1 /*- 2 * Copyright (c) 2001-2003 Networks Associates Technology, Inc. 3 * Copyright (c) 2004-2017 Dag-Erling Smørgrav 4 * All rights reserved. 5 * 6 * This software was developed for the FreeBSD Project by ThinkSec AS and 7 * Network Associates Laboratories, the Security Research Division of 8 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 9 * ("CBOSS"), as part of the DARPA CHATS research program. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The name of the author may not be used to endorse or promote 20 * products derived from this software without specific prior written 21 * permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 * $OpenPAM: openpam_constants.c 938 2017-04-30 21:34:42Z des $ 36 */ 37 38 #ifdef HAVE_CONFIG_H 39 # include "config.h" 40 #endif 41 42 #include <security/pam_appl.h> 43 44 #include "openpam_impl.h" 45 46 const char *pam_err_name[PAM_NUM_ERRORS] = { 47 [PAM_SUCCESS] = "PAM_SUCCESS", 48 [PAM_OPEN_ERR] = "PAM_OPEN_ERR", 49 [PAM_SYMBOL_ERR] = "PAM_SYMBOL_ERR", 50 [PAM_SERVICE_ERR] = "PAM_SERVICE_ERR", 51 [PAM_SYSTEM_ERR] = "PAM_SYSTEM_ERR", 52 [PAM_BUF_ERR] = "PAM_BUF_ERR", 53 [PAM_CONV_ERR] = "PAM_CONV_ERR", 54 [PAM_PERM_DENIED] = "PAM_PERM_DENIED", 55 [PAM_MAXTRIES] = "PAM_MAXTRIES", 56 [PAM_AUTH_ERR] = "PAM_AUTH_ERR", 57 [PAM_NEW_AUTHTOK_REQD] = "PAM_NEW_AUTHTOK_REQD", 58 [PAM_CRED_INSUFFICIENT] = "PAM_CRED_INSUFFICIENT", 59 [PAM_AUTHINFO_UNAVAIL] = "PAM_AUTHINFO_UNAVAIL", 60 [PAM_USER_UNKNOWN] = "PAM_USER_UNKNOWN", 61 [PAM_CRED_UNAVAIL] = "PAM_CRED_UNAVAIL", 62 [PAM_CRED_EXPIRED] = "PAM_CRED_EXPIRED", 63 [PAM_CRED_ERR] = "PAM_CRED_ERR", 64 [PAM_ACCT_EXPIRED] = "PAM_ACCT_EXPIRED", 65 [PAM_AUTHTOK_EXPIRED] = "PAM_AUTHTOK_EXPIRED", 66 [PAM_SESSION_ERR] = "PAM_SESSION_ERR", 67 [PAM_AUTHTOK_ERR] = "PAM_AUTHTOK_ERR", 68 [PAM_AUTHTOK_RECOVERY_ERR] = "PAM_AUTHTOK_RECOVERY_ERR", 69 [PAM_AUTHTOK_LOCK_BUSY] = "PAM_AUTHTOK_LOCK_BUSY", 70 [PAM_AUTHTOK_DISABLE_AGING] = "PAM_AUTHTOK_DISABLE_AGING", 71 [PAM_NO_MODULE_DATA] = "PAM_NO_MODULE_DATA", 72 [PAM_IGNORE] = "PAM_IGNORE", 73 [PAM_ABORT] = "PAM_ABORT", 74 [PAM_TRY_AGAIN] = "PAM_TRY_AGAIN", 75 [PAM_MODULE_UNKNOWN] = "PAM_MODULE_UNKNOWN", 76 [PAM_DOMAIN_UNKNOWN] = "PAM_DOMAIN_UNKNOWN", 77 [PAM_BAD_HANDLE] = "PAM_BAD_HANDLE", 78 [PAM_BAD_ITEM] = "PAM_BAD_ITEM", 79 [PAM_BAD_FEATURE] = "PAM_BAD_FEATURE", 80 [PAM_BAD_CONSTANT] = "PAM_BAD_CONSTANT", 81 }; 82 83 const char *pam_err_text[PAM_NUM_ERRORS] = { 84 [PAM_SUCCESS] = "Success", 85 [PAM_OPEN_ERR] = "Failed to load module", 86 [PAM_SYMBOL_ERR] = "Invalid symbol", 87 [PAM_SERVICE_ERR] = "Error in service module", 88 [PAM_SYSTEM_ERR] = "System error", 89 [PAM_BUF_ERR] = "Memory buffer error", 90 [PAM_CONV_ERR] = "Conversation failure", 91 [PAM_PERM_DENIED] = "Permission denied", 92 [PAM_MAXTRIES] = "Maximum number of tries exceeded", 93 [PAM_AUTH_ERR] = "Authentication error", 94 [PAM_NEW_AUTHTOK_REQD] = "New authentication token required", 95 [PAM_CRED_INSUFFICIENT] = "Insufficient credentials", 96 [PAM_AUTHINFO_UNAVAIL] = "Authentication information is unavailable", 97 [PAM_USER_UNKNOWN] = "Unknown user", 98 [PAM_CRED_UNAVAIL] = "Failed