#define MAX_PASSWD_TRIES 3
+#ifdef HAVE_GETTEXT
+static char initialized = 0;
+
+static inline void textdomain_init(void);
+static inline void textdomain_init(void)
+{
+ if (!initialized) {
+ bindtextdomain(MODULE_NAME, dyn_LOCALEDIR);
+ initialized = 1;
+ }
+ return;
+}
+#endif
+
+
/*
* Work around the pam API that has functions with void ** as parameters
* These lead to strict aliasing warnings with gcc.
{
struct pwb_context *r = NULL;
+#ifdef HAVE_GETTEXT
+ textdomain_init();
+#endif
+
r = TALLOC_ZERO_P(NULL, struct pwb_context);
if (!r) {
return PAM_BUF_ERR;
const char *error_string;
} ntstatus_errors[] = {
{"NT_STATUS_OK",
- "Success"},
+ N_("Success")},
{"NT_STATUS_BACKUP_CONTROLLER",
- "No primary Domain Controler available"},
+ N_("No primary Domain Controler available")},
{"NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND",
- "No domain controllers found"},
+ N_("No domain controllers found")},
{"NT_STATUS_NO_LOGON_SERVERS",
- "No logon servers"},
+ N_("No logon servers")},
{"NT_STATUS_PWD_TOO_SHORT",
- "Password too short"},
+ N_("Password too short")},
{"NT_STATUS_PWD_TOO_RECENT",
- "The password of this user is too recent to change"},
+ N_("The password of this user is too recent to change")},
{"NT_STATUS_PWD_HISTORY_CONFLICT",
- "Password is already in password history"},
+ N_("Password is already in password history")},
{"NT_STATUS_PASSWORD_EXPIRED",
- "Your password has expired"},
+ N_("Your password has expired")},
{"NT_STATUS_PASSWORD_MUST_CHANGE",
- "You need to change your password now"},
+ N_("You need to change your password now")},
{"NT_STATUS_INVALID_WORKSTATION",
- "You are not allowed to logon from this workstation"},
+ N_("You are not allowed to logon from this workstation")},
{"NT_STATUS_INVALID_LOGON_HOURS",
- "You are not allowed to logon at this time"},
+ N_("You are not allowed to logon at this time")},
{"NT_STATUS_ACCOUNT_EXPIRED",
- "Your account has expired. "
- "Please contact your System administrator"}, /* SCNR */
+ N_("Your account has expired. "
+ "Please contact your System administrator")}, /* SCNR */
{"NT_STATUS_ACCOUNT_DISABLED",
- "Your account is disabled. "
- "Please contact your System administrator"}, /* SCNR */
+ N_("Your account is disabled. "
+ "Please contact your System administrator")}, /* SCNR */
{"NT_STATUS_ACCOUNT_LOCKED_OUT",
- "Your account has been locked. "
- "Please contact your System administrator"}, /* SCNR */
+ N_("Your account has been locked. "
+ "Please contact your System administrator")}, /* SCNR */
{"NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT",
- "Invalid Trust Account"},
+ N_("Invalid Trust Account")},
{"NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT",
- "Invalid Trust Account"},
+ N_("Invalid Trust Account")},
{"NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT",
- "Invalid Trust Account"},
+ N_("Invalid Trust Account")},
{"NT_STATUS_ACCESS_DENIED",
- "Access is denied"},
+ N_("Access is denied")},
{NULL, NULL}
};
for (i=0; ntstatus_errors[i].ntstatus_string != NULL; i++) {
if (!strcasecmp(ntstatus_errors[i].ntstatus_string,
nt_status_string)) {
- return ntstatus_errors[i].error_string;
+ return _(ntstatus_errors[i].error_string);
}
}
return NULL;
if (days == 0) {
_make_remark(ctx, PAM_TEXT_INFO,
- "Your password expires today");
+ _("Your password expires today"));
return true;
}
if (days > 0 && days < warn_pwd_expire) {
_make_remark_format(ctx, PAM_TEXT_INFO,
- "Your password will expire in %d %s",
- days, (days > 1) ? "days":"day");
+ _("Your password will expire in %d %s"),
+ days, (days > 1) ? _("days"):_("day"));
return true;
}
if (PAM_WB_GRACE_LOGON(info3_user_flgs)) {
_make_remark(ctx, PAM_ERROR_MSG,
- "Grace login. "
- "Please change your password as soon you're "
- "online again");
+ _("Grace login. "
+ "Please change your password as soon you're "
+ "online again"));
_pam_log_debug(ctx, LOG_DEBUG,
"User %s logged on using grace logon\n",
username);
} else if (PAM_WB_CACHED_LOGON(info3_user_flgs)) {
_make_remark(ctx, PAM_ERROR_MSG,
- "Domain Controller unreachable, "
- "using cached credentials instead. "
- "Network resources may be unavailable");
+ _("Domain Controller unreachable, "
+ "using cached credentials instead. "
+ "Network resources may be unavailable"));
_pam_log_debug(ctx, LOG_DEBUG,
"User %s logged on using cached credentials\n",
username);
{
if (PAM_WB_KRB5_CLOCK_SKEW(info3_user_flgs)) {
_make_remark(ctx, PAM_ERROR_MSG,
- "Failed to establish your Kerberos Ticket cache "
- "due time differences\n"
- "with the domain controller. "
- "Please verify the system time.\n");
+ _("Failed to establish your Kerberos Ticket cache "
+ "due time differences\n"
+ "with the domain controller. "
+ "Please verify the system time.\n"));
_pam_log_debug(ctx, LOG_DEBUG,
