From: Katy Feng <fkaty@vmware.com>
Date: Tue, 17 Oct 2023 22:24:48 +0000 (-0700)
Subject: Enabling the open-vm-tools VGAuth Host Verification feature.
X-Git-Tag: stable-12.3.5~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba8219ee4bab927d7142e8392b20e183c589786e;p=thirdparty%2Fopen-vm-tools.git

Enabling the open-vm-tools VGAuth Host Verification feature.

The Host Verified SAML token work is complete. Adding the new code to the
open-vm-tools source.
---

diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac
index 2d60c725b..4ec1ea97f 100644
--- a/open-vm-tools/configure.ac
+++ b/open-vm-tools/configure.ac
@@ -1944,12 +1944,6 @@ AC_CONFIG_FILES([                      \
 
 
 
-AM_CONDITIONAL([VMTOOLS_FS_VGAUTH_HOST_VERIFICATION],[true])
-if test "$enable_vgauth" = "yes"; then
-   echo "Enabling vgauth host verification"
-   CPPFLAGS="$CPPFLAGS -DVMTOOLS_FS_VGAUTH_HOST_VERIFICATION"
-fi
-
 
 ###
 ### Output
diff --git a/open-vm-tools/services/plugins/vix/vixToolsInt.h b/open-vm-tools/services/plugins/vix/vixToolsInt.h
index 19685edbb..007db5115 100644
--- a/open-vm-tools/services/plugins/vix/vixToolsInt.h
+++ b/open-vm-tools/services/plugins/vix/vixToolsInt.h
@@ -204,9 +204,7 @@ VixError VixToolsCheckSAMLForSystem(VGAuthContext *ctx,
                                     const char *token,
                                     const char *username,
                                     char *serviceUsername,
-#ifdef VMTOOLS_FS_VGAUTH_HOST_VERIFICATION
                                     Bool hostVerified,
-#endif
                                     void **userToken,
                                     VGAuthUserHandle **curUserHandle);
 #endif // _WIN32
diff --git a/open-vm-tools/vgauth/common/VGAuthProto.h b/open-vm-tools/vgauth/common/VGAuthProto.h
index f7bcae12f..58a84a1c4 100644
--- a/open-vm-tools/vgauth/common/VGAuthProto.h
+++ b/open-vm-tools/vgauth/common/VGAuthProto.h
@@ -622,7 +622,6 @@
 
 #define VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME "ValidateSamlBToken"
 
-
 #define VGAUTH_VALIDATESAMLBEARERTOKEN_REQUEST_FORMAT \
    VGAUTH_REQUEST_FORMAT_START \
       "<"VGAUTH_REQUESTNAME_ELEMENT_NAME">"VGAUTH_REQUESTVALIDATESAMLBEARERTOKEN_ELEMENT_NAME"</"VGAUTH_REQUESTNAME_ELEMENT_NAME">" \
@@ -632,7 +631,6 @@
       "<"VGAUTH_HOST_VERIFIED_ELEMENT_NAME">%s</"VGAUTH_HOST_VERIFIED_ELEMENT_NAME">" \
    VGAUTH_REQUEST_FORMAT_END
 
-
 #define VGAUTH_VALIDATESAMLBEARERTOKEN_REPLY_FORMAT_START \
    VGAUTH_REPLY_FORMAT_START \
        "<"VGAUTH_USERNAME_ELEMENT_NAME">%s</"VGAUTH_USERNAME_ELEMENT_NAME">" \
diff --git a/open-vm-tools/vgauth/public/VGAuthAuthentication.h b/open-vm-tools/vgauth/public/VGAuthAuthentication.h
index 0d6565af1..e19fe4764 100644
--- a/open-vm-tools/vgauth/public/VGAuthAuthentication.h
+++ b/open-vm-tools/vgauth/public/VGAuthAuthentication.h
@@ -198,7 +198,7 @@ VGAuthError VGAuth_ValidateSSPIResponse(VGAuthContext *ctx,
 
 #define  VGAUTH_PARAM_VALIDATE_INFO_ONLY  "validateInfoOnly"
 
-#   define VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified"
+#define  VGAUTH_PARAM_SAML_HOST_VERIFIED "hostVerified"
 
 VGAuthError VGAuth_ValidateSamlBearerToken(VGAuthContext *ctx,
                                            const char *samlToken,