0001-lasso_saml20_login_process_response_status_and_asser.patch
lasso/saml-2.0/login.c | ||
---|---|---|
1371 | 1371 |
char *status_value; |
1372 | 1372 |
lasso_error_t rc = 0; |
1373 | 1373 |
lasso_error_t assertion_signature_status = 0; |
1374 |
LassoProfileSignatureVerifyHint verify_hint; |
|
1374 |
LassoProfileSignatureVerifyHint verify_hint = LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST;
|
|
1375 | 1375 | |
1376 | 1376 |
profile = &login->parent; |
1377 | 1377 |
lasso_extract_node_or_fail(response, profile->response, SAMLP2_STATUS_RESPONSE, |
... | ... | |
1492 | 1492 |
lasso_assign_gobject (login->private_data->saml2_assertion, last_assertion); |
1493 | 1493 |
} |
1494 | 1494 | |
1495 |
switch (verify_hint) { |
|
1496 |
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE: |
|
1497 |
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE: |
|
1498 |
break; |
|
1499 |
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE: |
|
1500 |
/* ignore signature errors */ |
|
1501 |
if (rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) { |
|
1502 |
rc = 0; |
|
1503 |
} |
|
1504 |
break; |
|
1505 |
default: |
|
1506 |
g_assert(0); |
|
1507 |
} |
|
1508 | 1495 |
cleanup: |
1496 |
if (verify_hint == LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE && |
|
1497 |
rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) { |
|
1498 |
profile->signature_status = rc; |
|
1499 |
rc = 0; |
|
1500 |
} |
|
1509 | 1501 |
return rc; |
1510 | 1502 |
} |
1511 | 1503 | |
1512 |
- |