return 0;
}
-static void home_count_bad_authentication(Home *h, bool save) {
+static void home_count_bad_authentication(Home *h, int error, bool save) {
int r;
assert(h);
+ if (!IN_SET(error,
+ -ENOKEY, /* Password incorrect */
+ -EBADSLT, /* Password incorrect and no token */
+ -EREMOTEIO)) /* Recovery key incorrect */
+ return;
+
r = user_record_bad_authentication(h->record);
if (r < 0) {
log_warning_errno(r, "Failed to increase bad authentication counter, ignoring: %m");
secret = TAKE_PTR(h->secret); /* Take possession */
if (ret < 0) {
- if (ret == -ENOKEY)
- (void) home_count_bad_authentication(h, false);
+ (void) home_count_bad_authentication(h, ret, /* save= */ false);
(void) convert_worker_errno(h, ret, &error);
r = log_error_errno(ret, "Fixation failed: %m");
assert(IN_SET(h->state, HOME_ACTIVATING, HOME_ACTIVATING_FOR_ACQUIRE));
if (ret < 0) {
- if (ret == -ENOKEY)
- home_count_bad_authentication(h, true);
+ (void) home_count_bad_authentication(h, ret, /* save= */ true);
(void) convert_worker_errno(h, ret, &error);
r = log_full_errno(error_is_bad_password(ret) ? LOG_NOTICE : LOG_ERR,
assert(h);
if (ret < 0) {
- if (ret == -ENOKEY)
- (void) home_count_bad_authentication(h, true);
+ (void) home_count_bad_authentication(h, ret, /* save= */ true);
(void) convert_worker_errno(h, ret, &error);
r = log_full_errno(error_is_bad_password(ret) ? LOG_NOTICE : LOG_ERR,
assert(IN_SET(h->state, HOME_UNLOCKING, HOME_UNLOCKING_FOR_ACQUIRE));
if (ret < 0) {
- if (ret == -ENOKEY)
- (void) home_count_bad_authentication(h, true);
+ (void) home_count_bad_authentication(h, ret, /* save= */ true);
(void) convert_worker_errno(h, ret, &error);
r = log_full_errno(error_is_bad_password(ret) ? LOG_NOTICE : LOG_ERR,
assert(IN_SET(h->state, HOME_AUTHENTICATING, HOME_AUTHENTICATING_WHILE_ACTIVE, HOME_AUTHENTICATING_FOR_ACQUIRE));
if (ret < 0) {
- if (ret == -ENOKEY)
- (void) home_count_bad_authentication(h, true);
+ (void) home_count_bad_authentication(h, ret, /* save= */ true);
(void) convert_worker_errno(h, ret, &error);
r = log_full_errno(error_is_bad_password(ret) ? LOG_NOTICE : LOG_ERR,