improve pam errors

zunda-arrow · Jun 1, 2024 · 2346daf · 2346daf
1 parent 2ee1bf8
commit 2346daf
Showing 1 changed file with 7 additions and 40 deletions.
diff --git a/login/pam.go b/login/pam.go
@@ -52,21 +52,21 @@ func Authenticate(username string, password string, session config.Session, set_
 		ret := C.pam_start(serviceStr, usernameStr, &conv, &handle)
 
 		if ret != C.PAM_SUCCESS {
-			return errors.New("Could not start pam session: " + pamReason(ret))
+			return errors.New(pamReasonToString(handle, ret))
 		}
 	}
 
 	{
 		ret := C.pam_authenticate(handle, 0)
 		if ret != C.PAM_SUCCESS {
-			return errors.New("Could not authenticate user: " + pamReason(ret))
+			return errors.New(pamReasonToString(handle, ret))
 		}
 	}
 
 	{
 		ret := C.pam_acct_mgmt(handle, 0)
 		if ret != C.PAM_SUCCESS {
-			return errors.New("Account is not valid: " + pamReason(ret))
+			return errors.New(pamReasonToString(handle, ret))
 		}
 	}
 
@@ -79,7 +79,7 @@ func Authenticate(username string, password string, session config.Session, set_
 	{
 		ret := C.pam_setcred(handle, C.PAM_ESTABLISH_CRED)
 		if ret != C.PAM_SUCCESS {
-			return errors.New("pam_setcred: " + pamReason(ret))
+			return errors.New(pamReasonToString(handle, ret))
 		}
 	}
 
@@ -90,7 +90,7 @@ func Authenticate(username string, password string, session config.Session, set_
 		ret := C.pam_open_session(handle, 1)
 		if ret != C.PAM_SUCCESS {
 			C.pam_setcred(handle, C.PAM_DELETE_CRED)
-			return errors.New("pam_open_session: " + pamReason(ret))
+			return errors.New("pam_open_session: " + pamReasonToString(handle, ret))
 		}
 		fmt.Println("Session opened successfully.")
 	}
@@ -106,41 +106,8 @@ func Authenticate(username string, password string, session config.Session, set_
 	return nil
 }
 
-func pamReason(err C.int) string {
-	switch err {
-	case C.PAM_ACCT_EXPIRED:
-		return "PAM_ACCT_EXPIRED"
-	case C.PAM_AUTH_ERR:
-		return "PAM_AUTH_ERR"
-	case C.PAM_AUTHINFO_UNAVAIL:
-		return "PAM_AUTHINFO_UNAVAIL"
-	case C.PAM_BUF_ERR:
-		return "PAM_BUF_ERR"
-	case C.PAM_CRED_ERR:
-		return "PAM_CRED_ERR"
-	case C.PAM_CRED_EXPIRED:
-		return "PAM_CRED_EXPIRED"
-	case C.PAM_CRED_INSUFFICIENT:
-		return "PAM_CRED_INSUFFICIENT"
-	case C.PAM_CRED_UNAVAIL:
-		return "PAM_CRED_UNAVAIL"
-	case C.PAM_MAXTRIES:
-		return "PAM_MAXTRIES"
-	case C.PAM_NEW_AUTHTOK_REQD:
-		return "PAM_NEW_AUTHTOK_REQD"
-	case C.PAM_PERM_DENIED:
-		return "PAM_PERM_DENIED"
-	case C.PAM_SESSION_ERR:
-		return "PAM_SESSION_ERR"
-	case C.PAM_SYSTEM_ERR:
-		return "PAM_SYSTEM_ERR"
-	case C.PAM_USER_UNKNOWN:
-		return "PAM_USER_UNKNOWN"
-	case C.PAM_ABORT:
-		return "ABORT lol"
-	default:
-		return fmt.Sprint("Unknown Error: ", err)
-	}
+func pamReasonToString(handle *C.struct_pam_handle, err C.int) string {
+	return C.GoString(C.pam_strerror(handle, err))
 }
 
 func closePamSession(handle *C.struct_pam_handle) {