amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-06-02 00:49:45 +00:00
Code Issues Projects Releases Wiki Activity

fix(saml): don't ignore the signature of messages

Browse Source 
See CVE-2021-33054
This commit is contained in:
Francis Lachapelle
2021-05-27 13:54:34 -04:00
parent a2ef542ad4
commit c0e60902a0
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SoObjects/SOGo/SOGoSAML2Session.m
-1
View File
@@ -464,7 +464,6 @@ static NSMapTable *serverTable = nil;
responseData = strdup ([authnResponse UTF8String]);
lasso_profile_set_signature_verify_hint(lassoLogin, LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
rc = lasso_login_process_authn_response_msg (lassoLogin, responseData);
if (rc)
[NSException raiseSAML2Exception: rc];