diff --git a/config/config-template.php b/config/config-template.php index 90a5bcf4af3fff128415a9417c823ec6edb8b2e3..5e31f2fe6f123c542862a4c645cadf3aa1f2fa4a 100644 --- a/config/config-template.php +++ b/config/config-template.php @@ -25,7 +25,7 @@ $config = array ( 'templatedir' => 'templates/default/', 'metadatadir' => 'metadata/', 'attributenamemapdir' => 'attributemap/', - 'certdir' => 'certs/', + 'certdir' => 'cert/', 'dictionarydir' => 'dictionaries/', 'loggingdir' => 'log/', diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php index 94af7f48f130097f8a140abda8bb0e5f46a2ae35..6cc8aec2feaf7ef55acee91506c32e1da81ef845 100644 --- a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php @@ -73,13 +73,12 @@ class SimpleSAML_Bindings_SAML20_HTTPPost { $privatekey = "/home/as/erlang/feide2/cert/edugain/server1Key.pem"; $publiccert = "/home/as/erlang/feide2/cert/edugain/server2chain.pem"; - $privatekey = "/home/as/erlang/feide2/cert/server.pem"; $publiccert = "/home/as/erlang/feide2/cert/server.crt"; - */ + */ - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey']; - $publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate']; + $privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey']; + $publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate']; if (!file_exists($privatekey)) throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the authentication response'); diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php index 4fa8e7cbcfcf27d3f7d38184a37243cd6e05c6d7..a92564a0f2a8f17a51bc54a5ef16ac0fd0ae3335 100644 --- a/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php +++ b/lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php @@ -34,7 +34,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { /* Load the private key. */ - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $md['privatekey']; + $privatekey = $this->configuration->getPathValue('certdir') . $md['privatekey']; if (!file_exists($privatekey)) { throw new Exception('Could not find private key file [' . $privatekey . '] which is needed to sign the request.'); } @@ -96,7 +96,7 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { $query = $query . "&" . "SigAlg=" . urlencode($algURI); // check if public key of sp exists - $publickey = $this->configuration->getBaseDir() . '/cert/' . $md['certificate']; + $publickey = $this->configuration->getPathValue('certdir') . $md['certificate']; if (!file_exists($publickey)) { throw new Exception('Could not find private key file [' . $publickey . '] which is needed to verify the request.'); } diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php index caee28a727000f6db6fccaaad427fa45ad22dfc2..aa3e00f49734958bfbc8993ed9e278eb2c32286e 100644 --- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php @@ -70,10 +70,10 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { throw new Exception('Could not find AssertionConsumerService for SP entity ID [' . $spentityid. ']. ' . 'Claimed ACS is: ' . (isset($claimedacs) ? $claimedacs : 'N/A')); - $privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey']; - $publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate']; + $privatekey = $this->configuration->getPathValue('certdir') . $idpmd['privatekey']; + $publiccert = $this->configuration->getPathValue('certdir') . $idpmd['certificate']; $certchain_pem_file = isset($idpmd['certificatechain']) ? - $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'] : null; + $this->configuration->getPathValue('certdir') . $idpmd['certificatechain'] : null; if (!file_exists($privatekey)) throw new Exception('Could not find private key file [' . $privatekey . ']'); diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php index 7178606ec2b29c572826f412400b80784f8a7c08..39f9e1b7b223ffff8a9d6377fc0c601d7e030123 100644 --- a/lib/SimpleSAML/Configuration.php +++ b/lib/SimpleSAML/Configuration.php @@ -67,6 +67,46 @@ class SimpleSAML_Configuration { } + /* Retrieve a path configuration option set in config.php. + * The function will always return an absolute path unless the + * option is not set. It will then return the default value. + * + * It checks if the