diff options
author | Simo Sorce <simo@redhat.com> | 2012-11-21 16:52:33 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-01-04 14:40:54 -0500 |
commit | 707d7b29652f12a683dfd18ea84173b4147cdb8b (patch) | |
tree | 023c9a6aec01070abf81a78432692c1e52e8920d /src/util/auth_utils.h | |
parent | a8fd47c45cf61af28b8bc82b4ac79b67cd26135a (diff) | |
download | sssd-707d7b29652f12a683dfd18ea84173b4147cdb8b.tar.gz sssd-707d7b29652f12a683dfd18ea84173b4147cdb8b.tar.xz sssd-707d7b29652f12a683dfd18ea84173b4147cdb8b.zip |
Use SSSD specific errors for offline auth
This prevents reportin false errors when internal functions return
a generic EINVAL or EACCES that should just be treated as internal
errors.
Diffstat (limited to 'src/util/auth_utils.h')
-rw-r--r-- | src/util/auth_utils.h | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/src/util/auth_utils.h b/src/util/auth_utils.h index e9e60a08..8883c5ce 100644 --- a/src/util/auth_utils.h +++ b/src/util/auth_utils.h @@ -28,15 +28,17 @@ static inline int cached_login_pam_status(int auth_res) { switch (auth_res) { - case EOK: - return PAM_SUCCESS; - case ENOENT: - return PAM_AUTHINFO_UNAVAIL; - case EINVAL: - return PAM_AUTH_ERR; - case EACCES: - return PAM_PERM_DENIED; + case EOK: + return PAM_SUCCESS; + case ERR_ACCOUNT_UNKNOWN: + return PAM_AUTHINFO_UNAVAIL; + case ERR_NO_CACHED_CREDS: + case ERR_CACHED_CREDS_EXPIRED: + case ERR_AUTH_DENIED: + return PAM_PERM_DENIED; + case ERR_AUTH_FAILED: + return PAM_AUTH_ERR; + default: + return PAM_SYSTEM_ERR; } - - return PAM_SYSTEM_ERR; } |