1 /* $NetBSD: openpam_constants.c,v 1.4 2023/06/30 21:46:20 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2001-2003 Networks Associates Technology, Inc. 5 * Copyright (c) 2004-2017 Dag-Erling Smørgrav 6 * All rights reserved. 7 * 8 * This software was developed for the FreeBSD Project by ThinkSec AS and 9 * Network Associates Laboratories, the Security Research Division of 10 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 11 * ("CBOSS"), as part of the DARPA CHATS research program. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. The name of the author may not be used to endorse or promote 22 * products derived from this software without specific prior written 23 * permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 #ifdef HAVE_CONFIG_H 39 # include "config.h" 40 #endif 41 42 #include <sys/cdefs.h> 43 __RCSID("$NetBSD: openpam_constants.c,v 1.4 2023/06/30 21:46:20 christos Exp $"); 44 45 #include <security/pam_appl.h> 46 47 #include "openpam_impl.h" 48 49 const char *pam_err_name[PAM_NUM_ERRORS] = { 50 [PAM_SUCCESS] = "PAM_SUCCESS", 51 [PAM_OPEN_ERR] = "PAM_OPEN_ERR", 52 [PAM_SYMBOL_ERR] = "PAM_SYMBOL_ERR", 53 [PAM_SERVICE_ERR] = "PAM_SERVICE_ERR", 54 [PAM_SYSTEM_ERR] = "PAM_SYSTEM_ERR", 55 [PAM_BUF_ERR] = "PAM_BUF_ERR", 56 [PAM_CONV_ERR] = "PAM_CONV_ERR", 57 [PAM_PERM_DENIED] = "PAM_PERM_DENIED", 58 [PAM_MAXTRIES] = "PAM_MAXTRIES", 59 [PAM_AUTH_ERR] = "PAM_AUTH_ERR", 60 [PAM_NEW_AUTHTOK_REQD] = "PAM_NEW_AUTHTOK_REQD", 61 [PAM_CRED_INSUFFICIENT] = "PAM_CRED_INSUFFICIENT", 62 [PAM_AUTHINFO_UNAVAIL] = "PAM_AUTHINFO_UNAVAIL", 63 [PAM_USER_UNKNOWN] = "PAM_USER_UNKNOWN", 64 [PAM_CRED_UNAVAIL] = "PAM_CRED_UNAVAIL", 65 [PAM_CRED_EXPIRED] = "PAM_CRED_EXPIRED", 66 [PAM_CRED_ERR] = "PAM_CRED_ERR", 67 [PAM_ACCT_EXPIRED] = "PAM_ACCT_EXPIRED", 68 [PAM_AUTHTOK_EXPIRED] = "PAM_AUTHTOK_EXPIRED", 69 [PAM_SESSION_ERR] = "PAM_SESSION_ERR", 70 [PAM_AUTHTOK_ERR] = "PAM_AUTHTOK_ERR", 71 [PAM_AUTHTOK_RECOVERY_ERR] = "PAM_AUTHTOK_RECOVERY_ERR", 72 [PAM_AUTHTOK_LOCK_BUSY] = "PAM_AUTHTOK_LOCK_BUSY", 73 [PAM_AUTHTOK_DISABLE_AGING] = "PAM_AUTHTOK_DISABLE_AGING", 74 [PAM_NO_MODULE_DATA] = "PAM_NO_MODULE_DATA", 75 [PAM_IGNORE] = "PAM_IGNORE", 76 [PAM_ABORT] = "PAM_ABORT", 77 [PAM_TRY_AGAIN] = "PAM_TRY_AGAIN", 78 [PAM_MODULE_UNKNOWN] = "PAM_MODULE_UNKNOWN", 79 [PAM_DOMAIN_UNKNOWN] = "PAM_DOMAIN_UNKNOWN", 80 [PAM_BAD_HANDLE] = "PAM_BAD_HANDLE", 81 [PAM_BAD_ITEM] = "PAM_BAD_ITEM", 82 [PAM_BAD_FEATURE] = "PAM_BAD_FEATURE", 83 [PAM_BAD_CONSTANT] = "PAM_BAD_CONSTANT", 84 }; 85 86 const char *pam_err_text[PAM_NUM_ERRORS] = { 87 [PAM_SUCCESS] = "Success", 88 [PAM_OPEN_ERR] = "Failed to load module", 89 [PAM_SYMBOL_ERR] = "Invalid symbol", 90 [PAM_SERVICE_ERR] = "Error in service module", 91 [PAM_SYSTEM_ERR] = "System error", 92 [PAM_BUF_ERR] = "Memory buffer error", 93 [PAM_CONV_ERR] = "Conversation failure", 94 [PAM_PERM_DENIED] = "Permission denied", 95 [PAM_MAXTRIES] = "Maximum number of tries exceeded", 96 [PAM_AUTH_ERR] = "Authentication error", 97 [PAM_NEW_AUTHTOK_REQD] = "New authentication token required", 98 [PAM_CRED_INSUFFICIENT] = "Insufficient credentials", 99 [PAM_AUTHINFO_UNAVAIL] = "Authentication information is