src/pam/afs_message.c

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 #include <afsconfig.h>
  11 #include <afs/param.h>
  12
  13 #include <roken.h>
  14
  15 #include <security/pam_appl.h>
  16 #include <security/pam_modules.h>
  17
  18 #include <afs/kautils.h>
  19
  20 #include "afs_message.h"
  21 #include "afs_util.h"
  22
  23 static char *fallback_messages[] = {
  24     "AFS Invalid message requested!",   /* 0: none              */
  25     "AFS Unknown option: %s",   /* 1: UNKNOWNOPT        */
  26     "AFS Username unavailable: code = %d",      /* 2: NOUSER            */
  27     "AFS Username = `%s'",      /* 3: USERNAMEDEBUG     */
  28     "AFS Password required but not supplied by user %s\n",
  29     /* 4: PASSWD_REQ        */
  30     "AFS Password: ",           /* 5: PWD_PROMPT        */
  31     "AFS Cannot issue prompt",  /* 6: CANNOT_PROMPT     */
  32     "AFS Trying first password for user %s",    /* 7: GOTPASS           */
  33     "AFS No first password for user %s\n",      /* 8: NOFIRSTPASS       */
  34     "AFS Couldn't get passwd via prompt",       /* 9: GETPASS_FAILED    */
  35     "AFS not available",        /* 10: AFS_UNAVAIL      */
  36     "AFS error code 0x%x",      /* 11: AFS_ERROR        */
  37     "AFS Authentication succeeded.\n",  /* 12: LOGIN_OK         */
  38     "AFS Authentication failed for user %s. %s\n",
  39     /* 13: LOGIN_FAILED     */
  40     "AFS PAM error, code=%d",   /* 14: PAMERROR         */
  41     "AFS uid exceeds OS bounds.\n",     /* 15: UID_OVERFLOW     */
  42     "The AFS PAM module may not be used from a non-MT program.\n",
  43     /* 16: NON_MT_PROG      */
  44     "AFS Options: nowarn=%d, use_first_pass=%d, try_first_pass=%d, ignore_uid = %d, ignore_uid_id = %d, refresh_token=%d, set_token=%d, dont_fork=%d, use_klog=%d",
  45     /* 17: OPTIONS          */
  46     "AFS No pam_conv conversation structure found; no user interaction",
  47     /* 18: NO_USER_INT      */
  48     "AFS Deleting creds for user %s\n", /* 19: DELCRED          */
  49     "AFS Refreshing creds",     /* 20: REFRESHCRED      */
  50     "AFS Won't use illegal password for user %s",
  51     /* 21: NILPASSWORD      */
  52     "AFS Establishing creds for user %s\n",     /* 22: ESTABCRED        */
  53     "AFS credentials established.\n",   /* 23: PUT_CREDS        */
  54     "AFS Couldn't find local cell name",        /* 24: NOCELLNAME       */
  55     "AFS Foreign users are not valid for login.\n",
  56     /* 25: XENOPHOBIA       */
  57     "AFS Ignoring superuser %s",        /* 26: IGNORINGROOT     */
  58     "AFS/local UIDs do not match",      /* 27: UID_MISMATCH     */
  59     "AFS Rejected foreign user %s",     /* 28: REJ_FOREIGN      */
  60     "AFS Deleting leftover creds from previous attempt",
  61     /* 29: LEGACYCREDS      */
  62     "You have no AFS credentials.\n",   /* 30: NO_CREDS         */
  63     "AFS ReInitializing creds for user %s\n",   /* 31: REINITCRED       */
  64     "AFS Failed to set PASSWORD_EXPIRES for user %s\n",
  65     /* 32: PASSEXPFAIL      */
  66     "AFS Failed to chown krb ticketfile\n",     /* 33: CHOWNKRB         */
  67     "AFS Failed to set KRBTKTFILE\n",   /* 34: KRBFAIL          */
  68     "AFS Unknown remaining lifetime %s using default %d seconds\n",
  69     /* 35: REMAINLIFETIME   */
  70     "AFS Session closed",       /* 36: SESSIONCLOSED1   */
  71     "AFS Session closed, Tokens destroyed\n",   /* 37: SESSIONCLOSED2   */
  72     "AFS Option conflict dont_fork and use_klog: %s\n",
  73     /* 38: CONFLICTOPT      */
  74     "AFS Unknown uid: %s, option ignored\n",
  75     /* 39: IGNOREUID        */
  76     "New AFS Password: ",       /* 40: NEW_PWD_PROMPT   */
  77     "New AFS Password (again): ",       /* 41: VERIFY_PWD_PROMPT */
  78     "Failed to change AFS password",    /* 42: KRBPASS_FAIL     */
  79     "Missing PAM flag: %s",     /* 43: FLAGS            */
  80     "ka error, code=%d",        /* 44: KAERROR          */
  81     "Passwords are not equal",  /* 45: NE_PASSWORD      */
  82     "AFS ignoring unregistered user %s\n"       /* 46: IGNORE_UNREG     */
  83         "Alternate cell name: %s\n",    /* 47: OTHERCELL        */
  84 };
  85
  86 static int num_fallbacks = sizeof(fallback_messages) / sizeof(char *);
  87
  88
  89 char *
  90 pam_afs_message(int msgnum, int *freeit)
  91 {
  92     /*
  93      * This really should try to get an NLS message from the message catalog.
  94      * For now, just return a fallback message.
  95      */
  96
  97     if (msgnum > num_fallbacks || msgnum < 1)
  98         msgnum = 0;
  99
 100     if (freeit != NULL)
 101         *freeit = 0;
 102     return fallback_messages[msgnum];
 103 }
 104
 105
 106 void
 107 pam_afs_syslog(int priority, int msgid, ...)
 108 {
 109     char *msg = NULL;
 110     int freeit;
 111     va_list args;
 112
 113     msg = pam_afs_message(msgid, &freeit);
 114     va_start(args, msgid);
 115     vsyslog(priority, msg, args);
 116     va_end(args);
 117     if (freeit)
 118         free(msg);
 119 }