2 * Store errors in the Kerberos context.
4 * Provides helper functions for the rest of the plugin code to store an error
5 * message in the Kerberos context.
7 * Written by Russ Allbery <eagle@eyrie.org>
9 * The Board of Trustees of the Leland Stanford Junior University
11 * See LICENSE for licensing terms.
15 #include <portable/kadmin.h>
16 #include <portable/krb5.h>
17 #include <portable/system.h>
21 #include <plugin/internal.h>
25 * Internal helper function to set the Kerberos error message given a format,
26 * an error code, and a variable argument structure.
29 set_error(krb5_context ctx, krb5_error_code code, const char *format,
34 if (vasprintf(&message, format, args) < 0) {
35 strength_error_system(ctx, "cannot allocate memory");
38 krb5_set_error_message(ctx, code, "%s", message);
44 * The following functions handle various common error codes for failed
45 * password quality checks. They allow the code to be simpler and not embed
46 * lots of long Kerberos error code defines.
48 * Each function has the same basic form: take a Kerberos context, a format,
49 * and variable arguments and set the Kerberos error code and message,
50 * returning the appropriate code.
52 #define ERROR_FUNC(name, code) \
54 strength_error_ ## name(krb5_context ctx, const char *format, ...) \
57 va_start(args, format); \
58 set_error(ctx, code, format, args); \
62 ERROR_FUNC(class, KADM5_PASS_Q_CLASS)
63 ERROR_FUNC(dict, KADM5_PASS_Q_DICT)
64 ERROR_FUNC(generic, KADM5_PASS_Q_GENERIC)
65 ERROR_FUNC(tooshort, KADM5_PASS_Q_TOOSHORT)
69 * Set the Kerberos error code to the current errno and the message to the
70 * format and arguments passed to this function.
73 strength_error_system(krb5_context ctx, const char *format, ...)
80 va_start(args, format);
81 if (vasprintf(&message, format, args) < 0) {
83 krb5_set_error_message(ctx, errno, "cannot allocate memory: %s",
90 krb5_set_error_message(ctx, oerrno, "%s: %s", message, strerror(oerrno));