From 1727cdfc6830a1be1c9db899a869a73a67ba0033 Mon Sep 17 00:00:00 2001
From: Frederic Peters <fpeters@entrouvert.com>
Date: Tue, 10 May 2005 12:56:06 +0000
Subject: don't fail if there is no signature on Logout Response

---
 lasso/id-ff/logout.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c
index 0f61d53e..eee02f7c 100644
--- a/lasso/id-ff/logout.c
+++ b/lasso/id-ff/logout.c
@@ -518,6 +518,13 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg)
 
 	/* verify signature */
 	rc = lasso_provider_verify_signature(remote_provider, response_msg, "ResponseID", format);
+	if (rc == LASSO_DS_ERROR_SIGNATURE_NOT_FOUND) {
+		/* This message SHOULD be signed.
+		 *  -- draft-liberty-idff-protocols-schema-1.2-errata-v2.0.pdf - p38
+		 */
+		message(G_LOG_LEVEL_WARNING, "No signature on response");
+		rc = 0;
+	}
 
 	response = LASSO_LIB_STATUS_RESPONSE(profile->response);
 
-- 
cgit