 |
Index for
Section 3 |
|
 |
Alphabetical
listing for S |
|
 |
Bottom of
page |
|
sia_validate_user(3)
NAME
sia_validate_user - perform password validation for SIA (Security
Integration Architecture)
SYNOPSIS
#include <sia.h>
#include <siad.h>
int sia_validate_user(
sia_collect_func_t *collect,
int argc,
char **argv,
char *hostname,
char *username,
char *tty,
int colinput,
char *gssapi,
char *passphrase );
LIBRARY
Standard C library (libc.so and libc.a)
PARAMETERS
collect
The collect parameter is a pointer to an SIA collection routine. If
this pointer is NULL, no collection is possible. If the pointer is not
NULL and the can_collect_input parameter entered during the
sia_ses_init() call was zero, then this collection routine cannot be
used to prompt for input, but can be used to display warnings or error
messages. This parameter is read only.
argc
The argc and argv parameters are used by the underlying security
mechanisms for generating audit records and initializing database
accesses. There should always be at least one argument argv[0] which
contains the name of the command or utility issuing a session
initialization. These parameters are read only.
hostname
The hostname parameter is used to determine if the session is being
requested by a remote system. If the request is from a remote system,
the hostname parameter points to a string containing the remote host
information. If information about the requesting remote user is
available, the information is in the form "node::user" for DECnet or
"user@host" for IP. If the remote user information is not available,
the information is the remote "host". For local requests, this
parameter is passed as a NULL pointer.
username
The username parameter is be set to point to the name or string
representing the requesting user if this information is available.
Otherwise this parameter is set to NULL. This parameter is read only.
tty The ttyname parameter is set to point to the name or string
representing the requesting or active tty if this information is
available. Otherwise this parameter is set to NULL. This parameter is
read only.
colinput
The colinput parameter specifies whether the collection of input is
allowed during this session. A "1" means yes and "0" means no. This
parameter is read only.
gssapi
The gssapi pointer is for future expansion to utilize gss_api
datatypes. It is not currently used and should be set to NULL. This
parameter is currently read only.
passphrase
The passphrase parameter provides a precollected password to the
authentication routine. Set this parameter to NULL if no passphrase
has been precollected. This parameter is read only. Note that some
third-party security mechanisms may fail to validate users when the
passphrase has been pre-collected, since those mechanisms may have
time-dependent challenge-response dialogues as an authentication
requirement. If this parameter is NULL, and a collection routine is
provided, and the colinput parameter is non-zero, the passphrase will
be gathered through the collection routine if required.
DESCRIPTION
The sia_validate_user() routine performs password validation by calling
sia_ses_init(), sia_ses_reauthent(), and sia_ses_release().
RETURN VALUES
The sia_validate_user() routine returns SIASUCCESS if sia_ses_init(),
sia_ses_reauthent(), and sia_ses_release() succeed. SIAFAIL is returned if
any of the routines fail.
ERRORS
The errno value is not (normally) set explicitly by sia_* routines. The
errno values are those returned from the dynamic loader interface, from
dependent (siad_*) routines, or from malloc. Possible errors include
resource constraints (no memory) and various authentication failures.
FILES
/etc/sia/matrix.conf
SEE ALSO
sia_ses_reauthent(3), sia_ses_release(3), sia_ses_init(3),
siad_ses_init(3), siad_init(3), matrix.conf(4)
Security
|
Index for
Section 3 |
|
|
Alphabetical
listing for S |
|
 |
Top of
page |
|