diff --git a/ChangeLog b/ChangeLog index 038940cd..9ffd0603 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,262 @@ +2010-09-07 Benjamin Dauvergne + + * configure.ac, lasso/saml-2.0/profile.c: + [SAMLv2] when no artifact message is present, still return a success + status + + It is mandated by the specification. + +2010-09-06 Benjamin Dauvergne + + * tests/integration/saml2/__init__.py: + [Tests integration] fix configuration variable name + +2010-09-03 Benjamin Dauvergne + + * lasso/id-ff/provider.c: + [Core] fix memory leak in lasso_endpoint_free + +2010-09-03 Benjamin Dauvergne + + * lasso/id-ff/provider.c, lasso/saml-2.0/provider.c: + [ID-FFv1.2&SAMLv2] add more warning for failure to load metadata file + + Report detailf of the failure through warning log. + +2010-09-03 Benjamin Dauvergne + + * lasso/saml-2.0/profile.c, lasso/xml/strings.h: + [SAMLv2] when failing to recreate the content for the ArtefactResponse set a lasso specific status code + +2010-09-01 Benjamin Dauvergne + + * lasso/saml-2.0/profile.c: + [SAMLv2] change the way content is stored and loaded for the + HTTP-Artifact binding + + Previously content was stored as the result of lasso_node_dump method + then reloaded, and then serialized again as part of the + ArtifactResponse message. lasso_node_dump was ignoring all hint to + sign node, but keeping the needed parameters around. That's not what + must be done, the signature should happen at the generation of the + artifact and the result must manipulated as is (i.e. XML content) and + never moved back to the land of LassoNode objects. + + Now the content is: + - first removed of any signature at the message level, because the + ArtifactResponse will take care of this, (any signature under this + level (like at the assertion) is kept), + - serialized using lasso_node_export_to_xml, + - reloaded using lasso_xml_parse_memory, + - and put into the ArtifactResponse using a + lasso_misc_text_node_new_with_xml_node. + +2010-09-01 Benjamin Dauvergne + + * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h: + [SAMLv2] make lasso_saml20_profile_generate_artifact a static function + + It is only used in lasso/saml-2.0/profile.c anyway. + +2010-09-01 Benjamin Dauvergne + + * lasso/xml/xml.c: + [Core] load signature parameters + + Generic signature parameters (attached as qdata to nodes) is now + reloaded when initializing a node from XML for a node type with a + signature snippet in its metadatas. + + It fixes the problematic usage of ciphered private keys with the + HTTP-Artifact binding (which needs to keep a copy of the AuthnResponse + around and to sign it later). + +2010-09-01 Benjamin Dauvergne + + * lasso/xml/xml.c: + [Core] add private function to read an integer attribute + + This function does integer parsing and range checks, it returns TRUE if + all goes well. + +2010-09-01 Benjamin Dauvergne + + * lasso/xml/tools.c, lasso/xml/xml.h: + [Core] add LAST enum values to LassoSignatureMethod and + LassoSignatureType enumerations + + It helps making range checks. + +2010-09-01 Benjamin Dauvergne + + * bindings/java/lang.py, bindings/perl/lang.py, + bindings/php5/wrapper_source.py, bindings/python/lang.py, + lasso/xml/strings.h: + [Strings] add string constant for the internal XML attributes used in + dumps + + Add string constants for signature method, signature type, private key + (file path or content), private key password and certificate (file + path or content). + + Add cast for xmlChar constant strings definition in python bindings, + it assumed all constant strings were char*. + +2010-08-31 Benjamin Dauvergne + + * lasso.doap: + [DOAP] fix typos + + Tags were badly formatted. + +2010-08-25 Benjamin Dauvergne + + * lasso/saml-2.0/login.c: + [SAMLv2] mark Redirect binding as an invalid binding for return AuthnResponse + + This is really not supported by the SAMLv2 protocol. + +2010-08-25 Benjamin Dauvergne + + * lasso/saml-2.0/login.c: + [SAMLv2] fix string in comment + +2010-08-25 Benjamin Dauvergne + + * lasso/saml-2.0/login.c: + [SAMLv2] replace use of lasso_provider_get_default_name_id_format with direct use of lasso_provider_get_metadata_one_for_role + + The first is trying to use provider->role to know which kind of role + descriptor to lookup, but for the server object this field is 0 and + when building authn request we know that we want our default + NameIDFormat for the SP sso descriptor. + +2010-08-25 Benjamin Dauvergne + + * lasso/saml-2.0/provider.c: + [SAMLv2] rebuild specialized LassoProvider methods upon new endpoints storage + + The new way of storing endpoints allows to keep ordering between + endpoints with respect to the order of the index and isDefault field + for indexed endpoint type, and to the XML node orders for other + endpoints. + + It also simplifies the code. + +2010-08-25 Benjamin Dauvergne + + * lasso/id-ff/provider.c: + [Core] add destroy code for new private field endpoints + + The contained string must be disallocated if the object is destroyed. + +2010-08-25 Benjamin Dauvergne + + * lasso/id-ff/providerprivate.h: + [Core] add structure to store endpoints type for metadata files + + This new C structure will allow to filter ID-FFv1.2 and SAMLv2 + endpoints more easily. + +2010-08-25 Benjamin Dauvergne + + * lasso/xml/xml.c: + [XML] use strtol instead of atoi to parse XSchema integers + + This commit also reject negative integers from being parsed (all + integers in SAMLv2 and ID-FFv1.2 schemas are positive integers). + +2010-08-25 Benjamin Dauvergne + + * lasso/saml-2.0/login.c: + [SAMLv2] when AuthnRequest contains invalid attributes returns + INVALID_REQUEST not NO_DEFAULT_ENDPOINT + + This is the right status to return. + +2010-08-05 Benjamin Dauvergne + + * lasso/id-ff/provider.h: + [Core] fix change of enumeration value + + This change broke the API, revert it. + +2010-07-27 Benjamin Dauvergne + + * website/web/index.xml: + [Website] update download link on front page + +2010-07-27 Benjamin Dauvergne + + * website/templates/base.ezt: + [Website] fix typos + +2010-07-27 Benjamin Dauvergne + + * website/templates/base.ezt, website/web/download/index.xml: + [Website] fix source and download links + + The source repository is now the git repository on dev.entrouvert.org. + Latest source release is 2.3.0. And git browser is included in our + redmine. + +2010-07-27 Benjamin Dauvergne + + * website/templates/base.ezt: + [Website] change position of Download block in right bar + +2010-07-27 Benjamin Dauvergne + + * website/convert-to-static.py: + [Website] in convert-to-static.py, work around errors in build logs + + If Build() constructor fails, keep going. + +2010-07-27 Benjamin Dauvergne + + * website/web/news/15-release-2.3.0.xml: + [Website] fix wrong structure for the news file about release 2.3.0 + +2010-07-27 Benjamin Dauvergne + + * website/convert-to-static.py: + [Website] import convert-to-static.py modification from lupin + +2010-07-27 Benjamin Dauvergne + + * website/web/news/15-release-2.3.0.xml: + [Website] add news file aboute release 2.3.0 + +2010-07-22 Benjamin Dauvergne + + * website/web/download/index.xml: + [Website] fix non escaped ampersand + +2010-07-21 Benjamin Dauvergne + + * configure.ac: + [Release] update libtool version + +2010-07-21 Benjamin Dauvergne + + * website/web/download/index.xml: + [Website] update download links + +2010-07-21 Benjamin Dauvergne + + * NEWS, configure.ac, lasso.doap, website/web/doap.rdf: + [Release] Update version number from 2.3 to 2.3.0 + +2010-07-21 Benjamin Dauvergne + + * NEWS: + [Release] update release date in NEWS file + +2010-07-21 Benjamin Dauvergne + + * ChangeLog: + [Release] update ChangeLog + 2010-07-21 17:55 bdauvergne * NEWS, abi/abi-2.3, configure.ac, lasso.doap, website/templates/base.ezt, diff --git a/NEWS b/NEWS index bf7ef559..323d8d49 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,27 @@ NEWS ==== +2.3.1 - September 9th 2010 +-------------------------- + +31 commits, 23 files changed, 523 insertions, 356 deletions + + * An ABI breakage was introduced in 2.3.0 with change of value for enumeration + values LASSO_PROVIDER_ROLE_SP and LASSO_PROVIDER_ROLE_IDP, it breaked code + compiled with previous version and dumps of server objects. This release fix + it. + * SAMLv2 handling of the artifact binding for the WebSSO profile is now + simpler, no more dumping of the response nodes and signing at the artifact + building time, the final response is signed when the artifact is generated + and when unserialized later it is only manipulated as XML for not breaking + the signature. It fixes usage of ciphered private keys with the + HTTP-Artifact binding. + * SAMLv2 internal storage of endpoints was modified to better keep the + ordering between endpoints, which is espacially important for + AssertionConsumerService endpoints and difficult to implement well. + 2.3.0 - July 21th 2010 --------------------- +---------------------- 391 commits, 332 files changed, 13919 insertions, 7137 deletions diff --git a/abi/abi-2.3 b/abi/abi-2.3.0 similarity index 100% rename from abi/abi-2.3 rename to abi/abi-2.3.0 diff --git a/abi/abi-2.3.1 b/abi/abi-2.3.1 new file mode 100644 index 00000000..f63734ab --- /dev/null +++ b/abi/abi-2.3.1 @@ -0,0 +1,1091 @@ +BACKWARD_COMP_H +LASSO_ASSERTION_QUERY_ERROR_ATTRIBUTE_REQUEST_ALREADY_EXIST +LASSO_ASSERTION_QUERY_ERROR_NOT_AN_ATTRIBUTE_QUERY +LASSO_ASSERTION_QUERY_REQUEST_TYPE_ASSERTION_ID +LASSO_ASSERTION_QUERY_REQUEST_TYPE_ATTRIBUTE +LASSO_ASSERTION_QUERY_REQUEST_TYPE_AUTHN +LASSO_ASSERTION_QUERY_REQUEST_TYPE_AUTHZ_DECISION +LASSO_ASSERTION_QUERY_REQUEST_TYPE_LAST +LASSO_ASSERTION_QUERY_REQUEST_TYPE_UNSET +LASSO_CERTIFICATE_ATTRIBUTE +LASSO_CHECK_VERSIONABI_COMPATIBLE +LASSO_CHECK_VERSION_EXACT +LASSO_CHECK_VERSION_NUMERIC +LASSO_DATA_SERVICE_ERROR_CANNOT_ADD_ITEM +LASSO_DATA_SERVICE_ERROR_UNREGISTERED_DST +LASSO_DEFEDERATION_ERROR_MISSING_NAME_IDENTIFIER +LASSO_DISCOVERY_ERROR_FAILED_TO_BUILD_ENDPOINT_REFERENCE +LASSO_DISCOVERY_ERROR_MISSING_REQUESTED_SERVICE +LASSO_DISCOVERY_ERROR_SVC_METADATA_ASSOCIATION_ADD_FAILED +LASSO_DISCOVERY_ERROR_SVC_METADATA_REGISTER_FAILED +LASSO_DST_ERROR_EMPTY_REQUEST +LASSO_DST_ERROR_MALFORMED_QUERY +LASSO_DST_ERROR_MISSING_SERVICE_DATA +LASSO_DST_ERROR_MODIFY_FAILED +LASSO_DST_ERROR_MODIFY_PARTIALLY_FAILED +LASSO_DST_ERROR_NEW_DATA_MISSING +LASSO_DST_ERROR_NO_DATA +LASSO_DST_ERROR_QUERY_FAILED +LASSO_DST_ERROR_QUERY_NOT_FOUND +LASSO_DST_ERROR_QUERY_PARTIALLY_FAILED +LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED +LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED +LASSO_DS_ERROR_CONTEXT_CREATION_FAILED +LASSO_DS_ERROR_DECRYPTION_FAILED +LASSO_DS_ERROR_DECRYPTION_FAILED_MISSING_PRIVATE_KEY +LASSO_DS_ERROR_DIGEST_COMPUTE_FAILED +LASSO_DS_ERROR_ENCRYPTION_FAILED +LASSO_DS_ERROR_INVALID_REFERENCE_FOR_SAML +LASSO_DS_ERROR_INVALID_SIGALG +LASSO_DS_ERROR_INVALID_SIGNATURE +LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED +LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED +LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED +LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED +LASSO_DS_ERROR_SIGNATURE_FAILED +LASSO_DS_ERROR_SIGNATURE_NOT_FOUND +LASSO_DS_ERROR_SIGNATURE_TEMPLATE_NOT_FOUND +LASSO_DS_ERROR_SIGNATURE_TMPL_CREATION_FAILED +LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED +LASSO_DS_ERROR_TOO_MUCH_REFERENCES +LASSO_DS_HREF +LASSO_DS_PREFIX +LASSO_DURATION_DAY +LASSO_DURATION_HOUR +LASSO_DURATION_MINUTE +LASSO_DURATION_WEEK +LASSO_ECP_HREF +LASSO_ECP_PREFIX +LASSO_ENCRYPTION_MODE_ASSERTION +LASSO_ENCRYPTION_MODE_NAMEID +LASSO_ENCRYPTION_MODE_NONE +LASSO_ENCRYPTION_SYM_KEY_TYPE_3DES +LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128 +LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_256 +LASSO_ENCRYPTION_SYM_KEY_TYPE_DEFAULT +LASSO_ERROR_CAST_FAILED +LASSO_ERROR_OUT_OF_MEMORY +LASSO_ERROR_UNDEFINED +LASSO_ERROR_UNIMPLEMENTED +LASSO_HTTP_METHOD_ANY +LASSO_HTTP_METHOD_ARTIFACT_GET +LASSO_HTTP_METHOD_ARTIFACT_POST +LASSO_HTTP_METHOD_GET +LASSO_HTTP_METHOD_IDP_INITIATED +LASSO_HTTP_METHOD_LAST +LASSO_HTTP_METHOD_NONE +LASSO_HTTP_METHOD_PAOS +LASSO_HTTP_METHOD_POST +LASSO_HTTP_METHOD_REDIRECT +LASSO_HTTP_METHOD_SOAP +LASSO_IDWSF2_DISCOVERY_ERROR_DUPLICATE +LASSO_IDWSF2_DISCOVERY_ERROR_FAILED +LASSO_IDWSF2_DISCOVERY_ERROR_FORBIDDEN +LASSO_IDWSF2_DISCOVERY_ERROR_LOGICAL_DUPLICATE +LASSO_IDWSF2_DISCOVERY_ERROR_NOT_FOUND +LASSO_IDWSF2_DISCOVERY_ERROR_NO_RESULTS +LASSO_IDWSF2_DST_ERROR_DUPLICATE_ITEM +LASSO_IDWSF2_DST_ERROR_ITEM_NOT_FOUND +LASSO_IDWSF2_DST_ERROR_PARTIAL_FAILURE +LASSO_IDWSF2_DST_ERROR_UNKNOWN_STATUS_CODE +LASSO_LASSO_HREF +LASSO_LASSO_PREFIX +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_INTERNET_PROTOCOL +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_PASSWORD +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_PREVIOUS_SESSION +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_SMARTCARD +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_SMARTCARD_PKI +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_SOFTWARE_PKI +LASSO_LIB_AUTHN_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN +LASSO_LIB_AUTHN_CONTEXT_COMPARISON_BETTER +LASSO_LIB_AUTHN_CONTEXT_COMPARISON_EXACT +LASSO_LIB_AUTHN_CONTEXT_COMPARISON_MAXIMUM +LASSO_LIB_AUTHN_CONTEXT_COMPARISON_MINIMUM +LASSO_LIB_CONSENT_INAPPLICABLE +LASSO_LIB_CONSENT_OBTAINED +LASSO_LIB_CONSENT_OBTAINED_CURRENT_EXPLICIT +LASSO_LIB_CONSENT_OBTAINED_CURRENT_IMPLICIT +LASSO_LIB_CONSENT_OBTAINED_PRIOR +LASSO_LIB_CONSENT_UNAVAILABLE +LASSO_LIB_HREF +LASSO_LIB_MAJOR_VERSION_N +LASSO_LIB_MINOR_VERSION_N +LASSO_LIB_NAMEID_POLICY_TYPE_ANY +LASSO_LIB_NAMEID_POLICY_TYPE_FEDERATED +LASSO_LIB_NAMEID_POLICY_TYPE_NONE +LASSO_LIB_NAMEID_POLICY_TYPE_ONE_TIME +LASSO_LIB_NAME_IDENTIFIER_FORMAT_ENCRYPTED +LASSO_LIB_NAME_IDENTIFIER_FORMAT_ENTITYID +LASSO_LIB_NAME_IDENTIFIER_FORMAT_FEDERATED +LASSO_LIB_NAME_IDENTIFIER_FORMAT_ONE_TIME +LASSO_LIB_PREFIX +LASSO_LIB_PROTOCOL_PROFILE_BRWS_ART +LASSO_LIB_PROTOCOL_PROFILE_BRWS_LECP +LASSO_LIB_PROTOCOL_PROFILE_BRWS_POST +LASSO_LIB_PROTOCOL_PROFILE_FED_TERM_IDP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_FED_TERM_IDP_SOAP +LASSO_LIB_PROTOCOL_PROFILE_FED_TERM_SP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_FED_TERM_SP_SOAP +LASSO_LIB_PROTOCOL_PROFILE_NIM_SP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_RNI_IDP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_RNI_IDP_SOAP +LASSO_LIB_PROTOCOL_PROFILE_RNI_SP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_RNI_SP_SOAP +LASSO_LIB_PROTOCOL_PROFILE_SLO_IDP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_SLO_IDP_SOAP +LASSO_LIB_PROTOCOL_PROFILE_SLO_SP_HTTP +LASSO_LIB_PROTOCOL_PROFILE_SLO_SP_SOAP +LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST +LASSO_LIB_STATUS_CODE_INVALID_ASSERTION_CONSUMER_SERVICE_INDEX +LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE +LASSO_LIB_STATUS_CODE_NO_AUTHN_CONTEXT +LASSO_LIB_STATUS_CODE_NO_AVAILABLEIDP +LASSO_LIB_STATUS_CODE_NO_PASSIVE +LASSO_LIB_STATUS_CODE_NO_SUPPORTEDIDP +LASSO_LIB_STATUS_CODE_PROXY_COUNT_EXCEEDED +LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL +LASSO_LIB_STATUS_CODE_UNSIGNED_AUTHN_REQUEST +LASSO_LIB_STATUS_CODE_UNSUPPORTED_PROFILE +LASSO_LOGIN_ERROR_ASSERTION_DOES_NOT_MATCH_REQUEST_ID +LASSO_LOGIN_ERROR_ASSERTION_REPLAY +LASSO_LOGIN_ERROR_CONSENT_NOT_OBTAINED +LASSO_LOGIN_ERROR_FEDERATION_NOT_FOUND +LASSO_LOGIN_ERROR_INVALID_ASSERTION_SIGNATURE +LASSO_LOGIN_ERROR_INVALID_NAMEIDPOLICY +LASSO_LOGIN_ERROR_INVALID_SIGNATURE +LASSO_LOGIN_ERROR_NO_DEFAULT_ENDPOINT +LASSO_LOGIN_ERROR_REQUEST_DENIED +LASSO_LOGIN_ERROR_STATUS_NOT_SUCCESS +LASSO_LOGIN_ERROR_UNKNOWN_PRINCIPAL +LASSO_LOGIN_ERROR_UNSIGNED_AUTHN_REQUEST +LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART +LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP +LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST +LASSO_LOGIN_PROTOCOL_PROFILE_REDIRECT +LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND +LASSO_LOGOUT_ERROR_REQUEST_DENIED +LASSO_LOGOUT_ERROR_UNKNOWN_PRINCIPAL +LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE +LASSO_MD_PROTOCOL_TYPE_ARTIFACT_RESOLUTION +LASSO_MD_PROTOCOL_TYPE_ASSERTION_ID_REQUEST +LASSO_MD_PROTOCOL_TYPE_ATTRIBUTE +LASSO_MD_PROTOCOL_TYPE_AUTHN_QUERY +LASSO_MD_PROTOCOL_TYPE_AUTHZ +LASSO_MD_PROTOCOL_TYPE_FEDERATION_TERMINATION +LASSO_MD_PROTOCOL_TYPE_LAST +LASSO_MD_PROTOCOL_TYPE_MANAGE_NAME_ID +LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING +LASSO_MD_PROTOCOL_TYPE_REGISTER_NAME_IDENTIFIER +LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT +LASSO_MD_PROTOCOL_TYPE_SINGLE_SIGN_ON +LASSO_MESSAGE_FORMAT_BASE64 +LASSO_MESSAGE_FORMAT_ERROR +LASSO_MESSAGE_FORMAT_QUERY +LASSO_MESSAGE_FORMAT_SOAP +LASSO_MESSAGE_FORMAT_UNKNOWN +LASSO_MESSAGE_FORMAT_XML +LASSO_MESSAGE_FORMAT_XSCHEMA_ERROR +LASSO_METADATA_HREF +LASSO_METADATA_PREFIX +LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE +LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_IDENTIFIER +LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_NAMESPACE +LASSO_PAOS_HREF +LASSO_PAOS_PREFIX +LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ +LASSO_PARAM_ERROR_CHECK_FAILED +LASSO_PARAM_ERROR_INVALID_VALUE +LASSO_PARAM_ERROR_NON_INITIALIZED_OBJECT +LASSO_PRIVATE_KEY_ATTRIBUTE +LASSO_PRIVATE_KEY_PASSWORD_ATTRIBUTE +LASSO_PRIVATE_STATUS_CODE_FAILED_TO_RESTORE_ARTIFACT +LASSO_PROFILE_ERROR_BAD_IDENTITY_DUMP +LASSO_PROFILE_ERROR_BAD_SESSION_DUMP +LASSO_PROFILE_ERROR_BUILDING_MESSAGE_FAILED +LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED +LASSO_PROFILE_ERROR_BUILDING_REQUEST_FAILED +LASSO_PROFILE_ERROR_BUILDING_RESPONSE_FAILED +LASSO_PROFILE_ERROR_CANNOT_FIND_A_PROVIDER +LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE +LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND +LASSO_PROFILE_ERROR_IDENTITY_NOT_FOUND +LASSO_PROFILE_ERROR_INVALID_ARTIFACT +LASSO_PROFILE_ERROR_INVALID_ASSERTION +LASSO_PROFILE_ERROR_INVALID_ASSERTION_CONDITIONS +LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD +LASSO_PROFILE_ERROR_INVALID_ISSUER +LASSO_PROFILE_ERROR_INVALID_MSG +LASSO_PROFILE_ERROR_INVALID_POST_MSG +LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE +LASSO_PROFILE_ERROR_INVALID_QUERY +LASSO_PROFILE_ERROR_INVALID_REQUEST +LASSO_PROFILE_ERROR_INVALID_RESPONSE +LASSO_PROFILE_ERROR_INVALID_SOAP_MSG +LASSO_PROFILE_ERROR_ISSUER_IS_NOT_AN_IDP +LASSO_PROFILE_ERROR_MISSING_ARTIFACT +LASSO_PROFILE_ERROR_MISSING_ASSERTION +LASSO_PROFILE_ERROR_MISSING_ENCRYPTION_PRIVATE_KEY +LASSO_PROFILE_ERROR_MISSING_ENDPOINT_REFERENCE +LASSO_PROFILE_ERROR_MISSING_ENDPOINT_REFERENCE_ADDRESS +LASSO_PROFILE_ERROR_MISSING_ISSUER +LASSO_PROFILE_ERROR_MISSING_NAME_IDENTIFIER +LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID +LASSO_PROFILE_ERROR_MISSING_REQUEST +LASSO_PROFILE_ERROR_MISSING_RESOURCE_OFFERING +LASSO_PROFILE_ERROR_MISSING_RESPONSE +LASSO_PROFILE_ERROR_MISSING_SERVER +LASSO_PROFILE_ERROR_MISSING_SERVICE_DESCRIPTION +LASSO_PROFILE_ERROR_MISSING_SERVICE_INSTANCE +LASSO_PROFILE_ERROR_MISSING_SERVICE_TYPE +LASSO_PROFILE_ERROR_MISSING_STATUS_CODE +LASSO_PROFILE_ERROR_MISSING_SUBJECT +LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND +LASSO_PROFILE_ERROR_RESPONSE_DOES_NOT_MATCH_REQUEST +LASSO_PROFILE_ERROR_SESSION_NOT_FOUND +LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS +LASSO_PROFILE_ERROR_UNKNOWN_ISSUER +LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL +LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER +LASSO_PROFILE_ERROR_UNSUPPORTED_BINDING +LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE +LASSO_PROFILE_SIGNATURE_HINT_FORBID +LASSO_PROFILE_SIGNATURE_HINT_FORCE +LASSO_PROFILE_SIGNATURE_HINT_MAYBE +LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE +LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE +LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST +LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE +LASSO_PROTOCOL_LIBERTY_1_0 +LASSO_PROTOCOL_LIBERTY_1_1 +LASSO_PROTOCOL_LIBERTY_1_2 +LASSO_PROTOCOL_NONE +LASSO_PROTOCOL_SAML_2_0 +LASSO_PROVIDER_ERROR_MISSING_PUBLIC_KEY +LASSO_PROVIDER_ROLE_ANY +LASSO_PROVIDER_ROLE_ATTRIBUTE_AUTHORITY +LASSO_PROVIDER_ROLE_AUTHN_AUTHORITY +LASSO_PROVIDER_ROLE_AUTHZ_AUTHORITY +LASSO_PROVIDER_ROLE_BOTH +LASSO_PROVIDER_ROLE_IDP +LASSO_PROVIDER_ROLE_LAST +LASSO_PROVIDER_ROLE_NONE +LASSO_PROVIDER_ROLE_SP +LASSO_PYTHON_HREF +LASSO_REGISTRY_ERROR_KEY_EXISTS +LASSO_REQUEST_TYPE_DEFEDERATION +LASSO_REQUEST_TYPE_DISCO_MODIFY +LASSO_REQUEST_TYPE_DISCO_QUERY +LASSO_REQUEST_TYPE_DST_MODIFY +LASSO_REQUEST_TYPE_DST_QUERY +LASSO_REQUEST_TYPE_IDWSF2_DISCO_QUERY +LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_ASSOCIATION_ADD +LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_REGISTER +LASSO_REQUEST_TYPE_INVALID +LASSO_REQUEST_TYPE_LECP +LASSO_REQUEST_TYPE_LOGIN +LASSO_REQUEST_TYPE_LOGOUT +LASSO_REQUEST_TYPE_NAME_IDENTIFIER_MAPPING +LASSO_REQUEST_TYPE_NAME_ID_MANAGEMENT +LASSO_REQUEST_TYPE_NAME_REGISTRATION +LASSO_REQUEST_TYPE_SASL_REQUEST +LASSO_SAML2_ACTION_GHPP_GET +LASSO_SAML2_ACTION_GHPP_HEAD +LASSO_SAML2_ACTION_GHPP_POST +LASSO_SAML2_ACTION_GHPP_PUT +LASSO_SAML2_ACTION_NAMESPACE_GHPP +LASSO_SAML2_ACTION_NAMESPACE_RWEDC +LASSO_SAML2_ACTION_NAMESPACE_RWEDC_NEGATION +LASSO_SAML2_ACTION_NAMESPACE_UNIX +LASSO_SAML2_ACTION_RWEDC_CONTROL +LASSO_SAML2_ACTION_RWEDC_DELETE +LASSO_SAML2_ACTION_RWEDC_EXECUTE +LASSO_SAML2_ACTION_RWEDC_NEGATION +LASSO_SAML2_ACTION_RWEDC_READ +LASSO_SAML2_ACTION_RWEDC_WRITE +LASSO_SAML2_ASSERTION_HREF +LASSO_SAML2_ASSERTION_INDETERMINATE +LASSO_SAML2_ASSERTION_INVALID +LASSO_SAML2_ASSERTION_PREFIX +LASSO_SAML2_ASSERTION_VALID +LASSO_SAML2_ATTRIBUTE_NAME_EPR +LASSO_SAML2_ATTRIBUTE_NAME_FORMAT_BASIC +LASSO_SAML2_ATTRIBUTE_NAME_FORMAT_UNSPECIFIED +LASSO_SAML2_ATTRIBUTE_NAME_FORMAT_URI +LASSO_SAML2_ATTRIBUTE_PROFILE_BASIC +LASSO_SAML2_ATTRIBUTE_PROFILE_DCE +LASSO_SAML2_ATTRIBUTE_PROFILE_UUID +LASSO_SAML2_ATTRIBUTE_PROFILE_X500 +LASSO_SAML2_AUTHN_CONTEXT_AUTHENTICATED_TELEPHONY +LASSO_SAML2_AUTHN_CONTEXT_INTERNET_PROTOCOL +LASSO_SAML2_AUTHN_CONTEXT_INTERNET_PROTOCOL_PASSWORD +LASSO_SAML2_AUTHN_CONTEXT_KERBEROS +LASSO_SAML2_AUTHN_CONTEXT_MOBILE_ONE_FACTOR_CONTRACT +LASSO_SAML2_AUTHN_CONTEXT_MOBILE_ONE_FACTOR_UNREGISTERED +LASSO_SAML2_AUTHN_CONTEXT_MOBILE_TWO_FACTOR_CONTRACT +LASSO_SAML2_AUTHN_CONTEXT_MOBILE_TWO_FACTOR_UNREGISTERED +LASSO_SAML2_AUTHN_CONTEXT_NOMAD_TELEPHONY +LASSO_SAML2_AUTHN_CONTEXT_PASSWORD +LASSO_SAML2_AUTHN_CONTEXT_PASSWORD_PROTECTED_TRANSPORT +LASSO_SAML2_AUTHN_CONTEXT_PERSONALIZED_TELEPHONY +LASSO_SAML2_AUTHN_CONTEXT_PGP +LASSO_SAML2_AUTHN_CONTEXT_PREVIOUS_SESSION +LASSO_SAML2_AUTHN_CONTEXT_SECURE_REMOTE_PASSWORD +LASSO_SAML2_AUTHN_CONTEXT_SMARTCARD +LASSO_SAML2_AUTHN_CONTEXT_SMARTCARD_PKI +LASSO_SAML2_AUTHN_CONTEXT_SOFTWARE_PKI +LASSO_SAML2_AUTHN_CONTEXT_SPKI +LASSO_SAML2_AUTHN_CONTEXT_TELEPHONY +LASSO_SAML2_AUTHN_CONTEXT_TIME_SYNC_TOKEN +LASSO_SAML2_AUTHN_CONTEXT_TLS_CLIENT +LASSO_SAML2_AUTHN_CONTEXT_UNSPECIFIED +LASSO_SAML2_AUTHN_CONTEXT_X509 +LASSO_SAML2_AUTHN_CONTEXT_XMLDSIG +LASSO_SAML2_CONFIRMATION_METHOD_BEARER +LASSO_SAML2_CONFIRMATION_METHOD_HOLDER_OF_KEY +LASSO_SAML2_CONSENT_EXPLICIT +LASSO_SAML2_CONSENT_IMPLICIT +LASSO_SAML2_CONSENT_INAPPLICABLE +LASSO_SAML2_CONSENT_OBTAINED +LASSO_SAML2_CONSENT_PRIOR +LASSO_SAML2_CONSENT_UNAVAILABLE +LASSO_SAML2_DEFLATE_ENCODING +LASSO_SAML2_FIELD_ARTIFACT +LASSO_SAML2_FIELD_ENCODING +LASSO_SAML2_FIELD_RELAYSTATE +LASSO_SAML2_FIELD_REQUEST +LASSO_SAML2_FIELD_RESPONSE +LASSO_SAML2_FIELD_SIGALG +LASSO_SAML2_FIELD_SIGNATURE +LASSO_SAML2_METADATA_BINDING_ARTIFACT +LASSO_SAML2_METADATA_BINDING_PAOS +LASSO_SAML2_METADATA_BINDING_POST +LASSO_SAML2_METADATA_BINDING_REDIRECT +LASSO_SAML2_METADATA_BINDING_SOAP +LASSO_SAML2_METADATA_BINDING_URI +LASSO_SAML2_METADATA_HREF +LASSO_SAML2_METADATA_PREFIX +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_EMAIL +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_WINDOWS +LASSO_SAML2_NAME_IDENTIFIER_FORMAT_X509 +LASSO_SAML2_PROTOCOL_HREF +LASSO_SAML2_PROTOCOL_PREFIX +LASSO_SAML2_STATUS_CODE_AUTHN_FAILED +LASSO_SAML2_STATUS_CODE_INVALID_ATTR_NAME +LASSO_SAML2_STATUS_CODE_INVALID_NAME_ID_POLICY +LASSO_SAML2_STATUS_CODE_NO_AUTHN_CONTEXT +LASSO_SAML2_STATUS_CODE_NO_AVAILABLE_IDP +LASSO_SAML2_STATUS_CODE_NO_PASSIVE +LASSO_SAML2_STATUS_CODE_NO_SUPPORTED_IDP +LASSO_SAML2_STATUS_CODE_PARTIAL_LOGOUT +LASSO_SAML2_STATUS_CODE_PROXY_COUNT_EXCEEDED +LASSO_SAML2_STATUS_CODE_REQUESTER +LASSO_SAML2_STATUS_CODE_REQUEST_DENIED +LASSO_SAML2_STATUS_CODE_REQUEST_UNSUPPORTED +LASSO_SAML2_STATUS_CODE_REQUEST_VERSION_DEPRECATED +LASSO_SAML2_STATUS_CODE_REQUEST_VERSION_TOO_HIGH +LASSO_SAML2_STATUS_CODE_REQUEST_VERSION_TOO_LOW +LASSO_SAML2_STATUS_CODE_RESOURCE_NOT_RECOGNIZED +LASSO_SAML2_STATUS_CODE_RESPONDER +LASSO_SAML2_STATUS_CODE_SUCCESS +LASSO_SAML2_STATUS_CODE_TOO_MANY_RESPONSES +LASSO_SAML2_STATUS_CODE_UNKNOWN_ATTR_PROFILE +LASSO_SAML2_STATUS_CODE_UNKNOWN_PRINCIPAL +LASSO_SAML2_STATUS_CODE_UNSUPPORTED_BINDING +LASSO_SAML2_STATUS_CODE_VERSION_MISMATCH +LASSO_SAML_ASSERTION_HREF +LASSO_SAML_ASSERTION_PREFIX +LASSO_SAML_AUTHENTICATION_METHODS_PKI +LASSO_SAML_AUTHENTICATION_METHOD_HARDWARE_TOKEN +LASSO_SAML_AUTHENTICATION_METHOD_KERBEROS +LASSO_SAML_AUTHENTICATION_METHOD_LIBERTY +LASSO_SAML_AUTHENTICATION_METHOD_PASSWORD +LASSO_SAML_AUTHENTICATION_METHOD_PGP +LASSO_SAML_AUTHENTICATION_METHOD_SECURE_REMOTE_PASSWORD +LASSO_SAML_AUTHENTICATION_METHOD_SMARTCARD_PKI +LASSO_SAML_AUTHENTICATION_METHOD_SOFTWARE_PKI +LASSO_SAML_AUTHENTICATION_METHOD_UNSPECIFIED +LASSO_SAML_AUTHENTICATION_METHOD_XKMS +LASSO_SAML_AUTHENTICATION_METHOD_XMLD_SIG +LASSO_SAML_CONFIRMATION_METHOD_ARTIFACT +LASSO_SAML_CONFIRMATION_METHOD_ARTIFACT01 +LASSO_SAML_CONFIRMATION_METHOD_BEARER +LASSO_SAML_CONFIRMATION_METHOD_HOLDER_OF_KEY +LASSO_SAML_CONFIRMATION_METHOD_SENDER_VOUCHES +LASSO_SAML_MAJOR_VERSION_N +LASSO_SAML_MINOR_VERSION_N +LASSO_SAML_PROTOCOL_HREF +LASSO_SAML_PROTOCOL_PREFIX +LASSO_SAML_STATUS_CODE_REQUESTER +LASSO_SAML_STATUS_CODE_REQUEST_DENIED +LASSO_SAML_STATUS_CODE_REQUEST_VERSION_DEPRECATED +LASSO_SAML_STATUS_CODE_REQUEST_VERSION_TOO_HIGH +LASSO_SAML_STATUS_CODE_REQUEST_VERSION_TOO_LOW +LASSO_SAML_STATUS_CODE_RESOURCE_NOT_RECOGNIZED +LASSO_SAML_STATUS_CODE_RESPONDER +LASSO_SAML_STATUS_CODE_SUCCESS +LASSO_SAML_STATUS_CODE_TOO_MANY_RESPONSES +LASSO_SAML_STATUS_CODE_VERSION_MISMATCH +LASSO_SERVER_ERROR_ADD_PROVIDER_FAILED +LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH +LASSO_SERVER_ERROR_INVALID_XML +LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND +LASSO_SERVER_ERROR_SET_ENCRYPTION_PRIVATE_KEY_FAILED +LASSO_SIGNATURE_METHOD_ATTRIBUTE +LASSO_SIGNATURE_METHOD_DSA_SHA1 +LASSO_SIGNATURE_METHOD_LAST +LASSO_SIGNATURE_METHOD_RSA_SHA1 +LASSO_SIGNATURE_TYPE_ATTRIBUTE +LASSO_SIGNATURE_TYPE_LAST +LASSO_SIGNATURE_TYPE_NONE +LASSO_SIGNATURE_TYPE_SIMPLE +LASSO_SIGNATURE_TYPE_WITHX509 +LASSO_SOAP_ENV_ACTOR +LASSO_SOAP_ENV_HREF +LASSO_SOAP_ENV_PREFIX +LASSO_SOAP_ERROR_MISSING_BODY +LASSO_SOAP_ERROR_MISSING_ENVELOPE +LASSO_SOAP_ERROR_MISSING_HEADER +LASSO_SOAP_ERROR_MISSING_SOAP_FAULT_DETAIL +LASSO_SOAP_ERROR_REDIRECT_REQUEST_FAULT +LASSO_SOAP_FAULT_CODE_CLIENT +LASSO_SOAP_FAULT_CODE_MUST_UNDERSTAND +LASSO_SOAP_FAULT_CODE_SERVER +LASSO_SOAP_FAULT_CODE_VERSION_MISMATCH +LASSO_SOAP_FAULT_REDIRECT_REQUEST +LASSO_WSF_ENABLED +LASSO_WSF_PROFILE_ERROR_INVALID_OR_MISSING_REFERENCE_TO_MESSAGE_ID +LASSO_WSF_PROFILE_ERROR_MISSING_ASSERTION_ID +LASSO_WSF_PROFILE_ERROR_MISSING_CORRELATION +LASSO_WSF_PROFILE_ERROR_MISSING_CREDENTIAL_REF +LASSO_WSF_PROFILE_ERROR_MISSING_DESCRIPTION +LASSO_WSF_PROFILE_ERROR_MISSING_ENDPOINT +LASSO_WSF_PROFILE_ERROR_MISSING_RESOURCE_ID +LASSO_WSF_PROFILE_ERROR_MISSING_SECURITY +LASSO_WSF_PROFILE_ERROR_MISSING_SENDER_ID +LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST +LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST_UNSUPPORTED_BY_REQUESTER +LASSO_WSF_PROFILE_ERROR_SECURITY_MECHANISM_CHECK_FAILED +LASSO_WSF_PROFILE_ERROR_SERVER_INTERACTION_REQUIRED +LASSO_WSF_PROFILE_ERROR_SERVER_INTERACTION_REQUIRED_FOR_DATA +LASSO_WSF_PROFILE_ERROR_SOAP_FAULT +LASSO_WSF_PROFILE_ERROR_UNKNOWN_STATUS_CODE +LASSO_WSF_PROFILE_ERROR_UNSUPPORTED_SECURITY_MECHANISM +LASSO_WSSEC_ERROR_BAD_PASSWORD +LASSO_WSSEC_ERROR_MISSING_SECURITY_TOKEN +LASSO_XML_ERROR_ATTR_NOT_FOUND +LASSO_XML_ERROR_ATTR_VALUE_NOT_FOUND +LASSO_XML_ERROR_INVALID_FILE +LASSO_XML_ERROR_MISSING_NAMESPACE +LASSO_XML_ERROR_NODE_CONTENT_NOT_FOUND +LASSO_XML_ERROR_NODE_NOT_FOUND +LASSO_XML_ERROR_OBJECT_CONSTRUCTION_FAILED +LASSO_XML_ERROR_SCHEMA_INVALID_FRAGMENT +LASSO_XSI_HREF +LASSO_XSI_PREFIX +struct LassoAssertionQuery { LassoAssertionQueryPrivate* private_data } +LassoAssertionQueryRequestType +LassoCheckVersionMode +struct LassoDefederation { } +struct LassoDsKeyInfo { LassoDsKeyValue* KeyValue } +struct LassoDsKeyValue { LassoDsRsaKeyValue* RSAKeyValue } +struct LassoDsRsaKeyValue { char* Modulus, char* Exponent } +struct LassoEcp { gchar* assertionConsumerURL, LassoEcpPrivate* private_data } +LassoEncryptionMode +LassoEncryptionSymKeyType +struct LassoFederation { gchar* remote_providerID, LassoNode* local_nameIdentifier, LassoNode* remote_nameIdentifier, LassoFederationPrivate* private_data } +LassoHttpMethod +struct LassoIdentity { GHashTable* federations, gboolean is_dirty, LassoIdentityPrivate* private_data } +struct LassoLecp { LassoLibAuthnRequestEnvelope* authnRequestEnvelope, LassoLibAuthnResponseEnvelope* authnResponseEnvelope, char* assertionConsumerServiceURL } +struct LassoLibAssertion { char* InResponseTo } +struct