value starts with a slash, and prefixes it + * with the value from getBaseDir if it doesn't. + * + * Parameters: + * $name Name of the configuration option. + * $default Default value of the configuration option. This + * parameter will default to NULL if not specified. + * + * Returns: + * The path configuration option with name $name, or $default if + * the option was not found. + */ + public function getPathValue($name, $default = NULL) { + if (!isset($this->configuration)) { + $this->loadConfig(); + } + + /* Return the default value if the option is unset. */ + if (!array_key_exists($name, $this->configuration)) { + return $default; + } + + $path = $this->configuration[$name]; + + /* Prepend path with basedir if it doesn't start with + * a slash. We assume getBaseDir ends with a slash. + */ + if ($path[0] !== '/') $path = $this->getBaseDir() . $path; + + /* Add trailing slash if it is missing to be consistent with getBaseDir */ + if (substr($path, -1) !== '/') $path .= '/'; + + return $path; + } + + /* Retrieve the base directory for this simpleSAMLphp installation. * This function first checks the 'basedir' configuration option. If * this option is undefined or NULL, then we fall back to looking at diff --git a/lib/SimpleSAML/Logger/LoggingHandlerFile.php b/lib/SimpleSAML/Logger/LoggingHandlerFile.php index b0239ef88ba56eabd6107fcc0ea745badd7d54dc..a3b94937a3fe52b32fd5bf6f4134a5f096bd5077 100644 --- a/lib/SimpleSAML/Logger/LoggingHandlerFile.php +++ b/lib/SimpleSAML/Logger/LoggingHandlerFile.php @@ -21,7 +21,7 @@ class SimpleSAML_Logger_LoggingHandlerFile implements SimpleSAML_Logger_LoggingH assert($config instanceof SimpleSAML_Configuration); /* Get the metadata handler option from the configuration. */ - $this->logFile = $config->getBaseDir().'/'.$config->getValue('loggingdir').'/'.$config->getValue('logging.logfile'); + $this->logFile = $config->getPathValue('loggingdir').$config->getValue('logging.logfile'); if (@file_exists($this->logFile)) { if (!@is_writeable($this->logFile)) throw new Exception("Could not write to logfile: ".$this->logFile); diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php index b9affb918676b17b8cd1f28f9deb100aad7b29c4..828ecc7483e14517e3a0096f5e82c40530bbe3bc 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatfile.php @@ -41,9 +41,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerFlatFile extends SimpleSAML_Meta $config = SimpleSAML_Configuration::getInstance(); assert($config instanceof SimpleSAML_Configuration); - $metadatasetfile = $config->getBaseDir() . '/' . - $config->getValue('metadatadir') . '/' . $set . '.php'; - + $metadatasetfile = $config->getPathValue('metadatadir') . $set . '.php'; if (!file_exists($metadatasetfile)) { throw new Exception('Could not open file: ' . $metadatasetfile); diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php index 3e45a8218fbe83b041fe94f1cdd1434ae17acbfa..f53622323e74ee522a8313f176858438a50d4903 100644 --- a/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php +++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSAML2Meta.php @@ -64,8 +64,7 @@ class SimpleSAML_Metadata_MetaDataStorageHandlerSAML2Meta extends SimpleSAML_Met // The metadata location is an URL $metadatasetfile = $metadatalocation; } else { - $metadatasetfile = $config->getBaseDir() . '' . - $config->getValue('metadatadir') . $metadatalocation; + $metadatasetfile = $config->getPathValue('metadatadir') . $metadatalocation; if (!file_exists($metadatasetfile)) throw new Exception('Could not find SAML 2.0 Metadata file :'. $metadatasetfile); if (preg_match('@\.php$@', $metadatalocation)) { $xml = false; diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php index d4acfa022479861a2320ed723b98efcd4aa49a78..1ece4451628eceebf64095928f9998d06a88d2ec 100644 --- a/lib/SimpleSAML/XHTML/Template.php +++ b/lib/SimpleSAML/XHTML/Template.php @@ -71,16 +71,16 @@ class SimpleSAML_XHTML_Template { private function includeAtTemplateBase($file) { $data = $this->data; - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir'); + $filebase = $this->configuration->getPathValue('templatedir'); include($filebase . $file); } private