From 0730c5a8cee80cb85ec98f4546b7ecdc80f8109b Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Wed, 14 Mar 2012 01:30:54 +0000
Subject: [PATCH] https://issues.shibboleth.net/jira/browse/CPPOST-74

---
 saml/saml2/metadata/impl/XMLMetadataProvider.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
index c97ab3d..c01c496 100644
--- a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
@@ -217,6 +217,12 @@ pair<bool,DOMElement*> XMLMetadataProvider::load(bool backup)
         throw MetadataException("Metadata instance failed manual validation checking.");
     }
 
+    const TimeBoundSAMLObject* validityCheck = dynamic_cast<TimeBoundSAMLObject*>(xmlObject.get());
+    if (!validityCheck || !validityCheck->isValid()) {
+        m_log.error("metadata instance was invalid at time of acquisition");
+        throw MetadataException("Metadata instance was invalid at time of acquisition.");
+    }
+
     // This is the best place to take a backup, since it's superficially "correct" metadata.
     string backupKey;
     if (!backup && !m_backing.empty()) {
-- 
2.1.4