diff --git a/lib/validatorClass.php b/lib/validatorClass.php
index 87cefe99b74ead38892519e8bfa30f540b1dcbbd..ca0bf42406143a11cb3e4d5abc15ff3918eb97b8 100644
--- a/lib/validatorClass.php
+++ b/lib/validatorClass.php
@@ -6,6 +6,7 @@ class Validator {
private $logger;
public function __construct($params = array()) {
+
$this->validatordir = VALIDATOR_SCRIPTS;
if (empty($params)) {
$this->params = array(
@@ -64,7 +65,7 @@ class Validator {
$fed_id = strtoupper(isset($_REQUEST['edugain'])?$_REQUEST['edugain']:$_REQUEST['fed_id']);
$fed_id = $this->edugain->getCode($fed_id);
$this->edugain->load_federations(0,$fed_id);
- $this->edugain->load_federation_basic_details('data');
+ $this->edugain->load_federation_basic_details('all');
if (empty($this->edugain->FEDS[$fed_id])) {
$this->params['federror'] = 'No such federation in the eduGAIN database: '.$fed_id;
} else {
@@ -74,19 +75,28 @@ class Validator {
} else {
$this->params['fedname'] = $this->edugain->FEDS[$fed_id]['name'];
$this->params['regauth'] = $this->edugain->FEDS[$fed_id]['reg_auth'];
- $certificate = $this->edugain->FEDS[$fed_id]['certificate'][0];
- $certificate = trim($certificate, "\n");
- $certfilename = $this->params['filename']."-fromdb.crt";
- if (strlen($certificate)) {
- $ff = fopen($certfilename, 'w');
- fputs($ff, "-----BEGIN CERTIFICATE-----\n");
- for ($i=0; ; $i=$i+64) {
+ for ($n=0; $n<count($this->edugain->FEDS[$fed_id]['certificate']); $n++) {
+ $certificate = $this->edugain->FEDS[$fed_id]['certificate'][$n]['data'];
+ $certificate = trim($certificate, "\n");
+ $fnamesuffix = '';
+ if ($n > 0) {
+ $fnamesuffix = "_$n";
+ }
+ $certfilename = $this->params['filename'].$fnamesuffix."-fromdb.crt";
+ if (strlen($certificate)) {
+ $ff = fopen($certfilename, 'w');
+ fputs($ff, "-----BEGIN CERTIFICATE-----\n");
+ for ($i=0; ; $i=$i+64) {
if (substr($certificate, $i, 64) == '') break;
fputs($ff, substr($certificate, $i, 64)."\n");
- }
- fputs($ff, "-----END CERTIFICATE-----\n");
- fclose($ff);
+ }
+ fputs($ff, "-----END CERTIFICATE-----\n");
+ fclose($ff);
+ $this->edugain->FEDS[$fed_id]['certificate'][$n]['certfile'] = $certfilename;
+ }
}
+ $ff = fopen($this->params['filename'].'-certinfo.json', 'w');
+ fputs($ff, json_encode($this->edugain->FEDS[$fed_id]['certificate']));
}
}
$this->params['auto'] = $this->params['validate'] = $this->params['edugain'] = 1;
@@ -316,12 +326,37 @@ class Validator {
if ($params['edugain'] || $params['gobetween']) $fromdb = 1;
else $fromdb = 0;
system($this->validatordir."/aggregator.py ".$params['filename']." $schres $fromdb >".$params['filename']."-aggregator.log 2>&1",$aggres);
+ $certidx = trim(file_get_contents($params['filename']."-aggregator.log"));
+ if ($certidx == '') {
+ $certidx = 0;
+ }
system($this->validatordir."/mda.sh --verbose ".$params['filename'].".xml main > ".$params['filename']."-mda.log 2>&1", $res);
+ $searchfor = "Unable to validate signature";
+ $matches = array();
+ $handle = @fopen($params['filename']."-mda.log", "r");
+ if ($handle) {
+ while (!feof($handle)) {
+ $buffer = fgets($handle);
+ if (strpos($buffer, $searchfor) !== FALSE) {
+ $matches[] = $buffer;
+ break;
+ }
+ }
+ fclose($handle);
+ }
+ if (count($matches)) {
+ system($this->validatordir."/aggregator.py ".$params['filename']." $schres $fromdb 1 >".$params['filename']."-aggregator2.log 2>&1",$aggres);
+ system($this->validatordir."/mda.sh --verbose ".$params['filename']."_1.xml main > ".$params['filename']."-mda.log 2>&1", $res);
+ $certidx = trim(file_get_contents($params['filename']."-aggregator2.log"));
+ if ($certidx == '') {
+ $certidx = 1;
+ }
+ }
system($this->validatordir."/pyff.sh ".$params['filename'].'>'.$params['filename']."-pyff.log 2>&1", $pyffres);
} else $res = $schres;
}
$args = $params['filename']." \"".$params['langsetting']."\" ".$params['validate']." ".$params['onlyone']." ".$params['xmlout']." ".$params['gobetween']." ".$params['edugain'];
- $printres = shell_exec($this->validatordir."/printresults.py $args $res $schres $aggres $pyffres");
+ $printres = shell_exec($this->validatordir."/printresults.py $args $res $schres $aggres $pyffres $certidx");
} else
$printres = "<span class='noticeerr'>URL fetching failed ".$ret[1]."</span>";
if (!$params['gobetween']) {