"User %s: Clock skew when getting Krb5 TGT\n",
username);
goto failed;
}
- str = talloc_asprintf(ctx, "Your password ");
+ str = talloc_asprintf(ctx, _("Your password "));
if (!str) {
goto failed;
}
if (i->min_length_password > 0) {
str = talloc_asprintf_append(str,
- "must be at least %d characters; ",
+ _("must be at least %d characters; "),
i->min_length_password);
if (!str) {
goto failed;
if (i->password_history > 0) {
str = talloc_asprintf_append(str,
- "cannot repeat any of your previous %d "
- "passwords; ",
+ _("cannot repeat any of your previous %d "
+ "passwords; "),
i->password_history);
if (!str) {
goto failed;
if (i->password_properties & WBC_DOMAIN_PASSWORD_COMPLEX) {
str = talloc_asprintf_append(str,
- "must contain capitals, numerals "
- "or punctuation; "
- "and cannot contain your account "
- "or full name; ");
+ _("must contain capitals, numerals "
+ "or punctuation; "
+ "and cannot contain your account "
+ "or full name; "));
if (!str) {
goto failed;
}
}
str = talloc_asprintf_append(str,
- "Please type a different password. "
- "Type a password which meets these requirements in "
- "both text boxes.");
+ _("Please type a different password. "
+ "Type a password which meets these requirements in "
+ "both text boxes."));
if (!str) {
goto failed;
}
if (mkdir(dirname, mode) != 0) {
_make_remark_format(ctx, PAM_TEXT_INFO,
- "Creating directory: %s failed: %s",
+ _("Creating directory: %s failed: %s"),
dirname, strerror(errno));
_pam_log(ctx, LOG_ERR, "could not create dir: %s (%s)",
dirname, strerror(errno));
logon.username = user;
logon.password = pass;
- wbc_status = wbcAddNamedBlob(&logon.num_blobs,
- &logon.blobs,
- "krb5_cc_type",
- 0,
- (uint8_t *)cctype,
- strlen(cctype)+1);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- goto done;
+ if (cctype) {
+ wbc_status = wbcAddNamedBlob(&logon.num_blobs,
+ &logon.blobs,
+ "krb5_cc_type",
+ 0,
+ (uint8_t *)cctype,
+ strlen(cctype)+1);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ goto done;
+ }
}
wbc_status = wbcAddNamedBlob(&logon.num_blobs,
goto done;
}
- wbc_status = wbcAddNamedBlob(&logon.num_blobs,
- &logon.blobs,
- "membership_of",
- 0,
- (uint8_t *)membership_of,
- sizeof(membership_of));
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- goto done;
+ if (member) {
+ wbc_status = wbcAddNamedBlob(&logon.num_blobs,
+ &logon.blobs,
+ "membership_of",
+ 0,
+ (uint8_t *)membership_of,
+ sizeof(membership_of));
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ goto done;
+ }
}
wbc_status = wbcLogonUser(&logon, &info, &error, &policy);
break;
case WBC_PWD_CHANGE_REJECT_COMPLEXITY:
_make_remark(ctx, PAM_ERROR_MSG,
- "Password does not meet "
- "complexity requirements");
+ _("Password does not meet "
+ "complexity requirements"));
break;
default:
_pam_log_debug(ctx, LOG_DEBUG,
struct wbcLogoffUserParams logoff;
struct wbcAuthErrorInfo *error = NULL;
const char *user;
- wbcErr wbc_status;
+ wbcErr wbc_status = WBC_ERR_SUCCESS;
retval = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx);
if (retval) {
const char *ccname = NULL;
struct passwd *pwd = NULL;
- retval = pam_get_user(pamh, &user, "Username: ");
+ retval = pam_get_user(pamh, &user, _("Username: "));
if (retval) {
_pam_log(ctx, LOG_ERR,
"could not identify user");
logoff.username = user;
- wbc_status = wbcAddNamedBlob(&logoff.num_blobs,
- &logoff.blobs,
- "ccfilename",
- 0,
- (uint8_t *)ccname,
- strlen(ccname)+1);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- goto out;
+ if (ccname) {
+ wbc_status = wbcAddNamedBlob(&logoff.num_blobs,
+ &logoff.blobs,
+ "ccfilename",
+ 0,
+ (uint8_t *)ccname,
+ strlen(ccname)+1);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ goto out;
+ }
}
wbc_status = wbcAddNamedBlob(&logoff.num_blobs,
}
retval = _winbind_read_password(ctx, ctx->ctrl, NULL,
- "Password: ", NULL,
+ _("Password: "), NULL,
&password);
if (retval != PAM_SUCCESS) {
/*
* First get the name of a user
*/
- ret = pam_get_user(pamh, &user, "Username: ");
+ ret = pam_get_user(pamh, &user, _("Username: "));
if (ret) {
_pam_log(ctx, LOG_ERR,
"password - could not identify user");
/* instruct user what is happening */
-#define greeting "Changing password for"
+#define greeting _("Changing password for")
Announce = talloc_asprintf(ctx, "%s %s", greeting, user);
if (!Announce) {
_pam_log(ctx, LOG_CRIT,
lctrl = ctx->ctrl | WINBIND__OLD_PASSWORD;
ret = _winbind_read_password(ctx, lctrl,
Announce,
- "(current) NT password: ",
+ _("(current) NT password: "),
NULL,
(const char **) &pass_old);
TALLOC_FREE(Announce);
ret = _winbind_read_password(ctx, lctrl,
NULL,
- "Enter new NT password: ",
- "Retype new NT password: ",
+ _("Enter new NT password: "),
+ _("Retype new NT password: "),
(const char **)&pass_new);
if (ret != PAM_SUCCESS) {