LassoLibAuthenticationStatement { LassoLibAuthnContext* AuthnContext, char* ReauthenticateOnOrAfter, char* SessionIndex } +struct LassoLibAuthnContext { char* AuthnContextClassRef, char* AuthnContextStatementRef } +struct LassoLibAuthnRequest { GList* Extension, char* ProviderID, char* AffiliationID, char* NameIDPolicy, gboolean ForceAuthn, gboolean IsPassive, char* ProtocolProfile, char* AssertionConsumerServiceID, LassoLibRequestAuthnContext* RequestAuthnContext, char* RelayState, LassoLibScoping* Scoping, char* consent } +struct LassoLibAuthnRequestEnvelope { GList* Extension, LassoLibAuthnRequest* AuthnRequest, char* ProviderID, char* ProviderName, char* AssertionConsumerServiceURL, LassoLibIDPList* IDPList, gboolean IsPassive } +struct LassoLibAuthnResponse { GList* Extension, char* ProviderID, char* RelayState, char* consent } +struct LassoLibAuthnResponseEnvelope { GList* Extension, LassoLibAuthnResponse* AuthnResponse, char* AssertionConsumerServiceURL } +struct LassoLibFederationTerminationNotification { GList* Extension, char* ProviderID, LassoSamlNameIdentifier* NameIdentifier, char* consent, char* RelayState } +struct LassoLibIDPEntries { GList* IDPEntry } +struct LassoLibIDPEntry { char* ProviderID, char* ProviderName, char* Loc } +struct LassoLibIDPList { LassoLibIDPEntries* IDPEntries, char* GetComplete } +struct LassoLibLogoutRequest { GList* Extension, char* ProviderID, LassoSamlNameIdentifier* NameIdentifier, char* SessionIndex, char* RelayState, char* consent, char* NotOnOrAfter } +struct LassoLibLogoutResponse { } +struct LassoLibNameIdentifierMappingRequest { GList* Extension, char* ProviderID, LassoSamlNameIdentifier* NameIdentifier, char* TargetNamespace, char* consent } +struct LassoLibNameIdentifierMappingResponse { GList* Extension, char* ProviderID, LassoSamlpStatus* Status, LassoSamlNameIdentifier* NameIdentifier } +struct LassoLibRegisterNameIdentifierRequest { GList* Extension, char* ProviderID, LassoSamlNameIdentifier* IDPProvidedNameIdentifier, LassoSamlNameIdentifier* SPProvidedNameIdentifier, LassoSamlNameIdentifier* OldProvidedNameIdentifier, char* RelayState } +struct LassoLibRegisterNameIdentifierResponse { } +struct LassoLibRequestAuthnContext { GList* AuthnContextClassRef, GList* AuthnContextStatementRef, char* AuthnContextComparison } +struct LassoLibScoping { int ProxyCount, LassoLibIDPList* IDPList } +struct LassoLibStatusResponse { GList* Extension, char* ProviderID, LassoSamlpStatus* Status, char* RelayState } +struct LassoLibSubject { LassoSamlNameIdentifier* IDPProvidedNameIdentifier } +struct LassoLogin { LassoLoginProtocolProfile protocolProfile, gchar* assertionArtifact, LassoSamlAssertion* assertion, gchar* nameIDPolicy, LassoHttpMethod http_method, LassoLoginPrivate* private_data } +LassoLoginProtocolProfile +struct LassoLogout { LassoNode* initial_request, LassoNode* initial_response, gchar* initial_remote_providerID, gint providerID_index, LassoHttpMethod initial_http_request_method, LassoLogoutPrivate* private_data } +LassoMdProtocolType +LassoMessageFormat +struct LassoMiscTextNode { char* content, char* name, char* ns_href, char* ns_prefix, gboolean text_child } +struct LassoNameIdManagement { } +struct LassoNameIdentifierMapping { gchar* targetNameIdentifier } +struct LassoNameRegistration { LassoSamlNameIdentifier* oldNameIdentifier } +struct LassoNode { } +struct LassoProfile { LassoServer* server, LassoNode* request, LassoNode* response, LassoNode* nameIdentifier, gchar* remote_providerID, gchar* msg_url, gchar* msg_body, gchar* msg_relayState, LassoIdentity* identity, LassoSession* session, LassoHttpMethod http_request_method, gint signature_status, LassoProfilePrivate* private_data } +LassoProfileSignatureHint +LassoProfileSignatureVerifyHint +LassoProtocolConformance +struct LassoProvider { gchar* ProviderID, LassoProviderRole role, char* metadata_filename, gchar* public_key, gchar* ca_cert_chain, LassoProviderPrivate* private_data } +LassoProviderRole +LassoRequestType +struct LassoSaml2Action { char* content, char* Namespace } +struct LassoSaml2Advice { GList* AssertionIDRef, GList* AssertionURIRef, GList* Assertion, GList* EncryptedAssertion } +struct LassoSaml2Assertion { LassoSaml2NameID* Issuer, LassoSaml2Subject* Subject, LassoSaml2Conditions* Conditions, LassoSaml2Advice* Advice, GList* Statement, GList* AuthnStatement, GList* AuthzDecisionStatement, GList* AttributeStatement, char* Version, char* ID, char* IssueInstant, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file, gboolean encryption_activated, char* encryption_public_key_str, LassoEncryptionSymKeyType encryption_sym_key_type } +LassoSaml2AssertionValidationState +struct LassoSaml2Attribute { GList* AttributeValue, char* Name, char* NameFormat, char* FriendlyName } +struct LassoSaml2AttributeStatement { GList* Attribute, GList* EncryptedAttribute } +struct LassoSaml2AttributeValue { GList* any } +struct LassoSaml2AudienceRestriction { char* Audience } +struct LassoSaml2AuthnContext { char* AuthnContextClassRef, char* AuthnContextDeclRef, char* AuthenticatingAuthority } +struct LassoSaml2AuthnStatement { LassoSaml2SubjectLocality* SubjectLocality, LassoSaml2AuthnContext* AuthnContext, char* AuthnInstant, char* SessionIndex, char* SessionNotOnOrAfter } +struct LassoSaml2AuthzDecisionStatement { LassoSaml2Action* Action, LassoSaml2Evidence* Evidence, char* Resource, char* Decision } +struct LassoSaml2BaseIDAbstract { char* NameQualifier, char* SPNameQualifier } +struct LassoSaml2ConditionAbstract { } +struct LassoSaml2Conditions { GList* Condition, GList* AudienceRestriction, GList* OneTimeUse, GList* ProxyRestriction, char* NotBefore, char* NotOnOrAfter } +struct LassoSaml2EncryptedElement { xmlNode* EncryptedData, GList* EncryptedKey, LassoNode* original_data } +struct LassoSaml2Evidence { GList* AssertionIDRef, GList* AssertionURIRef, GList* Assertion, GList* EncryptedAssertion } +struct LassoSaml2KeyInfoConfirmationData { } +struct LassoSaml2NameID { char* content, char* Format, char* SPProvidedID, char* NameQualifier, char* SPNameQualifier } +struct LassoSaml2OneTimeUse { } +struct LassoSaml2ProxyRestriction { char* Audience, char* Count } +struct LassoSaml2StatementAbstract { } +struct LassoSaml2Subject { LassoSaml2BaseIDAbstract* BaseID, LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID, LassoSaml2SubjectConfirmation* SubjectConfirmation } +struct LassoSaml2SubjectConfirmation { LassoSaml2BaseIDAbstract* BaseID, LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID, LassoSaml2SubjectConfirmationData* SubjectConfirmationData, char* Method } +struct LassoSaml2SubjectConfirmationData { char* NotBefore, char* NotOnOrAfter, char* Recipient, char* InResponseTo, char* Address } +struct LassoSaml2SubjectLocality { char* Address, char* DNSName } +struct LassoSamlAdvice { GList* AssertionIDReference, LassoNode* Assertion } +struct LassoSamlAssertion { LassoSamlConditions* Conditions, LassoSamlAdvice* Advice, LassoSamlSubjectStatement* SubjectStatement, LassoSamlAuthenticationStatement* AuthenticationStatement, LassoSamlAttributeStatement* AttributeStatement, int MajorVersion, int MinorVersion, char* AssertionID, char* Issuer, char* IssueInstant, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file } +struct LassoSamlAttribute { gchar* attributeName, gchar* attributeNameSpace, GList* AttributeValue } +struct LassoSamlAttributeDesignator { char* AttributeName, char* AttributeNamespace } +struct LassoSamlAttributeStatement { GList* Attribute } +struct LassoSamlAttributeValue { GList* any } +struct LassoSamlAudienceRestrictionCondition { GList* Audience } +struct LassoSamlAuthenticationStatement { LassoSamlSubjectLocality* SubjectLocality, GList* AuthorityBinding, char* AuthenticationMethod, char* AuthenticationInstant } +struct LassoSamlAuthorityBinding { char* AuthorityKind, char* Location, char* Binding } +struct LassoSamlConditionAbstract { } +struct LassoSamlConditions { GList* Condition, GList* AudienceRestrictionCondition, char* NotBefore, char* NotOnOrAfter } +struct LassoSamlNameIdentifier { char* NameQualifier, char* Format, char* content } +struct LassoSamlStatementAbstract { } +struct LassoSamlSubject { LassoSamlNameIdentifier* NameIdentifier, LassoSamlSubjectConfirmation* SubjectConfirmation, LassoSaml2EncryptedElement* EncryptedNameIdentifier } +struct LassoSamlSubjectConfirmation { GList* ConfirmationMethod, char* SubjectConfirmationData, LassoDsKeyInfo* KeyInfo } +struct LassoSamlSubjectLocality { char* IPAddress, char* DNSAddress } +struct LassoSamlSubjectStatement { } +struct LassoSamlSubjectStatementAbstract { LassoSamlSubject* Subject } +struct LassoSamlp2ArtifactResolve { char* Artifact } +struct LassoSamlp2ArtifactResponse { LassoNode* any } +struct LassoSamlp2AssertionIDRequest { char* AssertionIDRef } +struct LassoSamlp2AttributeQuery { GList* Attribute } +struct LassoSamlp2AuthnQuery { LassoSamlp2RequestedAuthnContext* RequestedAuthnContext, char* SessionIndex } +struct LassoSamlp2AuthnRequest { LassoSaml2Subject* Subject, LassoSamlp2NameIDPolicy* NameIDPolicy, LassoSaml2Conditions* Conditions, LassoSamlp2RequestedAuthnContext* RequestedAuthnContext, LassoSamlp2Scoping* Scoping, gboolean ForceAuthn, gboolean IsPassive, char* ProtocolBinding, int AssertionConsumerServiceIndex, char* AssertionConsumerServiceURL, int AttributeConsumingServiceIndex, char* ProviderName, G_GNUC_DEPRECATED char } +struct LassoSamlp2AuthzDecisionQuery { LassoSaml2Action* Action, LassoSaml2Evidence* Evidence, char* Resource } +struct LassoSamlp2Extensions { } +struct LassoSamlp2IDPEntry { char* ProviderID, char* Name, char* Loc } +struct LassoSamlp2IDPList { LassoSamlp2IDPEntry* IDPEntry, char* GetComplete } +struct LassoSamlp2LogoutRequest { LassoSaml2BaseIDAbstract* BaseID, LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID, char* SessionIndex, char* Reason, char* NotOnOrAfter, G_GNUC_DEPRECATED char } +struct LassoSamlp2LogoutResponse { G_GNUC_DEPRECATED char } +struct LassoSamlp2ManageNameIDRequest { LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID, char* NewID, LassoSaml2EncryptedElement* NewEncryptedID, LassoSamlp2Terminate* Terminate } +struct LassoSamlp2ManageNameIDResponse { } +struct LassoSamlp2NameIDMappingRequest { LassoSaml2BaseIDAbstract* BaseID, LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID, LassoSamlp2NameIDPolicy* NameIDPolicy } +struct LassoSamlp2NameIDMappingResponse { LassoSaml2NameID* NameID, LassoSaml2EncryptedElement* EncryptedID } +struct LassoSamlp2NameIDPolicy { char* Format, char* SPNameQualifier, gboolean AllowCreate } +struct LassoSamlp2RequestAbstract { LassoSaml2NameID* Issuer, LassoSamlp2Extensions* Extensions, char* ID, char* Version, char* IssueInstant, char* Destination, char* Consent, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file } +struct LassoSamlp2RequestedAuthnContext { GList* AuthnContextClassRef, GList* AuthnContextDeclRef, char* Comparison } +struct LassoSamlp2Response { GList* Assertion, GList* EncryptedAssertion } +struct LassoSamlp2Scoping { LassoSamlp2IDPList* IDPList, char* RequesterID, char* ProxyCount } +struct LassoSamlp2Status { LassoSamlp2StatusCode* StatusCode, char* StatusMessage, LassoSamlp2StatusDetail* StatusDetail } +struct LassoSamlp2StatusCode { LassoSamlp2StatusCode* StatusCode, char* Value } +struct LassoSamlp2StatusDetail { } +struct LassoSamlp2StatusResponse { LassoSaml2NameID* Issuer, LassoSamlp2Extensions* Extensions, LassoSamlp2Status* Status, char* ID, char* InResponseTo, char* Version, char* IssueInstant, char* Destination, char* Consent, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file } +struct LassoSamlp2SubjectQueryAbstract { LassoSaml2Subject* Subject } +struct LassoSamlp2Terminate { } +struct LassoSamlpRequest { char* AssertionArtifact } +struct LassoSamlpRequestAbstract { GList* RespondWith, char* RequestID, int MajorVersion, int MinorVersion, char* IssueInstant, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file } +struct LassoSamlpResponse { LassoSamlpStatus* Status, GList* Assertion } +struct LassoSamlpResponseAbstract { char* ResponseID, char* InResponseTo, int MajorVersion, int MinorVersion, char* IssueInstant, char* Recipient, LassoSignatureType sign_type, LassoSignatureMethod sign_method, char* private_key_file, char* certificate_file } +struct LassoSamlpStatus { LassoSamlpStatusCode* StatusCode, char* StatusMessage } +struct LassoSamlpStatusCode { LassoSamlpStatusCode* StatusCode, char* Value } +struct LassoServer { GHashTable* providers, GHashTable* services, gchar* private_key, gchar* private_key_password, gchar* certificate, LassoSignatureMethod signature_method, LassoServerPrivate* private_data } +struct LassoSession { GHashTable* assertions, gboolean is_dirty, LassoSessionPrivate* private_data } +LassoSignatureMethod +LassoSignatureType +lasso_error_t lasso_assertion_query_add_attribute_request ( LassoAssertionQuery* assertion_query, char* format, char* name ) +lasso_error_t lasso_assertion_query_build_request_msg ( LassoAssertionQuery* assertion_query ) +lasso_error_t lasso_assertion_query_build_response_msg ( LassoAssertionQuery* assertion_query ) +None lasso_assertion_query_destroy ( LassoAssertionQuery* assertion_query ) +LassoAssertionQueryRequestType lasso_assertion_query_get_request_type ( LassoAssertionQuery* assertion_query ) +GType lasso_assertion_query_get_type ( ) +lasso_error_t lasso_assertion_query_init_request ( LassoAssertionQuery* assertion_query, char* remote_provider_id, LassoHttpMethod http_method, LassoAssertionQueryRequestType query_request_type ) +LassoAssertionQuery* lasso_assertion_query_new ( LassoServer* server ) +lasso_error_t lasso_assertion_query_process_request_msg ( LassoAssertionQuery* assertion_query, gchar* request_msg ) +lasso_error_t lasso_assertion_query_process_response_msg ( LassoAssertionQuery* assertion_query, gchar* response_msg ) +lasso_error_t lasso_assertion_query_validate_request ( LassoAssertionQuery* assertion_query ) +char* lasso_build_unique_id ( unsigned int size ) +int lasso_check_version ( int major, int minor, int subminor, LassoCheckVersionMode mode ) +lasso_error_t lasso_defederation_build_notification_msg ( LassoDefederation* defederation ) +None lasso_defederation_destroy ( LassoDefederation* defederation ) +GType lasso_defederation_get_type ( ) +lasso_error_t lasso_defederation_init_notification ( LassoDefederation* defederation, gchar* remote_providerID, LassoHttpMethod http_method ) +LassoDefederation* lasso_defederation_new ( LassoServer* server ) +lasso_error_t lasso_defederation_process_notification_msg ( LassoDefederation* defederation, gchar* notification_msg ) +lasso_error_t lasso_defederation_validate_notification ( LassoDefederation* defederation ) +GType lasso_ds_key_info_get_type ( ) +LassoDsKeyInfo* lasso_ds_key_info_new ( ) +GType lasso_ds_key_value_get_type ( ) +LassoDsKeyValue* lasso_ds_key_value_new ( ) +GType lasso_ds_rsa_key_value_get_type ( ) +LassoDsRsaKeyValue* lasso_ds_rsa_key_value_new ( ) +None lasso_ecp_destroy ( LassoEcp* ecp ) +GType lasso_ecp_get_type ( ) +LassoEcp* lasso_ecp_new ( LassoServer* server ) +lasso_error_t lasso_ecp_process_authn_request_msg ( LassoEcp* ecp, const char* authn_request_msg ) +lasso_error_t lasso_ecp_process_response_msg ( LassoEcp* ecp, const char* response_msg ) +None lasso_federation_build_local_name_identifier ( LassoFederation* federation, const gchar* nameQualifier, const gchar* format, const gchar* content ) +None lasso_federation_destroy ( LassoFederation* federation ) +GType lasso_federation_get_type ( ) +LassoFederation* lasso_federation_new ( const gchar* remote_providerID ) +gboolean lasso_federation_verify_name_identifier ( LassoFederation* federation, LassoNode* name_identifier ) +char* lasso_get_prefix_for_dst_service_href ( const char* href ) +gchar* lasso_get_prefix_for_idwsf2_dst_service_href ( const gchar* href ) +None lasso_identity_destroy ( LassoIdentity* identity ) +gchar* lasso_identity_dump ( LassoIdentity* identity ) +LassoFederation* lasso_identity_get_federation ( LassoIdentity* identity, const char* providerID ) +GType lasso_identity_get_type ( ) +LassoIdentity* lasso_identity_new ( ) +LassoIdentity* lasso_identity_new_from_dump ( const gchar* dump ) +lasso_error_t lasso_init ( ) +lasso_error_t lasso_lecp_build_authn_request_envelope_msg ( LassoLecp* lecp ) +lasso_error_t lasso_lecp_build_authn_request_msg ( LassoLecp* lecp ) +lasso_error_t lasso_lecp_build_authn_response_envelope_msg ( LassoLecp* lecp ) +lasso_error_t lasso_lecp_build_authn_response_msg ( LassoLecp* lecp ) +None lasso_lecp_destroy ( LassoLecp* lecp ) +GType lasso_lecp_get_type ( ) +lasso_error_t lasso_lecp_init_authn_request ( LassoLecp* lecp, const char* remote_providerID ) +LassoLecp* lasso_lecp_new ( LassoServer* server ) +lasso_error_t lasso_lecp_process_authn_request_envelope_msg ( LassoLecp* lecp, const char* request_msg ) +lasso_error_t lasso_lecp_process_authn_request_msg ( LassoLecp* lecp, const char* authn_request_msg ) +lasso_error_t lasso_lecp_process_authn_response_envelope_msg ( LassoLecp* lecp, const char* response_msg ) +GType lasso_lib_assertion_get_type ( ) +LassoLibAssertion* lasso_lib_assertion_new ( ) +LassoLibAssertion* lasso_lib_assertion_new_full ( const char* issuer, const char* requestID, const char* audience, const char* notBefore, const char* notOnOrAfter ) +GType lasso_lib_authentication_statement_get_type ( ) +LassoLibAuthenticationStatement* lasso_lib_authentication_statement_new ( ) +LassoLibAuthenticationStatement* lasso_lib_authentication_statement_new_full ( const char* authenticationMethod, const char* authenticationInstant, const char* reauthenticateOnOrAfter, LassoSamlNameIdentifier* sp_identifier, LassoSamlNameIdentifier* idp_identifier ) +GType lasso_lib_authn_context_get_type ( ) +LassoNode* lasso_lib_authn_context_new ( ) +GType lasso_lib_authn_request_envelope_get_type ( ) +LassoLibAuthnRequestEnvelope* lasso_lib_authn_request_envelope_new ( ) +LassoLibAuthnRequestEnvelope* lasso_lib_authn_request_envelope_new_full ( LassoLibAuthnRequest* authnRequest, char* providerID, char* assertionConsumerServiceURL ) +GType lasso_lib_authn_request_get_type ( ) +LassoLibAuthnRequest* lasso_lib_authn_request_new ( ) +GType lasso_lib_authn_response_envelope_get_type ( ) +LassoLibAuthnResponseEnvelope* lasso_lib_authn_response_envelope_new ( LassoLibAuthnResponse* response, char* assertionConsumerServiceURL ) +GType lasso_lib_authn_response_get_type ( ) +LassoNode* lasso_lib_authn_response_new ( char* providerID, LassoLibAuthnRequest* request ) +GType lasso_lib_federation_termination_notification_get_type ( ) +LassoNode* lasso_lib_federation_termination_notification_new ( ) +LassoNode* lasso_lib_federation_termination_notification_new_full ( char* providerID, LassoSamlNameIdentifier* nameIdentifier, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_idp_entries_get_type ( ) +LassoNode* lasso_lib_idp_entries_new ( ) +GType lasso_lib_idp_entry_get_type ( ) +LassoNode* lasso_lib_idp_entry_new ( ) +GType lasso_lib_idp_list_get_type ( ) +LassoNode* lasso_lib_idp_list_new ( ) +GType lasso_lib_logout_request_get_type ( ) +LassoNode* lasso_lib_logout_request_new ( ) +LassoNode* lasso_lib_logout_request_new_full ( char* providerID, LassoSamlNameIdentifier* nameIdentifier, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_logout_response_get_type ( ) +LassoNode* lasso_lib_logout_response_new ( ) +LassoNode* lasso_lib_logout_response_new_full ( char* providerID, const char* statusCodeValue, LassoLibLogoutRequest* request, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_name_identifier_mapping_request_get_type ( ) +LassoNode* lasso_lib_name_identifier_mapping_request_new ( ) +LassoNode* lasso_lib_name_identifier_mapping_request_new_full ( char* providerID, LassoSamlNameIdentifier* nameIdentifier, const char* targetNamespace, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_name_identifier_mapping_response_get_type ( ) +LassoNode* lasso_lib_name_identifier_mapping_response_new ( ) +LassoNode* lasso_lib_name_identifier_mapping_response_new_full ( char* provideRID, const char* statusCodeValue, LassoLibNameIdentifierMappingRequest* request, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_register_name_identifier_request_get_type ( ) +LassoNode* lasso_lib_register_name_identifier_request_new ( ) +LassoNode* lasso_lib_register_name_identifier_request_new_full ( const char* providerID, LassoSamlNameIdentifier* idpNameIdentifier, LassoSamlNameIdentifier* spNameIdentifier, LassoSamlNameIdentifier* oldNameIdentifier, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_register_name_identifier_response_get_type ( ) +LassoNode* lasso_lib_register_name_identifier_response_new ( ) +LassoNode* lasso_lib_register_name_identifier_response_new_full ( const char* providerID, const char* statusCodeValue, LassoLibRegisterNameIdentifierRequest* request, LassoSignatureType sign_type, LassoSignatureMethod sign_method ) +GType lasso_lib_request_authn_context_get_type ( ) +LassoLibRequestAuthnContext* lasso_lib_request_authn_context_new ( ) +GType lasso_lib_scoping_get_type ( ) +LassoLibScoping* lasso_lib_scoping_new ( ) +GType lasso_lib_status_response_get_type ( ) +LassoNode* lasso_lib_status_response_new ( ) +GType lasso_lib_subject_get_type ( ) +LassoLibSubject* lasso_lib_subject_new ( ) +lasso_error_t lasso_login_accept_sso ( LassoLogin* login ) +lasso_error_t lasso_login_build_artifact_msg ( LassoLogin* login, LassoHttpMethod http_method ) +lasso_error_t lasso_login_build_assertion ( LassoLogin* login, const char* authenticationMethod, const char* authenticationInstant, const char* reauthenticateOnOrAfter, const char* notBefore, const char* notOnOrAfter ) +lasso_error_t lasso_login_build_authn_request_msg ( LassoLogin* login ) +lasso_error_t lasso_login_build_authn_response_msg ( LassoLogin* login ) +lasso_error_t lasso_login_build_request_msg ( LassoLogin* login ) +lasso_error_t lasso_login_build_response_msg ( LassoLogin* login, gchar* remote_providerID ) +None lasso_login_destroy ( LassoLogin* login ) +gchar* lasso_login_dump ( LassoLogin* login ) +LassoNode* lasso_login_get_assertion ( LassoLogin* login ) +GType lasso_login_get_type ( ) +lasso_error_t lasso_login_init_authn_request ( LassoLogin* login, const gchar* remote_providerID, LassoHttpMethod http_method ) +lasso_error_t lasso_login_init_idp_initiated_authn_request ( LassoLogin* login, const gchar* remote_providerID ) +lasso_error_t lasso_login_init_request ( LassoLogin* login, gchar* response_msg, LassoHttpMethod response_http_method ) +gboolean lasso_login_must_ask_for_consent ( LassoLogin* login ) +gboolean lasso_login_must_authenticate ( LassoLogin* login ) +LassoLogin* lasso_login_new ( LassoServer* server ) +LassoLogin* lasso_login_new_from_dump ( LassoServer* server, const gchar* dump ) +lasso_error_t lasso_login_process_authn_request_msg ( LassoLogin* login, const char* authn_request_msg ) +lasso_error_t lasso_login_process_authn_response_msg ( LassoLogin* login, gchar* authn_response_msg ) +lasso_error_t lasso_login_process_paos_response_msg ( LassoLogin* login, gchar* msg ) +lasso_error_t lasso_login_process_request_msg ( LassoLogin* login, gchar* request_msg ) +lasso_error_t lasso_login_process_response_msg ( LassoLogin* login, gchar* response_msg ) +lasso_error_t lasso_login_validate_request_msg ( LassoLogin* login, gboolean authentication_result, gboolean is_consent_obtained ) +lasso_error_t lasso_logout_build_request_msg ( LassoLogout* logout ) +lasso_error_t lasso_logout_build_response_msg ( LassoLogout* logout ) +None lasso_logout_destroy ( LassoLogout* logout ) +gchar* lasso_logout_dump ( LassoLogout* logout ) +gchar* lasso_logout_get_next_providerID ( LassoLogout* logout ) +GType lasso_logout_get_type ( ) +lasso_error_t lasso_logout_init_request ( LassoLogout* logout, gchar* remote_providerID, LassoHttpMethod request_method ) +LassoLogout* lasso_logout_new ( LassoServer* server ) +LassoLogout* lasso_logout_new_from_dump ( LassoServer* server, const gchar* dump ) +lasso_error_t lasso_logout_process_request_msg ( LassoLogout* logout, gchar* request_msg ) +lasso_error_t lasso_logout_process_response_msg ( LassoLogout* logout, gchar* response_msg ) +lasso_error_t lasso_logout_reset_providerID_index ( LassoLogout* logout ) +lasso_error_t lasso_logout_validate_request ( LassoLogout* logout ) +GType lasso_misc_text_node_get_type ( ) +xmlNode* lasso_misc_text_node_get_xml_content ( LassoMiscTextNode* misc_text_node ) +LassoNode* lasso_misc_text_node_new ( ) +LassoMiscTextNode* lasso_misc_text_node_new_with_string ( const char* content ) +LassoMiscTextNode* lasso_misc_text_node_new_with_xml_node ( xmlNode* xml_node ) +None lasso_misc_text_node_set_xml_content ( LassoMiscTextNode* misc_text_node, xmlNode* node ) +lasso_error_t lasso_name_id_management_build_request_msg ( LassoNameIdManagement* name_id_management ) +lasso_error_t lasso_name_id_management_build_response_msg ( LassoNameIdManagement* name_id_management ) +None lasso_name_id_management_destroy ( LassoNameIdManagement* name_id_management ) +char* lasso_name_id_management_dump ( LassoNameIdManagement* name_id_management ) +GType lasso_name_id_management_get_type ( ) +lasso_error_t lasso_name_id_management_init_request ( LassoNameIdManagement* name_id_management, char* remote_provider_id, char* new_name_id, LassoHttpMethod http_method ) +LassoNameIdManagement* lasso_name_id_management_new ( LassoServer* server ) +LassoNameIdManagement* lasso_name_id_management_new_from_dump ( LassoServer* server, const char* dump ) +lasso_error_t lasso_name_id_management_process_request_msg ( LassoNameIdManagement* name_id_management, gchar* request_msg ) +lasso_error_t lasso_name_id_management_process_response_msg ( LassoNameIdManagement* name_id_management, gchar* response_msg ) +lasso_error_t lasso_name_id_management_validate_request ( LassoNameIdManagement* name_id_management ) +lasso_error_t lasso_name_identifier_mapping_build_request_msg ( LassoNameIdentifierMapping* mapping ) +lasso_error_t lasso_name_identifier_mapping_build_response_msg ( LassoNameIdentifierMapping* mapping ) +None lasso_name_identifier_mapping_destroy ( LassoNameIdentifierMapping* mapping ) +GType lasso_name_identifier_mapping_get_type ( ) +lasso_error_t lasso_name_identifier_mapping_init_request ( LassoNameIdentifierMapping* mapping, gchar* targetNamespace, gchar* remote_providerID ) +LassoNameIdentifierMapping* lasso_name_identifier_mapping_new ( LassoServer* server ) +lasso_error_t lasso_name_identifier_mapping_process_request_msg ( LassoNameIdentifierMapping* mapping, gchar* request_msg ) +lasso_error_t lasso_name_identifier_mapping_process_response_msg ( LassoNameIdentifierMapping* mapping, gchar* response_msg ) +lasso_error_t lasso_name_identifier_mapping_validate_request ( LassoNameIdentifierMapping* mapping ) +lasso_error_t lasso_name_registration_build_request_msg ( LassoNameRegistration* name_registration ) +lasso_error_t lasso_name_registration_build_response_msg ( LassoNameRegistration* name_registration ) +None lasso_name_registration_destroy ( LassoNameRegistration* name_registration ) +gchar* lasso_name_registration_dump ( LassoNameRegistration* name_registration ) +GType lasso_name_registration_get_type ( ) +lasso_error_t lasso_name_registration_init_request ( LassoNameRegistration* name_registration, char* remote_providerID, LassoHttpMethod http_method ) +LassoNameRegistration* lasso_name_registration_new ( LassoServer* server ) +LassoNameRegistration* lasso_name_registration_new_from_dump ( LassoServer* server, const char* dump ) +lasso_error_t lasso_name_registration_process_request_msg ( LassoNameRegistration* name_registration, gchar* request_msg ) +lasso_error_t lasso_name_registration_process_response_msg ( LassoNameRegistration* name_registration, gchar* response_msg ) +lasso_error_t lasso_name_registration_validate_request ( LassoNameRegistration* name_registration ) +None lasso_node_cleanup_original_xmlnodes ( LassoNode* node ) +char* lasso_node_debug ( LassoNode* node, int level ) +None lasso_node_destroy ( LassoNode* node ) +char* lasso_node_dump ( LassoNode* node ) +char* lasso_node_export_to_base64 ( LassoNode* node ) +char* lasso_node_export_to_ecp_soap_response ( LassoNode* node, const char* assertionConsumerURL ) +char* lasso_node_export_to_paos_request ( LassoNode* node, const char* issuer, const char* responseConsumerURL, const char* relay_state ) +char* lasso_node_export_to_query ( LassoNode* node, LassoSignatureMethod sign_method, const char* private_key_file ) +char* lasso_node_export_to_query_with_password ( LassoNode* node, LassoSignatureMethod sign_method, const char* private_key_file, const char* private_key_file_password ) +char* lasso_node_export_to_soap ( LassoNode* node ) +gchar* lasso_node_export_to_xml ( LassoNode* node ) +const char* lasso_node_get_name ( LassoNode* node ) +const char* lasso_node_get_namespace ( LassoNode* node ) +xmlNode* lasso_node_get_original_xmlnode ( LassoNode* node ) +GType lasso_node_get_type ( ) +xmlNode* lasso_node_get_xmlNode ( LassoNode* node, gboolean lasso_dump ) +LassoMessageFormat lasso_node_init_from_message ( LassoNode* node, const char* message ) +gboolean lasso_node_init_from_query ( LassoNode* node, const char* query ) +lasso_error_t lasso_node_init_from_xml ( LassoNode* node, xmlNode* xmlnode ) +LassoNode* lasso_node_new ( ) +LassoNode* lasso_node_new_from_dump ( const char* dump ) +LassoNode* lasso_node_new_from_soap ( const char* soap ) +LassoNode* lasso_node_new_from_xmlNode ( xmlNode* node ) +None lasso_node_set_custom_namespace ( LassoNode* node, const char* prefix, const char* href ) +None lasso_node_set_custom_nodename ( LassoNode* node, const char* nodename ) +None lasso_node_set_original_xmlnode ( LassoNode* node, xmlNode* xmlnode ) +char* lasso_profile_get_artifact ( LassoProfile* profile ) +char* lasso_profile_get_artifact_message ( LassoProfile* profile ) +LassoIdentity* lasso_profile_get_identity ( LassoProfile* profile ) +LassoNode* lasso_profile_get_nameIdentifier ( LassoProfile* profile ) +LassoRequestType lasso_profile_get_request_type_from_soap_msg ( const gchar* soap ) +LassoSession* lasso_profile_get_session ( LassoProfile* profile ) +LassoProfileSignatureHint lasso_profile_get_signature_hint ( LassoProfile* profile ) +lasso_error_t lasso_profile_get_signature_status ( LassoProfile* profile ) +LassoProfileSignatureVerifyHint lasso_profile_get_signature_verify_hint ( LassoProfile* profile ) +GType lasso_profile_get_type ( ) +gboolean lasso_profile_is_identity_dirty ( LassoProfile* profile ) +gboolean lasso_profile_is_liberty_query ( const gchar* query ) +gboolean lasso_profile_is_saml_query ( const gchar* query ) +gboolean lasso_profile_is_session_dirty ( LassoProfile* profile ) +None lasso_profile_set_artifact_message ( LassoProfile* profile, const char* message ) +lasso_error_t lasso_profile_set_identity_from_dump ( LassoProfile* profile, const gchar* dump ) +lasso_error_t lasso_profile_set_session_from_dump ( LassoProfile* profile, const gchar* dump ) +None lasso_profile_set_signature_hint ( LassoProfile* profile, LassoProfileSignatureHint signature_hint ) +None lasso_profile_set_signature_verify_hint ( LassoProfile* profile, LassoProfileSignatureVerifyHint signature_verify_hint ) +lasso_error_t lasso_profile_set_soap_fault_response ( LassoProfile* profile, const char* faultcode, const char* faultstring, GList* details ) +LassoProviderRole lasso_profile_sso_role_with ( LassoProfile* profile, const char* remote_provider_id ) +gboolean lasso_provider_accept_http_method ( LassoProvider* provider, LassoProvider* remote_provider, LassoMdProtocolType protocol_type, LassoHttpMethod http_method, gboolean initiate_profile ) +gchar* lasso_provider_get_assertion_consumer_service_url ( LassoProvider* provider, const char* service_id ) +gchar* lasso_provider_get_base64_succinct_id ( const LassoProvider* provider ) +char* lasso_provider_get_cache_duration ( LassoProvider* provider ) +gchar* lasso_provider_get_default_name_id_format ( LassoProvider* provider ) +LassoEncryptionMode lasso_provider_get_encryption_mode ( LassoProvider* provider ) +LassoHttpMethod lasso_provider_get_first_http_method ( LassoProvider* provider, LassoProvider* remote_provider, LassoMdProtocolType protocol_type ) +GList* lasso_provider_get_idp_supported_attributes ( LassoProvider* provider ) +GList* lasso_provider_get_metadata_keys_for_role ( LassoProvider* provider, LassoProviderRole role ) +GList* lasso_provider_get_metadata_list ( LassoProvider* provider, const char* name ) +GList* lasso_provider_get_metadata_list_for_role ( const LassoProvider* provider, LassoProviderRole role, const char* name ) +gchar* lasso_provider_get_metadata_one ( LassoProvider* provider, const char* name ) +char* lasso_provider_get_metadata_one_for_role ( LassoProvider* provider, LassoProviderRole role, const char* name ) +xmlNode* lasso_provider_get_organization ( const LassoProvider* provider ) +LassoProtocolConformance lasso_provider_get_protocol_conformance ( const LassoProvider* provider ) +LassoProviderRole lasso_provider_get_roles ( LassoProvider* provider ) +const char* lasso_provider_get_sp_name_qualifier ( LassoProvider* provider ) +GType lasso_provider_get_type ( ) +char* lasso_provider_get_valid_until ( LassoProvider* provider ) +gboolean lasso_provider_has_protocol_profile ( LassoProvider* provider, LassoMdProtocolType protocol_type, const char* protocol_profile ) +gboolean lasso_provider_match_conformance ( LassoProvider* provider, LassoProvider* another_provider ) +LassoProvider* lasso_provider_new ( LassoProviderRole role, const char* metadata, const char* public_key, const char* ca_cert_chain ) +LassoProvider* lasso_provider_new_from_buffer ( LassoProviderRole role, const char* metadata, const char* public_key, const char* ca_cert_chain ) +LassoProvider* lasso_provider_new_from_dump ( const gchar* dump ) +LassoSaml2EncryptedElement* lasso_provider_saml2_node_encrypt ( const LassoProvider* provider, LassoNode* lasso_node ) +None lasso_provider_set_encryption_mode ( LassoProvider* provider, LassoEncryptionMode encryption_mode ) +None lasso_provider_set_encryption_sym_key_type ( LassoProvider* provider, LassoEncryptionSymKeyType encryption_sym_key_type ) +lasso_error_t lasso_provider_verify_single_node_signature ( LassoProvider* provider, LassoNode* node, const char* id_attr_name ) +None lasso_register_dst_service ( const char* prefix, const char* href ) +None lasso_register_idwsf2_dst_service ( const gchar* prefix, const gchar* href ) +GType lasso_saml2_action_get_type ( ) +LassoNode* lasso_saml2_action_new ( ) +LassoNode* lasso_saml2_action_new_with_string ( char* content ) +GType lasso_saml2_advice_get_type ( ) +LassoNode* lasso_saml2_advice_new ( ) +lasso_error_t lasso_saml2_assertion_add_attribute_with_node ( LassoSaml2Assertion* assertion, const char* name, const char* nameformat, LassoNode* content ) +None lasso_saml2_assertion_add_audience_restriction ( LassoSaml2Assertion* saml2_assertion, const char* providerID ) +None lasso_saml2_assertion_add_proxy_limit ( LassoSaml2Assertion* saml2_assertion, int proxy_count, GList* proxy_audiences ) +LassoSaml2AssertionValidationState lasso_saml2_assertion_allows_proxying ( LassoSaml2Assertion* saml2_assertion ) +LassoSaml2AssertionValidationState lasso_saml2_assertion_allows_proxying_to ( LassoSaml2Assertion* saml2_assertion, const char* audience ) +lasso_error_t lasso_saml2_assertion_decrypt_subject ( LassoSaml2Assertion* assertion, LassoServer* server ) +const char* lasso_saml2_assertion_get_in_response_to ( LassoSaml2Assertion* assertion ) +LassoProvider* lasso_saml2_assertion_get_issuer_provider ( const LassoSaml2Assertion* saml2_assertion, const LassoServer* server ) +LassoSaml2SubjectConfirmationData* lasso_saml2_assertion_get_subject_confirmation_data ( LassoSaml2Assertion* saml2_assertion, gboolean create ) +GType lasso_saml2_assertion_get_type ( ) +gboolean lasso_saml2_assertion_has_audience_restriction ( LassoSaml2Assertion* saml2_assertion ) +gboolean lasso_saml2_assertion_has_one_time_use ( LassoSaml2Assertion* saml2_assertion ) +gboolean lasso_saml2_assertion_is_audience_restricted ( LassoSaml2Assertion* saml2_assertion, char* providerID ) +LassoNode* lasso_saml2_assertion_new ( ) +None lasso_saml2_assertion_set_basic_conditions ( LassoSaml2Assertion* saml2_assertion, time_t tolerance, time_t length, gboolean one_time_use ) +None lasso_saml2_assertion_set_one_time_use ( LassoSaml2Assertion* saml2_assertion, gboolean one_time_use ) +None lasso_saml2_assertion_set_subject_confirmation_data ( LassoSaml2Assertion* saml2_assertion, time_t tolerance, time_t length, const char* Recipient, const char* InResponseTo, const char* Address ) +None lasso_saml2_assertion_set_subject_confirmation_name_id ( LassoSaml2Assertion* saml2_assertion, LassoNode* node ) +None lasso_saml2_assertion_set_subject_name_id ( LassoSaml2Assertion* saml2_assertion, LassoNode* node ) +LassoSaml2AssertionValidationState lasso_saml2_assertion_validate_audience ( LassoSaml2Assertion* saml2_assertion, const gchar* audience ) +LassoSaml2AssertionValidationState lasso_saml2_assertion_validate_conditions ( LassoSaml2Assertion* saml2_assertion, const char* relaying_party_providerID ) +LassoSaml2AssertionValidationState lasso_saml2_assertion_validate_time_checks ( LassoSaml2Assertion* saml2_assertion, unsigned int tolerance, time_t now ) +GType lasso_saml2_attribute_get_type ( ) +LassoNode* lasso_saml2_attribute_new ( ) +GType lasso_saml2_attribute_statement_get_type ( ) +LassoNode* lasso_saml2_attribute_statement_new ( ) +GType lasso_saml2_attribute_value_get_type ( ) +LassoSaml2AttributeValue* lasso_saml2_attribute_value_new ( ) +GType lasso_saml2_audience_restriction_get_type ( ) +LassoNode* lasso_saml2_audience_restriction_new ( ) +GType lasso_saml2_authn_context_get_type ( ) +LassoNode* lasso_saml2_authn_context_new ( ) +GType lasso_saml2_authn_statement_get_type ( ) +LassoNode* lasso_saml2_authn_statement_new ( ) +GType lasso_saml2_authz_decision_statement_get_type ( ) +LassoNode* lasso_saml2_authz_decision_statement_new ( ) +GType lasso_saml2_base_idabstract_get_type ( ) +LassoNode* lasso_saml2_base_idabstract_new ( ) +GType lasso_saml2_condition_abstract_get_type ( ) +LassoNode* lasso_saml2_condition_abstract_new ( ) +GType lasso_saml2_conditions_get_type ( ) +LassoNode* lasso_saml2_conditions_new ( ) +LassoSaml2EncryptedElement* lasso_saml2_encrypted_element_build_encrypted_persistent_name_id ( const char* id, const char* idpID, const LassoProvider* provider ) +GType lasso_saml2_encrypted_element_get_type ( ) +LassoNode* lasso_saml2_encrypted_element_new ( ) +lasso_error_t lasso_saml2_encrypted_element_server_decrypt ( LassoSaml2EncryptedElement* encrypted_element, LassoServer* server, LassoNode** decrypted_node ) +GType lasso_saml2_evidence_get_type ( ) +LassoNode* lasso_saml2_evidence_new ( ) +GType lasso_saml2_key_info_confirmation_data_get_type ( ) +LassoNode* lasso_saml2_key_info_confirmation_data_new ( ) +LassoSaml2NameID* lasso_saml2_name_id_build_persistent ( const char* id, const char* idpID, const char* providerID ) +gboolean lasso_saml2_name_id_equals ( LassoSaml2NameID* name_id, LassoSaml2NameID* other_name_id ) +GType lasso_saml2_name_id_get_type ( ) +LassoNode* lasso_saml2_name_id_new ( ) +LassoSaml2NameID* lasso_saml2_name_id_new_with_persistent_format ( const char* id, const char* idpID, const char* providerID ) +LassoNode* lasso_saml2_name_id_new_with_string ( char* content ) +GType lasso_saml2_one_time_use_get_type ( ) +LassoNode* lasso_saml2_one_time_use_new ( ) +GType lasso_saml2_proxy_restriction_get_type ( ) +LassoNode* lasso_saml2_proxy_restriction_new ( ) +GType lasso_saml2_statement_abstract_get_type ( ) +LassoNode* lasso_saml2_statement_abstract_new ( ) +GType lasso_saml2_subject_confirmation_data_get_type ( ) +LassoNode* lasso_saml2_subject_confirmation_data_new ( ) +GType lasso_saml2_subject_confirmation_get_type ( ) +LassoNode* lasso_saml2_subject_confirmation_new ( ) +GType lasso_saml2_subject_get_type ( ) +GType lasso_saml2_subject_locality_get_type ( ) +LassoNode* lasso_saml2_subject_locality_new ( ) +LassoNode* lasso_saml2_subject_new ( ) +GType lasso_saml_advice_get_type ( ) +LassoNode* lasso_saml_advice_new ( ) +GType lasso_saml_assertion_get_type ( ) +LassoSamlAssertion* lasso_saml_assertion_new ( ) +GType lasso_saml_attribute_designator_get_type ( ) +LassoNode* lasso_saml_attribute_designator_new ( ) +GType lasso_saml_attribute_get_type ( ) +LassoSamlAttribute* lasso_saml_attribute_new ( ) +GType lasso_saml_attribute_statement_get_type ( ) +LassoSamlAttributeStatement* lasso_saml_attribute_statement_new ( ) +GType lasso_saml_attribute_value_get_type ( ) +LassoSamlAttributeValue* lasso_saml_attribute_value_new ( ) +GType lasso_saml_audience_restriction_condition_get_type ( ) +LassoSamlAudienceRestrictionCondition* lasso_saml_audience_restriction_condition_new ( ) +LassoSamlAudienceRestrictionCondition* lasso_saml_audience_restriction_condition_new_full ( const char* audience ) +GType lasso_saml_authentication_statement_get_type ( ) +LassoNode* lasso_saml_authentication_statement_new ( ) +GType lasso_saml_authority_binding_get_type ( ) +LassoNode* lasso_saml_authority_binding_new ( ) +GType lasso_saml_condition_abstract_get_type ( ) +GType lasso_saml_conditions_get_type ( ) +LassoSamlConditions* lasso_saml_conditions_new ( ) +GType lasso_saml_name_identifier_get_type ( ) +LassoSamlNameIdentifier* lasso_saml_name_identifier_new ( ) +LassoSamlNameIdentifier* lasso_saml_name_identifier_new_from_xmlNode ( xmlNode* xmlnode ) +GType lasso_saml_statement_abstract_get_type ( ) +GType lasso_saml_subject_confirmation_get_type ( ) +LassoSamlSubjectConfirmation* lasso_saml_subject_confirmation_new ( ) +GType lasso_saml_subject_get_type ( ) +GType lasso_saml_subject_locality_get_type ( ) +LassoNode* lasso_saml_subject_locality_new ( ) +LassoNode* lasso_saml_subject_new ( ) +GType lasso_saml_subject_statement_abstract_get_type ( ) +GType lasso_saml_subject_statement_get_type ( ) +LassoNode* lasso_saml_subject_statement_new ( ) +GType lasso_samlp2_artifact_resolve_get_type ( ) +LassoNode* lasso_samlp2_artifact_resolve_new ( ) +GType lasso_samlp2_artifact_response_get_type ( ) +LassoNode* lasso_samlp2_artifact_response_new ( ) +GType lasso_samlp2_assertion_id_request_get_type ( ) +LassoNode* lasso_samlp2_assertion_id_request_new ( ) +GType lasso_samlp2_attribute_query_get_type ( ) +LassoNode* lasso_samlp2_attribute_query_new ( ) +GType lasso_samlp2_authn_query_get_type ( ) +LassoNode* lasso_samlp2_authn_query_new ( ) +GType lasso_samlp2_authn_request_get_type ( ) +LassoNode* lasso_samlp2_authn_request_new ( ) +GType lasso_samlp2_authz_decision_query_get_type ( ) +LassoNode* lasso_samlp2_authz_decision_query_new ( ) +GType lasso_samlp2_extensions_get_type ( ) +LassoNode* lasso_samlp2_extensions_new ( ) +GType lasso_samlp2_idp_entry_get_type ( ) +LassoNode* lasso_samlp2_idp_entry_new ( ) +GType lasso_samlp2_idp_list_get_type ( ) +LassoNode* lasso_samlp2_idp_list_new ( ) +GList* lasso_samlp2_logout_request_get_session_indexes ( LassoSamlp2LogoutRequest* logout_request ) +GType lasso_samlp2_logout_request_get_type ( ) +LassoNode* lasso_samlp2_logout_request_new ( ) +None lasso_samlp2_logout_request_set_session_indexes ( LassoSamlp2LogoutRequest* logout_request, GList* session_index ) +GType lasso_samlp2_logout_response_get_type ( ) +LassoNode* lasso_samlp2_logout_response_new ( ) +GType lasso_samlp2_manage_name_id_request_get_type ( ) +LassoNode* lasso_samlp2_manage_name_id_request_new ( ) +GType lasso_samlp2_manage_name_id_response_get_type ( ) +LassoNode* lasso_samlp2_manage_name_id_response_new ( ) +GType lasso_samlp2_name_id_mapping_request_get_type ( ) +LassoNode* lasso_samlp2_name_id_mapping_request_new ( ) +GType lasso_samlp2_name_id_mapping_response_get_type ( ) +LassoNode* lasso_samlp2_name_id_mapping_response_new ( ) +GType lasso_samlp2_name_id_policy_get_type ( ) +LassoNode* lasso_samlp2_name_id_policy_new ( ) +GType lasso_samlp2_request_abstract_get_type ( ) +LassoNode* lasso_samlp2_request_abstract_new ( ) +GType