summaryrefslogtreecommitdiffstats
path: root/pki/patches/pki-core-9.0.3-r2104.patch
diff options
context:
space:
mode:
Diffstat (limited to 'pki/patches/pki-core-9.0.3-r2104.patch')
-rw-r--r--pki/patches/pki-core-9.0.3-r2104.patch42
1 files changed, 42 insertions, 0 deletions
diff --git a/pki/patches/pki-core-9.0.3-r2104.patch b/pki/patches/pki-core-9.0.3-r2104.patch
new file mode 100644
index 000000000..94646f100
--- /dev/null
+++ b/pki/patches/pki-core-9.0.3-r2104.patch
@@ -0,0 +1,42 @@
+Index: base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
+===================================================================
+--- base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java (revision 2103)
++++ base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java (revision 2104)
+@@ -64,23 +64,31 @@
+ String givenHost = httpReq.getParameter("hostname");
+ CMS.debug("TokenAuthentication: givenHost=" + givenHost);
+
++ boolean checkIP = false;
++ try {
++ checkIP = config.getBoolean("securitydomain.checkIP", false);
++ } catch (Exception e) {
++ }
++
+ ISecurityDomainSessionTable table = CMS.getSecurityDomainSessionTable();
+ String uid = "";
+ String gid = "";
+ CMS.debug("TokenAuthentication: checking session in the session table");
+ if (table.isSessionIdExist(sessionId)) {
+ CMS.debug("TokenAuthentication: found session");
++ if (checkIP) {
+ String hostname = table.getIP(sessionId);
+- if (hostname.equals(givenHost)) {
+- CMS.debug("TokenAuthentication: hostname and givenHost matched");
+- uid = table.getUID(sessionId);
+- gid = table.getGroup(sessionId);
+- } else {
+- CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" + givenHost + " is different");
++ if (! hostname.equals(givenHost)) {
++ CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost="
++ + givenHost + " are different");
+ CMS.debug("TokenAuthenticate authenticate failed, wrong hostname.");
+ outputError(httpResp, "Error: Failed Authentication");
+ return;
+ }
++ }
++
++ uid = table.getUID(sessionId);
++ gid = table.getGroup(sessionId);
+ } else {
+ CMS.debug("TokenAuthentication: session not found");
+ CMS.debug("TokenAuthentication authenticate failed, session id does not exist.");
generated by cgit (git 2.34.1) at 2024-05-03 19:11:12 +0000