ctld

Edward Tomasz Napierala Fri, 13 Dec 2013 07:24:08 -0800

Author: trasz
Date: Fri Dec 13 15:23:07 2013
New Revision: 259305
URL: http://svnweb.freebsd.org/changeset/base/259305


Log:
  MFC r259182:
  
  Fix handling for empty auth-groups.  Without it, ctld child process
  would either exit on assertion, or, if assertions are not enabled,
  fail to authenticate the target.
  
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/10/usr.sbin/ctld/login.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/ctld/login.c
==============================================================================
--- stable/10/usr.sbin/ctld/login.c     Fri Dec 13 15:19:37 2013        
(r259304)
+++ stable/10/usr.sbin/ctld/login.c     Fri Dec 13 15:23:07 2013        
(r259305)
@@ -1007,6 +1007,14 @@ login(struct connection *conn)
                return;
        }
 
+       if (ag->ag_type == AG_TYPE_UNKNOWN) {
+               /*
+                * This can happen with empty auth-group.
+                */
+               login_send_error(request, 0x02, 0x01);
+               log_errx(1, "auth-group type not set, denying access");
+       }
+
        log_debugx("CHAP authentication required");
 
        auth_method = keys_find(request_keys, "AuthMethod");
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r259305 - stable/10/usr.sbin/ctld

Reply via email to