password.c - OpenGrok cross reference for /freebsd/contrib/pam-krb5/module/password.c

Lines Matching full:password
2  * Kerberos password changing.
26  * Get the new password.  Store it in PAM_AUTHTOK if we obtain it and verify
28  * NULL, only store the new password in PAM_AUTHTOK.
40     /* Use the password from a previous module, if so configured. */  in pamk5_password_prompt()
46             putil_debug_pam(args, pamret, "no stored password");  in pamk5_password_prompt()
51             putil_debug(args, "rejecting password longer than %d",  in pamk5_password_prompt()
59     /* Prompt for the new password if necessary. */  in pamk5_password_prompt()
63             putil_debug_pam(args, pamret, "error getting new password");  in pamk5_password_prompt()
68             putil_debug(args, "rejecting password longer than %d",  in pamk5_password_prompt()
77             putil_debug_pam(args, pamret, "error getting new password");  in pamk5_password_prompt()
96         /* Save the new password for other modules. */  in pamk5_password_prompt()
99             putil_err_pam(args, pamret, "error storing password");  in pamk5_password_prompt()
119  * We've obtained credentials for the password changing interface and gotten
120  * the new password, so do the work of actually changing the password.
140      * There are two password protocols in use: the change password protocol,  in change_password()
142      * password protocol, which does.  For our purposes, either will do.  in change_password()
198      * On failure, when clear_on_fail is set, we set the new password to NULL  in change_password()
199      * so that subsequent password change PAM modules configured with  in change_password()
206             putil_err(args, "error clearing password");  in change_password()
213  * Change a user's password.  Returns a PAM status code for success or
216  * can't handle password change during authentication.
219  * doing the password change (PAM_PRELIM_CHECK).
229      * Authenticate to the password changing service using the old password.  in pamk5_password_change()
240      * Now, get the new password and change it unless we're just doing the  in pamk5_password_change()
250         pam_syslog(args->pamh, LOG_INFO, "user %s changed Kerberos password",  in pamk5_password_change()
263  * The function underlying the main PAM interface for password changing.
268  * doing the password change (PAM_PRELIM_CHECK).
283      * phase, still prompt the user for the new password, but suppress our  in pamk5_password()
288      * We ignore the return status when prompting for the new password in this  in pamk5_password()
289      * case.  The worst thing that can happen is to fail to get the password,  in pamk5_password()
331      * if we were configured to use the same password as an earlier module in  in pamk5_password()
333      * Kerberos password expired but the other one didn't?), but warning  in pamk5_password()
335      * password change.  in pamk5_password()
339             pamk5_conv(args, "Password expired.  You must change it now.",  in pamk5_password()
343      * Do the password change.  This may only get tickets if we're doing the  in pamk5_password()
351      * If we were handling a forced password change for an expired password,  in pamk5_password()
352      * now try to get a ticket cache with the new password.  If this succeeds,  in pamk5_password()
360         putil_debug(args, "obtaining credentials with new password");  in pamk5_password()