diff options
| author | Olav Morken <olav.morken@uninett.no> | 2010-09-10 08:29:24 +0000 |
|---|---|---|
| committer | Olav Morken <olav.morken@uninett.no> | 2010-09-10 08:29:24 +0000 |
| commit | fc356daaa3766bac7027b32e9e7d23b5db47990c (patch) | |
| tree | 9d79741313bf4194af5365f9507f3f5dd8f9af05 /lib/SAML2 | |
| parent | dbf8d56d666a5214b55ccb377be0d30cadacb820 (diff) | |
| download | simplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.zip simplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.tar.gz simplesamlphp-fc356daaa3766bac7027b32e9e7d23b5db47990c.tar.bz2 | |
SAML2_SOAPClient: Always create stream context.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2539 44740490-163a-0410-bde0-09ae8108e29a
Diffstat (limited to 'lib/SAML2')
| -rw-r--r-- | lib/SAML2/SOAPClient.php | 47 |
1 files changed, 21 insertions, 26 deletions
diff --git a/lib/SAML2/SOAPClient.php b/lib/SAML2/SOAPClient.php index 219d03f..612b5d4 100644 --- a/lib/SAML2/SOAPClient.php +++ b/lib/SAML2/SOAPClient.php @@ -23,16 +23,16 @@ class SAML2_SOAPClient { $issuer = $msg->getIssuer(); - $options = array( - 'uri' => $issuer, - 'location' => $msg->getDestination(), + $ctxOpts = array( + 'ssl' => array( + ), ); // Determine if we are going to do a MutualSSL connection between the IdP and SP - Shoaib if ($srcMetadata->hasValue('saml.SOAPClient.certificate')) { - $options['local_cert'] = SimpleSAML_Utilities::resolveCert($srcMetadata->getString('saml.SOAPClient.certificate')); + $ctxOpts['ssl']['local_cert'] = SimpleSAML_Utilities::resolveCert($srcMetadata->getString('saml.SOAPClient.certificate')); if ($srcMetadata->hasValue('saml.SOAPClient.privatekey_pass')) { - $options['passphrase'] = $srcMetadata->getString('saml.SOAPClient.privatekey_pass'); + $ctxOpts['ssl']['passphrase'] = $srcMetadata->getString('saml.SOAPClient.privatekey_pass'); } } else { /* Use the SP certificate and privatekey if it is configured. */ @@ -44,9 +44,9 @@ class SAML2_SOAPClient { if (!file_exists($file)) { SimpleSAML_Utilities::writeFile($file, $keyCertData); } - $options['local_cert'] = $file; + $ctxOpts['ssl']['local_cert'] = $file; if (isset($privateKey['password'])) { - $options['passphrase'] = $privateKey['password']; + $ctxOpts['ssl']['passphrase'] = $privateKey['password']; } } } @@ -68,27 +68,22 @@ class SAML2_SOAPClient { SimpleSAML_Utilities::writeFile($peerCertFile, $certData); } // create ssl context - $ctxOpts = array( - 'ssl' => array( - 'verify_peer' => TRUE, - 'verify_depth' => 1, - 'cafile' => $peerCertFile - )); - if (isset($options['local_cert'])) { - $ctxOpts['ssl']['local_cert'] = $options['local_cert']; - unset($options['local_cert']); - } - if (isset($options['passhprase'])) { - $ctxOpts['ssl']['passphrase'] = $options['passphrase']; - unset($options['passphrase']); - } - $context = stream_context_create($ctxOpts); - if ($context === NULL) { - throw new Exception('Unable to create SSL stream context'); - } - $options['stream_context'] = $context; + $ctxOpts['ssl']['verify_peer'] = TRUE; + $ctxOpts['ssl']['verify_depth'] = 1; + $ctxOpts['ssl']['cafile'] = $peerCertFile; } + $context = stream_context_create($ctxOpts); + if ($context === NULL) { + throw new Exception('Unable to create SSL stream context'); + } + + $options = array( + 'uri' => $issuer, + 'location' => $msg->getDestination(), + 'stream_context' => $context, + ); + $x = new SoapClient(NULL, $options); // Add soap-envelopes |