From 94b574c56a7c2fe5b03d7ca948823c4b8af9fb39 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Thu, 28 Nov 2013 12:37:45 +0100
Subject: [PATCH] Make certain the correct issuer was included in logout
 request and response.

---
 src/saml2/client.py      | 2 +-
 src/saml2/client_base.py | 6 ++++--
 src/saml2/entity.py      | 5 ++++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/saml2/client.py b/src/saml2/client.py
index a9c4e9c..396f3d2 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -118,7 +118,7 @@ class Saml2Client(Base):
     def do_logout(self, name_id, entity_ids, reason, expire, sign=None):
         """
 
-        :param name_id: Identifier of the Subject a NameID instance
+        :param name_id: Identifier of the Subject (a NameID instance)
         :param entity_ids: List of entity ids for the IdPs that have provided
             information concerning the subject
         :param reason: The reason for doing the logout
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py
index e5ce01b..aabd26e 100644
--- a/src/saml2/client_base.py
+++ b/src/saml2/client_base.py
@@ -117,13 +117,15 @@ class Base(Entity):
         else:
             self.state = state_cache
 
+        self.logout_requests_signed = False
+        self.allow_unsolicited = False
+        self.authn_requests_signed = False
+        self.want_assertions_signed = False
         for foo in ["allow_unsolicited", "authn_requests_signed",
                     "logout_requests_signed", "want_assertions_signed"]:
             v = self.config.getattr(foo, "sp")
             if v is True or v == 'true':
                 setattr(self, foo, True)
-            else:
-                setattr(self, foo, False)
 
         self.artifact2response = {}
 
diff --git a/src/saml2/entity.py b/src/saml2/entity.py
index 6d83b11..8e519a6 100644
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@@ -614,7 +614,7 @@ class Entity(HTTPBase):
         return self._message(LogoutRequest, destination, message_id,
                              consent, extensions, sign, name_id=name_id,
                              reason=reason, not_on_or_after=expire,
-                             issuer=self._issuer(issuer_entity_id))
+                             issuer=self._issuer())
 
     def create_logout_response(self, request, bindings=None, status=None,
                                sign=False, issuer=None):
@@ -631,6 +631,9 @@ class Entity(HTTPBase):
 
         rinfo = self.response_args(request, bindings)
 
+        if not issuer:
+            issuer = self._issuer()
+
         response = self._status_response(samlp.LogoutResponse, issuer, status,
                                          sign, **rinfo)