lasso_samlp2_requested_authn_context_get_type ( ) +LassoNode* lasso_samlp2_requested_authn_context_new ( ) +GType lasso_samlp2_response_get_type ( ) +LassoNode* lasso_samlp2_response_new ( ) +GType lasso_samlp2_scoping_get_type ( ) +LassoNode* lasso_samlp2_scoping_new ( ) +GType lasso_samlp2_status_code_get_type ( ) +LassoNode* lasso_samlp2_status_code_new ( ) +GType lasso_samlp2_status_detail_get_type ( ) +LassoNode* lasso_samlp2_status_detail_new ( ) +GType lasso_samlp2_status_get_type ( ) +LassoNode* lasso_samlp2_status_new ( ) +GType lasso_samlp2_status_response_get_type ( ) +LassoNode* lasso_samlp2_status_response_new ( ) +GType lasso_samlp2_subject_query_abstract_get_type ( ) +LassoNode* lasso_samlp2_subject_query_abstract_new ( ) +GType lasso_samlp2_terminate_get_type ( ) +LassoNode* lasso_samlp2_terminate_new ( ) +GType lasso_samlp_request_abstract_get_type ( ) +GType lasso_samlp_request_get_type ( ) +LassoNode* lasso_samlp_request_new ( ) +None lasso_samlp_response_abstract_fill ( LassoSamlpResponseAbstract* response, const char* InResponseTo, const char* Recipient ) +GType lasso_samlp_response_abstract_get_type ( ) +GType lasso_samlp_response_get_type ( ) +LassoNode* lasso_samlp_response_new ( ) +GType lasso_samlp_status_code_get_type ( ) +LassoSamlpStatusCode* lasso_samlp_status_code_new ( ) +GType lasso_samlp_status_get_type ( ) +LassoSamlpStatus* lasso_samlp_status_new ( ) +lasso_error_t lasso_server_add_provider ( LassoServer* server, LassoProviderRole role, const gchar* metadata, const gchar* public_key, const gchar* ca_cert_chain ) +lasso_error_t lasso_server_add_provider_from_buffer ( LassoServer* server, LassoProviderRole role, const gchar* metadata, const gchar* public_key, const gchar* ca_cert_chain ) +None lasso_server_destroy ( LassoServer* server ) +gchar* lasso_server_dump ( LassoServer* server ) +LassoProvider* lasso_server_get_provider ( const LassoServer* server, const gchar* providerID ) +GType lasso_server_get_type ( ) +lasso_error_t lasso_server_load_affiliation ( LassoServer* server, const gchar* filename ) +LassoServer* lasso_server_new ( const gchar* metadata, const gchar* private_key, const gchar* private_key_password, const gchar* certificate ) +LassoServer* lasso_server_new_from_buffers ( const gchar* metadata, const gchar* private_key_content, const gchar* private_key_password, const gchar* certificate_content ) +LassoServer* lasso_server_new_from_dump ( const gchar* dump ) +lasso_error_t lasso_server_saml2_assertion_setup_signature ( LassoServer* server, LassoSaml2Assertion* saml2_assertion ) +lasso_error_t lasso_server_set_encryption_private_key ( LassoServer* server, const gchar* filename_or_buffer ) +lasso_error_t lasso_server_set_encryption_private_key_with_password ( LassoServer* server, const gchar* filename_or_buffer, const gchar* password ) +lasso_error_t lasso_session_add_assertion ( LassoSession* session, const char* providerID, LassoNode* assertion ) +None lasso_session_destroy ( LassoSession* session ) +gchar* lasso_session_dump ( LassoSession* session ) +LassoNode* lasso_session_get_assertion ( LassoSession* session, const gchar* providerID ) +GList* lasso_session_get_assertions ( LassoSession* session, const char* provider_id ) +gchar* lasso_session_get_provider_index ( LassoSession* session, gint index ) +GType lasso_session_get_type ( ) +gboolean lasso_session_is_empty ( LassoSession* session ) +LassoSession* lasso_session_new ( ) +LassoSession* lasso_session_new_from_dump ( const gchar* dump ) +lasso_error_t lasso_session_remove_assertion ( LassoSession* session, const gchar* providerID ) +None lasso_set_flag ( char* flag ) +lasso_error_t lasso_shutdown ( ) +const char* lasso_strerror ( int error_code ) diff --git a/bindings/java/lang.py b/bindings/java/lang.py index 904aff78..47d5a3b5 100644 --- a/bindings/java/lang.py +++ b/bindings/java/lang.py @@ -364,7 +364,7 @@ protected static native void destroy(long cptr); elif c[0] == 's': print >>fd, wrapper_decl(s,'jstring') print >>fd, ') {' - print >>fd, ' return (*env)->NewStringUTF(env, %s);' % c[1] + print >>fd, ' return (*env)->NewStringUTF(env, (char*) %s);' % c[1] print >>fd, '}' elif c[0] == 'b': print >>fd, wrapper_decl(s,'jboolean') diff --git a/bindings/perl/lang.py b/bindings/perl/lang.py index 0d3e4f8b..7390ecb4 100644 --- a/bindings/perl/lang.py +++ b/bindings/perl/lang.py @@ -223,7 +223,7 @@ INCLUDE: LassoNode.xs if type == 'i': self.xs.pn('ct = newSViv(%s);' % name) elif type == 's': - self.xs.pn('ct = newSVpv(%s, 0);' % name) + self.xs.pn('ct = newSVpv((char*)%s, 0);' % name) elif type == 'b': # only one case LASSO_WSF_ENABLED self.xs.unindent() self.xs.pn('''#ifdef %s diff --git a/bindings/php5/wrapper_source.py b/bindings/php5/wrapper_source.py index 9b2698f2..7148fd9c 100644 --- a/bindings/php5/wrapper_source.py +++ b/bindings/php5/wrapper_source.py @@ -76,7 +76,7 @@ PHP_MINIT_FUNCTION(lasso) if c[0] == 'i': print >> self.fd, ' REGISTER_LONG_CONSTANT("%s", %s, CONST_CS|CONST_PERSISTENT);' % (c[1], c[1]) elif c[0] == 's': - print >> self.fd, ' REGISTER_STRING_CONSTANT("%s", %s, CONST_CS|CONST_PERSISTENT);' % (c[1], c[1]) + print >> self.fd, ' REGISTER_STRING_CONSTANT("%s", (char*) %s, CONST_CS|CONST_PERSISTENT);' % (c[1], c[1]) elif c[0] == 'b': print >> self.fd, '''\ #ifdef %s diff --git a/bindings/python/lang.py b/bindings/python/lang.py index ab987266..8be92e39 100644 --- a/bindings/python/lang.py +++ b/bindings/python/lang.py @@ -692,7 +692,7 @@ register_constants(PyObject *d) if c[0] == 'i': print >> fd, ' obj = PyInt_FromLong(%s);' % c[1] elif c[0] == 's': - print >> fd, ' obj = PyString_FromString(%s);' % c[1] + print >> fd, ' obj = PyString_FromString((char*)%s);' % c[1] elif c[0] == 'b': print >> fd, '''\ #ifdef %s diff --git a/configure.ac b/configure.ac index 790ee011..16713faf 100644 --- a/configure.ac +++ b/configure.ac @@ -15,7 +15,7 @@ dnl - Second number is the number of supported API versions where API version > dnl first number. dnl - Third number is the current API version implementation version number. dnl See libtool explanations about current, age and release, later in this file. -AC_INIT([lasso], 2.3.0, lasso-devel@lists.labs.libre-entreprise.org) +AC_INIT([lasso], 2.3.1, lasso-devel@lists.labs.libre-entreprise.org) dnl Check if autoconf ver > 2.53 AC_PREREQ(2.53) AC_CONFIG_MACRO_DIR([m4]) @@ -184,7 +184,7 @@ dnl - interfaces removed -> AGE = 0 # m = a # r = r current=`expr $VERSION_MAJOR + $VERSION_MINOR` -LASSO_VERSION_INFO="11:0:8" +LASSO_VERSION_INFO="12:0:8" AC_SUBST(LASSO_VERSION_INFO) dnl Compute the minimal supported ABI version for Win32 scripts and resources files. diff --git a/lasso.doap b/lasso.doap index 8e002c49..ef98b10e 100644 --- a/lasso.doap +++ b/lasso.doap @@ -1,4 +1,4 @@ - Liberty Alliance ID-FF 1.2 - OASIS SAML 2.0 - @@ -61,6 +61,10 @@ + + 2010-09-07 + 2.3.1 + 2010-07-21 2.3.0 diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 9b713fe4..91abebcc 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -859,6 +859,14 @@ finalize(GObject *object) /* instance and class init functions */ /*****************************************************************************/ +void +lasso_endpoint_free(EndpointType *endpoint_type) { + g_free(endpoint_type->binding); + g_free(endpoint_type->url); + g_free(endpoint_type->kind); + g_free(endpoint_type->return_url); + g_free(endpoint_type); +} static void instance_init(LassoProvider *provider) @@ -881,6 +889,7 @@ instance_init(LassoProvider *provider) provider->private_data->encryption_public_key = NULL; provider->private_data->encryption_mode = LASSO_ENCRYPTION_MODE_NONE; provider->private_data->encryption_sym_key_type = LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128; + lasso_release_list_of_full(provider->private_data->endpoints, lasso_endpoint_free); /* no value_destroy_func since it shouldn't destroy the GList on insert */ provider->private_data->Descriptors = g_hash_table_new_full( @@ -1019,6 +1028,7 @@ _lasso_provider_load_metadata_from_doc(LassoProvider *provider, xmlDoc *doc) g_return_val_if_fail(LASSO_IS_PROVIDER(provider), FALSE); if (doc == NULL) { + warning("Metadata is not an XML document"); return FALSE; } diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h index fc4a6fa1..c3566c00 100644 --- a/lasso/id-ff/provider.h +++ b/lasso/id-ff/provider.h @@ -128,8 +128,8 @@ typedef enum { typedef enum { LASSO_PROVIDER_ROLE_ANY = -1, LASSO_PROVIDER_ROLE_NONE = 0, - LASSO_PROVIDER_ROLE_IDP = 1, - LASSO_PROVIDER_ROLE_SP = 2, + LASSO_PROVIDER_ROLE_SP = 1, + LASSO_PROVIDER_ROLE_IDP = 2, LASSO_PROVIDER_ROLE_BOTH = 3, LASSO_PROVIDER_ROLE_AUTHN_AUTHORITY = 4, LASSO_PROVIDER_ROLE_AUTHZ_AUTHORITY = 8, diff --git a/lasso/id-ff/providerprivate.h b/lasso/id-ff/providerprivate.h index de3bc963..66b9ad08 100644 --- a/lasso/id-ff/providerprivate.h +++ b/lasso/id-ff/providerprivate.h @@ -41,6 +41,18 @@ typedef enum { LASSO_PUBLIC_KEY_ENCRYPTION } LassoPublicKeyType; +/* This structure should allow to map ID-FFv1.2 and SAMLv2 endpoints */ +struct EndpointType_s { + LassoProviderRole role; + char *kind; + char *binding; + char *url; + char *return_url; + int index; + gboolean is_default; +}; +typedef struct EndpointType_s EndpointType; + struct _LassoProviderPrivate { @@ -65,9 +77,9 @@ struct _LassoProviderPrivate LassoEncryptionSymKeyType encryption_sym_key_type; char *valid_until; char *cache_duration; + GList *endpoints; /* of EndpointType_s */ }; - gboolean lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata); gboolean lasso_provider_load_metadata_from_buffer(LassoProvider *provider, const gchar *metadata); int lasso_provider_verify_signature(LassoProvider *provider, diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c index 7b6cf3c7..80b98131 100644 --- a/lasso/saml-2.0/login.c +++ b/lasso/saml-2.0/login.c @@ -91,7 +91,8 @@ lasso_saml20_login_init_authn_request(LassoLogin *login, LassoHttpMethod http_me lasso_samlp2_name_id_policy_new()); /* set name id policy format */ /* no need to check server, done in init_request */ - default_name_id_format = lasso_provider_get_default_name_id_format(&profile->server->parent); + default_name_id_format = lasso_provider_get_metadata_one_for_role(&profile->server->parent, + LASSO_PROVIDER_ROLE_SP, "NameIDFormat"); if (default_name_id_format) { /* steal the string */ lasso_assign_new_string(LASSO_SAMLP2_AUTHN_REQUEST(request)->NameIDPolicy->Format, @@ -310,7 +311,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth (authn_request->AssertionConsumerServiceURL != NULL)) && (authn_request->AssertionConsumerServiceIndex != -1)) { - rc = LASSO_LOGIN_ERROR_NO_DEFAULT_ENDPOINT; + rc = LASSO_PROFILE_ERROR_INVALID_REQUEST; goto cleanup; } @@ -318,7 +319,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth protocol_binding = authn_request->ProtocolBinding; if (protocol_binding == NULL && authn_request->AssertionConsumerServiceIndex) { /* protocol binding not set; so it will look into - * AssertionConsumingServiceIndex + * AssertionConsumerServiceIndex * Also, if AssertionConsumerServiceIndex is not set in request, * its value will be -1, which is just the right value to get * default assertion consumer... (convenient) @@ -360,6 +361,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth } else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_REDIRECT) == 0) { login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_REDIRECT; + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE); } else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_PAOS) == 0) { login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP; } else { diff --git a/lasso/saml-2.0/profile.c b/lasso/saml-2.0/profile.c index bcefee3c..083d05ac 100644 --- a/lasso/saml-2.0/profile.c +++ b/lasso/saml-2.0/profile.c @@ -46,6 +46,7 @@ #include "../xml/saml-2.0/samlp2_status_response.h" #include "../xml/saml-2.0/samlp2_response.h" #include "../xml/saml-2.0/saml2_assertion.h" +#include "../xml/misc_text_node.h" #include "../utils.h" #include "../debug.h" @@ -62,6 +63,7 @@ static gint lasso_profile_saml20_build_artifact_post_response_msg(LassoProfile * const char *service); static gboolean has_signature(LassoNode *node, LassoSignatureMethod *signature_method, char **private_key_file, char **private_key_password); +static char* lasso_saml20_profile_generate_artifact(LassoProfile *profile, int part); #define check_msg_body \ if (! profile->msg_body) { \ @@ -152,20 +154,24 @@ http_method_to_binding(LassoHttpMethod method) { * * Return value: the generated artifact (internally allocated, don't free) **/ -char* +static char* lasso_saml20_profile_generate_artifact(LassoProfile *profile, int part) { + LassoNode *what = NULL; lasso_assign_new_string(profile->private_data->artifact, lasso_saml20_profile_build_artifact(&profile->server->parent)); if (part == 0) { - lasso_assign_new_string(profile->private_data->artifact_message, - lasso_node_dump(profile->request)); + what = profile->request; } else if (part == 1) { - lasso_assign_new_string(profile->private_data->artifact_message, - lasso_node_dump(profile->response)); + what = profile->response; } else { /* XXX: RequestDenied here? */ } + /* Remove signature at the response level, if needed if will be on the ArtifactResponse */ + lasso_node_remove_signature(what); + /* Keep an XML copy of the response for later retrieval */ + lasso_assign_new_string(profile->private_data->artifact_message, + lasso_node_export_to_xml(what)); return profile->private_data->artifact; } @@ -378,34 +384,47 @@ int lasso_saml20_profile_build_artifact_response(LassoProfile *profile) { LassoSamlp2StatusResponse *response = NULL; - LassoNode *resp = NULL; int rc = 0; if ( ! LASSO_IS_SAMLP2_REQUEST_ABSTRACT(profile->request)) { return LASSO_PROFILE_ERROR_MISSING_REQUEST; } + /* Setup the response */ response = LASSO_SAMLP2_STATUS_RESPONSE(lasso_samlp2_artifact_response_new()); - if (profile->private_data->artifact_message) { - resp = lasso_node_new_from_dump(profile->private_data->artifact_message); - lasso_assign_new_gobject(LASSO_SAMLP2_ARTIFACT_RESPONSE(response)->any, resp); - } + lasso_assign_new_gobject(profile->response, response); response->ID = lasso_build_unique_id(32); lasso_assign_string(response->Version, "2.0"); response->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string( LASSO_PROVIDER(profile->server)->ProviderID)); response->IssueInstant = lasso_get_current_time(); lasso_assign_string(response->InResponseTo, LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->ID); - lasso_check_good_rc(lasso_profile_saml20_setup_message_signature(profile, - (LassoNode*)response)); - lasso_assign_new_gobject(profile->response, LASSO_NODE(response)); - - if (resp == NULL) { - lasso_saml20_profile_set_response_status(profile, - LASSO_SAML2_STATUS_CODE_REQUESTER, NULL); + /* Add