Merge commit '2.5.0' into moonshot-packaging-fixes

[shibboleth/sp.git] / shibsp / security / SecurityPolicyProvider.h

diff --git a/shibsp/security/SecurityPolicyProvider.h b/shibsp/security/SecurityPolicyProvider.h
index 65f5bdf..3fed8b2 100644 (file)
--- a/shibsp/security/SecurityPolicyProvider.h
+++ b/shibsp/security/SecurityPolicyProvider.h
@@ -57,6 +57,10 @@ namespace shibsp {
         MAKE_NONCOPYABLE(SecurityPolicyProvider);
     protected:
         SecurityPolicyProvider();
+
+        /** Default algorithms to block in the current release. */
+        std::vector<xmltooling::xstring> m_defaultBlacklist;
+
     public:
         virtual ~SecurityPolicyProvider();
         
@@ -77,6 +81,13 @@ namespace shibsp {
         virtual const std::vector<const opensaml::SecurityPolicyRule*>& getPolicyRules(const char* id=nullptr) const=0;
 
         /**
+         * Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block.
+         *
+         * @return  an array of algorithm URIs to block
+         */
+        virtual const std::vector<xmltooling::xstring>& getDefaultAlgorithmBlacklist() const;
+
+        /**
          * Returns a set of XML Signature/Encryption algorithm identifiers to block.
          *
          * @return  an array of algorithm URIs to block