39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
|
diff -up lasso-2.5.1/lasso/saml-2.0/login.c.coverity lasso-2.5.1/lasso/saml-2.0/login.c
|
||
|
--- lasso-2.5.1/lasso/saml-2.0/login.c.coverity 2021-07-27 10:23:31.976845852 +0200
|
||
|
+++ lasso-2.5.1/lasso/saml-2.0/login.c 2021-07-27 10:23:55.358913123 +0200
|
||
|
@@ -1371,7 +1371,7 @@ lasso_saml20_login_process_response_stat
|
||
|
char *status_value;
|
||
|
lasso_error_t rc = 0;
|
||
|
lasso_error_t assertion_signature_status = 0;
|
||
|
- LassoProfileSignatureVerifyHint verify_hint;
|
||
|
+ LassoProfileSignatureVerifyHint verify_hint = LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST;
|
||
|
|
||
|
profile = &login->parent;
|
||
|
lasso_extract_node_or_fail(response, profile->response, SAMLP2_STATUS_RESPONSE,
|
||
|
@@ -1492,20 +1492,12 @@ lasso_saml20_login_process_response_stat
|
||
|
lasso_assign_gobject (login->private_data->saml2_assertion, last_assertion);
|
||
|
}
|
||
|
|
||
|
- switch (verify_hint) {
|
||
|
- case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
|
||
|
- case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||
|
- break;
|
||
|
- case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
|
||
|
- /* ignore signature errors */
|
||
|
- if (rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) {
|
||
|
- rc = 0;
|
||
|
- }
|
||
|
- break;
|
||
|
- default:
|
||
|
- g_assert(0);
|
||
|
- }
|
||
|
cleanup:
|
||
|
+ if (verify_hint == LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE &&
|
||
|
+ rc == LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE) {
|
||
|
+ profile->signature_status = rc;
|
||
|
+ rc = 0;
|
||
|
+ }
|
||
|
return rc;
|
||
|
}
|
||
|
|