unavailable", 100 [PAM_USER_UNKNOWN] = "Unknown user", 101 [PAM_CRED_UNAVAIL] = "Failed to retrieve user credentials", 102 [PAM_CRED_EXPIRED] = "User credentials have expired", 103 [PAM_CRED_ERR] = "Failed to set user credentials", 104 [PAM_ACCT_EXPIRED] = "User account has expired", 105 [PAM_AUTHTOK_EXPIRED] = "Password has expired", 106 [PAM_SESSION_ERR] = "Session failure", 107 [PAM_AUTHTOK_ERR] = "Authentication token failure", 108 [PAM_AUTHTOK_RECOVERY_ERR] = "Failed to recover old authentication token", 109 [PAM_AUTHTOK_LOCK_BUSY] = "Authentication token lock busy", 110 [PAM_AUTHTOK_DISABLE_AGING] = "Authentication token aging disabled", 111 [PAM_NO_MODULE_DATA] = "Module data not found", 112 [PAM_IGNORE] = "Ignore this module", 113 [PAM_ABORT] = "General failure", 114 [PAM_TRY_AGAIN] = "Try again", 115 [PAM_MODULE_UNKNOWN] = "Unknown module type", 116 [PAM_DOMAIN_UNKNOWN] = "Unknown authentication domain", 117 [PAM_BAD_HANDLE] = "Invalid PAM handle", 118 [PAM_BAD_ITEM] = "Unrecognized or restricted item", 119 [PAM_BAD_FEATURE] = "Unrecognized or restricted feature", 120 [PAM_BAD_CONSTANT] = "Invalid constant", 121 }; 122 123 const char *pam_item_name[PAM_NUM_ITEMS] = { 124 [PAM_SERVICE] = "PAM_SERVICE", 125 [PAM_USER] = "PAM_USER", 126 [PAM_TTY] = "PAM_TTY", 127 [PAM_RHOST] = "PAM_RHOST", 128 [PAM_CONV] = "PAM_CONV", 129 [PAM_AUTHTOK] = "PAM_AUTHTOK", 130 [PAM_OLDAUTHTOK] = "PAM_OLDAUTHTOK", 131 [PAM_RUSER] = "PAM_RUSER", 132 [PAM_USER_PROMPT] = "PAM_USER_PROMPT", 133 [PAM_REPOSITORY] = "PAM_REPOSITORY", 134 [PAM_AUTHTOK_PROMPT] = "PAM_AUTHTOK_PROMPT", 135 [PAM_OLDAUTHTOK_PROMPT] = "PAM_OLDAUTHTOK_PROMPT", 136 [PAM_HOST] = "PAM_HOST", 137 }; 138 139 const char *pam_facility_name[PAM_NUM_FACILITIES] = { 140 [PAM_ACCOUNT] = "account", 141 [PAM_AUTH] = "auth", 142 [PAM_PASSWORD] = "password", 143 [PAM_SESSION] = "session", 144 }; 145 146 const char *pam_control_flag_name[PAM_NUM_CONTROL_FLAGS] = { 147 [PAM_BINDING] = "binding", 148 [PAM_OPTIONAL] = "optional", 149 [PAM_REQUIRED] = "required", 150 [PAM_REQUISITE] = "requisite", 151 [PAM_SUFFICIENT] = "sufficient", 152 }; 153 154 const char *pam_func_name[PAM_NUM_PRIMITIVES] = { 155 [PAM_SM_AUTHENTICATE] = "pam_authenticate", 156 [PAM_SM_SETCRED] = "pam_setcred", 157 [PAM_SM_ACCT_MGMT] = "pam_acct_mgmt", 158 [PAM_SM_OPEN_SESSION] = "pam_open_session", 159 [PAM_SM_CLOSE_SESSION] = "pam_close_session", 160 [PAM_SM_CHAUTHTOK] = "pam_chauthtok" 161 }; 162 163 const char *pam_sm_func_name[PAM_NUM_PRIMITIVES] = { 164 [PAM_SM_AUTHENTICATE] = "pam_sm_authenticate", 165 [PAM_SM_SETCRED] = "pam_sm_setcred", 166 [PAM_SM_ACCT_MGMT] = "pam_sm_acct_mgmt", 167 [PAM_SM_OPEN_SESSION] = "pam_sm_open_session", 168 [PAM_SM_CLOSE_SESSION] = "pam_sm_close_session", 169 [PAM_SM_CHAUTHTOK] = "pam_sm_chauthtok" 170 }; 171 172 const char *openpam_policy_path[] = { 173 "/etc/pam.d/", 174 "/etc/pam.conf", 175 #ifndef __NetBSD__ 176 "/usr/local/etc/pam.d/", 177 "/usr/local/etc/pam.conf", 178 #endif 179 NULL 180 }; 181 182 const char *openpam_module_path[] = { 183 #ifdef OPENPAM_MODULES_DIRECTORY 184 OPENPAM_MODULES_DIRECTORY, 185 #else 186 "/usr/lib", 187 "/usr/local/lib", 188 #endif 189 NULL 190 }; 191