
FREE(ctx);
}

void ziti_mfa_remove(ziti_context ztx, char *code, ziti_mfa_cb remove_cb, void *ctx) {
void ziti_mfa_remove(ziti_context ztx, const char *code, ziti_mfa_cb remove_cb, void *ctx) {
if (!ztx->enabled) {
remove_cb(ztx, ZITI_DISABLED, ctx);
return;
Expand Down Expand Up @@ -250,7 +250,7 @@ void ziti_mfa_get_recovery_codes_internal_cb(ziti_mfa_recovery_codes *rc, const
FREE(ctx);
}

void ziti_mfa_get_recovery_codes(ziti_context ztx, char *code, ziti_mfa_recovery_codes_cb get_cb, void *ctx) {
void ziti_mfa_get_recovery_codes(ziti_context ztx, const char *code, ziti_mfa_recovery_codes_cb get_cb, void *ctx) {
if (!ztx->enabled) {
get_cb(ztx, ZITI_DISABLED, NULL, ctx);
return;
Expand Down
8 changes: 3 additions & 5 deletions library/legacy_auth.c
Original file line number Diff line number Diff line change
Expand Up @@ -224,16 +224,14 @@ void auth_timer_cb(uv_timer_t *t) {
}

static ziti_auth_query_mfa* get_mfa(ziti_api_session *session) {
ziti_auth_query_mfa *aq, *ziti_mfa = NULL;

ziti_auth_query_mfa *aq;
MODEL_LIST_FOREACH(aq, session->auth_queries) {
if (strcmp(aq->type_id, AUTH_QUERY_TYPE_MFA) == 0 &&
strcmp(aq->provider, MFA_PROVIDER_ZITI) == 0) {
ziti_mfa = aq;
break;
return aq;
}
}
return ziti_mfa;
return NULL;
}

static uint64_t refresh_delay(ziti_api_session *session) {
Expand Down
2 changes: 2 additions & 0 deletions library/ziti.c
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,8 @@ void ziti_set_impossible_to_authenticate(ziti_context ztx) {

void ziti_set_partially_authenticated(ziti_context ztx, const ziti_auth_query_mfa *mfa_q) {
ZTX_LOG(DEBUG, "setting api_session_state[%d] to %d", ztx->auth_state, ZitiAuthStatePartiallyAuthenticated);
update_ctrl_status(ztx, ZITI_PARTIALLY_AUTHENTICATED, NULL);

ziti_event_t ev = {
.type = ZitiMfaAuthEvent,
.mfa_auth_event = {
Expand Down
2 changes: 1 addition & 1 deletion library/ziti_ctrl.c
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ static void internal_ctrl_list_cb(ziti_controller_detail_array arr, const ziti_e
model_map_clear(&old, (void (*)(void *)) free_ziti_controller_detail_ptr);
free(arr);

if (change) {
if (change && ctrl->is_ha) {
ctrl->change_cb(ctrl->cb_ctx, &ctrl->endpoints);
}
}
Expand Down
3 changes: 3 additions & 0 deletions programs/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@

find_package(CLI11 CONFIG REQUIRED)

add_subdirectory(ziti-prox-c)
add_subdirectory(host-proxy)
Expand All @@ -12,3 +13,5 @@ add_subdirectory(wzcat)
add_subdirectory(sample-bridge)

add_subdirectory(zitilib-samples)

add_subdirectory(mfa_tester)
9 changes: 9 additions & 0 deletions programs/mfa_tester/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
add_executable(ziti_mfa ziti_mfa.cpp)
set_target_properties(ziti_mfa PROPERTIES
CXX_STANDARD 20
)

target_link_libraries(ziti_mfa
PUBLIC ziti
PRIVATE CLI11::CLI11
)
Loading

0 comments on commit 2eb3ed7

Please sign in to comment.