mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-23 21:34:54 +03:00
daemon: sasl: Don't forget to save SASL username to client's identity
Once the SASL authentication process has successfully passed, we should also save the SASL username used to client's identity, so that when a client like virt-admin tries to obtain it, the server will actually format the username to the response data. Signed-off-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
parent
385ec6280f
commit
5289e21f31
@ -3116,6 +3116,7 @@ static int
|
|||||||
remoteSASLFinish(virNetServerPtr server,
|
remoteSASLFinish(virNetServerPtr server,
|
||||||
virNetServerClientPtr client)
|
virNetServerClientPtr client)
|
||||||
{
|
{
|
||||||
|
virIdentityPtr clnt_identity = NULL;
|
||||||
const char *identity;
|
const char *identity;
|
||||||
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
||||||
int ssf;
|
int ssf;
|
||||||
@ -3138,9 +3139,13 @@ remoteSASLFinish(virNetServerPtr server,
|
|||||||
if (!virNetSASLContextCheckIdentity(saslCtxt, identity))
|
if (!virNetSASLContextCheckIdentity(saslCtxt, identity))
|
||||||
return -2;
|
return -2;
|
||||||
|
|
||||||
|
if (!(clnt_identity = virNetServerClientGetIdentity(client)))
|
||||||
|
goto error;
|
||||||
|
|
||||||
virNetServerClientSetAuth(client, 0);
|
virNetServerClientSetAuth(client, 0);
|
||||||
virNetServerTrackCompletedAuth(server);
|
virNetServerTrackCompletedAuth(server);
|
||||||
virNetServerClientSetSASLSession(client, priv->sasl);
|
virNetServerClientSetSASLSession(client, priv->sasl);
|
||||||
|
virIdentitySetSASLUserName(clnt_identity, identity);
|
||||||
|
|
||||||
VIR_DEBUG("Authentication successful %d", virNetServerClientGetFD(client));
|
VIR_DEBUG("Authentication successful %d", virNetServerClientGetFD(client));
|
||||||
|
|
||||||
@ -3148,6 +3153,7 @@ remoteSASLFinish(virNetServerPtr server,
|
|||||||
"client=%p auth=%d identity=%s",
|
"client=%p auth=%d identity=%s",
|
||||||
client, REMOTE_AUTH_SASL, identity);
|
client, REMOTE_AUTH_SASL, identity);
|
||||||
|
|
||||||
|
virObjectUnref(clnt_identity);
|
||||||
virObjectUnref(priv->sasl);
|
virObjectUnref(priv->sasl);
|
||||||
priv->sasl = NULL;
|
priv->sasl = NULL;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user