From 4046e4e0a1d031f37b7e614e64ee0eeb968ecaeb Mon Sep 17 00:00:00 2001
Message-Id: <4046e4e0a1d031f37b7e614e64ee0eeb968ecaeb@dist-git>
From: Erik Skultety <eskultet@redhat.com>
Date: Tue, 2 Aug 2016 08:47:45 +0200
Subject: [PATCH] daemon: sasl: Don't forget to save SASL username to client's
identity
Once the SASL authentication process has successfully passed, we should also
save the SASL username used to client's identity, so that when a client like
virt-admin tries to obtain it, the server will actually format the username to
the response data.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
(cherry picked from commit 5289e21f31be226fd22bc3b512b8cc233fa24046)
https://bugzilla.redhat.com/show_bug.cgi?id=1361948
Signed-off-by: Erik Skultety <eskultet@redhat.com>
---
daemon/remote.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/daemon/remote.c b/daemon/remote.c
index 4aa43c2..6991a7e 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -3116,6 +3116,7 @@ static int
remoteSASLFinish(virNetServerPtr server,
virNetServerClientPtr client)
{
+ virIdentityPtr clnt_identity = NULL;
const char *identity;
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
int ssf;
@@ -3138,9 +3139,13 @@ remoteSASLFinish(virNetServerPtr server,
if (!virNetSASLContextCheckIdentity(saslCtxt, identity))
return -2;
+ if (!(clnt_identity = virNetServerClientGetIdentity(client)))
+ goto error;
+
virNetServerClientSetAuth(client, 0);
virNetServerTrackCompletedAuth(server);
virNetServerClientSetSASLSession(client, priv->sasl);
+ virIdentitySetSASLUserName(clnt_identity, identity);
VIR_DEBUG("Authentication successful %d", virNetServerClientGetFD(client));
@@ -3148,6 +3153,7 @@ remoteSASLFinish(virNetServerPtr server,
"client=%p auth=%d identity=%s",
client, REMOTE_AUTH_SASL, identity);
+ virObjectUnref(clnt_identity);
virObjectUnref(priv->sasl);
priv->sasl = NULL;
--
2.9.2