diff options
| author | Andreas Klemm <andreas@FreeBSD.org> | 2000-12-01 20:42:49 +0000 |
|---|---|---|
| committer | Andreas Klemm <andreas@FreeBSD.org> | 2000-12-01 20:42:49 +0000 |
| commit | 7eb4e513f0e1ebe328796ad4e2418a3d095c7449 (patch) | |
| tree | f297f4c750c584bca0fc8c4dde72d71711391af2 /net/tac_plus4 | |
| parent | e3f7b9190bb5911c3a42f52e228ac14f801c80f7 (diff) | |
| download | ports-7eb4e513f0e1ebe328796ad4e2418a3d095c7449.tar.gz ports-7eb4e513f0e1ebe328796ad4e2418a3d095c7449.zip | |
From Sergey:
"The tac_plus user guide says that when passwd(5) file is used for user
authentication, the expiry date checks against shell field of password file.
Maybe it is OK for custom passwd files, but not for system password file.
Here is a little patch below which allow the tacacs daemon check
the expiration dates against 'expire' field of FreeBSD's master.passwd file.
It is very useful for me, and may be useful for other FreeBSD&tacacs users."
Submitted by: Sergey Levov <serg@informika.ru>
Notes
Notes:
svn path=/head/; revision=35587
Diffstat (limited to 'net/tac_plus4')
| -rw-r--r-- | net/tac_plus4/Makefile | 5 | ||||
| -rw-r--r-- | net/tac_plus4/files/extra-patch-bb | 47 |
2 files changed, 52 insertions, 0 deletions
diff --git a/net/tac_plus4/Makefile b/net/tac_plus4/Makefile index beee97271e44..fd6c58ecdfa5 100644 --- a/net/tac_plus4/Makefile +++ b/net/tac_plus4/Makefile @@ -23,6 +23,11 @@ MAN1= tac_plus.1 EXTRA_PATCHES= ${PATCHDIR}/extra-patch-ba .endif +# check expiration dates against 'expire' field of master.passwd file +.if defined(TAC_EXPIRE_MASTER_PASSWD) && ${TAC_EXPIRE_MASTER_PASSWD} == YES +EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-bb +.endif + do-install: ${INSTALL_PROGRAM} ${WRKSRC}/tac_plus ${PREFIX}/sbin ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man1/tac_plus.1 diff --git a/net/tac_plus4/files/extra-patch-bb b/net/tac_plus4/files/extra-patch-bb new file mode 100644 index 000000000000..b73bff78296c --- /dev/null +++ b/net/tac_plus4/files/extra-patch-bb @@ -0,0 +1,47 @@ +Hello! + +The tac_plus user guide says that when passwd(5) file is used for user +authentication, the expiry date checks against shell field of password file. +Maybe it is OK for custom passwd files, but not for system password file. + +Here is a little patch below which allow the tacacs daemon check +the expiration dates against 'expire' field of FreeBSD's master.passwd file. +It is very useful for me, and may be useful for other FreeBSD&tacacs users. + +With best regards, +Sergey Levov (serg@informika.ru) + +------------------------------ cut here --------------------------- + +--- pwlib.c.orig Fri Dec 1 15:07:03 2000 ++++ pwlib.c Fri Dec 1 15:07:48 2000 +@@ -195,7 +195,7 @@ + struct passwd *pw; + char *exp_date; + char *cfg_passwd; +-#ifdef SHADOW_PASSWORDS ++#if defined(SHADOW_PASSWORDS) || defined(FREEBSD) + char buf[12]; + #endif /* SHADOW_PASSWORDS */ + +@@ -217,7 +217,20 @@ + return (0); + } + cfg_passwd = pw->pw_passwd; ++#ifdef FREEBSD ++ buf[0] = '\0'; ++ if (pw->pw_expire > (time_t) 0) ++ { ++ long secs = pw->pw_expire; ++ char *p = ctime(&secs); ++ bcopy(p+4, buf, 7); ++ bcopy(p+20, buf+7, 4); ++ buf[11] = '\0'; ++ } ++ exp_date = buf; ++#else + exp_date = pw->pw_shell; ++#endif + + #ifdef SHADOW_PASSWORDS + if (STREQ(pw->pw_passwd, "x")) { |