Commit 14d7f2b3 authored by Leigh B Stoller's avatar Leigh B Stoller
Browse files

Do not require UUID in credentials; only PG credentials have this, and

we will not try to store a foreign credential anyway. But added a
check in Store() anyway.
parent 2831c5df
......@@ -411,8 +411,15 @@ sub CreateFromSigned($$;$)
return undef
if (!defined($uuid_node));
my $this_uuid = $uuid_node->to_literal();
$this_uuid = undef
if (defined($this_uuid) && $this_uuid eq "");
if (! ($this_uuid =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) && $CHECK_UUID) {
#
# No longer require this uuid; only PG credentials have it.
# If we try to store it, throw an error. See below.
#
if (defined($this_uuid) &&
! ($this_uuid =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/)) {
print STDERR "Invalid this_uuid in credential\n";
return undef;
}
......@@ -788,6 +795,12 @@ sub Store($)
print STDERR "Not allowed to store delegted credential: $self\n";
return -1;
}
# Foreign credentials will not have this, and we should never
# store them, so throw an error.
if (!defined($self->uuid())) {
print STDERR "Not allowed to store foreign credential: $self\n";
return -1;
}
# Every credential store gets a new unique index.
my $idx = TBGetUniqueIndex('next_ticket', 1);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment