diff options
Diffstat (limited to 'lib/pam_setcred.c')
-rw-r--r-- | lib/pam_setcred.c | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/lib/pam_setcred.c b/lib/pam_setcred.c new file mode 100644 index 0000000..80eb468 --- /dev/null +++ b/lib/pam_setcred.c @@ -0,0 +1,95 @@ +/*- + * Copyright (c) 2002-2003 Networks Associates Technology, Inc. + * Copyright (c) 2004-2007 Dag-Erling Smørgrav + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: pam_setcred.c 408 2007-12-21 11:36:24Z des $ + */ + +#include <sys/param.h> + +#include <security/pam_appl.h> + +#include "openpam_impl.h" + +/* + * XSSO 4.2.1 + * XSSO 6 page 57 + * + * Modify / delete user credentials for an authentication service + */ + +int +pam_setcred(pam_handle_t *pamh, + int flags) +{ + int r; + + ENTER(); + if (flags & ~(PAM_SILENT|PAM_ESTABLISH_CRED|PAM_DELETE_CRED| + PAM_REINITIALIZE_CRED|PAM_REFRESH_CRED)) + RETURNC(PAM_SYMBOL_ERR); + /* XXX enforce exclusivity */ + r = openpam_dispatch(pamh, PAM_SM_SETCRED, flags); + RETURNC(r); +} + +/* + * Error codes: + * + * =openpam_dispatch + * =pam_sm_setcred + * !PAM_IGNORE + * PAM_SYMBOL_ERR + */ + +/** + * The =pam_setcred function manages the application's credentials. + * + * The =flags argument is the binary or of zero or more of the following + * values: + * + * =PAM_SILENT: + * Do not emit any messages. + * =PAM_ESTABLISH_CRED: + * Establish the credentials of the target user. + * =PAM_DELETE_CRED: + * Revoke all established credentials. + * =PAM_REINITIALIZE_CRED: + * Fully reinitialise credentials. + * =PAM_REFRESH_CRED: + * Refresh credentials. + * + * The latter four are mutually exclusive. + * + * If any other bits are set, =pam_setcred will return =PAM_SYMBOL_ERR. + */ |