From 16148102e5e35262ac9536b1f2cf4a2370731466 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 17 Nov 2022 10:43:34 +0100 Subject: [PATCH] In lasso_saml20_login_process_response_status_and_assertion does not overwirte signature_status with rc which is always at 0 (#54689) We are losing information in this case, like if the response was not signed. --- lasso/saml-2.0/login.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c index da2e606d..cf0814d1 100644 --- a/lasso/saml-2.0/login.c +++ b/lasso/saml-2.0/login.c @@ -1484,11 +1484,6 @@ lasso_saml20_login_process_response_status_and_assertion(LassoLogin *login) last_assertion = assertion; lasso_foreach_full_end(); - /* set the profile signature status only after all the signatures are - * verified. - */ - profile->signature_status = rc; - /* set the default assertion to the last one */ if (last_assertion) { lasso_assign_gobject (login->private_data->saml2_assertion, last_assertion);