summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authordes <des@FreeBSD.org>2003-02-15 23:26:49 +0000
committerdes <des@FreeBSD.org>2003-02-15 23:26:49 +0000
commitaf39bbe73340d1b90d37d1ef358434119c952638 (patch)
tree772f026a4bba6563a3098b6b2431b50aa48782d0 /lib
parent8e7322af296932055fbcd4c246cc115c209b5c82 (diff)
downloadFreeBSD-src-af39bbe73340d1b90d37d1ef358434119c952638.zip
FreeBSD-src-af39bbe73340d1b90d37d1ef358434119c952638.tar.gz
Assume "localhost" if no remote host was specified. This is safe from a
POLA point of view since the stock /etc/opieaccess now allows localhost.
Diffstat (limited to 'lib')
-rw-r--r--lib/libpam/modules/pam_opieaccess/pam_opieaccess.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c b/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c
index 67cbfc0..3201dc2 100644
--- a/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c
+++ b/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c
@@ -57,7 +57,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
{
struct opie opie;
struct passwd *pwent;
- char *luser, *rhost;
+ const char *luser, *rhost;
int r;
r = pam_get_item(pamh, PAM_USER, (const void **)&luser);
@@ -73,9 +73,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost);
if (r != PAM_SUCCESS)
return (r);
+ if (rhost == NULL)
+ rhost = "localhost";
- if ((rhost == NULL || opieaccessfile(rhost)) &&
- opiealways(pwent->pw_dir) != 0)
+ if (opieaccessfile(rhost) != 0 && opiealways(pwent->pw_dir) != 0)
return (PAM_SUCCESS);
PAM_VERBOSE_ERROR("Refused; remote host is not in opieaccess");
OpenPOWER on IntegriCloud