summaryrefslogtreecommitdiff
path: root/server/providers/ldap
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2010-02-08 11:53:43 +0100
committerStephen Gallagher <sgallagh@redhat.com>2010-02-10 08:46:49 -0500
commit9dc76c9405860004ebbaeb7da944e06e7767780d (patch)
treee7757a0f3635d3a5b1e00dd61e5ceae8a65c7f30 /server/providers/ldap
parenta08160e2ad7358b87f8f5a20f52f76196a32f3a1 (diff)
downloadsssd-9dc76c9405860004ebbaeb7da944e06e7767780d.tar.gz
sssd-9dc76c9405860004ebbaeb7da944e06e7767780d.tar.bz2
sssd-9dc76c9405860004ebbaeb7da944e06e7767780d.zip
Make return values more specific during password change
- return PAM_AUTHTOK_ERR instead of PAM_SYSTEM_ERR if the password change operation fails - send a message to the user if the system is offline and the password cannot be changed
Diffstat (limited to 'server/providers/ldap')
-rw-r--r--server/providers/ldap/ldap_auth.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/server/providers/ldap/ldap_auth.c b/server/providers/ldap/ldap_auth.c
index fbb4e53b..1d1346c0 100644
--- a/server/providers/ldap/ldap_auth.c
+++ b/server/providers/ldap/ldap_auth.c
@@ -772,7 +772,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
if (pw_expire_type == PWEXPIRE_SHADOW) {
/* TODO: implement async ldap modify request */
DEBUG(1, ("Changing shadow password attributes not implemented.\n"));
- state->pd->pam_status = PAM_SYSTEM_ERR;
+ state->pd->pam_status = PAM_MODULE_UNKNOWN;
goto done;
} else {
subreq = sdap_exop_modify_passwd_send(state,
@@ -791,7 +791,9 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
return;
}
break;
-
+ case SDAP_AUTH_FAILED:
+ state->pd->pam_status = PAM_AUTH_ERR;
+ break;
default:
state->pd->pam_status = PAM_SYSTEM_ERR;
}
@@ -821,7 +823,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req)
dp_err = DP_ERR_OK;
break;
default:
- state->pd->pam_status = PAM_SYSTEM_ERR;
+ state->pd->pam_status = PAM_AUTHTOK_ERR;
}
done: