seclib_logincontext(3C) seclib_logincontext(3C)
NAME
secliblogincontext - allocating and deallocating the login context
structure
SYNOPSIS
cc ... -lseclib
#include <seclib.h>
enum seclibreturnval
secliblogincontext(const char *pgmname,
const char *user,
const char *tty,
const char *host,
void (*messagecb)(const char *),
char *(*promptcb)(const char *),
char *(*gpass)(const char *),
struct logincontext **context);
enum seclibreturnval
seclibfreelogincontext(struct logincontext *context);
DESCRIPTION
The Login Context group is responsible for allocating and deallocating
the login context structure that is used by the other security library
API calls.
The secliblogincontext() call will:
1. If the context argument is not null:
- secliblogincontext() will save (and later restore) the values
of tries and of callerprivate from the passed context structure.
If the context->reason is SECXTOOMANYQUIET, the value of rea-
son will also be saved and restored.
- seclibfreelogincontext will be called with the passed address.
2. The calloc() function will be called to allocate space for the new
context structure.
3. The following fields in the context structure will be initialized
(NOTE: all initialized strings and structures are placed in newly
allocated storage):
FIELD VALUE
tries from the saved value, otherwise zero
private from the saved value, otherwise NULL
reason from the saved value, otherwise SECXOK
Page 1 Reliant UNIX 5.44 Printed 11/98
seclib_logincontext(3C) seclib_logincontext(3C)
alogreason SECAXFAILED
tokreason SECTXFAILED
rtokreason SECTXFAILED
tty from the input arg, less the heading /dev/
uname from the input arg
rmthost from the input arg
pgmname from the input arg
pwd from getpwnam(uname)
sp from getspnam(uname)
grp from getgrgid(pwd->pwgid)
groups NULL terminated list. All groups the user is in
(from the /etc/group file)
ngroups number of groups in the "groups" list (above)
lastlog lastlog entry for uname (prev* fields zeroed)
messagecb from the input arg
promptcb from the input arg
gpasscb from the input arg
umask from /etc/default/login (if set, DEFUMASK other-
wise)
ulimit from /etc/default/login (if set, DEFULIMIT oth-
erwise)
4. If there were any memory allocation or system call errors, the
storage that was allocated will be freed and SECRCALLFAILED will
be returned.
5. If some of the user information was not available (for instance,
the user was not found in the password or shadow file), the reason
will be set to an appropriate error return and as much of the
structure as possible will be filled out.
6. SECROK will be returned.
Page 2 Reliant UNIX 5.44 Printed 11/98
seclib_logincontext(3C) seclib_logincontext(3C)
The seclibfreelogincontext() call will free all storage used by a
login context structure. Any pointer field within the structure that
is not null will have its space freed. Special care will be taken with
certain structures which may point to multiple bits of allocated data.
ARGUMENTS
logincontext
The address of the newly allocated login context structure will
be placed in the passed pointer logincontext.
pgmname
The name of the calling program that should be used in calls to
the audit system. This name is generally in all upper case, e.g.
"LOGIN", "RSHD", or "FTPD".
user The name of the user to be authenticated.
tty The tty port that the session is to be started on. This argument
may be NULL.
host The name of the remote host that requested the service. This
value (if it is not NULL) is generally returned via the
gethostbyaddr(3N) call.
messagecb
A callback that various security library functions may call when
it is necessary to display information on the user's terminal.
promptcb
A callback that various security library functions may call when
it is necessary to display a message on the user's terminal, and
return a response.
gpasscb
A callback that various security library functions may call when
it is necessary to display a message on the user's terminal, and
return a response. The response string that the user types in
should not be echoed.
RETURN VALUE
The functions return the seclibreturnval enumeration. The functions
will return:
SECROK
The function completed processing without encountering a system
error.
NOTE: The function will return SECROK even if it sets
context->reason to a failure value.
Page 3 Reliant UNIX 5.44 Printed 11/98
seclib_logincontext(3C) seclib_logincontext(3C)
SECRCALLFAILED
The function call failed. This is usually because a system call
failed (such as a malloc() failing when a brk() call returned
with an error).
SECRBADOPTION
The function was called with an invalid argument.
SEE ALSO
seclib(3C), seclibmisc(3C), seclibpassentry(3C),
seclibpassqual(3C), seclibpasswd(3C), seclibruserok(3C),
seclibsecterm(3C), seclibtwindows(3C).
Page 4 Reliant UNIX 5.44 Printed 11/98