diff options
| author | Dave Olson <olson@cumulusnetworks.com> | 2016-11-18 15:24:43 -0800 |
|---|---|---|
| committer | Dave Olson <olson@cumulusnetworks.com> | 2016-11-22 15:33:25 -0800 |
| commit | c0fa56a885473e8eb2455a8eec47c87e3b68e16a (patch) | |
| tree | 45581a29df8f9580684437d58988f14c8fd4230c | |
| parent | 096cdd65b4fdf97550e2df99aee7cd41faa71f85 (diff) | |
| download | libnss-tacplus-c0fa56a885473e8eb2455a8eec47c87e3b68e16a.tar.gz libnss-tacplus-c0fa56a885473e8eb2455a8eec47c87e3b68e16a.zip | |
Handle case of secret parameter listed after multiple servers
Fixed this case:
server=a.b.c.d
server=b.d.e.f
secret=stuff
libpam-tacplus handled, but my code didn't.
| -rw-r--r-- | nss_tacplus.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/nss_tacplus.c b/nss_tacplus.c index 4c62a82..5b0766a 100644 --- a/nss_tacplus.c +++ b/nss_tacplus.c @@ -113,6 +113,7 @@ static int nss_tacplus_config(int *errnop, const char *cfile, int top) !strncmp(lbuf, "login=", 6)) ; else if(!strncmp(lbuf, "secret=", 7)) { + int i; /* no need to complain if too many on this one */ if(tac_key_no < TAC_PLUS_MAXSERVERS) { if((tac_srv[tac_key_no].key = strdup(lbuf+7))) @@ -121,6 +122,13 @@ static int nss_tacplus_config(int *errnop, const char *cfile, int top) syslog(LOG_ERR, "%s: unable to copy server secret %s", nssname, lbuf+7); } + /* handle case where 'secret=' was given after a 'server=' + * parameter, fill in the current secret */ + for(i = tac_srv_no-1; i >= 0; i--) { + if (tac_srv[i].key) + continue; + tac_srv[i].key = strdup(lbuf+7); + } } else if(!strncmp(lbuf, "exclude_users=", 14)) { /* |