Date: Tue, 10 Dec 2013 17:27:12 +0000 (UTC) From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r259182 - head/usr.sbin/ctld Message-ID: <201312101727.rBAHRC79036894@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: trasz Date: Tue Dec 10 17:27:11 2013 New Revision: 259182 URL: http://svnweb.freebsd.org/changeset/base/259182 Log: Fix handling for empty auth-groups. Without it, ctld child process would either exit on assertion, or, if assertions are not enabled, fail to authenticate the target. MFC after: 2 days Sponsored by: The FreeBSD Foundation Modified: head/usr.sbin/ctld/login.c Modified: head/usr.sbin/ctld/login.c ============================================================================== --- head/usr.sbin/ctld/login.c Tue Dec 10 17:26:52 2013 (r259181) +++ head/usr.sbin/ctld/login.c Tue Dec 10 17:27:11 2013 (r259182) @@ -1007,6 +1007,14 @@ login(struct connection *conn) return; } + if (ag->ag_type == AG_TYPE_UNKNOWN) { + /* + * This can happen with empty auth-group. + */ + login_send_error(request, 0x02, 0x01); + log_errx(1, "auth-group type not set, denying access"); + } + log_debugx("CHAP authentication required"); auth_method = keys_find(request_keys, "AuthMethod");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312101727.rBAHRC79036894>