If AuthorizedPrincipalsCommand is specified, however - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	jsing <jsing@openbsd.org>	2015-06-15 18:44:22 +0000
committer	jsing <jsing@openbsd.org>	2015-06-15 18:44:22 +0000
commit	8133225e0bf8eb862ac4198880595fada753fe4b (patch)
tree	3fd4c1472c48f457f27bf2bd6c7f203c1c6f4318 /usr.sbin/syslogd/syslogd.c
parent	Make the arguments to match_principals_command() similar to (diff)
download	wireguard-openbsd-8133225e0bf8eb862ac4198880595fada753fe4b.tar.xz wireguard-openbsd-8133225e0bf8eb862ac4198880595fada753fe4b.zip

If AuthorizedPrincipalsCommand is specified, however

AuthorizedPrincipalsFile is not (or is set to "none"), authentication will potentially fail due to key_cert_check_authority() failing to locate a principal that matches the username, even though an authorized principal has already been matched in the output of the subprocess. Fix this by using the same logic to determine if pw->pw_name should be passed, as is used to determine if a authorized principal must be matched earlier on. ok djm@

Diffstat (limited to 'usr.sbin/syslogd/syslogd.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: