53 lines
1.7 KiB
Diff
53 lines
1.7 KiB
Diff
From 1b5d6b1afc9c3dc696b7b45f2d73b2634f42800a Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Thu, 16 Mar 2017 13:00:48 +0100
|
|
Subject: [PATCH 59/97] ssh: add support for certificates from non-default
|
|
views
|
|
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
---
|
|
src/responder/ssh/ssh_reply.c | 20 +++++++++++++++++++-
|
|
1 file changed, 19 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/responder/ssh/ssh_reply.c b/src/responder/ssh/ssh_reply.c
|
|
index 7093e47253b5687bab387feed5299c2d0841d43c..1bb9d331868cc18488718c24fd82f32af780b525 100644
|
|
--- a/src/responder/ssh/ssh_reply.c
|
|
+++ b/src/responder/ssh/ssh_reply.c
|
|
@@ -204,7 +204,7 @@ ssh_get_output_keys(TALLOC_CTX *mem_ctx,
|
|
uint32_t i = 0;
|
|
errno_t ret;
|
|
|
|
- elements = talloc_zero_array(mem_ctx, struct ldb_message_element *, 5);
|
|
+ elements = talloc_zero_array(mem_ctx, struct ldb_message_element *, 6);
|
|
if (elements == NULL) {
|
|
return ENOMEM;
|
|
}
|
|
@@ -244,6 +244,24 @@ ssh_get_output_keys(TALLOC_CTX *mem_ctx,
|
|
}
|
|
}
|
|
|
|
+ if (DOM_HAS_VIEWS(domain)) {
|
|
+ user_cert = ldb_msg_find_element(msg, OVERRIDE_PREFIX SYSDB_USER_CERT);
|
|
+ if (user_cert != NULL) {
|
|
+ ret = get_valid_certs_keys(elements, ssh_ctx, user_cert,
|
|
+ &elements[i]);
|
|
+ if (ret != EOK) {
|
|
+ DEBUG(SSSDBG_OP_FAILURE, "get_valid_certs_keys failed.\n");
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
+ if (elements[i] != NULL) {
|
|
+ elements[i]->flags |= SSS_EL_FLAG_BIN_DATA;
|
|
+ num_keys += elements[i]->num_values;
|
|
+ i++;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
*_elements = elements;
|
|
*_num_keys = num_keys;
|
|
|
|
--
|
|
2.12.2
|
|
|