File: module.html

package info (click to toggle)
cvm 0.97-0.1
  • links: PTS
  • area: main
  • in suites: buster, sid
  • size: 1,036 kB
  • sloc: ansic: 4,065; sh: 2,758; makefile: 235; sql: 15
file content (71 lines) | stat: -rw-r--r-- 2,991 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<html>
<body>

<h2><a href="cvm.html">CVM</a></h2>

<h1>CVM Module Library</h1>

<p>To write a module using the CVM module library, you must provide
the following items:</p>

<dl>

<dt><tt>int cvm_module_init(void)</tt> <dd>This function is called once
when the CVM starts up.

<dt><tt>int cvm_module_lookup(void)</tt> <dd>This function is used to
retrieve the stored credentials for the named user.  If the named user
does not exist, this function must return <tt>CVME_PERMFAIL</tt> (value
100).  Before this function is called, the input request is read and the
account name is parsed into <tt>cvm_account_name</tt>, the domain name
into <tt>cvm_account_domain</tt>, and the credentials are parsed into
<tt>cvm_credentials</tt>.

<dt><tt>int cvm_module_authenticate(void)</tt> <dd>The main
authentication verification function.  This function is not called when
the module is operating in lookup mode.  If authentication fails, this
function must return <tt>CVME_PERMFAIL</tt> (value 100).

<dt><tt>int cvm_module_results(void)</tt> <dd>This function is used to
provide the lookup results to the client.  All required facts must be
set by this function: <tt>cvm_fact_username</tt>,
<tt>cvm_fact_userid</tt>, <tt>cvm_fact_groupid</tt>,
<tt>cvm_fact_directory</tt>, and <tt>cvm_fact_shell</tt>.  The following
facts may optional be set as well: <tt>cvm_fact_realname</tt>,
<tt>cvm_fact_groupname</tt>, <tt>cvm_fact_sys_username</tt>,
<tt>cvm_fact_sys_directory</tt>, and <tt>cvm_fact_domain</tt>.  All of
these will be sent to the client automatically by the invoking module
framework, with the optional facts being sent only if they have been
set.  If any other facts are to be returned to the client, send them in
this function with <tt>cvm_module_fact_str(unsigned number, const char*
data)</tt> or <tt>cvm_module_fact_uint(unsigned number, unsigned
data)</tt>.

<dt><tt>void cvm_module_stop(void)</tt> <dd>This routine is called once
when the CVM is shut down.

</dl>

<p>If any function fails due to a temporary error (read error, out of
memory, connection failed, etc), it must return a non-zero <a
href="errors.html">error code</a> (other than <tt>CVME_PERMFAIL</tt>).
Otherwise, return zero.</p>

<p>The credentials sent from the client are accessable through the
global <tt>cvm_credentials</tt> array (type <tt>str</tt>), which is
indexed by the credential type number.</p>

<p><b>NOTE:</b> The functions supplied by the module must never exit
except on fatal errors.  If any memory is allocated in the course of
processing a request, it must either be freed or reallocated on the next
invocation.</p>

<p>Each module will implement at least one type of credential validation
(ie plain text, CRAM, etc).  Modules are not obligated to implement
multiple types of validation, but may do so by examinimg which types of
credentials are present in the input.  The invoker will choose which
modules to invoke depending on what type of credentials it needs
validated.</p>

</body>
</html>