summaryrefslogtreecommitdiffstats
path: root/usr.sbin
diff options
context:
space:
mode:
authortrasz <trasz@FreeBSD.org>2013-12-13 15:23:07 +0000
committertrasz <trasz@FreeBSD.org>2013-12-13 15:23:07 +0000
commit77844c8786da077ce333d27f0bc596d05bb8dc2e (patch)
tree49629f9940d65d30962991a4a9d852146640bedc /usr.sbin
parent61fa4c178c3fa3c86e76ef54f8ead432f9a970c3 (diff)
downloadFreeBSD-src-77844c8786da077ce333d27f0bc596d05bb8dc2e.zip
FreeBSD-src-77844c8786da077ce333d27f0bc596d05bb8dc2e.tar.gz
MFC r259182:
Fix handling for empty auth-groups. Without it, ctld child process would either exit on assertion, or, if assertions are not enabled, fail to authenticate the target. Sponsored by: The FreeBSD Foundation
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/ctld/login.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/usr.sbin/ctld/login.c b/usr.sbin/ctld/login.c
index 042cf2a..b528fc0 100644
--- a/usr.sbin/ctld/login.c
+++ b/usr.sbin/ctld/login.c
@@ -1007,6 +1007,14 @@ login(struct connection *conn)
return;
}
+ if (ag->ag_type == AG_TYPE_UNKNOWN) {
+ /*
+ * This can happen with empty auth-group.
+ */
+ login_send_error(request, 0x02, 0x01);
+ log_errx(1, "auth-group type not set, denying access");
+ }
+
log_debugx("CHAP authentication required");
auth_method = keys_find(request_keys, "AuthMethod");
OpenPOWER on IntegriCloud