From b8da23e05a73fafc3fc8ef5aa1fb8c30dc279a87 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 15 Mar 2011 13:21:54 +0000
Subject: [PATCH] frontpage: Warning if Suhosin limits the maximum length of
 query parameters.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2776 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/core/dictionaries/frontpage.definition.json  | 3 +++
 modules/core/dictionaries/frontpage.translation.json | 4 ++++
 modules/core/www/frontpage_config.php                | 4 ++++
 3 files changed, 11 insertions(+)

diff --git a/modules/core/dictionaries/frontpage.definition.json b/modules/core/dictionaries/frontpage.definition.json
index d939b4764..5fa95513f 100644
--- a/modules/core/dictionaries/frontpage.definition.json
+++ b/modules/core/dictionaries/frontpage.definition.json
@@ -44,6 +44,9 @@
 	"warnings_https": {
 		"en": "<strong>You are not using HTTPS<\/strong> - encrypted communication with the user. HTTP works fine for test purposes, but in a production environment, you should use HTTPS. [ <a href=\"http:\/\/rnd.feide.no\/content\/simplesamlphp-maintenance-and-configuration\">Read more about simpleSAMLphp maintenance<\/a> ]"
 	},
+	"warnings_suhosin_url_length": {
+		"en": "The length of query parameters is limited by the PHP Suhosin extension. Please increase the suhosin.get.max_value_length option to at least 2048 bytes."
+	},
 	"link_saml2example": {
 		"en": "SAML 2.0 SP example - test logging in through your IdP"
 	},
diff --git a/modules/core/dictionaries/frontpage.translation.json b/modules/core/dictionaries/frontpage.translation.json
index 3edd6b6ee..aac712d78 100644
--- a/modules/core/dictionaries/frontpage.translation.json
+++ b/modules/core/dictionaries/frontpage.translation.json
@@ -1065,5 +1065,9 @@
 		"ja": "simpleSAMLphp\u8a2d\u5b9a\u30da\u30fc\u30b8",
 		"nl": "simpleSAMLphp installatiepagina",
 		"zh-tw": "simpleSAMLphp \u5b89\u88dd\u9801\u9762"
+	},
+	"warnings_suhosin_url_length": {
+		"no": "Lengden p\u00e5 foresp\u00f8rselparametre er begrenset av PHP Suhosin utvidelsen. Vennligst \u00f8k suhosin.get.max_value_length konfigurasjonsinnstillingen til minst 2048 tegn.",
+		"nn": "Lengda p\u00e5 f\u00f8respurnadargumenta er begrensa av PHP Suhosin utvidinga. V\u00e6r vennleg og \u00f8k suhosin.get.max_value_length konfigurasjonsinnstillinga til minst 2048 teikn."
 	}
 }
diff --git a/modules/core/www/frontpage_config.php b/modules/core/www/frontpage_config.php
index 7374b022e..f40b6d456 100644
--- a/modules/core/www/frontpage_config.php
+++ b/modules/core/www/frontpage_config.php
@@ -20,6 +20,10 @@ if (!SimpleSAML_Utilities::isHTTPS()) {
 	$warnings[] = '{core:frontpage:warnings_https}';
 }
 
+$suhosinLength = ini_get('suhosin.get.max_value_length');
+if ($suhosinLength !== FALSE && (int)$suhosinLength < 2048) {
+	$warnings[] = '{core:frontpage:warnings_suhosin_url_length}';
+}
 
 
 
-- 
GitLab