+ /*
+ * Check remote number authorization. A plugin may have filled in
+ * the remote number or added an allowed number, and rather than
+ * return an authenticate failure, is leaving it for us to verify.
+ */
+ if (code == CHAP_SUCCESS) {
+ if (!auth_number()) {
+ /* We do not want to leak info about the chap result. */
+ code = CHAP_FAILURE; /* XXX exit value will be "wrong" */
+ warn("calling number %q is not authorized", remote_number);
+ }
+ }
+