Date: Fri, 13 Dec 2013 21:27:16 +0000 (UTC) From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r259333 - releng/10.0/usr.sbin/ctld Message-ID: <201312132127.rBDLRGHg029475@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: trasz Date: Fri Dec 13 21:27:16 2013 New Revision: 259333 URL: http://svnweb.freebsd.org/changeset/base/259333 Log: MFC r259182: Fix handling for empty auth-groups. Without it, ctld child process would either exit on assertion, or, if assertions are not enabled, fail to authenticate the target. Approved by: re (gjb) Sponsored by: The FreeBSD Foundation Modified: releng/10.0/usr.sbin/ctld/login.c Directory Properties: releng/10.0/ (props changed) Modified: releng/10.0/usr.sbin/ctld/login.c ============================================================================== --- releng/10.0/usr.sbin/ctld/login.c Fri Dec 13 21:22:12 2013 (r259332) +++ releng/10.0/usr.sbin/ctld/login.c Fri Dec 13 21:27:16 2013 (r259333) @@ -1007,6 +1007,14 @@ login(struct connection *conn) return; } + if (ag->ag_type == AG_TYPE_UNKNOWN) { + /* + * This can happen with empty auth-group. + */ + login_send_error(request, 0x02, 0x01); + log_errx(1, "auth-group type not set, denying access"); + } + log_debugx("CHAP authentication required"); auth_method = keys_find(request_keys, "AuthMethod");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312132127.rBDLRGHg029475>