diff --git a/bin/probe_saml_idp.sh b/bin/probe_saml_idp.sh index 0c330f9..b88f186 100755 --- a/bin/probe_saml_idp.sh +++ b/bin/probe_saml_idp.sh @@ -64,7 +64,7 @@ display_help () { endpoints as well. There is at most one such additional endpoint in metadata. - CONFIGURATION + CONFIG The script reads a file of config parameters. The script loads the config file from the following file location: @@ -96,11 +96,11 @@ display_help () { Similarly, the three SAML1_SP parameters define a SAML1 SP, that is, an SP with a SAML1 browser-facing endpoint in metadata. (Any - given SP may support both SAML2 and SAML1, in which case these - parameters may be identical to the SAML2_SP parameters.) The - script probes SAML1 endpoints only if the -a option is given on - the command line. Be careful with this option, however, since - not all IdPs have SAML1 browser-facing endpoints in metadata. + given SP may support both SAML2 and SAML1, in which case the + SAML1_SP_ENTITY_ID parameter may be identical to the + SAML2_SP_ENTITY_ID parameter.) The script probes SAML1 endpoints + if the -a option is given on the command line. Omit that option + to probe SAML2 endpoints only. HELP_MSG } @@ -155,9 +155,9 @@ config_file_default="${script_bin}/.config_saml_idp_probe.sh" ####################################################################### help_mode=false; quiet_mode=false; verbose_mode=false +local_opts=; curl_opts= +connect_timeout=; max_time=; max_redirs= saml1_disabled=true -local_opts=; connect_timeout=; max_time=; max_redirs= -curl_opts= while getopts ":hqvt:m:r:a" opt; do case $opt in h) @@ -416,13 +416,12 @@ for http_binding in $http_bindings; do exit_status=$? if [ $exit_status -ne 0 ]; then echo "ERROR: $script_name failed to create tmp dir ($exit_status) $tmp_subdir" >&2 - exit 2 + exit 3 fi fi # probe the endpoint - output=$( probe_saml2_idp_endpoint \ - -t $connect_timeout -m $max_time -r $max_redirs \ + output=$( probe_saml2_idp_endpoint $curl_opts \ -V "$tmp_subdir/curl_trace.txt" \ -o "$tmp_subdir/idp_http_response.html" \ -T "$tmp_subdir" \ @@ -469,13 +468,12 @@ if [ ! -d "$tmp_subdir" ]; then exit_status=$? if [ $exit_status -ne 0 ]; then echo "ERROR: $script_name failed to create tmp dir ($exit_status) $tmp_subdir" >&2 - exit 2 + exit 3 fi fi # probe the endpoint -output=$( probe_shibboleth_sso_endpoint \ - -t $connect_timeout -m $max_time -r $max_redirs \ +output=$( probe_shibboleth_sso_endpoint $curl_opts \ -V "$tmp_subdir/curl_trace.txt" \ -o "$tmp_subdir/idp_http_response.html" \ -T "$tmp_subdir" \