diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-10-06 10:39:18 +0200 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-10-06 17:00:52 +0200 |
commit | 58a3868361ba63d51d5c0f802d3b7d2a9a8ae376 (patch) | |
tree | 1093cafd177f4f43565faba74c2a28dc406c2733 /lasso | |
parent | 7a27400a87380e3f4262a71946ffc5d17c464c2d (diff) | |
download | lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.gz lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.xz lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.zip |
[ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest
Diffstat (limited to 'lasso')
-rw-r--r-- | lasso/id-ff/login.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 20973941..2cb6cf30 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -2030,7 +2030,11 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG); } - lasso_assign_new_gobject(profile->request, LASSO_NODE(request)); + lasso_assign_new_gobject(profile->request, request); + if (! LASSO_IS_LIB_AUTHN_REQUEST(profile->request)) { + lasso_release_gobject(profile->request); + return LASSO_PROFILE_ERROR_INVALID_MSG; + } /* get remote ProviderID */ lasso_assign_string(profile->remote_providerID, |