Author: trasz
Date: Tue Dec 10 17:27:11 2013
New Revision: 259182
URL: http://svnweb.freebsd.org/changeset/base/259182
Log:
Fix handling for empty auth-groups. Without it, ctld child process
would either exit on assertion, or, if assertions are not enabled,
fail to authenticate the target.
MFC after: 2 days
Sponsored by: The FreeBSD Foundation
Modified:
head/usr.sbin/ctld/login.c
Modified: head/usr.sbin/ctld/login.c
==============================================================================
--- head/usr.sbin/ctld/login.c Tue Dec 10 17:26:52 2013 (r259181)
+++ head/usr.sbin/ctld/login.c Tue Dec 10 17:27:11 2013 (r259182)
@@ -1007,6 +1007,14 @@ login(struct connection *conn)
return;
}
+ if (ag->ag_type == AG_TYPE_UNKNOWN) {
+ /*
+ * This can happen with empty auth-group.
+ */
+ login_send_error(request, 0x02, 0x01);
+ log_errx(1, "auth-group type not set, denying access");
+ }
+
log_debugx("CHAP authentication required");
auth_method = keys_find(request_keys, "AuthMethod");
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
