diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt index 8235dee9d31c6e951a163a14d9e7c8104e8cdbfb..dce7498993ddc3c19cb4654d4d74a07deb84f6d5 100644 --- a/docs/simplesamlphp-reference-idp-remote.txt +++ b/docs/simplesamlphp-reference-idp-remote.txt @@ -119,15 +119,6 @@ The following SAML 2.0 options are available: entry in the IdP-remote metadata overrides the option in the [SP configuration](./saml:sp). -`saml2.relaxvalidation` -: Can be used to relax some parts of the validation of assertions received from this IdP. This is an array, and can include one or more of the following flags: - - - `unknowncondition` - Disables errors when encountering unknown <Condition> nodes. - - `nosubject` - Ignore missing <Subject> in <Assertion>. - - `noconditions` - Ignore missing <Conditions> in <Assertion>. - - `noauthnstatement` - Ignore missing <AuthnStatement> in <Assertion>. - - `noattributestatement` - Ignore missing <AttributeStatement> in <Assertion>. - `sign.authnrequest` : Whether to sign authentication requests sent to this IdP. diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php index 65d8365be537d53baf98a2003871e47c70b1d5b6..2f4bb64623b68ba411c29d1d8fb413c1964d1009 100644 --- a/modules/saml/lib/Message.php +++ b/modules/saml/lib/Message.php @@ -316,7 +316,7 @@ class sspmod_saml_Message { $blacklist = $srcMetadata->getArray('encryption.blacklisted-algorithms', NULL); if ($blacklist === NULL) { - $blacklist = $dstMetadata->getArray('encryption.blacklisted-algorithms', array(XMLSecurityKey::RSA_1_5)); + $blacklist = $dstMetadata->getArray('encryption.blacklisted-algorithms', array(XMLSecurityKey::RSA_1_5g)); } return $blacklist; }