Subject: Re: "BSD Authentication"
To: Michael C. Richardson <mcr@sandelman.ottawa.on.ca>
From: None <seebs@plethora.net>
List: current-users
Date: 11/22/1998 12:40:44
In message <199811221833.NAA10304@istari.sandelman.ottawa.on.ca>, "Michael C. R
ichardson" writes:
> I think that this is a very useful thing to have. A problem with the use
>of login_foo is that ftpd, sshd, etc.. can't easily use it. Or is the
>interface more complicated than deal with stdin/stdout, and do the right
>thing?
There's a library routine that programs can call to "do the right thing".
#include <login_cap.h>
#include <bsd_auth.h>
int
auth_userokay(char *name, char *style, char *type, char *password);
auth_session_t *
auth_userchallenge(char *name, char *style, char *type,
char **challengep);
int
auth_userresponse(auth_session_t *as, char *response, int more);
int
auth_approval(auth_session_t *as, login_cap_t *lc, char *name,
char *type);
int
auth_cat(char *file);
void
auth_checknologin(login_cap_t *lc);
char *
auth_mkvalue(char *value);
The man page is also BSD-licensed.
If a program doesn't know about BSD Authentication, it will presumably
just try regular crypt-type password authentication. That works for most
users anyway. However, as system utilities get modified to use this, they
gain extra features.
-s