diff options
| author | Simo Sorce <simo@redhat.com> | 2013-06-19 12:18:31 -0400 |
|---|---|---|
| committer | Günther Deschner <gdeschner@redhat.com> | 2013-06-21 17:04:45 +0200 |
| commit | aadc71e0b4ded19a4dbfeafd509d265e42659c92 (patch) | |
| tree | 4f89db1237775e25a71856ccc470998d3623fc8e | |
| parent | 7201cabaf0c59b2f50c1a86a47465daaafff6cb4 (diff) | |
| download | gss-proxy-aadc71e0b4ded19a4dbfeafd509d265e42659c92.tar.gz gss-proxy-aadc71e0b4ded19a4dbfeafd509d265e42659c92.tar.xz gss-proxy-aadc71e0b4ded19a4dbfeafd509d265e42659c92.zip | |
Properly check socket for connection matching.
We always need to chekc if the socket matches otherwise the worng service may
be selected if a specific socket is being used but a service allowing the same
euid is confgured to use the deault socket as well.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
| -rw-r--r-- | proxy/src/gp_creds.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c index 2517665..cd51308 100644 --- a/proxy/src/gp_creds.c +++ b/proxy/src/gp_creds.c @@ -103,9 +103,14 @@ struct gp_service *gp_creds_match_conn(struct gssproxy_ctx *gpctx, for (i = 0; i < gpctx->config->num_svcs; i++) { if (gpctx->config->svcs[i]->euid == gcs->ucred.uid) { - if (gpctx->config->svcs[i]->socket && - !gp_same(socket, gpctx->config->svcs[i]->socket)) { - continue; + if (gpctx->config->svcs[i]->socket) { + if (!gp_same(socket, gpctx->config->svcs[i]->socket)) { + continue; + } + } else { + if (!gp_same(socket, gpctx->config->socket_name)) { + continue; + } } return gpctx->config->svcs[i]; } |