From c24875d51fb05c43bd8b4daf0f65f80c3454c50b Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 20 Sep 2010 08:39:40 +0000
Subject: [PATCH] saml_Message: Add specific check for response destination.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2553 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/lib/Message.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php
index a9df3f957..8178b6c4d 100644
--- a/modules/saml/lib/Message.php
+++ b/modules/saml/lib/Message.php
@@ -497,12 +497,13 @@ class sspmod_saml_Message {
 			}
 		}
 
-		$asrtDestination = $assertion->getDestination();
+		/* Validate Response-element destination. */
+
+		$currentURL = SimpleSAML_Utilities::selfURLNoQuery();
 		$msgDestination = $response->getDestination();
-		if ($asrtDestination !== NULL && $msgDestination !== NULL) {
-			if ($asrtDestination !== $msgDestination) {
-				throw new SimpleSAML_Error_Exception('Destination in assertion did not match Destination in message.');
-			}
+		if ($msgDestination !== $currentURL) {
+			throw new Exception('Destination in response doesn\'t match the current URL. Destination is "' .
+				$msgDestination . '", current URL is "' . $currentURL . '".');
 		}
 
 
@@ -524,7 +525,6 @@ class sspmod_saml_Message {
 		}
 
 		$destination = $assertion->getDestination();
-		$currentURL = SimpleSAML_Utilities::selfURLNoQuery();
 		if ($destination !== $currentURL) {
 			throw new Exception('Recipient in assertion doesn\'t match the current URL. Recipient is "' .
 				$destination . '", current URL is "' . $currentURL . '".');
-- 
GitLab