summaryrefslogtreecommitdiffstats
path: root/etc/inc/ipsec.auth-user.php
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc/ipsec.auth-user.php')
-rwxr-xr-xetc/inc/ipsec.auth-user.php11
1 files changed, 7 insertions, 4 deletions
diff --git a/etc/inc/ipsec.auth-user.php b/etc/inc/ipsec.auth-user.php
index b2fcb55..97ec0e3 100755
--- a/etc/inc/ipsec.auth-user.php
+++ b/etc/inc/ipsec.auth-user.php
@@ -116,10 +116,13 @@ foreach ($authmodes as $authmode) {
$authenticated = authenticate_user($username, $password, $authcfg, $attributes);
if ($authenticated == true) {
- if (stristr($authmode, "local") && !userHasPrivilege($username, "user-ipsec-xauth-dialin")) {
- $authenticated = false;
- syslog(LOG_WARNING, "user '{$username}' cannot authenticate through IPSec since the required privileges are missing.\n");
- continue;
+ if (stristr($authmode, "local")) {
+ $user = getUserEntry($username);
+ if (!is_array($user) || !userHasPrivilege($user, "user-ipsec-xauth-dialin")) {
+ $authenticated = false;
+ syslog(LOG_WARNING, "user '{$username}' cannot authenticate through IPSec since the required privileges are missing.\n");
+ continue;
+ }
}
break;
}
OpenPOWER on IntegriCloud