Projet

Général

Profil

0001-lasso_saml20_login_process_response_status_and_asser.patch

Jakub Hrozek, 05 juillet 2021 11:52

Télécharger (1,58 ko)

Voir les différences: 

Subject: [PATCH] lasso_saml20_login_process_response_status_and_assertion:
 handle rc as per verify_hint

In case VERIFY_HINT was set to IGNORE and the login signature was
incorrect, lasso_saml20_login_process_response_status_and_assertion
would have jumped straight to the cleanup label which just returns the
return code. Let's jump to a new label handlerc instead which might set
the return code to 0 in case verify_hint is set to IGNORE.

Related: https://dev.entrouvert.org/issues/54689

 lasso/saml-2.0/login.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
lasso/saml-2.0/login.c
1425 1425 
			goto_cleanup_with_rc(profile->signature_status);
1426 1426 
		}
1427 1427 
	} else if (profile->signature_status != 0) {
1428 
		goto_cleanup_with_rc(profile->signature_status);
1428 
		rc = profile->signature_status;
1429 
		goto handlerc;
1429 1430 
	}
1430 1431 

  		




  1431
  1432
  
    
	lasso_foreach_full_begin(LassoSaml2Assertion*, assertion, it, samlp2_response->Assertion);

  		




  ......




  1492
  1493
  
    
		lasso_assign_gobject (login->private_data->saml2_assertion, last_assertion);

  		




  1493
  1494
  
    
	}

  		




  1494
  1495
  
    

  		




  
  1496
  
    
handlerc:

  		




  1495
  1497
  
    
	switch (verify_hint) {

  		




  1496
  1498
  
    
		case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:

  		




  1497
  1499
  
    
		case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:

  		




  1498
  
  
    
-