Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ seclib_passentry(3C) — Reliant UNIX 5.44c4

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

seclib(3C)

seclib_passentry(3C)                                   seclib_passentry(3C)

NAME
     seclibpassentry - password entry and checking functions

SYNOPSIS
     cc ... -lseclib

     #include <seclib.h>

     enum seclibreturnval
     seclibpassentry(enum secentryoptions, struct logincontext *);

     enum seclibreturnval
     seclibpassentryckfailed(enum secentryoptions,
                               struct logincontext *);

DESCRIPTION
     The Password Entry Group is responsible for all user interaction of
     prompting for and typing in passwords. It will check the password for
     validity, check for various invalid password conditions, read in the
     "real" user name and password as required and read in a tokencard
     password if required. The Password Entry Group is also responsible for
     updating the lastlog file, preparing audit records and using
     syslog(3C) to log success and failure.

     The seclibpassentry() function will:

     -  SECECKPASS

        Prompt the user for their password, verify it.

     -  SECEDIALPASS

        Prompt the user for a dial-in password, verify it.

     -  SECECKRPASS (CSP feature)

        Prompt the user for their "real user" password, verify it.

     -  SECEGETREALNAME (CSP feature)

        Prompt the user for a "real user name" if they are logging in as
        the root user. Verify their "real user" password.

     -  SECETOKENCHECK (CSP and Tokencard feature)

        Attempt to authenticate the user via a token card.

     The seclibpassentryckfailed() function will:

     -  SECELASTLOG

        Update the lastlog file, but save the old lastlog information.



Page 1                       Reliant UNIX 5.44                Printed 11/98

seclib_passentry(3C)                                   seclib_passentry(3C)

     -  SECELOGINDELAY

        Sleep a while (LOGINDELAY)



















































Page 2                       Reliant UNIX 5.44                Printed 11/98

seclib_passentry(3C)                                   seclib_passentry(3C)

     -  SECEMAXTRIES

        Limit the user to MAXTRIES login attempts (zero for MAXTRIES means
        no limit)

     -  SECESYSLOG

        syslog(3C) success and failure of the access request

     -  SECETIMEOUT

        If the user takes too long to supply a password, terminate the
        attempt.

     -  SECEAUDIT (CSP feature)

        Audit success and failure of the access request.

     -  SECELOCKTTY (CSP feature)

        If too many incorrect attempts were made on this tty port, lock it.

     -  SECELOCKUSER (CSP feature)

        If too many incorrect attempts on behalf of a particular user, lock
        the user's password.

ARGUMENTS
     secentryoptions
          A bitmask that directs the function to enable particular
          features. The complete list of values in the bitmask may be found
          in the seclib.h header.

     logincontext
          A value as returned by secliblogincontext(). The structure
          referenced by this pointer contains all of the session informa-
          tion required to authenticate a user via the security library.

RETURN VALUE
     The functions return the seclibreturnval enumeration. The functions
     will return:

     SECROK
          The function completed processing without encountering a system
          error.

          NOTE: the function will return SECROK even if it sets
          context->reason to a failure value.

     SECRCALLFAILED
          The function call failed. This is usually because a system call
          failed (such as a malloc() failing when a brk() call returned


Page 3                       Reliant UNIX 5.44                Printed 11/98

seclib_passentry(3C)                                   seclib_passentry(3C)

          with an error).

     SECRBADOPTION
          The function was called with an invalid argument.

SEE ALSO
     seclib(3C), secliblogincontext(3C), seclibmisc(3C),
     seclibpassqual(3C), seclibpasswd(3C), seclibruserok(3C),
     seclibsecterm(3C), seclibtwindows(3C).













































Page 4                       Reliant UNIX 5.44                Printed 11/98

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026