doc/man/pam_get_authtok.3

    pam_get_authtok.3 revision 108794
    -
 Copyright (c) 2002 Networks Associates Technology, Inc.
 All rights reserved.

 This software was developed for the FreeBSD Project by ThinkSec AS and
 Network Associates Laboratories, the Security Research Division of
 Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
 ("CBOSS"), as part of the DARPA CHATS research program.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions
 are met:
 1. Redistributions of source code must retain the above copyright
 notice, this list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright
 notice, this list of conditions and the following disclaimer in the
 documentation and/or other materials provided with the distribution.
 3. The name of the author may not be used to endorse or promote
 products derived from this software without specific prior written
 permission.

 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 SUCH DAMAGE.

 $P4$

.Dd January 6, 2003
.Dt PAM_GET_AUTHTOK 3
.Os
.Sh NAME
.Nm pam_get_authtok
.Nd retrieve authentication token
.Sh LIBRARY
.Lb libpam
.Sh SYNOPSIS
n sys/types.h n security/pam_appl.h .Ft int
.Fn pam_get_authtok "pam_handle_t *pamh" "int item" "const char **authtok" "const char *prompt"
.Sh DESCRIPTION
The
.Nm
function returns the cached authentication token,
or prompts the user if no token is currently cached. Either way, a
pointer to the authentication token is stored in the location pointed
to by the
.Va authtok
argument.
p
The
.Va item
argument must have one of the following values:
l -tag -width 18n t Dv PAM_AUTHTOK Returns the current authentication token, or the new token
when changing authentication tokens.
t Dv PAM_OLDAUTHTOK Returns the previous authentication token when changing
authentication tokens.
.El
p
The
.Va prompt
argument specifies a prompt to use if no token is cached.
If it is
.Dv NULL ,
the
.Dv PAM_AUTHTOK_PROMPT
or
.Dv PAM_OLDAUTHTOK_PROMPT
item,
as appropriate, will be used. If that item is also
.Dv NULL ,
a hardcoded
default prompt will be used.
p
If
.Va item
is set to
.Dv PAM_AUTHTOK
and there is a non-null
.Dv PAM_OLDAUTHTOK
item,
.Nm
will ask the user to confirm the new token by
retyping it. If there is a mismatch,
.Nm
will return
.Dv PAM_TRY_AGAIN .
p
.Sh RETURN VALUES
The
.Nm
function returns one of the following values:
l -tag -width 18n t Bq Er PAM_BUF_ERR Memory buffer error.
t Bq Er PAM_CONV_ERR Conversation failure.
t Bq Er PAM_SYSTEM_ERR System error.
t Bq Er PAM_TRY_AGAIN Try again.
.El
.Sh SEE ALSO
.Xr pam 3 ,
.Xr pam_get_item 3 ,
.Xr pam_get_user 3 ,
.Xr pam_strerror 3
.Sh STANDARDS
The
.Nm
function is an OpenPAM extension.
.Sh AUTHORS
The
.Nm
function and this manual page were developed for the FreeBSD Project
by ThinkSec AS and Network Associates Laboratories, the Security
Research Division of Network Associates, Inc. under DARPA/SPAWAR
contract N66001-01-C-8035
q Dq CBOSS ,
as part of the DARPA CHATS research program.