pam_strerror.c revision 174832 
1200581Srdivacky/*-
2200581Srdivacky * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3353358Sdim * Copyright (c) 2004-2007 Dag-Erling Sm��rgrav
4353358Sdim * All rights reserved.
5353358Sdim *
6200581Srdivacky * This software was developed for the FreeBSD Project by ThinkSec AS and
7200581Srdivacky * Network Associates Laboratories, the Security Research Division of
8200581Srdivacky * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9200581Srdivacky * ("CBOSS"), as part of the DARPA CHATS research program.
10200581Srdivacky *
11200581Srdivacky * Redistribution and use in source and binary forms, with or without
12200581Srdivacky * modification, are permitted provided that the following conditions
13200581Srdivacky * are met:
14200581Srdivacky * 1. Redistributions of source code must retain the above copyright
15200581Srdivacky *    notice, this list of conditions and the following disclaimer.
16200581Srdivacky * 2. Redistributions in binary form must reproduce the above copyright
17249423Sdim *    notice, this list of conditions and the following disclaimer in the
18200581Srdivacky *    documentation and/or other materials provided with the distribution.
19200581Srdivacky * 3. The name of the author may not be used to endorse or promote
20280031Sdim *    products derived from this software without specific prior written
21200581Srdivacky *    permission.
22243830Sdim *
23234353Sdim * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24234353Sdim * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25200581Srdivacky * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26200581Srdivacky * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27200581Srdivacky * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28200581Srdivacky * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29200581Srdivacky * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30200581Srdivacky * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31200581Srdivacky * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32200581Srdivacky * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33200581Srdivacky * SUCH DAMAGE.
34200581Srdivacky *
35200581Srdivacky * $Id: pam_strerror.c 408 2007-12-21 11:36:24Z des $
36200581Srdivacky */
37200581Srdivacky
38234353Sdim#include <stdio.h>
39288943Sdim
40288943Sdim#include <security/pam_appl.h>
41288943Sdim
42234353Sdim#include "openpam_impl.h"
43234353Sdim
44280031Sdimconst char *_pam_err_name[PAM_NUM_ERRORS] = {
45341825Sdim	"PAM_SUCCESS",
46280031Sdim	"PAM_OPEN_ERR",
47280031Sdim	"PAM_SYMBOL_ERR",
48200581Srdivacky	"PAM_SERVICE_ERR",
49200581Srdivacky	"PAM_SYSTEM_ERR",
50296417Sdim	"PAM_BUF_ERR",
51200581Srdivacky	"PAM_CONV_ERR",
52288943Sdim	"PAM_PERM_DENIED",
53280031Sdim	"PAM_MAXTRIES",
54200581Srdivacky	"PAM_AUTH_ERR",
55200581Srdivacky	"PAM_NEW_AUTHTOK_REQD",
56200581Srdivacky	"PAM_CRED_INSUFFICIENT",
57200581Srdivacky	"PAM_AUTHINFO_UNAVAIL",
58296417Sdim	"PAM_USER_UNKNOWN",
59200581Srdivacky	"PAM_CRED_UNAVAIL",
60296417Sdim	"PAM_CRED_EXPIRED",
61200581Srdivacky	"PAM_CRED_ERR",
62200581Srdivacky	"PAM_ACCT_EXPIRED",
63200581Srdivacky	"PAM_AUTHTOK_EXPIRED",
64200581Srdivacky	"PAM_SESSION_ERR",
65200581Srdivacky	"PAM_AUTHTOK_ERR",
66200581Srdivacky	"PAM_AUTHTOK_RECOVERY_ERR",
67200581Srdivacky	"PAM_AUTHTOK_LOCK_BUSY",
68200581Srdivacky	"PAM_AUTHTOK_DISABLE_AGING",
69200581Srdivacky	"PAM_NO_MODULE_DATA",
70200581Srdivacky	"PAM_IGNORE",
71296417Sdim	"PAM_ABORT",
