]> git.ipfire.org Git - thirdparty/open-vm-tools.git/commitdiff
projects / thirdparty / open-vm-tools.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2793302)
Introduce the new CAP_HOST_VERIFIED_SAML_TOKEN capability.
authorKaty Feng <fkaty@vmware.com>
Tue, 22 Aug 2023 18:11:41 +0000 (11:11 -0700)
committerKaty Feng <fkaty@vmware.com>
Tue, 22 Aug 2023 18:11:41 +0000 (11:11 -0700)
open-vm-tools/lib/include/vmware/guestrpc/capabilities.h patch | blob | blame | history
open-vm-tools/services/plugins/vix/vixPlugin.c patch | blob | blame | history
open-vm-tools/services/plugins/vix/vixTools.c patch | blob | blame | history

diff --git a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h
index c502ad45cce0dce2a8dcab187338d2e15dab93c4..53b86b231b4424b6972902945eac13aaeb4cc5ec 100644 (file)
--- a/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h
+++ b/open-vm-tools/lib/include/vmware/guestrpc/capabilities.h
@@ -1,5 +1,5 @@
 /*********************************************************
- * Copyright (c) 2008-2017,2020-2021 VMware, Inc. All rights reserved.
+ * Copyright (c) 2008-2017,2020-2021, 2023 VMware, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as published
@@ -26,6 +26,7 @@
 #ifndef _GUEST_CAPS_H_
 #define _GUEST_CAPS_H_
 
+/* clang-format off */
 /*
  * Guest capabilities.
  * The guest uses this enum to communicate whether a certain
@@ -79,6 +80,7 @@ typedef enum {
    CAP_GUESTSTORE_UPGRADE               = 34, // supports tools upgrade from GuestStore
    CAP_DEVICE_HELPER                    = 35, // supports tools device helper for Windows guests
    CAP_VMBACKUP_NVME                    = 36, // supports NVMe for vmbackup
+   CAP_HOST_VERIFIED_SAML_TOKEN         = 37, // supports host verification of SAML tokens
 } GuestCapabilities;
 
 typedef struct {
@@ -102,7 +104,6 @@ typedef struct {
  * If you change these strings, make sure you also change the
  *  vmdb schema, since these strings are used as vmdb keys.
  */
-// clang-format off
 static GuestCapElem guestCapTable[] = {
    { UNITY_CAP_START_MENU,                 UNITY_CAP_VMDB_PATH, "startmenu" },
    { UNITY_CAP_VIRTUAL_DESK,               UNITY_CAP_VMDB_PATH, "virtualdesk" },
@@ -145,6 +146,7 @@ static GuestCapElem guestCapTable[] = {
    { CAP_GUESTSTORE_UPGRADE,               NULL,                NULL },
    { CAP_DEVICE_HELPER,                    NULL,                NULL },
    { CAP_VMBACKUP_NVME,                    NULL,                NULL },
+   { CAP_HOST_VERIFIED_SAML_TOKEN,         NULL,                NULL },
 };
 // clang-format on
 
diff --git a/open-vm-tools/services/plugins/vix/vixPlugin.c b/open-vm-tools/services/plugins/vix/vixPlugin.c
index aecfd5e7cfddc1dafd8abc8ba882c1e516881102..1a28b955a553d033abd3596298d379413c9304fe 100644 (file)
--- a/open-vm-tools/services/plugins/vix/vixPlugin.c
+++ b/open-vm-tools/services/plugins/vix/vixPlugin.c
@@ -1,5 +1,5 @@
 /*********************************************************
- * Copyright (C) 2008-2019 VMware, Inc. All rights reserved.
+ * Copyright (c) 2008-2019, 2023 VMware, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as published
@@ -75,6 +75,8 @@ VixShutdown(gpointer src,
 }
 
 
+
+
 /**
  * Returns the registration data for either the guestd or userd process.
  *
@@ -103,7 +105,7 @@ ToolsOnLoad(ToolsAppCtx *ctx)
          ToolsDaemonTcloMountHGFS, NULL, NULL, NULL, 0 },
    };
    ToolsPluginSignalCb sigs[] = {
-      { TOOLS_CORE_SIG_SHUTDOWN, VixShutdown, &regData }
+      { TOOLS_CORE_SIG_SHUTDOWN, VixShutdown, &regData },
    };
    ToolsAppReg regs[] = {
       { TOOLS_APP_GUESTRPC, VMTools_WrapArray(rpcs, sizeof *rpcs, ARRAYSIZE(rpcs)) },
diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c
index 76860a23f1e3c3807dd730e8f97cdd57ec0f88ee..021ec93ba31234047dbab731bfc9322daec30f40 100644 (file)
--- a/open-vm-tools/services/plugins/vix/vixTools.c
+++ b/open-vm-tools/services/plugins/vix/vixTools.c
@@ -1,5 +1,5 @@
 /*********************************************************
- * Copyright (c) 2007-2022 VMware, Inc. All rights reserved.
+ * Copyright (c) 2007-2023 VMware, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as published
@@ -8295,7 +8295,8 @@ VixToolsImpersonateUserImplEx(char const *credentialTypeStr,         // IN
       }
 
 #if SUPPORT_VGAUTH
-      else if (VIX_USER_CREDENTIAL_SAML_BEARER_TOKEN == credentialType) {
+      else if ((VIX_USER_CREDENTIAL_SAML_BEARER_TOKEN == credentialType)
+         ) {
          if (GuestAuthEnabled()) {
             err = GuestAuthSAMLAuthenticateAndImpersonate(obfuscatedNamePassword,
                                                           loadUserProfile,
@@ -11996,8 +11997,7 @@ GuestAuthSAMLAuthenticateAndImpersonate(
    vgErr = VGAuth_ValidateSamlBearerToken(ctx,
                                           token,
                                           username,
-                                          0,
-                                          NULL,
+                                          0, NULL,
                                           &newHandle);
 #if ALLOW_LOCAL_SYSTEM_IMPERSONATION_BYPASS
    /*
Mirror of https://github.com/vmware/open-vm-tools.git