Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sia_ses_release(3) — OSF/1 3.0 αXP

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

matrix.conf(4)

sia_ses_init(3)  —  Subroutines

NAME

sia_ses_init, sia_ses_reauthent, sia_ses_release − SIA session routines (Enhanced Security)

LIBRARY

Standard C library (libc.so and libc.a)

SYNOPSIS

#include <sia.h>
#include <siad.h>

int sia_ses_init(
SIAENTITY ∗∗ entityhdl,
int argc, char ∗∗argv,
char ∗hostname,
char ∗username,
char ∗ttyname,
int can_collect,
char ∗gssapi);

int sia_ses_reauthent(
int (∗collect)(),
SIAENTITY ∗entityhdl);

int sia_ses_release(
SIAENTITY ∗∗entityhdl);

PARAMETERS

argc and argv
The argc and argv parameters are used by the underlying security mechanisms for things like generating audit records and initializing database accesses.  There should always be at least one argument argv[0] that contains the name of the command or utility issuing a session initialization. 

hostnameThe hostname parameter is used to determine if the session is being requested by a remote system.  The hostname parameter is set to point to the string representing the requesting host. If the host is local, this parameter is set to NULL. 

usernameThe username parameter is set to point to the name or string representing the requesting user if this information is available.  Otherwise this parameter is set to NULL. 

ttynameThe ttyname parameter is set to point to the name or string representing the requesting or active terminal if this information is available.  Otherwise this parameter is set to NULL. 

can_collectThe can_collect parameter specifies whether the collection of input is allowed during this session. A 1 means yes and 0 means no. 

gssapiThe gssapi pointer is for future expansion to utilize gss_api data types. It is not currently used and should be set to NULL. 

collectThe collect parameter is a pointer to an SIA collection routine.  If this pointer is NULL, no collection is possible.  If the pointer is not NULL and the can_collect parameter entered during the sia_ses_init() call was zero, then this collection routine cannot be used to prompt for input but can be used to display warnings or error messages.  Further input on SIA collection routines is available from the interface specifications in /usr/include/{sia,siad}.h. 

entityhdlThe entityhdl parameter points to the SIAENTITY structure that was allocated and setup by the previous sia_ses_init() call. 

DESCRIPTION

The sia_ses_init() routine initializes SIA sessions.  This routine allocates an entity handle structure and initializes various values in that structure.  It must be called before any of the other SIA session-processing routines. 

The sia_ses_reauthent() routine is used to revalidate a user’s password.  It is associated with applications that require that the user be reauthenticated.  Such applications are the typical terminal or session locking applications.  This call must be preceded by a call to sia_ses_init() and followed by a call to sia_ses_release(). 

The sia_ses_release() routine is called at the end of the session processing to release any resources associated with the session startup processing, including the SIAENTITY structure.  After calling the sia_ses_release() routine, an exec∗() should be done by the program to start the actual new process running as the session UID. 

RETURN VALUES

The sia_ses_∗() routines return SIASUCCESS when the are successful and SIAFAIL when they are not successful. 

ERRORS

Possible errors include resource constraints (no memory) and various authentication failures. 

FILES

/etc/passwd

/etc/sia/matrix.conf

RELATED INFORMATION

matrix.conf(4)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026