From 7fdc4f066e1ec9994c548991222b1779fd2f58e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Fri, 1 Feb 2008 13:11:15 +0000
Subject: [PATCH] Fixed two bugs with signing Shib 1.3 responses. 1)
 certificate chain bug 2) switched to sign responses instead of assertions

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@235 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Bindings/Shib13/HTTPPost.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
index e9355a7b8..da1a408f3 100644
--- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
@@ -72,7 +72,8 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 	
 		$privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey'];
 		$publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate'];
-		$certchain_pem_file = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'];
+		$certchain_pem_file = isset($idpmd['certificatechain']) ? 
+			$this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'] : null;
 
 		$privatek = file_get_contents($privatekey);
 		
@@ -116,7 +117,7 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 			
 			*/
 			
-		$objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1,
+		$objXMLSecDSig->addReferenceList(array($responseroot), XMLSecurityDSig::SHA1,
 			array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N),
 			array('id_name' => 'ResponseID'));
 			
-- 
GitLab