From 7b65fef03a68025a018b689790923457627abedb Mon Sep 17 00:00:00 2001
From: Maxim Konovalov <maxim@FreeBSD.org>
Date: Tue, 5 Mar 2002 10:50:55 +0000
Subject: [PATCH] Unbreak PAP-only authentication.

PR:			i386/34607
Not objected by:	peter
Approved by:		ru
Obtained from:		ppp-2.4.1b2
MFC after:		1 week
---
 usr.sbin/pppd/auth.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c
index 2a580e9b1410..b2d43f8e82ef 100644
--- a/usr.sbin/pppd/auth.c
+++ b/usr.sbin/pppd/auth.c
@@ -676,11 +676,17 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg, msglen)
 	check_access(f, filename);
 	remote = ipwo->accept_remote? 0: ipwo->hisaddr;
 	if (scan_authfile(f, user, our_name, remote,
-			  secret, &addrs, filename) < 0
-	    || (secret[0] != 0 && (cryptpap || strcmp(passwd, secret) != 0)
-		&& strcmp(crypt(passwd, secret), secret) != 0)) {
-	    syslog(LOG_WARNING, "PAP authentication failure for %s", user);
-	    ret = UPAP_AUTHNAK;
+	    secret, &addrs, filename) < 0) {
+		warn("no PAP secret found for %s", user);
+	} else {
+	    if (secret[0] != 0) {
+		/* password given in pap-secrets - must match */
+		if ((cryptpap || strcmp(passwd, secret) != 0)
+		    && strcmp(crypt(passwd, secret), secret) != 0) {
+			ret = UPAP_AUTHNAK;
+			warn("PAP authentication failure for %s", user);
+		}
+	    }
 	}
 	fclose(f);
     }