diff options
author | Simon Rettberg | 2018-04-25 12:15:12 +0200 |
---|---|---|
committer | Simon Rettberg | 2018-04-25 12:15:12 +0200 |
commit | ed765face17dd82d65462a146fd34b70bd74bc13 (patch) | |
tree | 88121a4908eb53b58e4f774f3013d4b09314dbe2 /core/modules/pam-bwidm | |
parent | [rfs-stage32] Increase min_free_kbytes for zram swap (diff) | |
download | mltk-ed765face17dd82d65462a146fd34b70bd74bc13.tar.gz mltk-ed765face17dd82d65462a146fd34b70bd74bc13.tar.xz mltk-ed765face17dd82d65462a146fd34b70bd74bc13.zip |
[pam-bwidm] Set proper Content-Type in request
Diffstat (limited to 'core/modules/pam-bwidm')
-rwxr-xr-x | core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index ae9cdf41..72cd961e 100755 --- a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -145,9 +145,7 @@ readonly SOAP_ENVELOPE="/opt/openslx/bwidm_soap.xml" # now the pam-type specific part starts if [ "x$PAM_TYPE" == "xauth" ]; then - HA='Accept: text/html; application/vnd.paos+xml' - HP='PAOS: ver="urn:liberty:paos:2003-08";"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"' - CT='Content-Type: application/vnd.paos+xml; charset=utf-8' + CT='Content-Type: text/xml; charset=utf-8' NOW=$(date -u '+%Y-%m-%dT%H:%M:%SZ') HOST=$(echo "${USER_ECP_URL}" | awk -F '/' '{print $3}') RID="_c${RANDOM}a${RANDOM}f${RANDOM}f${RANDOM}e${RANDOM}e${RANDOM}" @@ -161,19 +159,19 @@ if [ "x$PAM_TYPE" == "xauth" ]; then # to be sure everything is working as expected # we will first send a wrong password and expect a 401 echo "machine ${HOST} login ${USER_USERNAME} password ___invalid-INVALID++~" > "${NETRC}" - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" -H "$HP" -H "$HA" --basic --netrc-file "$NETRC" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" --basic --netrc-file "$NETRC" "$USER_ECP_URL") if [ "x$ret" != "x401" ]; then # this means something else is bad, just exit echo "False authentication attempt did not return 401 as expected but: $ret" - rm -- "${NETRC}" + rm -f -- "${NETRC}" exit 7 fi - # the fake auth call behaved as expected, do the actualy login + # the fake auth call behaved as expected, do the actual login echo "machine ${HOST} login ${USER_USERNAME} password ${USER_PASSWORD}" > "${NETRC}" - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" -H "$HP" -H "$HA" --basic --netrc-file "$NETRC" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" --basic --netrc-file "$NETRC" "$USER_ECP_URL") echo "machine ${HOST} login ${USER_USERNAME} password ********************" > "${NETRC}" # It should be a tmpfs but you never know - rm -- "${NETRC}" + rm -f -- "${NETRC}" if [ "x$ret" == "x200" ]; then # auth succeeded, lets create a local user representing the bwIDM user |