IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Enable authentication indicators for OTP and RADIUS

Browse Source 
If the user is configured for OTP or RADIUS authentication, insert the
relevant authentication indicator.

https://fedorahosted.org/freeipa/ticket/433

Reviewed-By: Sumit Bose <sbose@redhat.com>
This commit is contained in:
Nathaniel McCallum 2016-02-21 19:44:19 -05:00 committed by Martin Basti
parent 204200d73b
commit 8f356a4305
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
daemons/ipa-kdb/ipa_kdb_principals.c
View File

@ -512,7 +512,8 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext,
krb5_db_entry **kentry, krb5_db_entry **kentry,
uint32_t *polmask) uint32_t *polmask)
{ {
krb5_octet otp_string[] = {'o', 't', 'p', 0, '[', ']', 0 }; const krb5_octet rad_string[] = "otp\0[{\"indicators\": [\"radius\"]}]";
const krb5_octet otp_string[] = "otp\0[{\"indicators\": [\"otp\"]}]";
struct ipadb_context *ipactx; struct ipadb_context *ipactx;
enum ipadb_user_auth ua; enum ipadb_user_auth ua;
LDAP *lcontext; LDAP *lcontext;
@ -842,11 +843,16 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext,
} }
/* If enabled, set the otp user string, enabling otp. */ /* If enabled, set the otp user string, enabling otp. */
if (ua & (IPADB_USER_AUTH_RADIUS | IPADB_USER_AUTH_OTP)) { if (ua & IPADB_USER_AUTH_OTP) {
kerr = ipadb_set_tl_data(entry, KRB5_TL_STRING_ATTRS, kerr = ipadb_set_tl_data(entry, KRB5_TL_STRING_ATTRS,
sizeof(otp_string), otp_string); sizeof(otp_string), otp_string);
if (kerr) if (kerr)
goto done; goto done;
} else if (ua & IPADB_USER_AUTH_RADIUS) {
kerr = ipadb_set_tl_data(entry, KRB5_TL_STRING_ATTRS,
sizeof(rad_string), rad_string);
if (kerr)
goto done;
} }
kerr = 0; kerr = 0;