72200581Srdivacky	"PAM_TRY_AGAIN",
73200581Srdivacky	"PAM_MODULE_UNKNOWN",
74200581Srdivacky	"PAM_DOMAIN_UNKNOWN"
75200581Srdivacky};
76296417Sdim
77200581Srdivacky/*
78288943Sdim * XSSO 4.2.1
79288943Sdim * XSSO 6 page 92
80204642Srdivacky *
81204642Srdivacky * Get PAM standard error message string
82288943Sdim */
83288943Sdim
84200581Srdivackyconst char *
85200581Srdivackypam_strerror(const pam_handle_t *pamh,
86200581Srdivacky	int error_number)
87200581Srdivacky{
88200581Srdivacky	static char unknown[16];
89200581Srdivacky
90200581Srdivacky	(void)pamh;
91200581Srdivacky
92200581Srdivacky	switch (error_number) {
93296417Sdim	case PAM_SUCCESS:
94296417Sdim		return ("success");
95200581Srdivacky	case PAM_OPEN_ERR:
96296417Sdim		return ("failed to load module");
97200581Srdivacky	case PAM_SYMBOL_ERR:
98200581Srdivacky		return ("invalid symbol");
99200581Srdivacky	case PAM_SERVICE_ERR:
100200581Srdivacky		return ("error in service module");
101296417Sdim	case PAM_SYSTEM_ERR:
102200581Srdivacky		return ("system error");
103204642Srdivacky	case PAM_BUF_ERR:
104204642Srdivacky		return ("memory buffer error");
105296417Sdim	case PAM_CONV_ERR:
106200581Srdivacky		return ("conversation failure");
107200581Srdivacky	case PAM_PERM_DENIED:
108200581Srdivacky		return ("permission denied");
109200581Srdivacky	case PAM_MAXTRIES:
110200581Srdivacky		return ("maximum number of tries exceeded");
111200581Srdivacky	case PAM_AUTH_ERR:
112200581Srdivacky		return ("authentication error");
113296417Sdim	case PAM_NEW_AUTHTOK_REQD:
114296417Sdim		return ("new authentication token required");
115200581Srdivacky	case PAM_CRED_INSUFFICIENT:
116200581Srdivacky		return ("insufficient credentials");
117200581Srdivacky	case PAM_AUTHINFO_UNAVAIL:
118200581Srdivacky		return ("authentication information is unavailable");
119200581Srdivacky	case PAM_USER_UNKNOWN:
120200581Srdivacky		return ("unknown user");
121200581Srdivacky	case PAM_CRED_UNAVAIL:
122200581Srdivacky		return ("failed to retrieve user credentials");
123200581Srdivacky	case PAM_CRED_EXPIRED:
124200581Srdivacky		return ("user credentials have expired");
125200581Srdivacky	case PAM_CRED_ERR:
126200581Srdivacky		return ("failed to set user credentials");
127	case PAM_ACCT_EXPIRED:
128		return ("user account has expired");
129	case PAM_AUTHTOK_EXPIRED:
130		return ("password has expired");
131	case PAM_SESSION_ERR:
132		return ("session failure");
133	case PAM_AUTHTOK_ERR:
134		return ("authentication token failure");
135	case PAM_AUTHTOK_RECOVERY_ERR:
136		return ("failed to recover old authentication token");
137	case PAM_AUTHTOK_LOCK_BUSY:
138		return ("authentication token lock busy");
139	case PAM_AUTHTOK_DISABLE_AGING:
140		return ("authentication token aging disabled");
141	case PAM_NO_MODULE_DATA:
142		return ("module data not found");
143	case PAM_IGNORE:
144		return ("ignore this module");
145	case PAM_ABORT:
146		return ("general failure");
147	case PAM_TRY_AGAIN:
148		return ("try again");
149	case PAM_MODULE_UNKNOWN:
150		return ("unknown module type");
151	case PAM_DOMAIN_UNKNOWN:
152		return ("unknown authentication domain");
153	default:
154		snprintf(unknown, sizeof unknown, "#%d", error_number);
155		return (unknown);
156	}
157}
158
159/**
160 * The =pam_strerror function returns a pointer to a string containing a
161 * textual description of the error indicated by the =error_number
162 * argument, in the context of the PAM transaction described by the =pamh
163 * argument.
164 */
165