1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
* Network Associates Laboratories, the Security Research Division of
* Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
* ("CBOSS"), as part of the DARPA CHATS research program.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/openpam/lib/pam_strerror.c#12 $
*/
#include <stdio.h>
#include <security/pam_appl.h>
#include "openpam_impl.h"
const char *_pam_err_name[PAM_NUM_ERRORS] = {
"PAM_SUCCESS",
"PAM_OPEN_ERR",
"PAM_SYMBOL_ERR",
"PAM_SERVICE_ERR",
"PAM_SYSTEM_ERR",
"PAM_BUF_ERR",
"PAM_CONV_ERR",
"PAM_PERM_DENIED",
"PAM_MAXTRIES",
"PAM_AUTH_ERR",
"PAM_NEW_AUTHTOK_REQD",
"PAM_CRED_INSUFFICIENT",
"PAM_AUTHINFO_UNAVAIL",
"PAM_USER_UNKNOWN",
"PAM_CRED_UNAVAIL",
"PAM_CRED_EXPIRED",
"PAM_CRED_ERR",
"PAM_ACCT_EXPIRED",
"PAM_AUTHTOK_EXPIRED",
"PAM_SESSION_ERR",
"PAM_AUTHTOK_ERR",
"PAM_AUTHTOK_RECOVERY_ERR",
"PAM_AUTHTOK_LOCK_BUSY",
"PAM_AUTHTOK_DISABLE_AGING",
"PAM_NO_MODULE_DATA",
"PAM_IGNORE",
"PAM_ABORT",
"PAM_TRY_AGAIN",
"PAM_MODULE_UNKNOWN",
"PAM_DOMAIN_UNKNOWN"
};
/*
* XSSO 4.2.1
* XSSO 6 page 92
*
* Get PAM standard error message string
*/
const char *
pam_strerror(pam_handle_t *pamh,
int error_number)
{
static char unknown[16];
(void)pamh;
switch (error_number) {
case PAM_SUCCESS:
return ("success");
case PAM_OPEN_ERR:
return ("failed to load module");
case PAM_SYMBOL_ERR:
return ("invalid symbol");
case PAM_SERVICE_ERR:
return ("error in service module");
case PAM_SYSTEM_ERR:
return ("system error");
case PAM_BUF_ERR:
return ("memory buffer error");
case PAM_CONV_ERR:
return ("conversation failure");
case PAM_PERM_DENIED:
return ("permission denied");
case PAM_MAXTRIES:
return ("maximum number of tries exceeded");
case PAM_AUTH_ERR:
return ("authentication error");
case PAM_NEW_AUTHTOK_REQD:
return ("new authentication token required");
case PAM_CRED_INSUFFICIENT:
return ("insufficient credentials");
case PAM_AUTHINFO_UNAVAIL:
return ("authentication information is unavailable");
case PAM_USER_UNKNOWN:
return ("unknown user");
case PAM_CRED_UNAVAIL:
return ("failed to retrieve user credentials");
case PAM_CRED_EXPIRED:
return ("user credentials have expired");
case PAM_CRED_ERR:
return ("failed to set user credentials");
case PAM_ACCT_EXPIRED:
return ("user accound has expired");
case PAM_AUTHTOK_EXPIRED:
return ("password has expired");
case PAM_SESSION_ERR:
return ("session failure");
case PAM_AUTHTOK_ERR:
return ("authentication token failure");
case PAM_AUTHTOK_RECOVERY_ERR:
return ("failed to recover old authentication token");
case PAM_AUTHTOK_LOCK_BUSY:
return ("authentication token lock busy");
case PAM_AUTHTOK_DISABLE_AGING:
return ("authentication token aging disabled");
case PAM_NO_MODULE_DATA:
return ("module data not found");
case PAM_IGNORE:
return ("ignore this module");
case PAM_ABORT:
return ("general failure");
case PAM_TRY_AGAIN:
return ("try again");
case PAM_MODULE_UNKNOWN:
return ("unknown module type");
case PAM_DOMAIN_UNKNOWN:
return ("unknown authentication domain");
default:
snprintf(unknown, sizeof unknown, "#%d", error_number);
return (unknown);
}
}
/**
* The =pam_strerror function returns a pointer to a string containing a
* textual description of the error indicated by the =error_number
* argument, in the context of the PAM transaction described by the =pamh
* argument.
*/
|
