Date: Fri, 13 Dec 2013 15:23:07 +0000 (UTC) From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r259305 - stable/10/usr.sbin/ctld Message-ID: <201312131523.rBDFN7mO092869@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: trasz Date: Fri Dec 13 15:23:07 2013 New Revision: 259305 URL: http://svnweb.freebsd.org/changeset/base/259305 Log: MFC r259182: Fix handling for empty auth-groups. Without it, ctld child process would either exit on assertion, or, if assertions are not enabled, fail to authenticate the target. Sponsored by: The FreeBSD Foundation Modified: stable/10/usr.sbin/ctld/login.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/ctld/login.c ============================================================================== --- stable/10/usr.sbin/ctld/login.c Fri Dec 13 15:19:37 2013 (r259304) +++ stable/10/usr.sbin/ctld/login.c Fri Dec 13 15:23:07 2013 (r259305) @@ -1007,6 +1007,14 @@ login(struct connection *conn) return; } + if (ag->ag_type == AG_TYPE_UNKNOWN) { + /* + * This can happen with empty auth-group. + */ + login_send_error(request, 0x02, 0x01); + log_errx(1, "auth-group type not set, denying access"); + } + log_debugx("CHAP authentication required"); auth_method = keys_find(request_keys, "AuthMethod");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312131523.rBDFN7mO092869>