diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2011-04-14 16:45:43 +0200 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2011-04-14 16:45:43 +0200 |
| commit | 8be7b0414dc19cca7b892deeccc64b5fcedaf62c (patch) | |
| tree | 6591a2b81f462937111806cf60db874832c6dd64 /tests | |
| parent | 1171ee2e8b2902b47b62e88a489c5cc6491f0e2e (diff) | |
| download | lasso-8be7b0414dc19cca7b892deeccc64b5fcedaf62c.tar.gz lasso-8be7b0414dc19cca7b892deeccc64b5fcedaf62c.tar.xz lasso-8be7b0414dc19cca7b892deeccc64b5fcedaf62c.zip | |
[core] add flags parameter to lasso_server_load_metadata to tune signature checking on metadata files
The flags parameter allows to control the checking of digital signature
upon EntityDescriptor and EntitiesDescriptor nodes in SAML 2.0 metadata
files.
The default behaviour is to check all found signatures and to inherit
signature from EntitiesDescriptor to their children.
By only enabling checking of EntityDescrtiptor node signatures it's also
possible to only check signature at the EntityDescriptor level and so
only trust individual entities and not the aggregating provider.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/basic_tests.c | 11 | ||||
| -rw-r--r-- | tests/data/renater-metadata.xml | 4 |
2 files changed, 12 insertions, 3 deletions
diff --git a/tests/basic_tests.c b/tests/basic_tests.c index 2d5af9db..d469c474 100644 --- a/tests/basic_tests.c +++ b/tests/basic_tests.c @@ -1956,9 +1956,17 @@ START_TEST(test13_test_lasso_server_load_metadata) check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP, TESTSDATADIR "/renater-metadata.xml", TESTSDATADIR "/metadata-federation-renater.crt", - &blacklisted_1, &loaded_entity_ids)); + &blacklisted_1, &loaded_entity_ids, + LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT)); check_equals(g_hash_table_size(server->providers), 101); check_equals(g_list_length(loaded_entity_ids), 101); + check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP, + TESTSDATADIR "/ukfederation-metadata.xml", + TESTSDATADIR "/ukfederation.pem", + &blacklisted_1, &loaded_entity_ids, + LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT)); + check_equals(g_list_length(loaded_entity_ids), 283); + check_equals(g_hash_table_size(server->providers), 384); lasso_release_gobject(server); } @@ -2005,6 +2013,7 @@ basic_suite() tcase_add_test(tc_response_new_from_xmlNode, test11_get_default_name_id_format); tcase_add_test(tc_custom_namespace, test12_custom_namespace); tcase_add_test(tc_load_metadata, test13_test_lasso_server_load_metadata); + tcase_set_timeout(tc_load_metadata, 10); return s; } diff --git a/tests/data/renater-metadata.xml b/tests/data/renater-metadata.xml index 7a9ff7da..1f8bce66 100644 --- a/tests/data/renater-metadata.xml +++ b/tests/data/renater-metadata.xml @@ -12,7 +12,7 @@ </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> -X1YhQCh7ZYc4dN36bWBYviDKxxfishiqMdF3E7PNLYLxCK8wZL58dOvNVnYTJ1CkKa2iFp9Tejyc +1YhQCh7ZYc4dN36bWBYviDKxxfishiqMdF3E7PNLYLxCK8wZL58dOvNVnYTJ1CkKa2iFp9Tejyc 4DRkvzU6vGSGsX2M6k92ON16zanpekHgjFMv4DvtPevRyYHJaeoOzE/6k0Es1kIvbsYMWrVWZdsO XNRvItqOZdBBWNyxXsQ= </ds:SignatureValue> @@ -27411,4 +27411,4 @@ cHF5 -</EntitiesDescriptor>
\ No newline at end of file +</EntitiesDescriptor> |