summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-11-13 13:31:56 +0100
committerJakub Hrozek <jhrozek@redhat.com>2012-12-02 21:42:24 +0100
commitb510d909cbe8d8216b60ee070730dd5c41294303 (patch)
tree4345fa940910f0ebc8150520bd63635fefd7cbc4
parent42870c7ac3608ffc58f2c9524ad3dfc1401bc1aa (diff)
downloadsssd-b510d909cbe8d8216b60ee070730dd5c41294303.tar.gz
sssd-b510d909cbe8d8216b60ee070730dd5c41294303.tar.bz2
sssd-b510d909cbe8d8216b60ee070730dd5c41294303.zip
sudo: print message if old protocol is used
-rw-r--r--src/responder/sudo/sudosrv_cmd.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/src/responder/sudo/sudosrv_cmd.c b/src/responder/sudo/sudosrv_cmd.c
index eb421373..9ad1be42 100644
--- a/src/responder/sudo/sudosrv_cmd.c
+++ b/src/responder/sudo/sudosrv_cmd.c
@@ -164,6 +164,7 @@ static int sudosrv_cmd(enum sss_sudo_type type, struct cli_ctx *cli_ctx)
struct sudo_cmd_ctx *cmd_ctx = NULL;
uint8_t *query_body = NULL;
size_t query_len = 0;
+ uint32_t protocol = cli_ctx->cli_protocol_version->version;
errno_t ret;
/* create cmd_ctx */
@@ -185,9 +186,20 @@ static int sudosrv_cmd(enum sss_sudo_type type, struct cli_ctx *cli_ctx)
}
/* if protocol is invalid return */
- if (cli_ctx->cli_protocol_version->version != SSS_SUDO_PROTOCOL_VERSION) {
- DEBUG(SSSDBG_FATAL_FAILURE, ("Invalid protocol! [%d]\n",
- cli_ctx->cli_protocol_version->version));
+ switch (protocol) {
+ case 0:
+ DEBUG(SSSDBG_FATAL_FAILURE, ("Protocol [%d] is not secure. "
+ "SSSD does not allow to use this protocol.\n", protocol));
+ ret = EFAULT;
+ goto done;
+ break;
+ case SSS_SUDO_PROTOCOL_VERSION:
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Using protocol version [%d]\n",
+ protocol));
+ break;
+ default:
+ DEBUG(SSSDBG_FATAL_FAILURE, ("Invalid protocol version [%d]!\n",
+ protocol));
ret = EFAULT;
goto done;
}