daemon: sasl: Don't forget to save SASL username to client's identity

Once the SASL authentication process has successfully passed, we should also save the SASL username used to client's identity, so that when a client like virt-admin tries to obtain it, the server will actually format the username to the response data. Signed-off-by: N Erik Skultety <eskultet@redhat.com>

daemon: sasl: Don't forget to save SASL username to client's identity
Once the SASL authentication process has successfully passed, we should also save the SASL username used to client's identity, so that when a client like virt-admin tries to obtain it, the server will actually format the username to the response data. Signed-off-by: N Erik Skultety <eskultet@redhat.com>
5289e21f · Erik Skultety · 385ec628 · 5289e21f
隐藏空白更改
内联并排

Showing with 6 addition and 0 deletion

daemon/remote.c daemon/remote.c +6 -0

未找到文件。
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -3116,6 +3116,7 @@ static int
 remoteSASLFinish(virNetServerPtr server,
                 virNetServerClientPtr client)
 {
+    virIdentityPtr clnt_identity = NULL;
    const char *identity;
    struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
    int ssf;
@@ -3138,9 +3139,13 @@ remoteSASLFinish(virNetServerPtr server,
    if (!virNetSASLContextCheckIdentity(saslCtxt, identity))
        return -2;

+    if (!(clnt_identity = virNetServerClientGetIdentity(client)))
+        goto error;
+
    virNetServerClientSetAuth(client, 0);
    virNetServerTrackCompletedAuth(server);
    virNetServerClientSetSASLSession(client, priv->sasl);
+    virIdentitySetSASLUserName(clnt_identity, identity);

    VIR_DEBUG("Authentication successful %d", virNetServerClientGetFD(client));

@@ -3148,6 +3153,7 @@ remoteSASLFinish(virNetServerPtr server,
          "client=%p auth=%d identity=%s",
          client, REMOTE_AUTH_SASL, identity);

+    virObjectUnref(clnt_identity);
    virObjectUnref(priv->sasl);
    priv->sasl = NULL;