diff options
| author | Simo Sorce <simo@redhat.com> | 2012-11-21 16:52:33 -0500 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-03-04 23:40:25 +0100 |
| commit | ab967283b710dfa05d11ee5b30c7ac916486ceec (patch) | |
| tree | 636b0ded10d3a282cbd3c8ff88e9c94de60d26e3 /src/util | |
| parent | 8bcabb97d988d1602882a1f036aac2eaf5e09234 (diff) | |
| download | sssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.tar.gz sssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.tar.xz sssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.zip | |
Use SSSD specific errors for offline auth
This prevents reportin false errors when internal functions return
a generic EINVAL or EACCES that should just be treated as internal
errors.
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/auth_utils.h | 22 | ||||
| -rw-r--r-- | src/util/util_errors.c | 5 | ||||
| -rw-r--r-- | src/util/util_errors.h | 5 |
3 files changed, 22 insertions, 10 deletions
diff --git a/src/util/auth_utils.h b/src/util/auth_utils.h index e9e60a085..8883c5ceb 100644 --- a/src/util/auth_utils.h +++ b/src/util/auth_utils.h @@ -28,15 +28,17 @@ static inline int cached_login_pam_status(int auth_res) { switch (auth_res) { - case EOK: - return PAM_SUCCESS; - case ENOENT: - return PAM_AUTHINFO_UNAVAIL; - case EINVAL: - return PAM_AUTH_ERR; - case EACCES: - return PAM_PERM_DENIED; + case EOK: + return PAM_SUCCESS; + case ERR_ACCOUNT_UNKNOWN: + return PAM_AUTHINFO_UNAVAIL; + case ERR_NO_CACHED_CREDS: + case ERR_CACHED_CREDS_EXPIRED: + case ERR_AUTH_DENIED: + return PAM_PERM_DENIED; + case ERR_AUTH_FAILED: + return PAM_AUTH_ERR; + default: + return PAM_SYSTEM_ERR; } - - return PAM_SYSTEM_ERR; } diff --git a/src/util/util_errors.c b/src/util/util_errors.c index 92dced3c5..c196aae38 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -27,6 +27,11 @@ struct err_string { struct err_string error_to_str[] = { { "Invalid Error" }, /* ERR_INVALID */ { "Internal Error" }, /* ERR_INTERNAL */ + { "Account Unknown" }, /* ERR_ACCOUNT_UNKNOWN */ + { "No cached credentials available" }, /* ERR_NO_CACHED_CREDS */ + { "Cached credentials are expired" }, /* ERR_CACHED_CREDS_EXPIRED */ + { "Authentication Denied" }, /* ERR_AUTH_DENIED */ + { "Authentication Failed" }, /* ERR_AUTH_DENIED */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index eb0df77e6..870d9d44b 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -49,6 +49,11 @@ typedef int errno_t; enum sssd_errors { ERR_INVALID = ERR_BASE + 0, ERR_INTERNAL, + ERR_ACCOUNT_UNKNOWN, + ERR_NO_CACHED_CREDS, + ERR_CACHED_CREDS_EXPIRED, + ERR_AUTH_DENIED, + ERR_AUTH_FAILED, ERR_LAST /* ALWAYS LAST */ }; |