diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-10-05 19:34:40 +0200 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-10-06 17:00:52 +0200 |
| commit | 06c2ec9d61a7a06608942b464ba13702cfb4d08b (patch) | |
| tree | dfd9a064d61ce4ff92b73aaaca8a4ef0a85065b0 | |
| parent | 3d1d90ee315301ae258efbb66f009bf681d4a4dd (diff) | |
| download | lasso-06c2ec9d61a7a06608942b464ba13702cfb4d08b.tar.gz lasso-06c2ec9d61a7a06608942b464ba13702cfb4d08b.tar.xz lasso-06c2ec9d61a7a06608942b464ba13702cfb4d08b.zip | |
[SAMLv2] fix ordering of endpoints
Ordering by binding is wrong, first order by isDefault (as stated in
saml-metadata-2.0.pdf) then by index.
| -rw-r--r-- | lasso/saml-2.0/provider.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/lasso/saml-2.0/provider.c b/lasso/saml-2.0/provider.c index bc9e70f1..15cf2a81 100644 --- a/lasso/saml-2.0/provider.c +++ b/lasso/saml-2.0/provider.c @@ -145,7 +145,7 @@ load_endpoint_type2(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole xmlChar *isDefault = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_ISDEFAULT); gboolean indexed_endpoint = FALSE; int idx = *counter++; - gboolean is_default = FALSE; + int is_default = 0; EndpointType *endpoint_type; if (! binding || ! location) { @@ -158,7 +158,18 @@ load_endpoint_type2(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole warning("Invalid AssertionConsumerService, no index set"); goto cleanup; } - is_default = xsdIsTrue(isDefault); + /* isDefault is 0 if invalid or not present + * -1 if true (comes first) + * +1 if false (comes last) + */ + if (isDefault) { + if (xsdIsTrue(isDefault)) { + is_default = -1; + } + if (xsdIsFalse(isDefault)) { + is_default = 1; + } + } } endpoint_type = g_new0(EndpointType, 1); endpoint_type->kind = g_strdup((char*)xmlnode->name); @@ -182,6 +193,13 @@ static gint compare_endpoint_type(const EndpointType *a, const EndpointType *b) { int c; + /* order the sequence of endpoints: + * - first by role, + * - then by profile, + * - then by isDefault attribute (truth first, then absent, then false) + * - then by index + * - then by binding + */ if (a->role < b->role) return -1; if (a->role > b->role) @@ -189,12 +207,9 @@ compare_endpoint_type(const EndpointType *a, const EndpointType *b) { c = g_strcmp0(a->kind,b->kind); if (c != 0) return c; - c = g_strcmp0(a->binding,b->binding); - if (c != 0) - return c; - if (a->is_default && ! b->is_default) + if (a->is_default < b->is_default) return -1; - if (! a->is_default && b->is_default) + if (a->is_default > b->is_default) return +1; if (a->index < b->index) return -1; |