From: Scott Cantor Date: Fri, 22 Jan 2010 03:47:19 +0000 (+0000) Subject: https://issues.shibboleth.net/jira/browse/SSPCPP-275 X-Git-Tag: 2.4RC1~141 X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=d01c6107dbeb8048e3ff6187a293c8ce879c1fbe;p=shibboleth%2Fcpp-sp.git https://issues.shibboleth.net/jira/browse/SSPCPP-275 --- diff --git a/shibsp/handler/impl/MetadataGenerator.cpp b/shibsp/handler/impl/MetadataGenerator.cpp index c89e8ce..de795a7 100644 --- a/shibsp/handler/impl/MetadataGenerator.cpp +++ b/shibsp/handler/impl/MetadataGenerator.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2009 Internet2 + * Copyright 2001-2010 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -38,6 +38,7 @@ # include # include # include +# include # include # include # include @@ -96,6 +97,7 @@ namespace shibsp { set m_acl; #ifndef SHIBSP_LITE + string m_salt; short m_http,m_https; vector m_bases; #endif @@ -139,6 +141,10 @@ MetadataGenerator::MetadataGenerator(const DOMElement* e, const char* appId) #ifndef SHIBSP_LITE static XMLCh EndpointBase[] = UNICODE_LITERAL_12(E,n,d,p,o,i,n,t,B,a,s,e); + pair salt = getString("salt"); + if (salt.first) + m_salt = salt.second; + pair flag = getBool("http"); if (flag.first) m_http = flag.second ? 1 : -1; @@ -261,8 +267,12 @@ pair MetadataGenerator::processMessage( entity = EntityDescriptorBuilder::buildEntityDescriptor(); } - if (!entity->getID()) - entity->setID(SAMLConfig::getConfig().generateIdentifier()); + if (!entity->getID()) { + string hashinput = m_salt + relyingParty->getString("entityID").second; + string hashed = '_' + SecurityHelper::doHash("SHA1", hashinput.c_str(), hashinput.length()); + auto_ptr_XMLCh widenit(hashed.c_str()); + entity->setID(widenit.get()); + } auto_ptr wrapper(entity); pair cache = getUnsignedInt("cacheDuration");