function includeAtLanguageBase($file) { $data = $this->data; - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' ; + $filebase = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' ; if (!file_exists($filebase . $file)) { - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . + $filebase = $this->configuration->getPathValue('templatedir') . $this->configuration->getValue('language.default') . '/'; @@ -96,7 +96,7 @@ class SimpleSAML_XHTML_Template { * Include language file from the dictionaries directory. */ private function includeLanguageFile($file) { - $filebase = $this->configuration->getBaseDir() . $this->configuration->getValue('dictionarydir'); + $filebase = $this->configuration->getPathValue('dictionarydir'); if (!file_exists($filebase . $file)) { SimpleSAML_Logger::error($_SERVER['PHP_SELF'].' - Template: Could not find template file [' . $this->template . '] at [' . $filebase . $file . ']'); @@ -122,12 +122,12 @@ class SimpleSAML_XHTML_Template { */ public function show() { $data = $this->data; - $filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . $this->getLanguage() . '/' . + $filename = $this->configuration->getPathValue('templatedir') . $this->getLanguage() . '/' . $this->template; if (!file_exists($filename)) { - $filename = $this->configuration->getBaseDir() . $this->configuration->getValue('templatedir') . + $filename = $this->configuration->getPathValue('templatedir') . $this->configuration->getValue('language.default') . '/' . $this->template; diff --git a/lib/SimpleSAML/XML/AttributeFilter.php b/lib/SimpleSAML/XML/AttributeFilter.php index 528ee5c96a2be87db06596242fd741d3b3eed840..b4cad0516b2ff3cc8bb041796777f1fb1803e4c8 100644 --- a/lib/SimpleSAML/XML/AttributeFilter.php +++ b/lib/SimpleSAML/XML/AttributeFilter.php @@ -21,7 +21,7 @@ class SimpleSAML_XML_AttributeFilter { public function namemap($map) { - $mapfile = $this->configuration->getBaseDir() . $this->configuration->getValue('attributenamemapdir') . $map . '.php'; + $mapfile = $this->configuration->getPathValue('attributenamemapdir') . $map . '.php'; if (!file_exists($mapfile)) throw new Exception('Could not find attributemap file: ' . $mapfile); include($mapfile); diff --git a/www/aselect/handler.php b/www/aselect/handler.php index 448bec0d0e6745446698997522226693c2de31ab..8ec9b4b2e20073d386a7d99c35fe1d547125f7c1 100644 --- a/www/aselect/handler.php +++ b/www/aselect/handler.php @@ -65,8 +65,8 @@ $as_metadata = array( 'hosted' => array( 'organization' => 'simpleSAMLphp', 'server_id' => 'default.aselect.org', - 'key' => $config->getBaseDir() . '/cert/server.pem', - 'cert' => $config->getBaseDir() . '/cert/server.crt', + 'key' => $config->getPathValue('certdir') . 'server.pem', + 'cert' => $config->getPathValue('certdir') . 'server.crt', 'authsp_level' => '10', 'authsp' => 'simpleSAMLphp', 'app_level' => '10', @@ -94,12 +94,12 @@ $as_metadata = array( 'hosted' => array( 'organization' => 'simpleSAMLphp', 'server_id' => 'default.aselect.org', - 'key' => $config->getBaseDir() . '/cert/agent.key', + 'key' => $config->getPathValue('certdir'). 'agent.key', ), 'remote' => array( 'testorg' => array( 'require_signing' => true, - 'cert' => $config->getBaseDir() . '/cert/aselect.crt', + 'cert' => $config->getPathValue('certdir'). 'aselect.crt', ), ), ), @@ -109,7 +109,7 @@ $as_metadata = array( ), 'federatiedemo' => array( 'require_signing' => true, - 'cert' => $config->getBaseDir() . '/cert/app.crt', + 'cert' => $config->getPathValue('certdir') . 'app.crt', ), ), ); diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php index acafbc88941b3dcc7a809d262676e93eb67281bb..d13013353d1faaea015ac22714b022e7e96ee8b1 100644 --- a/www/shib13/idp/metadata.php +++ b/www/shib13/idp/metadata.php @@ -25,7 +25,7 @@ try { $idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('shib13-idp-hosted'); $idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted'); - $publiccert = $config->getBaseDir() . '/cert/' . $idpmeta['certificate']; + $publiccert = $config->getPathValue('certdir') . $idpmeta['certificate']; if (!file_exists($publiccert)) throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne');