MFC r259182:

Fix handling for empty auth-groups.  Without it, ctld child process
would either exit on assertion, or, if assertions are not enabled,
fail to authenticate the target.

Sponsored by:	The FreeBSD Foundation
This commit is contained in:
trasz 2013-12-13 15:23:07 +00:00
parent 61fa4c178c
commit 77844c8786

View File

@ -1007,6 +1007,14 @@ login(struct connection *conn)
return;
}
if (ag->ag_type == AG_TYPE_UNKNOWN) {
/*
* This can happen with empty auth-group.
*/
login_send_error(request, 0x02, 0x01);
log_errx(1, "auth-group type not set, denying access");
}
log_debugx("CHAP authentication required");
auth_method = keys_find(request_keys, "AuthMethod");