diff options
Diffstat (limited to 'mod_intercept_form_submit.c')
-rw-r--r-- | mod_intercept_form_submit.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/mod_intercept_form_submit.c b/mod_intercept_form_submit.c index a0a6b00..833b29a 100644 --- a/mod_intercept_form_submit.c +++ b/mod_intercept_form_submit.c @@ -78,19 +78,24 @@ int pam_authenticate_conv(int num_msg, const struct pam_message ** msg, struct p } #define _REMOTE_USER_ENV_NAME "REMOTE_USER" +#define _EXTERNAL_AUTH_ERROR_ENV_NAME "EXTERNAL_AUTH_ERROR" int pam_authenticate_with_login_password(request_rec * r, const char * pam_service, char * login, const char * password) { pam_handle_t * pamh = NULL; struct pam_conv pam_conversation = { &pam_authenticate_conv, (void *) password }; int ret; if ((ret = pam_start(pam_service, login, &pam_conversation, &pamh)) != PAM_SUCCESS) { + const char * strerr = pam_strerror(pamh, ret); ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server, - "mod_intercept_form_submit: PAM transaction failed for service %s: %s", pam_service, pam_strerror(pamh, ret)); + "mod_intercept_form_submit: PAM transaction failed for service %s: %s", pam_service, strerr); + apr_table_setn(r->subprocess_env, _EXTERNAL_AUTH_ERROR_ENV_NAME, apr_pstrdup(r->pool, strerr)); pam_end(pamh, ret); return 0; } if ((ret = pam_authenticate(pamh, PAM_SILENT | PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) { + const char * strerr = pam_strerror(pamh, ret); ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server, - "mod_intercept_form_submit: PAM authentication failed for user %s: %s", login, pam_strerror(pamh, ret)); + "mod_intercept_form_submit: PAM authentication failed for user %s: %s", login, strerr); + apr_table_setn(r->subprocess_env, _EXTERNAL_AUTH_ERROR_ENV_NAME, apr_pstrdup(r->pool, strerr)); pam_end(pamh, ret); return 0; } |