diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2012-11-13 13:31:56 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-12-02 21:42:24 +0100 |
| commit | b510d909cbe8d8216b60ee070730dd5c41294303 (patch) | |
| tree | 4345fa940910f0ebc8150520bd63635fefd7cbc4 | |
| parent | 42870c7ac3608ffc58f2c9524ad3dfc1401bc1aa (diff) | |
| download | sssd-b510d909cbe8d8216b60ee070730dd5c41294303.tar.gz sssd-b510d909cbe8d8216b60ee070730dd5c41294303.tar.bz2 sssd-b510d909cbe8d8216b60ee070730dd5c41294303.zip | |
sudo: print message if old protocol is used
| -rw-r--r-- | src/responder/sudo/sudosrv_cmd.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/src/responder/sudo/sudosrv_cmd.c b/src/responder/sudo/sudosrv_cmd.c index eb421373..9ad1be42 100644 --- a/src/responder/sudo/sudosrv_cmd.c +++ b/src/responder/sudo/sudosrv_cmd.c @@ -164,6 +164,7 @@ static int sudosrv_cmd(enum sss_sudo_type type, struct cli_ctx *cli_ctx) struct sudo_cmd_ctx *cmd_ctx = NULL; uint8_t *query_body = NULL; size_t query_len = 0; + uint32_t protocol = cli_ctx->cli_protocol_version->version; errno_t ret; /* create cmd_ctx */ @@ -185,9 +186,20 @@ static int sudosrv_cmd(enum sss_sudo_type type, struct cli_ctx *cli_ctx) } /* if protocol is invalid return */ - if (cli_ctx->cli_protocol_version->version != SSS_SUDO_PROTOCOL_VERSION) { - DEBUG(SSSDBG_FATAL_FAILURE, ("Invalid protocol! [%d]\n", - cli_ctx->cli_protocol_version->version)); + switch (protocol) { + case 0: + DEBUG(SSSDBG_FATAL_FAILURE, ("Protocol [%d] is not secure. " + "SSSD does not allow to use this protocol.\n", protocol)); + ret = EFAULT; + goto done; + break; + case SSS_SUDO_PROTOCOL_VERSION: + DEBUG(SSSDBG_TRACE_INTERNAL, ("Using protocol version [%d]\n", + protocol)); + break; + default: + DEBUG(SSSDBG_FATAL_FAILURE, ("Invalid protocol version [%d]!\n", + protocol)); ret = EFAULT; goto done; } |