*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> siad_update_pass (3)              



NAME    [Toc]    [Back]

       siad_update_pass  -  store  new passphrase routine for SIA
       (Security Integration Architecture)

SYNOPSIS    [Toc]    [Back]

       #include <sia.h> #include <siad.h>

       int siad_update_pass
               sia_collect_func_t *collect,
               SIAENTITY *entity,
               int *mechind,
               const char newpass );

LIBRARY    [Toc]    [Back]

       Standard C library - libc.so and libc.a

PARAMETERS    [Toc]    [Back]

       This is a pointer to an SIA collection routine  that  provides
 the ability for the mechanism to prompt the user for
       additional information. If this pointer is NULL no collection
  is  possible.  If this parameter is not NULL and the
       colinput parameter entered during the sia_ses_init()  call
       was  zero  then  this collection routine cannot be used to
       prompt for input but can be used to  display  warnings  or
       error messages.  This is a pointer to the SIAENTITY structure
  that  was  allocated  and  setup  by  the   previous
       sia_ses_init()  call. It is used to access arguments which
       have either been collected or  derived  from  the  session
       processing.   The  mechind  parameter is the package index
       number for the mechanism.  This index can be used  to  set
       the  mechanism-specific  data pointer array element in the
       SIAENTITY structure pointed to by entity.  Pointer to  the
       character string which contains a new password.

DESCRIPTION    [Toc]    [Back]

       The  siad_update_pass() routine stores the new password in
       the mechanism's user database.  An entity must  have  been
       set up and the siad_chk_user() routine must have been able
       to handle the CHGENTITY flag during processing.  This routine
  may  have  been  called to "stuff" a password if the
       mechanism's siad_chk_user() routine was able to handle the
       CHGNEWVALUE flag.

       This  routine  is  called  from the sia_chg_password() and
       sia_update_pass() routines.

RETURN VALUES    [Toc]    [Back]

       The siad_update_pass() routine returns a  bitmapped  value
       which  indicate  the  following status: All bits set to 0.
       Indicates unconditional success, that is, successful storage
 of the newpass string.  Lowest bit set to 1. Indicates
       conditional failure, that is, failure to store the newpass
       string.  If  other  security  mechanism are in place, continue.
  Second lowest bit set  to  1.  Indicates  unconditional
  failure.  Do not continue. Returned when incorrect
       usage of this routine  is  detected,  meaning  either  the
       entity does not exist or was set up wrong.

       For  each mechanism in the current list, a call is made to
       its siad_update_pass() entrypoint. Only  return  codes  of
       SIADFAIL  and  SIADSUCCESS are meaningful here, indicating
       failure or  success.  Failures  are  noted  by  issuing  a
       warning through the collect routine, and moving that mechanism
 to the list for re-try.  Successes are noted  by  an
       informational  message  through  the collect routine (code
       SIAINFO) for interactive calls.

       For non-interactive calls, the return from the update code
       is  made  at  this point, with a code of SIASUCCESS if all
       participating mechanisms were updated, or SIAFAIL if  only
       some  were  updated,  otherwise with SIAFAIL|SIASTOP if no
       mechanism could be updated.  This  return  is  only  after
       clearing  the  old passphrase storage in the entity structure.
 Auditing of the attempt, and of  just  which  mechanisms
 were updated, occurs here.

       For  interactive  calls,  the user is notified as to which
       mechanisms failed and which succeeded.  The  failures  are
       noted  through the collect routine as they occur. The list
       of successful mechanisms is noted through the collect routine
 as a summary at the end of processing. Retries are up
       to the user.  The return code for an interactive call will
       be  SIASUCCESS if any updates were made, and SIAFAIL if no
       updates were made. Auditing of the attempt, as well as  of
       which mechanisms were updated, occurs before returning.

ERRORS    [Toc]    [Back]

       The  errno  values  are  those  returned  from the dynamic
       loader interface, from the (siad_*) routines, or from malloc.
 Possible errors include resource constraints (no memory)
 and various authentication failures.

FILES    [Toc]    [Back]



SEE ALSO    [Toc]    [Back]

       sia_chg_password(3), siad_chk_user(3), sia_update_pass(3),
       siad_test_newpass(3), matrix.conf(4)


[ Back ]
 Similar pages
Name OS Title
siad_test_newpass Tru64 test passphrase against rules and policy routine for SIA (Security Integration Architecture)
sia_become_user Tru64 su routine for SIA (Security Integration Architecture)
siad_init Tru64 initialization routine for SIA (Security Integration Architecture)
sia_init Tru64 initialization routine for SIA (Security Integration Architecture)
sia_timed_action Tru64 Time limit routine - SIA (Security Integration Architecture)
sia_chk_invoker Tru64 Check invoker routine for SIA (Security Integration Architecture)
sia_collect_trm Tru64 Parameter collection routine for SIA (Security Integration Architecture)
siad_chk_invoker Tru64 check invoker dependent routine for SIA (Security Integration Architecture)
siad_chk_user Tru64 check user dependent routine for SIA (Security Integration Architecture)
sialog Tru64 SIA (Security Integration Architecture) log file
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service