From 5056ab3054857e16e586cabf59b3a538aad82dfc Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 9 Aug 2010 08:53:04 +0000
Subject: [PATCH] saml: Verify destination of logout messages to SP.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2505 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/www/sp/saml2-logout.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/saml/www/sp/saml2-logout.php b/modules/saml/www/sp/saml2-logout.php
index d1cc4dc5d..50dd62b3a 100644
--- a/modules/saml/www/sp/saml2-logout.php
+++ b/modules/saml/www/sp/saml2-logout.php
@@ -37,6 +37,11 @@ $spMetadata = $source->getMetadata();
 
 sspmod_saml_Message::validateMessage($idpMetadata, $spMetadata, $message);
 
+$destination = $message->getDestination();
+if ($destination !== NULL && $destination !== SimpleSAML_Utilities::selfURLNoQuery()) {
+	throw new SimpleSAML_Error_Exception('Destination in logout message is wrong.');
+}
+
 if ($message instanceof SAML2_LogoutResponse) {
 
 	$relayState = $message->getRelayState();
-- 
GitLab