From dcd176c2c4109bc357a660b71dd93996de279e50 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Mon, 25 Apr 2016 17:31:16 +0200 Subject: [pam-bwidm] remove '-k' from curl options --- remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'remote/modules') diff --git a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index 179d61d8..13e40cb9 100755 --- a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -57,7 +57,7 @@ mkdir -p /run/openslx # check if we have a (non-zero bytes) cached copy of the list if [ ! -s "${IDP_QUERY_CACHE}" ]; then - idpret="$(curl -w "%{http_code}" -k -o "${IDP_QUERY_CACHE}" --connect-timeout 5 --max-time 15 "$IDP_QUERY_URL")" + idpret="$(curl -w "%{http_code}" -o "${IDP_QUERY_CACHE}" --connect-timeout 5 --max-time 15 "$IDP_QUERY_URL")" if [ "x$idpret" != "x200" ]; then echo "Could not download the list of identity providers from '$IDP_QUERY_URL'. Aborting." rm -f -- "$IDP_QUERY_CACHE" @@ -110,7 +110,7 @@ if [ "x$PAM_TYPE" == "xauth" ]; then # now we are ready to actually send the credentials to the IdP # to be sure everything is working as expected # we will first send a wrong password (by repeating the given password) and expect a 401 - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -k -d @"${SOAP_ENVELOPE}" -H "Content-Type: application/vnd.paos+xml" --basic -u "${USER_USERNAME}:${USER_PASSWORD}${USER_PASSWORD}" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d @"${SOAP_ENVELOPE}" -H "Content-Type: application/vnd.paos+xml" --basic -u "${USER_USERNAME}:${USER_PASSWORD}${USER_PASSWORD}" "$USER_ECP_URL") if [ "x$ret" != "x401" ]; then # this means something else is bad, just exit @@ -118,7 +118,7 @@ if [ "x$PAM_TYPE" == "xauth" ]; then exit 7 fi # the fake auth call behaved as expected, do the actualy login - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -k -d @"${SOAP_ENVELOPE}" -H "Content-Type: application/vnd.paos+xml" --basic -u "${USER_USERNAME}:${USER_PASSWORD}" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d @"${SOAP_ENVELOPE}" -H "Content-Type: application/vnd.paos+xml" --basic -u "${USER_USERNAME}:${USER_PASSWORD}" "$USER_ECP_URL") if [ "x$ret" == "x200" ]; then # auth succeeded, lets create a local user representing the bwIDM user -- cgit v1.2.3-55-g7522