PAM_AUTHENTICATE(3) FreeBSD Library Functions Manual PAM_AUTHENTICATE(3)
NAME
pam_authenticate - perform authentication within the PAM framework
SYNOPSIS
#include <sys/types.h>
#include <security/pam_appl.h>
int
pam_authenticate(pam_handle_t *pamh, int flags);
DESCRIPTION
The pam_authenticate() function attempts to authenticate the user
associated with the pam context specified by the pamh argument.
The application is free to call pam_authenticate() as many times as it
wishes, but some modules may maintain an internal retry counter and
return PAM_MAXTRIES when it exceeds some preset or hardcoded limit.
The flags argument is the binary or of zero or more of the following
values:
PAM_SILENT Do not emit any messages.
PAM_DISALLOW_NULL_AUTHTOK
Fail if the user's authentication token is null.
If any other bits are set, pam_authenticate() will return
PAM_BAD_CONSTANT.
RETURN VALUES
The pam_authenticate() function returns one of the following values:
[PAM_SUCCESS] Success.
[PAM_ABORT] General failure.
[PAM_AUTHINFO_UNAVAIL]
Authentication information is unavailable.
[PAM_AUTH_ERR] Authentication error.
[PAM_BAD_CONSTANT] Bad constant.
[PAM_BUF_ERR] Memory buffer error.
[PAM_CONV_ERR] Conversation failure.
[PAM_CRED_INSUFFICIENT]
Insufficient credentials.
[PAM_MAXTRIES] Maximum number of tries exceeded.
[PAM_PERM_DENIED] Permission denied.
[PAM_SERVICE_ERR] Error in service module.
[PAM_SYSTEM_ERR] System error.
[PAM_USER_UNKNOWN] Unknown user.
SEE ALSO
pam(3), pam_strerror(3)
STANDARDS
X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules,
June 1997.
AUTHORS
The pam_authenticate() function and this manual page were developed for
the FreeBSD Project by ThinkSec AS and Network Associates Laboratories,
the Security Research Division of Network Associates, Inc. under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
CHATS research program.
The OpenPAM library is maintained by Dag-Erling Smorgrav <
[email protected]>.
FreeBSD 14.1-RELEASE-p8 February 24, 2019 FreeBSD 14.1-RELEASE-p8