Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

merge staging into rc #401

Merged
merged 4 commits into from
Sep 6, 2023
Merged

merge staging into rc #401

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ffe5994
fixing bug with dangling pointer
jordanfilteau1995 Sep 1, 2023
2cd076a
Merge pull request #400 from zowe/Jordan-branch-4
JoeNemo Sep 5, 2023
03f2ee1
Replace ":" with ";" in httpserver.c
struga0258 Sep 6, 2023
45b2865
Merge pull request #402 from zowe/struga0258-patch-2
JoeNemo Sep 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions c/httpserver.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2653,7 +2653,7 @@ static int safAuthenticate(HttpService *service, HttpRequest *request, AuthRespo
} else if (authDataFound){
ACEE *acee = NULL;
strupcase(request->username); /* upfold username */
if (!(request->flags & HTTP_REQUEST_NO_PASSWORD)) {
if (request->flags & HTTP_REQUEST_NO_PASSWORD) {
zowelog(NULL, LOG_COMP_HTTPSERVER, ZOWE_LOG_DEBUG3, "Password is null. Calling safAuthenticate without a password.\n");
} else {
#ifdef ENABLE_DANGEROUS_AUTH_TRACING
Expand Down Expand Up @@ -3178,6 +3178,7 @@ static int serviceAuthNativeWithSessionToken(HttpService *service, HttpRequest *

#define TLS_CLIENT_CERTIFICATE_MAX_LENGTH 65536

char *userid = NULL; /* allocate on slh so we have for duration of request and response. */
char *clientCertificate = safeMalloc(TLS_CLIENT_CERTIFICATE_MAX_LENGTH, "Client Certificate");
unsigned int clientCertificateLength = 0;

Expand All @@ -3197,10 +3198,10 @@ static int serviceAuthNativeWithSessionToken(HttpService *service, HttpRequest *
* We don't want to do this if we already found authentication data.
*/
if (authDataFound == FALSE) {
#define TLS_USERID_LENGTH 9
char userid[TLS_USERID_LENGTH] = {0};
int racfReturnCode = 0, racfReasonCode = 0;
zowelog(NULL, LOG_COMP_HTTPSERVER, ZOWE_LOG_DEBUG, "There was no token or credentials found in the request. Server is attempting to map the client certificate.\n");
userid = SLHAlloc(response->request->slh, 9);
memset(userid, 0, 9);
int safReturnCode = getUseridByCertificate(clientCertificate, clientCertificateLength, userid, &racfReturnCode, &racfReasonCode);
if (safReturnCode == 0) {
request->username = userid;
Expand All @@ -3209,7 +3210,7 @@ static int serviceAuthNativeWithSessionToken(HttpService *service, HttpRequest *
request->flags = HTTP_REQUEST_NO_PASSWORD;
authDataFound = TRUE;
} else {
zowelog(NULL, LOG_COMP_HTTPSERVER, ZOWE_LOG_INFO, "No user was found for client certificate. (rc = 0x%x racfRC = 0x%x racfRSN = 0x%x\n", safReturnCode, racfReturnCode, racfReasonCode);
zowelog(NULL, LOG_COMP_HTTPSERVER, ZOWE_LOG_INFO, "No user was found for client certificate. (rc = 0x%x racfRC = 0x%x racfRSN = 0x%x)\n", safReturnCode, racfReturnCode, racfReasonCode);
}
} else {
zowelog(NULL, LOG_COMP_HTTPSERVER, ZOWE_LOG_INFO, "Client certificate was attached to request, but credentials are also attached. Server won't attempt to map the client certificate.\n");
Expand Down