Allow using "-d username" without "-r". Example:
auth stream tcp nowait root internal auth -d "Only fools trust ident"
This commit is contained in:
Brian Feldman
parent
8d1b3828fa
commit
7ef719fb93
@ -469,8 +469,20 @@ ident_stream(s, sep) /* Ident service (AKA "auth") */
|
||||
goto printit;
|
||||
}
|
||||
|
||||
if (!rflag) /* Send HIDDEN-USER immediately if not "real" */
|
||||
iderror(lport, fport, s, -1);
|
||||
/*
|
||||
* If not "real" (-r), send a HIDDEN-USER error for everything.
|
||||
* If -d is used to set a fallback username, this is used to
|
||||
* override it, and the fallback is returned instead.
|
||||
*/
|
||||
if (!rflag) {
|
||||
if (fallback == NULL)
|
||||
iderror(lport, fport, s, -1);
|
||||
else {
|
||||
cp = fallback;
|
||||
goto printit;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* We take the input and construct an array of two sockaddr_ins
|
||||
* which contain the local address information and foreign
|
||||
|
||||
@ -436,11 +436,14 @@ Without options, the service will always return
|
||||
The available arguments to this service that alter its behavior are:
|
||||
.Bl -tag -width indent
|
||||
.It Fl d Ar fallback
|
||||
Instead of returning an error if getting the socket credentials or
|
||||
If the real ident service is enabled, return this user for every
|
||||
request.
|
||||
If the real ident service is disabled, then this flag, instead of
|
||||
returning an error if getting the socket credentials or
|
||||
looking up the user name fails, return a default
|
||||
.Ar fallback
|
||||
user name to the requesting ident client. This is primarily useful
|
||||
when running this service on a NAT machine.
|
||||
user name to the requesting ident client.
|
||||
This is primarily useful when running this service on a NAT machine.
|
||||
.It Fl t Ar sec[.usec]
|
||||
Specify a timeout for the service.
|
||||
The default timeout is 10.0 seconds.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user