summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2012-11-21 16:52:33 -0500
committerJakub Hrozek <jhrozek@redhat.com>2013-03-04 23:40:25 +0100
commitab967283b710dfa05d11ee5b30c7ac916486ceec (patch)
tree636b0ded10d3a282cbd3c8ff88e9c94de60d26e3 /src/util
parent8bcabb97d988d1602882a1f036aac2eaf5e09234 (diff)
downloadsssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.tar.gz
sssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.tar.bz2
sssd-ab967283b710dfa05d11ee5b30c7ac916486ceec.zip
Use SSSD specific errors for offline auth
This prevents reportin false errors when internal functions return a generic EINVAL or EACCES that should just be treated as internal errors.
Diffstat (limited to 'src/util')
-rw-r--r--src/util/auth_utils.h22
-rw-r--r--src/util/util_errors.c5
-rw-r--r--src/util/util_errors.h5
3 files changed, 22 insertions, 10 deletions
diff --git a/src/util/auth_utils.h b/src/util/auth_utils.h
index e9e60a08..8883c5ce 100644
--- a/src/util/auth_utils.h
+++ b/src/util/auth_utils.h
@@ -28,15 +28,17 @@
static inline int cached_login_pam_status(int auth_res)
{
switch (auth_res) {
- case EOK:
- return PAM_SUCCESS;
- case ENOENT:
- return PAM_AUTHINFO_UNAVAIL;
- case EINVAL:
- return PAM_AUTH_ERR;
- case EACCES:
- return PAM_PERM_DENIED;
+ case EOK:
+ return PAM_SUCCESS;
+ case ERR_ACCOUNT_UNKNOWN:
+ return PAM_AUTHINFO_UNAVAIL;
+ case ERR_NO_CACHED_CREDS:
+ case ERR_CACHED_CREDS_EXPIRED:
+ case ERR_AUTH_DENIED:
+ return PAM_PERM_DENIED;
+ case ERR_AUTH_FAILED:
+ return PAM_AUTH_ERR;
+ default:
+ return PAM_SYSTEM_ERR;
}
-
- return PAM_SYSTEM_ERR;
}
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
index 92dced3c..c196aae3 100644
--- a/src/util/util_errors.c
+++ b/src/util/util_errors.c
@@ -27,6 +27,11 @@ struct err_string {
struct err_string error_to_str[] = {
{ "Invalid Error" }, /* ERR_INVALID */
{ "Internal Error" }, /* ERR_INTERNAL */
+ { "Account Unknown" }, /* ERR_ACCOUNT_UNKNOWN */
+ { "No cached credentials available" }, /* ERR_NO_CACHED_CREDS */
+ { "Cached credentials are expired" }, /* ERR_CACHED_CREDS_EXPIRED */
+ { "Authentication Denied" }, /* ERR_AUTH_DENIED */
+ { "Authentication Failed" }, /* ERR_AUTH_DENIED */
};
diff --git a/src/util/util_errors.h b/src/util/util_errors.h
index eb0df77e..870d9d44 100644
--- a/src/util/util_errors.h
+++ b/src/util/util_errors.h
@@ -49,6 +49,11 @@ typedef int errno_t;
enum sssd_errors {
ERR_INVALID = ERR_BASE + 0,
ERR_INTERNAL,
+ ERR_ACCOUNT_UNKNOWN,
+ ERR_NO_CACHED_CREDS,
+ ERR_CACHED_CREDS_EXPIRED,
+ ERR_AUTH_DENIED,
+ ERR_AUTH_FAILED,
ERR_LAST /* ALWAYS LAST */
};