diff options
author | des <des@FreeBSD.org> | 2013-09-07 18:46:35 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2013-09-07 18:46:35 +0000 |
commit | e50a38ba7d89531f414524bd714e30fce12441da (patch) | |
tree | cc8cea8997d054455bffc9712d21baa4852b7116 /contrib/openpam/lib/libpam/pam_authenticate.c | |
parent | 0c58b324e7721e5bd0c1e0f78e1dbbe9b091195b (diff) | |
parent | e86dd36ab210b4404ece0cbcf05629b6ec4ef10b (diff) | |
download | FreeBSD-src-e50a38ba7d89531f414524bd714e30fce12441da.zip FreeBSD-src-e50a38ba7d89531f414524bd714e30fce12441da.tar.gz |
MFV (r255364): move the code around in preparation for Nummularia.
Diffstat (limited to 'contrib/openpam/lib/libpam/pam_authenticate.c')
-rw-r--r-- | contrib/openpam/lib/libpam/pam_authenticate.c | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/contrib/openpam/lib/libpam/pam_authenticate.c b/contrib/openpam/lib/libpam/pam_authenticate.c new file mode 100644 index 0000000..fc6c20f --- /dev/null +++ b/contrib/openpam/lib/libpam/pam_authenticate.c @@ -0,0 +1,96 @@ +/*- + * Copyright (c) 2002-2003 Networks Associates Technology, Inc. + * Copyright (c) 2004-2011 Dag-Erling Smørgrav + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: pam_authenticate.c 437 2011-09-13 12:00:13Z des $ + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <sys/param.h> + +#include <security/pam_appl.h> + +#include "openpam_impl.h" + +/* + * XSSO 4.2.1 + * XSSO 6 page 34 + * + * Perform authentication within the PAM framework + */ + +int +pam_authenticate(pam_handle_t *pamh, + int flags) +{ + int r; + + ENTER(); + if (flags & ~(PAM_SILENT|PAM_DISALLOW_NULL_AUTHTOK)) + RETURNC(PAM_SYMBOL_ERR); + r = openpam_dispatch(pamh, PAM_SM_AUTHENTICATE, flags); + pam_set_item(pamh, PAM_AUTHTOK, NULL); + RETURNC(r); +} + +/* + * Error codes: + * + * =openpam_dispatch + * =pam_sm_authenticate + * !PAM_IGNORE + * PAM_SYMBOL_ERR + */ + +/** + * The =pam_authenticate function attempts to authenticate the user + * associated with the pam context specified by the =pamh argument. + * + * The application is free to call =pam_authenticate as many times as it + * wishes, but some modules may maintain an internal retry counter and + * return =PAM_MAXTRIES when it exceeds some preset or hardcoded limit. + * + * The =flags argument is the binary or of zero or more of the following + * values: + * + * =PAM_SILENT: + * Do not emit any messages. + * =PAM_DISALLOW_NULL_AUTHTOK: + * Fail if the user's authentication token is null. + * + * If any other bits are set, =pam_authenticate will return + * =PAM_SYMBOL_ERR. + */ |