diff options
Diffstat (limited to 'pam_tacplus.c')
-rw-r--r-- | pam_tacplus.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/pam_tacplus.c b/pam_tacplus.c index 3c8074f..b76b317 100644 --- a/pam_tacplus.c +++ b/pam_tacplus.c @@ -68,7 +68,8 @@ int _pam_send_account(int tac_fd, int type, const char *user, char *tty, sprintf(buf, "%hu", task_id); tac_add_attrib(&attr, "task_id", buf); tac_add_attrib(&attr, "service", tac_service); - tac_add_attrib(&attr, "protocol", tac_protocol); + if(tac_protocol != NULL && tac_protocol[0] != '\0') + tac_add_attrib(&attr, "protocol", tac_protocol); if (cmd != NULL) { tac_add_attrib(&attr, "cmd", cmd); } @@ -148,12 +149,11 @@ int _pam_account(pam_handle_t *pamh, int argc, const char **argv, /* checks for specific data required by TACACS+, which should be supplied in command line */ if(tac_service == NULL || *tac_service == '\0') { - _pam_log (LOG_ERR, "TACACS+ service type not configured"); + _pam_log (LOG_ERR, "ACC: TACACS+ service type not configured"); return PAM_AUTH_ERR; } if(tac_protocol == NULL || *tac_protocol == '\0') { - _pam_log (LOG_ERR, "TACACS+ protocol type not configured"); - return PAM_AUTH_ERR; + _pam_log (LOG_ERR, "ACC: TACACS+ protocol type not configured (IGNORED)"); } /* when this module is called from within pppd or other @@ -478,16 +478,16 @@ int pam_sm_acct_mgmt (pam_handle_t * pamh, int flags, /* checks for specific data required by TACACS+, which should be supplied in command line */ if(tac_service == NULL || !*tac_service) { - _pam_log (LOG_ERR, "TACACS+ service type not configured"); + _pam_log (LOG_ERR, "SM: TACACS+ service type not configured"); return PAM_AUTH_ERR; } if(tac_protocol == NULL || !*tac_protocol) { - _pam_log (LOG_ERR, "TACACS+ protocol type not configured"); - return PAM_AUTH_ERR; + _pam_log (LOG_ERR, "SM: TACACS+ protocol type not configured (IGNORED)"); } tac_add_attrib(&attr, "service", tac_service); - tac_add_attrib(&attr, "protocol", tac_protocol); + if(tac_protocol != NULL && tac_protocol[0] != '\0') + tac_add_attrib(&attr, "protocol", tac_protocol); tac_fd = tac_connect_single(active_server.addr, active_server.key); if(tac_fd < 0) { |