From 6dff660c17910a0a9daadcedba96a1f38ed00dfd Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Wed, 1 Oct 2014 10:26:43 +0000
Subject: MFH (r272280, r272281, r272348): allow use with null user and rhost

PR:		83099 193927
Approved by:	re (kib)
---
 lib/libpam/modules/pam_login_access/pam_login_access.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/libpam/modules/pam_login_access/pam_login_access.c b/lib/libpam/modules/pam_login_access/pam_login_access.c
index a29eb7d..fe16662 100644
--- a/lib/libpam/modules/pam_login_access/pam_login_access.c
+++ b/lib/libpam/modules/pam_login_access/pam_login_access.c
@@ -85,17 +85,21 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused,
 		if (login_access(user, rhost) != 0)
 			return (PAM_SUCCESS);
 		PAM_VERBOSE_ERROR("%s is not allowed to log in from %s",
-		    user, rhost);
+		    (const char *)user, (const char *)rhost);
 	} else if (tty != NULL && *(const char *)tty != '\0') {
 		PAM_LOG("Checking login.access for user %s on tty %s",
 		    (const char *)user, (const char *)tty);
 		if (login_access(user, tty) != 0)
 			return (PAM_SUCCESS);
 		PAM_VERBOSE_ERROR("%s is not allowed to log in on %s",
-		    user, tty);
+		    (const char *)user, (const char *)tty);
 	} else {
-		PAM_VERBOSE_ERROR("PAM_RHOST or PAM_TTY required");
-		return (PAM_AUTHINFO_UNAVAIL);
+		PAM_LOG("Checking login.access for user %s",
+		    (const char *)user);
+		if (login_access(user, "***unknown***") != 0)
+			return (PAM_SUCCESS);
+		PAM_VERBOSE_ERROR("%s is not allowed to log in",
+		    (const char *)user);
 	}
 
 	return (PAM_AUTH_ERR);
-- 
cgit v1.1