Migrate check for duplicate entityID values.

Migrate check for duplicate IdP OrganisationDisplayName values.

build/check.xsl

@@ -13,6 +13,7 @@
 	xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
 	xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
 	xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+	xmlns:set="http://exslt.org/sets"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
 	xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
@@ -25,6 +26,49 @@
 	<xsl:output method="text"/>
 
 
+	<!--
+		Checks across the whole of the document are defined here.
+		
+		Only bother with these when the document element is an EntitiesDescriptor.
+	-->
+	<xsl:template match="/md:EntitiesDescriptor">
+		<xsl:variable name="entities" select="//md:EntityDescriptor"/>
+		<xsl:variable name="idps" select="$entities[md:IDPSSODescriptor]"/>
+
+		<!-- check for duplicate entityID values -->
+		<xsl:variable name="distinct.entityIDs" select="set:distinct($entities/@entityID)"/>
+		<xsl:variable name="dup.entityIDs"
+			select="set:distinct(set:difference($entities/@entityID, $distinct.entityIDs))"/>
+		<xsl:for-each select="$dup.entityIDs">
+			<xsl:variable name="dup.entityID" select="."/>
+			<xsl:for-each select="$entities[@entityID = $dup.entityID]">
+				<xsl:call-template name="fatal">
+					<xsl:with-param name="m">duplicate entityID: <xsl:value-of select='$dup.entityID'/></xsl:with-param>
+				</xsl:call-template>
+			</xsl:for-each>
+		</xsl:for-each>
+
+		<!-- check for duplicate OrganisationDisplayName values -->
+		<xsl:variable name="distinct.ODNs"
+			select="set:distinct($idps/md:Organization/md:OrganizationDisplayName)"/>
+		<xsl:variable name="dup.ODNs"
+			select="set:distinct(set:difference($idps/md:Organization/md:OrganizationDisplayName, $distinct.ODNs))"/>
+		<xsl:for-each select="$dup.ODNs">
+			<xsl:variable name="dup.ODN" select="."/>
+			<xsl:for-each select="$idps[md:Organization/md:OrganizationDisplayName = $dup.ODN]">
+				<xsl:call-template name="fatal">
+					<xsl:with-param name="m">duplicate OrganisationDisplayName: <xsl:value-of select='$dup.ODN'/></xsl:with-param>
+				</xsl:call-template>
+			</xsl:for-each>
+		</xsl:for-each>
+
+		<!--
+			Perform checks on child elements.
+		-->
+		<xsl:apply-templates/>
+	</xsl:template>
+
+
 	<!--
 		Checks for an IdP whose KeyDescriptor elements do not include a @use attribute.
 		This causes problems with certain versions of the Shibboleth 1.3 SP, which

build/statistics.xsl

@@ -90,26 +90,13 @@
             at the start so that we can include or exclude the associated section.
         -->
 
-        <!-- duplicate entity IDs -->
-        <xsl:variable name="prob.distinct.entityIDs" select="set:distinct($entities/@entityID)"/>
-        <xsl:variable name="prob.dup.entityID"
-            select="set:distinct(set:difference($entities/@entityID, $prob.distinct.entityIDs))"/>
-
-        <!-- duplicate IdP OrganizationDisplayName -->
-        <xsl:variable name="prob.distinct.ODNs"
-            select="set:distinct($idps/md:Organization/md:OrganizationDisplayName)"/>
-        <xsl:variable name="prob.dup.ODNs"
-            select="set:distinct(set:difference($idps/md:Organization/md:OrganizationDisplayName, $prob.distinct.ODNs))"/>
-
         <!-- entities without known owner -->
         <xsl:variable name="ownedEntities"
             select="dyn:closure($owners/md:OrganizationName, '$entities[md:Organization/md:OrganizationName = current()]')"/>
         <xsl:variable name="prob.unowned.entities" select="set:difference($entities, $ownedEntities)"/>
 
         <!-- all problems, used as a conditional -->
-        <xsl:variable name="prob.all" select="$prob.dup.entityID |
-            $prob.dup.ODNs |
-            $prob.unowned.entities"/>
+        <xsl:variable name="prob.all" select="$prob.unowned.entities"/>
         <xsl:variable name="prob.count" select="count($prob.all)"/>
 
         <html>
@@ -140,37 +127,6 @@
                 -->                
                 <xsl:if test="$prob.count != 0">
                     <h2><a name="problems">Metadata Problems</a></h2>
-                    <xsl:if test="count($prob.dup.entityID) != 0">
-                        <p>The following entity names are used by more than one entity:</p>
-                        <ul>
-                            <xsl:for-each select="$prob.dup.entityID">
-                                <li>
-                                    <code><xsl:value-of select="."/></code>
-                                </li>
-                            </xsl:for-each>
-                        </ul>
-                    </xsl:if>
-
-                    <xsl:if test="count($prob.dup.ODNs) != 0">
-                        <p>The following OrganizationDisplayName values are used by more than one IdP entity:</p>
-                        <ul>
-                            <xsl:for-each select="$prob.dup.ODNs">
-                                <xsl:variable name="prob.dup.ODN" select="."/>
-                                <li>
-                                    <code><xsl:value-of select="$prob.dup.ODN"/></code>
-                                    <ul>
-                                        <xsl:for-each select="$idps[md:Organization/md:OrganizationDisplayName = $prob.dup.ODN]">
-                                            <li>
-                                                <xsl:value-of select="@ID"/>:
-                                                <code><xsl:value-of select="@entityID"/></code>
-                                            </li>
-                                        </xsl:for-each>
-                                    </ul>
-                                </li>
-                            </xsl:for-each>
-                        </ul>
-                    </xsl:if>
-
                     <xsl:if test="count($prob.unowned.entities) != 0">
                         <p>
                             The following