diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-02-11 13:15:52 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-02-12 08:44:11 -0500 |
| commit | fbcab705c90135080e09544616f1526c0e7ef90c (patch) | |
| tree | 8868be756692302c757dafa08c21154dd873bb2a /sss_client | |
| parent | 152f9e939f91d94e6f30391182fd72d9267ec6e1 (diff) | |
| download | sssd-fbcab705c90135080e09544616f1526c0e7ef90c.tar.gz sssd-fbcab705c90135080e09544616f1526c0e7ef90c.tar.xz sssd-fbcab705c90135080e09544616f1526c0e7ef90c.zip | |
Make change password errors more transparent
Diffstat (limited to 'sss_client')
| -rw-r--r-- | sss_client/pam_sss.c | 42 | ||||
| -rw-r--r-- | sss_client/sss_cli.h | 3 |
2 files changed, 44 insertions, 1 deletions
diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c index 8c970e489..8a1e3129a 100644 --- a/sss_client/pam_sss.c +++ b/sss_client/pam_sss.c @@ -496,6 +496,45 @@ static int user_info_offline_chpass(pam_handle_t *pamh, size_t buflen, return PAM_SUCCESS; } +static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + uint32_t msg_len; + char user_msg[256]; + + if (buflen < 2* sizeof(uint32_t)) { + D(("User info response data is too short")); + return PAM_BUF_ERR; + } + + memcpy(&msg_len, buf + sizeof(uint32_t), sizeof(uint32_t)); + + if (buflen != 2* sizeof(uint32_t) + msg_len) { + D(("User info response data has the wrong size")); + return PAM_BUF_ERR; + } + + ret = snprintf(user_msg, sizeof(user_msg), "%s%s%.*s", + _("Password change failed. "), + msg_len > 0 ? _("Server message: ") : "", + msg_len, + msg_len > 0 ? (char *)(buf + 2 * sizeof(uint32_t)) : "" ); + if (ret < 0 || ret >= sizeof(user_msg)) { + D(("snprintf failed.")); + return PAM_SYSTEM_ERR; + } + + ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + return PAM_SUCCESS; +} + + static int eval_user_info_response(pam_handle_t *pamh, size_t buflen, uint8_t *buf) { @@ -519,6 +558,9 @@ static int eval_user_info_response(pam_handle_t *pamh, size_t buflen, case SSS_PAM_USER_INFO_OFFLINE_CHPASS: ret = user_info_offline_chpass(pamh, buflen, buf); break; + case SSS_PAM_USER_INFO_CHPASS_ERROR: + ret = user_info_chpass_error(pamh, buflen, buf); + break; default: D(("Unknown user info type [%d]", type)); ret = PAM_SYSTEM_ERR; diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h index 55d5a2825..7e9a81ff3 100644 --- a/sss_client/sss_cli.h +++ b/sss_client/sss_cli.h @@ -180,7 +180,8 @@ enum response_type { enum user_info_type { SSS_PAM_USER_INFO_OFFLINE_AUTH = 0x01, SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED, - SSS_PAM_USER_INFO_OFFLINE_CHPASS + SSS_PAM_USER_INFO_OFFLINE_CHPASS, + SSS_PAM_USER_INFO_CHPASS_ERROR }; enum nss_status sss_nss_make_request(enum sss_cli_command cmd, |