Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
PAM_GET_AUTHTOK(3)     FreeBSD Library Functions Manual	    PAM_GET_AUTHTOK(3)

NAME
     pam_get_authtok --	retrieve authentication	token

LIBRARY
     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS
     #include <sys/types.h>
     #include <security/pam_appl.h>

     int
     pam_get_authtok(pam_handle_t *pamh, int item, const char **authtok,
	 const char *prompt);

DESCRIPTION
     The pam_get_authtok() function returns the	cached authentication token,
     or	prompts	the user if no token is	currently cached.  Either way, a
     pointer to	the authentication token is stored in the location pointed to
     by	the authtok argument.

     The item argument must have one of	the following values:

     PAM_AUTHTOK	 Returns the current authentication token, or the new
			 token when changing authentication tokens.

     PAM_OLDAUTHTOK	 Returns the previous authentication token when	chang-
			 ing authentication tokens.

     The prompt	argument specifies a prompt to use if no token is cached.  If
     it	is NULL, the PAM_AUTHTOK_PROMPT	or PAM_OLDAUTHTOK_PROMPT item, as
     appropriate, will be used.	 If that item is also NULL, a hardcoded
     default prompt will be used.  Either way, the prompt is expanded using
     openpam_subst(3) before it	is passed to the conversation function.

     If	pam_get_authtok() is called from a module and the authtok_prompt /
     oldauthtok_prompt option is set in	the policy file, the value of that
     option takes precedence over both the prompt argument and the
     PAM_AUTHTOK_PROMPT	/ PAM_OLDAUTHTOK_PROMPT	item.

     If	item is	set to PAM_AUTHTOK and there is	a non-null PAM_OLDAUTHTOK
     item, pam_get_authtok() will ask the user to confirm the new token	by
     retyping it.  If there is a mismatch, pam_get_authtok() will return
     PAM_TRY_AGAIN.

RETURN VALUES
     The pam_get_authtok() function returns one	of the following values:

     [PAM_BUF_ERR]	 Memory	buffer error.

     [PAM_CONV_ERR]	 Conversation failure.

     [PAM_SYSTEM_ERR]	 System	error.

     [PAM_TRY_AGAIN]	 Try again.

SEE ALSO
     openpam_subst(3), pam(3), pam_get_item(3),	pam_get_user(3),
     pam_strerror(3)

STANDARDS
     The pam_get_authtok() function is an OpenPAM extension.

AUTHORS
     The pam_get_authtok() function and	this manual page were developed	for
     the FreeBSD Project by ThinkSec AS	and Network Associates Laboratories,
     the Security Research Division of Network Associates, Inc.	under
     DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the	DARPA
     CHATS research program.

FreeBSD	9.2			 May 26, 2012			   FreeBSD 9.2

NAME | LIBRARY | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | STANDARDS | AUTHORS

Want to link to this manual page? Use this URL:
<http://www.freebsd.org/cgi/man.cgi?query=pam_get_authtok&sektion=3&manpath=FreeBSD+9.2-RELEASE>

home | help