NAME    [Toc]    [Back]

       siad_test_newpass - test passphrase against rules and policy
 routine for SIA (Security Integration Architecture)

SYNOPSIS    [Toc]    [Back]

       #include <sia.h> #include <siad.h>

       int siad_test_newpass
               sia_collect_func_t *collect,
               SIAENTITY *entity,
               int *mechind,
               const char newpass );

LIBRARY    [Toc]    [Back]

       Standard C library - libc.so and libc.a

PARAMETERS    [Toc]    [Back]

       This is a pointer to an SIA collection routine  that  provides
 the ability for the mechanism to prompt the user for
       additional information. If this pointer is NULL no collection
  is  possible.  If this parameter is not NULL and the
       colinput parameter entered during the sia_ses_init()  call
       was  zero  then  this collection routine cannot be used to
       prompt for input but can be used to  display  warnings  or
       error messages.  This is a pointer to the SIAENTITY structure
  that  was  allocated  and  setup  by  the   previous
       sia_ses_init()  call. It is used to access arguments which
       have either been collected or  derived  from  the  session
       processing.   The  mechind  parameter is the package index
       number for the mechanism.  This index can be used  to  set
       the  mechanism-specific  data pointer array element in the
       SIAENTITY structure pointed to by entity.  Pointer to  the
       character string which contains a new password.

DESCRIPTION    [Toc]    [Back]

       The  siad_test_newpass()  routine  tests  and compares the
       string at *newpass against the passphrase rules and policy
       for the mechanism.

       This routine is called from the sia_chg_password() routine
       when it is determined  that  the  mechanism  supports  the
       changing of the passphrase using the entity.

RETURN VALUES    [Toc]    [Back]

       The  siad_test_newpass() routine returns a bitmapped value
       which indicate the following  status:  A  return  code  of
       SIADSUCCESS  indicates that the proposed new passphrase is
       acceptable to the mechanism. All bits set to 0.  A  return
       code of SIADFAIL indicates that the proposed passphrase is
       not acceptable by policy to the given mechanism, but  that
       it  is possible for the implementation to store it anyway.
       (This case is allowed for  possible  administrative  overrides
  to the policy for temporary passphrases. It is only
       be used for pre-collected new passphrases.) Lowest bit set
       to  1.  The mechanism refuses to store at all. Do not continue.
 Returned when incorrect usage of this  routine  was
       detected,  meaning  either the entity doesn't exist or was
       set up wrong. Second lowest bit set to  1.   Reserved  for
       future use.

ERRORS    [Toc]    [Back]

       The  errno  values  are  those  returned  from the dynamic
       loader interface, from the (siad_*) routines, or from malloc.
 Possible errors include resource constraints (no memory)
 and various authentication failures.

FILES    [Toc]    [Back]

       /etc/passwd

       /etc/sia/matrix.conf

SEE ALSO    [Toc]    [Back]

       sia_chg_password(3),                     siad_chk_user(3),
       siad_update_pass(3), matrix.conf(4)

       Security



                                             siad_test_newpass(3)