smp_set_pw(S-osr5)
smp_set_pw --
verify password and update authentication databases
Syntax
cc . . . -lprot
#include <sys/types.h>
#include <prot.h>
int smp_set_pw(password, checkpw, usrp, pwtriesp, reasonp)
char *password;
char *checkpw;
struct smp_user_info *userp;
int *pwtriesp;
char **reasonp;
Description
smp_set_pw
verifies a re-entered password and then updates the authentication
databases. This is the last action of a successful password change,
and an audit record is written to that effect.
This routine verifies that checkpw, entered by the user,
matches the previously entered password specified by password.
If the two match, it then encrypts the password, updates the
authentication data, sets the last successful password change time,
and writes it back into the password and protected password databases.
An audit record is written for the password change.
If /bin/yppasswd exists, and is a link to
/bin/passwd, /etc/yp/yppwd
will be called to update the NIS databases,
prior to updating the local databases.
usrp points to an smp_user_info
structure which has been created by the previous call to
smp_check_user.
If the clear text passwords do not match, the number of
retries remaining, pointed to by pwtriesp, is
decremented.
reasonp is used with certain return values to
store a descriptive message.
Return values
Note that this routine also stores its return value for use in auditing of
failures.
SMP_NOMATCH-
The passwords specified in password and checkpw did not
match.
SMP_EXTFAIL-
The password change was not done because the NIS call failed, or
another external failure occurred in fetching required authentication
information.
reasonp points to a character string explaining the cause of the
error.
SMP_COMPLETE-
The password was updated successfully.
SMP_NOTAUTH-
The calling program does not have sufficient privileges to update the
protected password database.
Diagnostics
All diagnostics are returned as strings pointed to by the argument
reasonp. It is up to the calling program to display these
for the user. In each case the return value is also noted.
NIS password change failed
-
The password could not be updated in the Network Information Service file.
SMP_EXTFAIL is returned.
Cannot write protected password entry
-
The protected password database could not be updated.
SMP_EXTFAIL is returned.
Files
/lib/libprot.a-
security subsystem library routines
/usr/lib/libp/libprot.a-
as above but used for profiling
/usr/include/prot.h-
defines the smp_user_info structure
/etc/passwd-
password file, see
passwd(F)
/tcb/files/auth/?/-
protected password database, see
prpw(F)
/bin/yppasswd-
NIS password command, see
yppasswd(NC)
/etc/yp/yppwd-
NIS password command
Examples
The following example illustrates the usage of smp_set_pw :
...
switch (smp_check_user(SMP_LOGIN, gets(line), ttyname(0), 0, &userp,
&pwtries, &reason)) {
...
case SMP_PWREQ:
...
for (;;) {
...
put("re-enter password: ");
switch (smp_set_pw(gets(line), newpw, userp,
&pwtries, &reason)) {
case SMP_NOTAUTH:
echo();
put("\nnot authorised\n"); /* can't write auth database */
exit(1);
case SMP_NOMATCH:
put("\nno match\n");
continue; /* go around again */
case SMP_EXTFAIL:
echo();
put("\n");
put(reason);
put("\n");
exit(1);
case SMP_COMPLETE:
put("\n");
break;
}
break;
}
loginok:
put("\n");
echo();
break;
}
...
See also
smp_check_user(S-osr5),
smp_check_pw(S-osr5),
smp_generate_pw(S-osr5),
smp_get_messages(S-osr5),
smp_pw_change(S-osr5),
smp_pw_choice(S-osr5),
smp_set_identity(S-osr5),
smp_try_pw(S-osr5)
Standards conformance
smp_set_pw is not part of any currently supported
standard; it is an extension of AT&T System V provided by
The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005