keyboard-interactive
Mark D. Roth
roth+openssh at feep.net
Thu Jan 10 02:08:01 EST 2002
On Wed Jan 09 09:37 2002 +1100, Damien Miller wrote:
> On Wed, 2002-01-09 at 02:33, Nicolas Williams wrote:
> > Part of the problem is that a module might have more questions to ask
> > given the answers to previous questions. Any system like PAM, with
> > pluggable modules, will be potentially too dynamic to be used the way
> > you want ("ask all your questions now, I'll answer them later").
>
> I can't see why this is the case. An API like:
>
> while (!pam_conversation_done(pamh) {
> pam_get_prompts(&prompts);
> /* do something with them */
> pam_set_responses(&responses)
> }
>
> takes care of the potential flexability and doesn't dictate structure to
> the application developer.
I may be missing something, but how is this functionally different
from the way the conversation function works? The logic is
essentially this:
conversation_function(prompts)
{
/* do something with them */
return responses;
}
The while loop is taken care of for you by PAM itself by calling the
conversation function multiple times. I don't see how this offers
less functionality than the semantics you propose above...?
--
Mark D. Roth <roth at feep.net>
http://www.feep.net/~roth/
More information about the openssh-unix-dev
mailing list