freeipa

Clone
Source Code
GIT

75c50a0 server: use context.principal only when it is defined

1 file Authored by abbra a month ago, Committed by rcritten a month ago,
raw patch tree parent
1 file changed. 2 lines added. 1 lines removed.
ipaserver/plugins/server.py
file modified
+2 -1 
    server: use context.principal only when it is defined
    
    In server-like context we use LDAPI connection with auto-binding to LDAP
    object based on the UID of the process connecting to LDAPI UNIX domain
    socket. This means context.principal is not set and we cannot use it.
    
    Make sure to reject requests unless we are operating as a Directory
    Manager in such cases.
    
    Fixes: https://pagure.io/freeipa/issue/9583
    
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    Reviewed-By: Thomas Woerner <twoerner@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Rafael Guterres Jeffman <rjeffman@redhat.com>
    Reviewed-By: Thomas Woerner <twoerner@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Rafael Guterres Jeffman <rjeffman@redhat.com>
file modified
+2 -1
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.