rpms / lasso

Clone
Source Code
GIT

Blame SOURCES/0009-lasso_saml20_login_process_response_status_and_asser.patch

c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   e5600eef2e2c6aadf25ea261440d880789f180da
  2.   SOURCES
  3.   0009-lasso_saml20_login_process_response_status_and_asser.patch
Blob History Raw
e5600e 
diff -up lasso-2.5.1/lasso/saml-2.0/login.c.coverity lasso-2.5.1/lasso/saml-2.0/login.c
e5600e 
--- lasso-2.5.1/lasso/saml-2.0/login.c.coverity	2021-07-27 10:23:31.976845852 +0200
e5600e 
+++ lasso-2.5.1/lasso/saml-2.0/login.c	2021-07-27 10:23:55.358913123 +0200
e5600e 
@@ -1371,7 +1371,7 @@ lasso_saml20_login_process_response_stat
e5600e 
 	char *status_value;
e5600e 
 	lasso_error_t rc = 0;
e5600e 
 	lasso_error_t assertion_signature_status = 0;
e5600e 
-	LassoProfileSignatureVerifyHint verify_hint;
e5600e 
+	LassoProfileSignatureVerifyHint verify_hint = LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST;
e5600e
e5600e 
 	profile = &login->parent;
e5600e 
 	lasso_extract_node_or_fail(response, profile->response, SAMLP2_STATUS_RESPONSE,
e5600e 
@@ -1492,20 +1492,12 @@ lasso_saml20_login_process_response_stat
e5600e 
 		lasso_assign_gobject (login->private_data->saml2_assertion, last_assertion);
e5600e 
 	}
e5600e
e5600e 
-	switch (verify_hint) {
e5600e 
-		case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
e5600e 
-		case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
e5600e 
-			break;
e5600e 
-		case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
e5600e 
-			/* ignore signature errors */
e5600e 
-			if (rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) {
e5600e 
-				rc = 0;
e5600e 
-			}
e5600e 
-			break;
e5600e 
-		default:
e5600e 
-			g_assert(0);
e5600e 
-	}
e5600e 
 cleanup:
e5600e 
+	if (verify_hint == LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE &&
e5600e 
+		rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) {
e5600e 
+	    profile->signature_status = rc;
e5600e 
+	    rc = 0;
e5600e 
+	}
e5600e 
 	return rc;
e5600e 
 }
e5600e

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation