diff options
Diffstat (limited to 'net/tac_plus4')
| -rw-r--r-- | net/tac_plus4/Makefile | 5 | ||||
| -rw-r--r-- | net/tac_plus4/files/extra-patch-bb | 47 |
2 files changed, 52 insertions, 0 deletions
diff --git a/net/tac_plus4/Makefile b/net/tac_plus4/Makefile index beee97271e44..fd6c58ecdfa5 100644 --- a/net/tac_plus4/Makefile +++ b/net/tac_plus4/Makefile @@ -23,6 +23,11 @@ MAN1= tac_plus.1 EXTRA_PATCHES= ${PATCHDIR}/extra-patch-ba .endif +# check expiration dates against 'expire' field of master.passwd file +.if defined(TAC_EXPIRE_MASTER_PASSWD) && ${TAC_EXPIRE_MASTER_PASSWD} == YES +EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-bb +.endif + do-install: ${INSTALL_PROGRAM} ${WRKSRC}/tac_plus ${PREFIX}/sbin ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man1/tac_plus.1 diff --git a/net/tac_plus4/files/extra-patch-bb b/net/tac_plus4/files/extra-patch-bb new file mode 100644 index 000000000000..b73bff78296c --- /dev/null +++ b/net/tac_plus4/files/extra-patch-bb @@ -0,0 +1,47 @@ +Hello! + +The tac_plus user guide says that when passwd(5) file is used for user +authentication, the expiry date checks against shell field of password file. +Maybe it is OK for custom passwd files, but not for system password file. + +Here is a little patch below which allow the tacacs daemon check +the expiration dates against 'expire' field of FreeBSD's master.passwd file. +It is very useful for me, and may be useful for other FreeBSD&tacacs users. + +With best regards, +Sergey Levov (serg@informika.ru) + +------------------------------ cut here --------------------------- + +--- pwlib.c.orig Fri Dec 1 15:07:03 2000 ++++ pwlib.c Fri Dec 1 15:07:48 2000 +@@ -195,7 +195,7 @@ + struct passwd *pw; + char *exp_date; + char *cfg_passwd; +-#ifdef SHADOW_PASSWORDS ++#if defined(SHADOW_PASSWORDS) || defined(FREEBSD) + char buf[12]; + #endif /* SHADOW_PASSWORDS */ + +@@ -217,7 +217,20 @@ + return (0); + } + cfg_passwd = pw->pw_passwd; ++#ifdef FREEBSD ++ buf[0] = '\0'; ++ if (pw->pw_expire > (time_t) 0) ++ { ++ long secs = pw->pw_expire; ++ char *p = ctime(&secs); ++ bcopy(p+4, buf, 7); ++ bcopy(p+20, buf+7, 4); ++ buf[11] = '\0'; ++ } ++ exp_date = buf; ++#else + exp_date = pw->pw_shell; ++#endif + + #ifdef SHADOW_PASSWORDS + if (STREQ(pw->pw_passwd, "x")) { |