pam_strerror.c revision 302408
1189251Ssam/*- 2214734Srpaulo * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 3214734Srpaulo * Copyright (c) 2004-2011 Dag-Erling Sm��rgrav 4189251Ssam * All rights reserved. 5189251Ssam * 6189251Ssam * This software was developed for the FreeBSD Project by ThinkSec AS and 7189251Ssam * Network Associates Laboratories, the Security Research Division of 8189251Ssam * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 9189251Ssam * ("CBOSS"), as part of the DARPA CHATS research program. 10189251Ssam * 11189251Ssam * Redistribution and use in source and binary forms, with or without 12189251Ssam * modification, are permitted provided that the following conditions 13189251Ssam * are met: 14189251Ssam * 1. Redistributions of source code must retain the above copyright 15189251Ssam * notice, this list of conditions and the following disclaimer. 16189251Ssam * 2. Redistributions in binary form must reproduce the above copyright 17189251Ssam * notice, this list of conditions and the following disclaimer in the 18189251Ssam * documentation and/or other materials provided with the distribution. 19214734Srpaulo * 3. The name of the author may not be used to endorse or promote 20214734Srpaulo * products derived from this software without specific prior written 21214734Srpaulo * permission. 22214734Srpaulo * 23214734Srpaulo * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24214734Srpaulo * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25214734Srpaulo * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26214734Srpaulo * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27214734Srpaulo * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28214734Srpaulo * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29214734Srpaulo * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30214734Srpaulo * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31214734Srpaulo * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32214734Srpaulo * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33214734Srpaulo * SUCH DAMAGE. 34214734Srpaulo * 35214734Srpaulo * $Id: pam_strerror.c 648 2013-03-05 17:54:27Z des $ 36214734Srpaulo */ 37214734Srpaulo 38214734Srpaulo#ifdef HAVE_CONFIG_H 39214734Srpaulo# include "config.h" 40214734Srpaulo#endif 41189251Ssam 42189251Ssam#include <stdio.h> 43189251Ssam 44189251Ssam#include <security/pam_appl.h> 45189251Ssam 46189251Ssam#include "openpam_impl.h" 47189251Ssam 48189251Ssam/* 49189251Ssam * XSSO 4.2.1 50189251Ssam * XSSO 6 page 92 51189251Ssam * 52189251Ssam * Get PAM standard error message string 53189251Ssam */ 54189251Ssam 55189251Ssamconst char * 56189251Ssampam_strerror(const pam_handle_t *pamh, 57189251Ssam int error_number) 58189251Ssam{ 59189251Ssam static char unknown[16]; 60189251Ssam 61189251Ssam (void)pamh; 62189251Ssam 63189251Ssam switch (error_number) { 64189251Ssam case PAM_SUCCESS: 65189251Ssam return ("success"); 66189251Ssam case PAM_OPEN_ERR: 67189251Ssam return ("failed to load module"); 68189251Ssam case PAM_SYMBOL_ERR: 69189251Ssam return ("invalid symbol"); 70189251Ssam case PAM_SERVICE_ERR: 71189251Ssam return ("error in service module"); 72189251Ssam case PAM_SYSTEM_ERR: 73189251Ssam return ("system error"); 74189251Ssam case PAM_BUF_ERR: 75189251Ssam return ("memory buffer error"); 76189251Ssam case PAM_CONV_ERR: 77189251Ssam return ("conversation failure"); 78189251Ssam case PAM_PERM_DENIED: 79189251Ssam return ("permission denied"); 80189251Ssam case PAM_MAXTRIES: 81189251Ssam return ("maximum number of tries exceeded"); 82189251Ssam case PAM_AUTH_ERR: 83189251Ssam return ("authentication error"); 84189251Ssam case PAM_NEW_AUTHTOK_REQD: 85189251Ssam return ("new authentication token required"); 86189251Ssam case PAM_CRED_INSUFFICIENT: 87189251Ssam return ("insufficient credentials"); 88189251Ssam case PAM_AUTHINFO_UNAVAIL: 89189251Ssam return ("authentication information is unavailable"); 90189251Ssam case PAM_USER_UNKNOWN: 91189251Ssam return ("unknown user"); 92189251Ssam case PAM_CRED_UNAVAIL: 93189251Ssam return ("failed to retrieve user credentials"); 94189251Ssam case PAM_CRED_EXPIRED: 95189251Ssam return ("user credentials have expired"); 96189251Ssam case PAM_CRED_ERR: 97189251Ssam return ("failed to set user credentials"); 98189251Ssam case PAM_ACCT_EXPIRED: 99189251Ssam return ("user account has expired"); 100189251Ssam case PAM_AUTHTOK_EXPIRED: 101189251Ssam return ("password has expired"); 102189251Ssam case PAM_SESSION_ERR: 103189251Ssam return ("session failure"); 104189251Ssam case PAM_AUTHTOK_ERR: 105189251Ssam return ("authentication token failure"); 106189251Ssam case PAM_AUTHTOK_RECOVERY_ERR: 107189251Ssam return ("failed to recover old authentication token"); 108189251Ssam case PAM_AUTHTOK_LOCK_BUSY: 109189251Ssam return ("authentication token lock busy"); 110189251Ssam case PAM_AUTHTOK_DISABLE_AGING: 111189251Ssam return ("authentication token aging disabled"); 112189251Ssam case PAM_NO_MODULE_DATA: 113189251Ssam return ("module data not found"); 114189251Ssam case PAM_IGNORE: 115189251Ssam return ("ignore this module"); 116189251Ssam case PAM_ABORT: 117189251Ssam return ("general failure"); 118189251Ssam case PAM_TRY_AGAIN: 119189251Ssam return ("try again"); 120189251Ssam case PAM_MODULE_UNKNOWN: 121189251Ssam return ("unknown module type"); 122189251Ssam case PAM_DOMAIN_UNKNOWN: 123189251Ssam return ("unknown authentication domain"); 124189251Ssam default: 125189251Ssam snprintf(unknown, sizeof unknown, "#%d", error_number); 126189251Ssam return (unknown); 127189251Ssam } 128189251Ssam} 129189251Ssam 130189251Ssam/** 131189251Ssam * The =pam_strerror function returns a pointer to a string containing a 132189251Ssam * textual description of the error indicated by the =error_number 133189251Ssam * argument. 134189251Ssam * The =pamh argument is ignored. 135189251Ssam * For compatibility with other implementations, it should be either a 136189251Ssam * valid PAM handle returned by a previous call to =pam_start, or =NULL. 137189251Ssam */ 138189251Ssam