diff options
author | Thorsten Kukuk <kukuk@thkukuk.de> | 2009-11-10 15:52:20 +0000 |
---|---|---|
committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2009-11-10 15:52:20 +0000 |
commit | 0674700d17431655b4be03de6119ada78164266b (patch) | |
tree | 6ea8c9d3346ff231f375f484fef29e521f50a424 /doc/man/pam_get_authtok.3.xml | |
parent | cf360646cafc2f84d7a601d9681555c4d43e713b (diff) |
Relevant BUGIDs:
Purpose of commit: regression fix
Commit summary:
---------------
2009-11-10 Thorsten Kukuk <kukuk@suse.de>
* doc/man/pam_get_authtok.3.xml: Document pam_get_authtok_noverify
and pam_get_authtok_verify.
* libpam/Makefile.am (libpam_la_LDFLAGS): Bump revesion of libpam.
* libpam/pam_get_authtok.c (pam_get_authtok_internal): Renamed
from pam_get_authtok, add flags argument, always check return
values.
* modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Use
pam_get_authtok_noverify and pam_get_authtok_verify.
* libpam/include/security/pam_ext.h: Add prototypes for
pam_get_authtok_noverify and pam_get_authtok_verify.
* libpam/libpam.map: Add new pam_get_authtok_* functions.
Diffstat (limited to 'doc/man/pam_get_authtok.3.xml')
-rw-r--r-- | doc/man/pam_get_authtok.3.xml | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/doc/man/pam_get_authtok.3.xml b/doc/man/pam_get_authtok.3.xml index 0e816350..f2a1d6e9 100644 --- a/doc/man/pam_get_authtok.3.xml +++ b/doc/man/pam_get_authtok.3.xml @@ -27,6 +27,18 @@ <paramdef>const char **<parameter>authtok</parameter></paramdef> <paramdef>const char *<parameter>prompt</parameter></paramdef> </funcprototype> + <funcprototype> + <funcdef>int <function>pam_get_authtok_noverify</function></funcdef> + <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef> + <paramdef>const char **<parameter>authtok</parameter></paramdef> + <paramdef>const char *<parameter>prompt</parameter></paramdef> + </funcprototype> + <funcprototype> + <funcdef>int <function>pam_get_authtok_verify</function></funcdef> + <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef> + <paramdef>const char **<parameter>authtok</parameter></paramdef> + <paramdef>const char *<parameter>prompt</parameter></paramdef> + </funcprototype> </funcsynopsis> </refsynopsisdiv> @@ -74,6 +86,35 @@ </listitem> </varlistentry> </variablelist> + <para> + The <function>pam_get_authtok_noverify</function> function can + only be used for changing the password + (from <citerefentry> + <refentrytitle>pam_sm_chauthtok</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>). It returns the cached + authentication token, or prompts the user if no token is + currently cached. The difference to <function>pam_get_authtok</function> + is, that this function does not ask a second time for the password + to verify it. Upon successful return, <emphasis>authtok</emphasis> + contains a pointer to the value of the authentication token. Note, + this is a pointer to the + <emphasis>actual</emphasis> data and should + <emphasis remap="B">not</emphasis> be <emphasis>free()</emphasis>'ed or + over-written! + </para> + <para> + The <function>pam_get_authtok_verify</function> function can + only be used to verify a password for mistypes gotten by + <citerefentry> + <refentrytitle>pam_get_authtok_noverify</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. This function asks a second time for the password + and verify it with the password provided by <emphasis>authtok</emphasis> + argument. In case of an error, the value of <emphasis>authtok</emphasis> + is undefined. Else this argument will point to the + <emphasis>actual</emphasis> data and should + <emphasis remap="B">not</emphasis> be <emphasis>free()</emphasis>'ed or + over-written! + </para> </refsect1> <refsect1 id="pam_get_authtok-options"> |