to retrieve user credentials", 99 [PAM_CRED_EXPIRED] = "User credentials have expired", 100 [PAM_CRED_ERR] = "Failed to set user credentials", 101 [PAM_ACCT_EXPIRED] = "User account has expired", 102 [PAM_AUTHTOK_EXPIRED] = "Password has expired", 103 [PAM_SESSION_ERR] = "Session failure", 104 [PAM_AUTHTOK_ERR] = "Authentication token failure", 105 [PAM_AUTHTOK_RECOVERY_ERR] = "Failed to recover old authentication token", 106 [PAM_AUTHTOK_LOCK_BUSY] = "Authentication token lock busy", 107 [PAM_AUTHTOK_DISABLE_AGING] = "Authentication token aging disabled", 108 [PAM_NO_MODULE_DATA] = "Module data not found", 109 [PAM_IGNORE] = "Ignore this module", 110 [PAM_ABORT] = "General failure", 111 [PAM_TRY_AGAIN] = "Try again", 112 [PAM_MODULE_UNKNOWN] = "Unknown module type", 113 [PAM_DOMAIN_UNKNOWN] = "Unknown authentication domain", 114 [PAM_BAD_HANDLE] = "Invalid PAM handle", 115 [PAM_BAD_ITEM] = "Unrecognized or restricted item", 116 [PAM_BAD_FEATURE] = "Unrecognized or restricted feature", 117 [PAM_BAD_CONSTANT] = "Invalid constant", 118 }; 119 120 const char *pam_item_name[PAM_NUM_ITEMS] = { 121 [PAM_SERVICE] = "PAM_SERVICE", 122 [PAM_USER] = "PAM_USER", 123 [PAM_TTY] = "PAM_TTY", 124 [PAM_RHOST] = "PAM_RHOST", 125 [PAM_CONV] = "PAM_CONV", 126 [PAM_AUTHTOK] = "PAM_AUTHTOK", 127 [PAM_OLDAUTHTOK] = "PAM_OLDAUTHTOK", 128 [PAM_RUSER] = "PAM_RUSER", 129 [PAM_USER_PROMPT] = "PAM_USER_PROMPT", 130 [PAM_REPOSITORY] = "PAM_REPOSITORY", 131 [PAM_AUTHTOK_PROMPT] = "PAM_AUTHTOK_PROMPT", 132 [PAM_OLDAUTHTOK_PROMPT] = "PAM_OLDAUTHTOK_PROMPT", 133 [PAM_HOST] = "PAM_HOST", 134 }; 135 136 const char *pam_facility_name[PAM_NUM_FACILITIES] = { 137 [PAM_ACCOUNT] = "account", 138 [PAM_AUTH] = "auth", 139 [PAM_PASSWORD] = "password", 140 [PAM_SESSION] = "session", 141 }; 142 143 const char *pam_control_flag_name[PAM_NUM_CONTROL_FLAGS] = { 144 [PAM_BINDING] = "binding", 145 [PAM_OPTIONAL] = "optional", 146 [PAM_REQUIRED] = "required", 147 [PAM_REQUISITE] = "requisite", 148 [PAM_SUFFICIENT] = "sufficient", 149 }; 150 151 const char *pam_func_name[PAM_NUM_PRIMITIVES] = { 152 [PAM_SM_AUTHENTICATE] = "pam_authenticate", 153 [PAM_SM_SETCRED] = "pam_setcred", 154 [PAM_SM_ACCT_MGMT] = "pam_acct_mgmt", 155 [PAM_SM_OPEN_SESSION] = "pam_open_session", 156 [PAM_SM_CLOSE_SESSION] = "pam_close_session", 157 [PAM_SM_CHAUTHTOK] = "pam_chauthtok" 158 }; 159 160 const char *pam_sm_func_name[PAM_NUM_PRIMITIVES] = { 161 [PAM_SM_AUTHENTICATE] = "pam_sm_authenticate", 162 [PAM_SM_SETCRED] = "pam_sm_setcred", 163 [PAM_SM_ACCT_MGMT] = "pam_sm_acct_mgmt", 164 [PAM_SM_OPEN_SESSION] = "pam_sm_open_session", 165 [PAM_SM_CLOSE_SESSION] = "pam_sm_close_session", 166 [PAM_SM_CHAUTHTOK] = "pam_sm_chauthtok" 167 }; 168 169 const char *openpam_policy_path[] = { 170 "/etc/pam.d/", 171 "/etc/pam.conf", 172 "/usr/local/etc/pam.d/", 173 "/usr/local/etc/pam.conf", 174 NULL 175 }; 176 177 const char *openpam_module_path[] = { 178 #ifdef OPENPAM_MODULES_DIRECTORY 179 OPENPAM_MODULES_DIRECTORY, 180 #elif COMPAT_32BIT 181 "/usr/lib32", 182 "/usr/local/lib32", 183 #else 184 "/usr/lib", 185 "/usr/local/lib", 186 #endif 187 NULL 188 }; 189