From ac85f26ed489a9f8ecbf4775237dd1561a28bfbc Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 1 May 2020 21:44:59 +0000 Subject: pam_localuser: forward error values returned by pam_get_user Starting with commit c2c601f5340a59c5c62193d55b555d384380ea38, pam_get_user is guaranteed to return one of the following values: PAM_SUCCESS, PAM_BUF_ERR, PAM_CONV_AGAIN, or PAM_CONV_ERR. * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Do not replace non-PAM_CONV_AGAIN error values returned by pam_get_user with PAM_SERVICE_ERR. * modules/pam_localuser/pam_localuser.8.xml (RETURN VALUES): Document new return values. --- modules/pam_localuser/pam_localuser.8.xml | 21 ++++++++++++++++++++- modules/pam_localuser/pam_localuser.c | 2 +- 2 files changed, 21 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/pam_localuser/pam_localuser.8.xml b/modules/pam_localuser/pam_localuser.8.xml index 4d3daa9e..b3c1886b 100644 --- a/modules/pam_localuser/pam_localuser.8.xml +++ b/modules/pam_localuser/pam_localuser.8.xml @@ -102,6 +102,25 @@ + + PAM_BUF_ERR + + + Memory buffer error. + + + + + + PAM_CONV_ERR + + + The conversation method supplied by the application + failed to obtain the username. + + + + PAM_INCOMPLETE @@ -116,7 +135,7 @@ PAM_SERVICE_ERR - No username was given. + The user name is not valid or the passwd file is unavailable. diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index 9ffd54a3..2452563a 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -98,7 +98,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, /* Obtain the user name. */ if ((ret = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) { pam_syslog (pamh, LOG_ERR, "cannot determine user name"); - return ret == PAM_CONV_AGAIN ? PAM_INCOMPLETE : PAM_SERVICE_ERR; + return ret == PAM_CONV_AGAIN ? PAM_INCOMPLETE : ret; } if ((user_len = strlen(user)) == 0) { -- cgit v1.2.3