content */ + if (profile->private_data->artifact_message) { + xmlDoc *doc; + xmlNode *node; + char *content = profile->private_data->artifact_message; + doc = lasso_xml_parse_memory(content, strlen(content)); + if (doc) { + node = xmlDocGetRootElement(doc); + lasso_assign_new_gobject(LASSO_SAMLP2_ARTIFACT_RESPONSE(response)->any, + lasso_misc_text_node_new_with_xml_node(node)); + lasso_release_doc(doc); + lasso_saml20_profile_set_response_status(profile, + LASSO_SAML2_STATUS_CODE_SUCCESS, NULL); + } else { + lasso_saml20_profile_set_response_status(profile, + LASSO_SAML2_STATUS_CODE_RESPONDER, + LASSO_PRIVATE_STATUS_CODE_FAILED_TO_RESTORE_ARTIFACT); + } } else { + /* if no artifact is present, it is a success anyway */ lasso_saml20_profile_set_response_status(profile, LASSO_SAML2_STATUS_CODE_SUCCESS, NULL); } + /* Setup the signature */ + lasso_check_good_rc(lasso_profile_saml20_setup_message_signature(profile, + (LassoNode*)response)); + /* Serialize the message */ lasso_assign_new_string(profile->msg_body, lasso_node_export_to_soap(profile->response)); cleanup: return rc; diff --git a/lasso/saml-2.0/profileprivate.h b/lasso/saml-2.0/profileprivate.h index c3968aa3..54e3a336 100644 --- a/lasso/saml-2.0/profileprivate.h +++ b/lasso/saml-2.0/profileprivate.h @@ -40,7 +40,6 @@ extern "C" { int lasso_saml20_profile_init_request(LassoProfile *profile, const char *remote_provider_id, gboolean first_in_session, LassoSamlp2RequestAbstract *request_abstract, LassoHttpMethod http_method, LassoMdProtocolType protocol_type); -char* lasso_saml20_profile_generate_artifact(LassoProfile *profile, int part); #define lasso_saml20_profile_set_response_status_success(profile, code2) \ lasso_saml20_profile_set_response_status(profile, LASSO_SAML2_STATUS_CODE_SUCCESS, code2) #define lasso_saml20_profile_set_response_status_responder(profile, code2) \ diff --git a/lasso/saml-2.0/provider.c b/lasso/saml-2.0/provider.c index 65bd579b..064fe24e 100644 --- a/lasso/saml-2.0/provider.c +++ b/lasso/saml-2.0/provider.c @@ -53,8 +53,6 @@ const char *profile_names[LASSO_MD_PROTOCOL_TYPE_LAST] = { "AttributeService" /*AttributeAuthorityDescriptor*/ }; -static void add_assertion_consumer_url_to_list(gchar *key, G_GNUC_UNUSED gpointer value, GList **list); - static const char* binding_uri_to_identifier(const char *uri) { @@ -74,23 +72,21 @@ binding_uri_to_identifier(const char *uri) return NULL; } -static const char* -identifier_to_binding_uri(const char *identifier) +static LassoHttpMethod +binding_uri_to_http_method(const char *uri) { - if (strcmp(identifier, "SOAP") == 0) { - return LASSO_SAML2_METADATA_BINDING_SOAP; - } else if (strcmp(identifier, "HTTP-Redirect") == 0) { - return LASSO_SAML2_METADATA_BINDING_REDIRECT; - } else if (strcmp(identifier, "HTTP-POST") == 0) { - return LASSO_SAML2_METADATA_BINDING_POST; - } else if (strcmp(identifier, "HTTP-Artifact") == 0) { - return LASSO_SAML2_METADATA_BINDING_ARTIFACT; - } else if (strcmp(identifier, "PAOS") == 0) { - return LASSO_SAML2_METADATA_BINDING_PAOS; - } else if (strcmp(identifier, "URI") == 0) { - return LASSO_SAML2_METADATA_BINDING_URI; + if (strcmp(uri, LASSO_SAML2_METADATA_BINDING_SOAP) == 0) { + return LASSO_HTTP_METHOD_SOAP; + } else if (strcmp(uri, LASSO_SAML2_METADATA_BINDING_REDIRECT) == 0) { + return LASSO_HTTP_METHOD_REDIRECT; + } else if (strcmp(uri, LASSO_SAML2_METADATA_BINDING_POST) == 0) { + return LASSO_HTTP_METHOD_NONE; + } else if (strcmp(uri, LASSO_SAML2_METADATA_BINDING_ARTIFACT) == 0) { + return LASSO_HTTP_METHOD_ARTIFACT_GET; + } else if (strcmp(uri, LASSO_SAML2_METADATA_BINDING_PAOS) == 0) { + return LASSO_HTTP_METHOD_PAOS; } - return NULL; + return LASSO_HTTP_METHOD_NONE; } static gboolean @@ -127,6 +123,87 @@ xsdIsFalse(xmlChar *value) return FALSE; } +static gboolean +xsdUnsignedShortParse(xmlChar *value, int *out) { + int l = strtol((char*)value, NULL, 10); + + if (((l == LONG_MIN || l == LONG_MAX) && errno == ERANGE) || + errno == EINVAL || l < 0 || l >= 65535) { + return FALSE; + } + *out = l; + return TRUE; +} + +static void +load_endpoint_type2(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole role, int *counter) +{ + xmlChar *binding = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_BINDING); + xmlChar *location = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_LOCATION); + xmlChar *response_location = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_RESPONSE_LOCATION); + xmlChar *index = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_INDEX); + xmlChar *isDefault = getSaml2MdProp(xmlnode, LASSO_SAML2_METADATA_ATTRIBUTE_ISDEFAULT); + gboolean indexed_endpoint = FALSE; + int idx = *counter++; + gboolean is_default = FALSE; + EndpointType *endpoint_type; + + if (! binding || ! location) { + warning("Invalid endpoint node %s", (char*) xmlnode->name); + goto cleanup; + } + indexed_endpoint = checkSaml2MdNode(xmlnode, LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE); + if (indexed_endpoint) { + if (! xsdUnsignedShortParse(index, &idx)) { + warning("Invalid AssertionConsumerService, no index set"); + goto cleanup; + } + is_default = xsdIsTrue(isDefault); + } + endpoint_type = g_new0(EndpointType, 1); + endpoint_type->kind = g_strdup((char*)xmlnode->name); + endpoint_type->binding = g_strdup((char*)binding); + endpoint_type->url = g_strdup((char*)location); + endpoint_type->return_url = g_strdup((char*)response_location); + endpoint_type->role = role; + endpoint_type->index = idx; + endpoint_type->is_default = is_default; + lasso_list_add(provider->private_data->endpoints, (void*)endpoint_type); + +cleanup: + lasso_release_xml_string(binding); + lasso_release_xml_string(location); + lasso_release_xml_string(response_location); + lasso_release_xml_string(isDefault); + lasso_release_xml_string(index); +} + +static gint +compare_endpoint_type(const EndpointType *a, const EndpointType *b) { + int c; + + if (a->role < b->role) + return -1; + if (a->role > b->role) + return +1; + c = g_strcmp0(a->kind, b->kind); + if (c != 0) + return c; + c = g_strcmp0(a->binding, b->binding); + if (c != 0) + return c; + if (a->is_default && ! b->is_default) + return -1; + if (! a->is_default && b->is_default) + return +1; + if (a->index < b->index) + return -1; + if (a->index > b->index) + return +1; + return 0; +} + + static void load_endpoint_type(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole role) { @@ -141,7 +218,7 @@ load_endpoint_type(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole binding_s = binding_uri_to_identifier((char*)binding); if (! binding_s) { - message(G_LOG_LEVEL_CRITICAL, "XXX: unknown binding: %s", binding); + critical("XXX: unknown binding: %s", binding); goto cleanup; } @@ -259,6 +336,7 @@ load_descriptor(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole rol xmlChar *value; LassoProviderPrivate *pdata = provider->private_data; char *token, *saveptr; + int counter = 0; /* check protocol support enumeration */ value = getSaml2MdProp(xmlnode, @@ -290,6 +368,7 @@ load_descriptor(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole rol attribute); } else if (hasSaml2MdProp(t, LASSO_SAML2_METADATA_ATTRIBUTE_BINDING)) { load_endpoint_type(t, provider, role); + load_endpoint_type2(t, provider, role, &counter); } else { value = xmlNodeGetContent(t); _lasso_provider_add_metadata_value_for_role(provider, role, (char*)t->name, @@ -298,6 +377,8 @@ load_descriptor(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole rol } t = xmlSecGetNextElementNode(t->next); } + provider->private_data->endpoints = g_list_sort(provider->private_data->endpoints, + (GCompareFunc) compare_endpoint_type); for (i = 0; descriptor_attrs[i]; i++) { value = getSaml2MdProp(xmlnode, descriptor_attrs[i]); if (value == NULL) { @@ -396,6 +477,12 @@ lasso_saml20_provider_load_metadata(LassoProvider *provider, xmlNode *root_node) (! loaded_one_or_more_descriptor || (pdata->roles & provider->role) == 0)) { /* We must at least load one descriptor, and we must load a descriptor for our * assigned role or we fail. */ + if (! loaded_one_or_more_descriptor) { + warning("No descriptor was loaded, failing"); + } + if ((pdata->roles & provider->role) == 0) { + warning("Loaded roles and prescribed role does not intersect"); + } return FALSE; } @@ -403,226 +490,141 @@ lasso_saml20_provider_load_metadata(LassoProvider *provider, xmlNode *root_node) } LassoHttpMethod -lasso_saml20_provider_get_first_http_method(LassoProvider *provider, +lasso_saml20_provider_get_first_http_method(G_GNUC_UNUSED LassoProvider *provider, LassoProvider *remote_provider, LassoMdProtocolType protocol_type) { - LassoHttpMethod method = LASSO_HTTP_METHOD_NONE; - LassoProviderRole our_role = LASSO_PROVIDER_ROLE_SP; - int i; - const char *possible_bindings[] = { - "HTTP-POST", - "HTTP-Redirect", - "HTTP-Artifact", - "SOAP", - "PAOS", - NULL - }; - LassoHttpMethod method_bindings[] = { - LASSO_HTTP_METHOD_POST, - LASSO_HTTP_METHOD_REDIRECT, - LASSO_HTTP_METHOD_ARTIFACT_GET, - LASSO_HTTP_METHOD_SOAP, - LASSO_HTTP_METHOD_PAOS - }; - - switch (remote_provider->role) { - case LASSO_PROVIDER_ROLE_IDP: - our_role = LASSO_PROVIDER_ROLE_SP; - break; - case LASSO_PROVIDER_ROLE_SP: - our_role = LASSO_PROVIDER_ROLE_IDP; - break; - default: - return LASSO_HTTP_METHOD_NONE; + GList *t = NULL; + const char *kind = NULL; + LassoHttpMethod result = LASSO_HTTP_METHOD_NONE; + + if (protocol_type < LASSO_MD_PROTOCOL_TYPE_LAST) { + kind = profile_names[protocol_type]; + } + if (! kind) { + warning("Could not find a first http method for protocol type %u", protocol_type); + return LASSO_HTTP_METHOD_NONE; } - for (i=0; possible_bindings[i] && method == LASSO_HTTP_METHOD_NONE; i++) { - char *s; - const GList *l1, *l2; - s = g_strdup_printf("%s %s", - profile_names[protocol_type], - possible_bindings[i]); - l1 = lasso_provider_get_metadata_list_for_role(provider, our_role, s); - l2 = lasso_provider_get_metadata_list(remote_provider, s); - if (l1 && l2) { - method = method_bindings[i]; + lasso_foreach(t, remote_provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*)t->data; + if (endpoint_type && g_strcmp0(endpoint_type->kind, kind) == 0) { + result = binding_uri_to_http_method(endpoint_type->binding); + if (result) break; } } - return method; + return result; +} + +gboolean +lasso_saml20_provider_accept_http_method(G_GNUC_UNUSED LassoProvider *provider, LassoProvider *remote_provider, + LassoMdProtocolType protocol_type, LassoHttpMethod http_method, + G_GNUC_UNUSED gboolean initiate_profile) +{ + GList *t = NULL; + const char *kind = NULL; + + if (protocol_type < LASSO_MD_PROTOCOL_TYPE_LAST) { + kind = profile_names[protocol_type]; + } + if (! kind) { + warning("Could not find a first http method for protocol type %u", protocol_type); + return LASSO_HTTP_METHOD_NONE; + } + + lasso_foreach(t, remote_provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*)t->data; + if (endpoint_type && endpoint_type->role == remote_provider->role && + g_strcmp0(endpoint_type->kind, kind) == 0) { + if (binding_uri_to_http_method(endpoint_type->binding) == http_method) { + return TRUE; + } + } + } + + return FALSE; } gboolean lasso_saml20_provider_check_assertion_consumer_service_url(LassoProvider *provider, const gchar *url, const gchar *binding) { - GHashTable *descriptor; - GList *l = NULL, *r = NULL, *candidate = NULL; - char *name; - const char *binding_s = NULL; - int lname; + GList *t = NULL; - descriptor = provider->private_data->Descriptors; - if (descriptor == NULL || url == NULL || binding == NULL) - return FALSE; - - binding_s = binding_uri_to_identifier(binding); - if (binding_s == NULL) { - return FALSE; - } - - g_hash_table_foreach(descriptor, - (GHFunc)add_assertion_consumer_url_to_list, - &r); - - name = g_strdup_printf(LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE - " %s ", binding_s); - lname = strlen(name); - for (l = r; l; l = g_list_next(l)) { - char *b = l->data; - if (strncmp(name, b, lname) == 0) { - candidate = lasso_provider_get_metadata_list_for_role(provider, LASSO_PROVIDER_ROLE_SP, b); - if (candidate && candidate->data && strcmp(candidate->data, url) == 0) - break; - else - candidate = NULL; + lasso_foreach (provider->private_data->endpoints, t) { + EndpointType *endpoint_type = (EndpointType*) t->data; + if (endpoint_type && endpoint_type->role == LASSO_PROVIDER_ROLE_SP + && g_strcmp0(endpoint_type->url, url) == 0 + && g_strcmp0(endpoint_type->binding, binding) == 0) + { + return TRUE; } } - lasso_release(name); - lasso_release_list(r); - - if (candidate) - return TRUE; - else - return FALSE; + return FALSE; } +static const char *supported_assertion_consumer_bindings[] = { LASSO_SAML2_METADATA_BINDING_POST, + LASSO_SAML2_METADATA_BINDING_ARTIFACT, NULL }; + +static gboolean match_any(const char *key, const char *array[]) { + const char **t = array; + + while (*t) { + if (g_strcmp0(key, *t) == 0) { + return TRUE; + } + t++; + } + return FALSE; +} + +static EndpointType * +lasso_saml20_provider_get_assertion_consumer_service(LassoProvider *provider, int service_id) +{ + const char *kind = LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE; + GList *t = NULL; + EndpointType *result = NULL; + + if (service_id != -1) { + lasso_foreach(t, provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*) t->data; + if (! endpoint_type) + continue; + if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP && + g_strcmp0(endpoint_type->kind, kind) == 0 && + endpoint_type->index == service_id) + { + result = endpoint_type; + break; + } + } + } else { /* lookup a default supported endpoint type */ + lasso_foreach(t, provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*) t->data; + if (! endpoint_type) + continue; + if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP && + g_strcmp0(endpoint_type->kind, kind) == 0 && + match_any(endpoint_type->binding, + supported_assertion_consumer_bindings)) + { + result = endpoint_type; + break; + } + } + } + return result; +} + + gchar* lasso_saml20_provider_get_assertion_consumer_service_url(LassoProvider *provider, int service_id) { - GList *l = NULL; - char *sid; - char *name; - const char *possible_bindings[] = { - "HTTP-Artifact", - "HTTP-POST", - NULL - }; - int i; - - if (service_id == -1) { - sid = g_strdup(provider->private_data->default_assertion_consumer); - } else { - sid = g_strdup_printf("%d", service_id); + EndpointType *endpoint_type = lasso_saml20_provider_get_assertion_consumer_service(provider, service_id); + if (endpoint_type) + { + return g_strdup(endpoint_type->url); } - - for (i=0; possible_bindings[i]; i++) { - name = g_strdup_printf(LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE - " %s %s", - possible_bindings[i], sid); - l = lasso_provider_get_metadata_list_for_role(provider, - LASSO_PROVIDER_ROLE_SP, - name); - lasso_release_string(name); - if (l != NULL) - break; - } - lasso_release_string(sid); - if (l) - return g_strdup(l->data); - return NULL; -} - -#define ACS_KEY "sp " LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE - -static void -add_assertion_consumer_url_to_list(gchar *key, G_GNUC_UNUSED gpointer value, GList **list) -{ - if (strncmp(key, ACS_KEY, sizeof(ACS_KEY)-1) == 0) { - lasso_list_add_new_string(*list, key); - } -} - -struct HelperBindingByUrl { - const char *binding; - const char *url; -}; - -void -helper_binding_by_url(char *key, GList *value, struct HelperBindingByUrl *data) -{ - if (strncmp(key, ACS_KEY, sizeof(ACS_KEY)-1) != 0) { - return; - } - - if (data->binding == NULL && g_list_find_custom(value, data->url, (GCompareFunc)g_strcmp0) != NULL) { - char *end; - // URL was found for the first time - key += sizeof(ACS_KEY); - end = strchr(key, ' '); - if (end) { - key = g_strndup(key, (ptrdiff_t)(end-key)); - data->binding = identifier_to_binding_uri(key); - lasso_release(key); - } else { - data->binding = identifier_to_binding_uri(key); - } - } - -} - -const gchar* -lasso_saml20_provider_get_assertion_consumer_service_binding_by_url(LassoProvider *provider, const char *url) -{ - struct HelperBindingByUrl _helper_binding_by_url = { .binding = NULL, .url = url }; - - g_hash_table_foreach(provider->private_data->Descriptors, (GHFunc)helper_binding_by_url, - &_helper_binding_by_url); - - return _helper_binding_by_url.binding; -} - -gchar* -lasso_saml20_provider_get_assertion_consumer_service_url_by_binding(LassoProvider *provider, - const gchar *binding) -{ - GHashTable *descriptor; - GList *l = NULL, *r = NULL; - char *name; - const char *binding_s = NULL; - int lname; - - descriptor = provider->private_data->Descriptors; - if (descriptor == NULL) - return NULL; - - binding_s = binding_uri_to_identifier(binding); - if (binding_s == NULL) { - return NULL; - } - - g_hash_table_foreach(descriptor, - (GHFunc)add_assertion_consumer_url_to_list, - &r); - - name = g_strdup_printf("sp " - LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE - " %s ", binding_s); - lname = strlen(name); - for (l = r; l; l = g_list_next(l)) { - char *b = l->data; - if (strncmp(name, b, lname) == 0) { - l = g_hash_table_lookup(descriptor, b); - break; - } - } - lasso_release_string(name); - lasso_release_list(r); - - if (l) { - return g_strdup(l->data); - } - return NULL; } @@ -630,88 +632,53 @@ gchar* lasso_saml20_provider_get_assertion_consumer_service_binding(LassoProvider *provider, int service_id) { - GHashTable *descriptor; - GList *l = NULL; - char *sid; - char *name; - char *binding = NULL; - const char *possible_bindings[] = { - "HTTP-POST", - "HTTP-Redirect", - "HTTP-Artifact", - "SOAP", - NULL - }; - int i; - - if (service_id == -1) { - sid = g_strdup(provider->private_data->default_assertion_consumer); - } else { - sid = g_strdup_printf("%d", service_id); + EndpointType *endpoint_type = lasso_saml20_provider_get_assertion_consumer_service(provider, service_id); + if (endpoint_type) + { + return g_strdup(binding_uri_to_identifier(endpoint_type->binding)); } - descriptor = provider->private_data->Descriptors; - if (descriptor == NULL) - return NULL; - - for (i=0; possible_bindings[i]; i++) { - name = g_strdup_printf(LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE - " %s %s", - possible_bindings[i], sid); - l = lasso_provider_get_metadata_list_for_role(provider, LASSO_PROVIDER_ROLE_SP, name); - lasso_release_string(name); - if (l != NULL) { - binding = g_strdup(possible_bindings[i]); - break; - } - } - lasso_release_string(sid); - return binding; + return NULL; } -gboolean -lasso_saml20_provider_accept_http_method(LassoProvider *provider, LassoProvider *remote_provider, - LassoMdProtocolType protocol_type, LassoHttpMethod http_method, - gboolean initiate_profile) +const gchar* +lasso_saml20_provider_get_assertion_consumer_service_binding_by_url(LassoProvider *provider, const char *url) { - char *protocol_profile; - static const char *http_methods[] = { - NULL, - NULL, - NULL, - NULL, - "HTTP-POST", - "HTTP-Redirect", - "SOAP", - "HTTP-Artifact", - "HTTP-Artifact", - NULL - }; - gboolean rc = FALSE; - LassoProviderRole initiating_role; + const char *kind = LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE; + GList *t = NULL; - initiating_role = remote_provider->role; - if (remote_provider->role == LASSO_PROVIDER_ROLE_SP) { - provider->role = LASSO_PROVIDER_ROLE_IDP; + lasso_foreach(t, provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*) t->data; + if (! endpoint_type) + continue; + if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP && + g_strcmp0(endpoint_type->kind, kind) == 0 && + g_strcmp0(endpoint_type->url, url) == 0) + { + return endpoint_type->binding; + } } - if (remote_provider->role == LASSO_PROVIDER_ROLE_IDP) { - provider->role = LASSO_PROVIDER_ROLE_SP; + return NULL; +} + +gchar* +lasso_saml20_provider_get_assertion_consumer_service_url_by_binding(LassoProvider *provider, + const gchar *binding) +{ + const char *kind = LASSO_SAML2_METADATA_ELEMENT_ASSERTION_CONSUMER_SERVICE; + GList *t = NULL; + + lasso_foreach(t, provider->private_data->endpoints) { + EndpointType *endpoint_type = (EndpointType*) t->data; + if (! endpoint_type) + continue; + if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP && + g_strcmp0(endpoint_type->kind, kind) == 0 && + g_strcmp0(endpoint_type->binding, binding) == 0) + { + return endpoint_type->url; + } } - if (initiate_profile) - initiating_role = provider->role; - - /* exclude bad input */ - if (http_method > (int)G_N_ELEMENTS(http_methods) || http_method < 0 || http_methods[http_method+1] == NULL) { - return FALSE; - } - - protocol_profile = g_strdup_printf("%s %s", profile_names[protocol_type], - http_methods[http_method+1]); - - /* just check if remote provider can receive the request, remote provider will have to check - * how to return the response itself */ - rc = (lasso_provider_get_metadata_list(remote_provider, protocol_profile) != NULL); - lasso_release_string(protocol_profile); - return rc; + return NULL; } /** diff --git a/lasso/xml/strings.h b/lasso/xml/strings.h index 9638e9c1..e3610316 100644 --- a/lasso/xml/strings.h +++ b/lasso/xml/strings.h @@ -107,6 +107,13 @@ */ #define LASSO_SOAP_FAULT_CODE_VERSION_MISMATCH "s:VersionMismatch" +/** + * LASSO_PRIVATE_STATUS_CODE_FAILED_TO_RESTORE_ARTIFACT: + * + * An artifact content is present but Lasso failed to rebuild the corresponding XML content. + */ +#define LASSO_PRIVATE_STATUS_CODE_FAILED_TO_RESTORE_ARTIFACT "FailedToRestoreArtifact" + /*****************************************************************************/ /* Lasso */ /*****************************************************************************/ @@ -131,6 +138,41 @@ */ #define LASSO_PYTHON_HREF "http://www.entrouvert.org/namespaces/python/0.0" +/** + * LASSO_SIGNATURE_TYPE_ATTRIBUTE: + * + * Attribute name for the Lasso signature type attribute. + */ +#define LASSO_SIGNATURE_TYPE_ATTRIBUTE BAD_CAST "SignatureType" + +/** + * LASSO_SIGNATURE_METHOD_ATTRIBUTE: + * + * Attribute name for the Lasso signature type attribute. + */ +#define LASSO_SIGNATURE_METHOD_ATTRIBUTE BAD_CAST "SignatureMethod" + +/** + * LASSO_PRIVATE_KEY_ATTRIBUTE: + * + * Attribute name for the Lasso private key attribute. + */ +#define LASSO_PRIVATE_KEY_ATTRIBUTE BAD_CAST "PrivateKey" + +/** + * LASSO_PRIVATE_KEY_PASSWORD_ATTRIBUTE: + * + * Attribute name for the Lasso private key attribute. + */ +#define LASSO_PRIVATE_KEY_PASSWORD_ATTRIBUTE BAD_CAST "PrivateKeyPassword" + +/** + * LASSO_CERTIFICATE_ATTRIBUTE: + * + * Attribute name for the Lasso private key attribute. + */ +#define LASSO_CERTIFICATE_ATTRIBUTE BAD_CAST "Certificate" + /*****************************************************************************/ /* Liberty Alliance ID-FF */ /*****************************************************************************/ diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 523a7dda..38f81dd6 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -518,6 +518,8 @@ lasso_query_sign(char *query, LassoSignatureMethod sign_method, const char *priv new_query = g_strdup_printf("%s&SigAlg=%s", query, t); xmlFree(t); break; + case LASSO_SIGNATURE_METHOD_LAST: + g_assert_not_reached(); } /* build buffer digest */ @@ -568,6 +570,8 @@ lasso_query_sign(char *query, LassoSignatureMethod sign_method, const char *priv case LASSO_SIGNATURE_METHOD_DSA_SHA1: s_new_query = g_strdup_printf("%s&Signature=%s", new_query, e_b64_sigret); break; + case LASSO_SIGNATURE_METHOD_LAST: + g_assert_not_reached(); } done: diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c index f5339721..eff4e98c 100644 --- a/lasso/xml/xml.c +++ b/lasso/xml/xml.c @@ -1129,6 +1129,27 @@ _lasso_node_collect_namespaces(GHashTable **namespaces, xmlNode *node) } } +gboolean +lasso_get_integer_attribute(xmlNode *node, xmlChar *attribute_name, xmlChar *ns_href, int *integer, long int low, long int high) { + xmlChar *content = NULL; + gboolean rc = FALSE; + long int what; + + g_assert (integer); + content = xmlGetNsProp(node, attribute_name, ns_href); + if (! content) + goto cleanup; + if (! lasso_string_to_xsd_integer((char*)content, &what)) + goto cleanup; + if (*integer < low || *integer >= high) + goto cleanup; + *integer = what; + rc = TRUE; +cleanup: + lasso_release_xml_string(content); + return rc; +} + /** FIXME: return a real error code */ static int lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) @@ -1141,6 +1162,7 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) struct XmlSnippet *snippet_any = NULL; struct XmlSnippet *snippet_any_attribute = NULL; struct XmlSnippet *snippet_collect_namespaces = NULL; + struct XmlSnippet *snippet_signature = NULL; GSList *unknown_nodes = NULL; GSList *known_attributes = NULL; gboolean keep_xmlnode = FALSE; @@ -1295,7 +1317,15 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) *(void**)value = tmp; tmp = NULL; } else if (snippet->type & SNIPPET_INTEGER) { - int val = atoi(tmp); + int val = strtol(tmp, NULL, 10); + if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) + || errno == EINVAL || val < 0) { + if (snippet->type & SNIPPET_OPTIONAL_NEG) { + val = -1; + } else { + val = 0; + } + } (*(int*)value) = val; trace_snippet(" setting integer %i for ", val); xmlFree(tmp); @@ -1342,6 +1372,10 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) snippet_collect_namespaces = snippet; } + if (type == SNIPPET_SIGNATURE) { + snippet_signature = snippet; + } + if (type == SNIPPET_ATTRIBUTE) { if (snippet->type & SNIPPET_ANY) { snippet_any_attribute = snippet; @@ -1356,7 +1390,15 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) continue; if (snippet->type & SNIPPET_INTEGER) { - int val = atoi(tmp); + int val = strtol(tmp, NULL, 10); + if (((val == LONG_MIN || val == LONG_MAX) && errno == ERANGE) + || errno == EINVAL || val < 0) { + if (snippet->type & SNIPPET_OPTIONAL_NEG) { + val = -1; + } else { + val = 0; + } + } (*(int*)value) = val; } else if (snippet->type & SNIPPET_BOOLEAN) { int val = 0; @@ -1390,6 +1432,44 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) _lasso_node_collect_namespaces(value, xmlnode); } + /* Collect signature parameters */ + { + LassoSignatureMethod method; + LassoSignatureType type; + xmlChar *private_key = NULL; + xmlChar *private_key_password = NULL; + xmlChar *certificate = NULL; + + while (snippet_signature) { + int what; + if (! lasso_get_integer_attribute(xmlnode, LASSO_SIGNATURE_METHOD_ATTRIBUTE, + BAD_CAST LASSO_LIB_HREF, &what, + LASSO_SIGNATURE_METHOD_RSA_SHA1, + LASSO_SIGNATURE_METHOD_LAST)) + break; + method = what; + if (! lasso_get_integer_attribute(xmlnode, LASSO_SIGNATURE_METHOD_ATTRIBUTE, + BAD_CAST LASSO_LIB_HREF, &what, LASSO_SIGNATURE_TYPE_NONE+1, + LASSO_SIGNATURE_TYPE_LAST)) + break; + type = what; + private_key = xmlGetNsProp(xmlnode, LASSO_PRIVATE_KEY_PASSWORD_ATTRIBUTE, + BAD_CAST LASSO_LIB_HREF); + if (! private_key) + break; + private_key = xmlGetNsProp(xmlnode, LASSO_PRIVATE_KEY_ATTRIBUTE, BAD_CAST + LASSO_LIB_HREF); + certificate = xmlGetNsProp(xmlnode, LASSO_CERTIFICATE_ATTRIBUTE, BAD_CAST + LASSO_LIB_HREF); + lasso_node_set_signature(node, type, + method, (char*) private_key, (char*) private_key_password, (char*) certificate); + } + lasso_release_xml_string(private_key); + lasso_release_xml_string(private_key_password); + lasso_release_xml_string(certificate); + } + + /* Collect other children */ if (unknown_nodes && snippet_any) { xmlNode *t = unknown_nodes->data; void *tmp; @@ -1398,6 +1478,7 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode) (*(char**)value) = tmp; } + /* Collect other attributes */ if (snippet_any_attribute) { GHashTable **any_attribute; GSList *tmp_attr; @@ -1617,15 +1698,15 @@ lasso_node_impl_get_xmlNode(LassoNode *node, gboolean lasso_dump) if (private_key) { ns = get_or_define_ns(xmlnode, BAD_CAST LASSO_LASSO_HREF); sprintf(buffer, "%u", type); - xmlSetNsProp(xmlnode, ns, BAD_CAST "SignatureType", BAD_CAST buffer); + xmlSetNsProp(xmlnode, ns, LASSO_SIGNATURE_TYPE_ATTRIBUTE, BAD_CAST buffer); sprintf(buffer, "%u", method); - xmlSetNsProp(xmlnode, ns, BAD_CAST "SignatureMethod", BAD_CAST buffer); - xmlSetNsProp(xmlnode, ns, BAD_CAST "PrivateKey", BAD_CAST private_key); + xmlSetNsProp(xmlnode, ns, LASSO_SIGNATURE_METHOD_ATTRIBUTE, BAD_CAST buffer); + xmlSetNsProp(xmlnode, ns, LASSO_PRIVATE_KEY_ATTRIBUTE, BAD_CAST private_key); if (private_key_password) { - xmlSetNsProp(xmlnode, ns, BAD_CAST "PrivateKeyPassword", BAD_CAST private_key_password); + xmlSetNsProp(xmlnode, ns, LASSO_PRIVATE_KEY_PASSWORD_ATTRIBUTE, BAD_CAST private_key_password); } if (certificate) { - xmlSetNsProp(xmlnode, ns, BAD_CAST "Certificate", BAD_CAST certificate); + xmlSetNsProp(xmlnode, ns, LASSO_CERTIFICATE_ATTRIBUTE, BAD_CAST certificate); } } } diff --git a/lasso/xml/xml.h b/lasso/xml/xml.h index 06709c02..d4283956 100644 --- a/lasso/xml/xml.h +++ b/lasso/xml/xml.h @@ -84,7 +84,8 @@ typedef enum { typedef enum { LASSO_SIGNATURE_TYPE_NONE = 0, LASSO_SIGNATURE_TYPE_SIMPLE, - LASSO_SIGNATURE_TYPE_WITHX509 + LASSO_SIGNATURE_TYPE_WITHX509, + LASSO_SIGNATURE_TYPE_LAST } LassoSignatureType; @@ -97,7 +98,8 @@ typedef enum { **/ typedef enum { LASSO_SIGNATURE_METHOD_RSA_SHA1 = 1, - LASSO_SIGNATURE_METHOD_DSA_SHA1 + LASSO_SIGNATURE_METHOD_DSA_SHA1, + LASSO_SIGNATURE_METHOD_LAST } LassoSignatureMethod; diff --git a/tests/integration/saml2/__init__.py b/tests/integration/saml2/__init__.py index 0080258f..800db3ee 100644 --- a/tests/integration/saml2/__init__.py +++ b/tests/integration/saml2/__init__.py @@ -25,7 +25,7 @@ if os.path.exists(CONFIG_FILE): # Combine default and configuration file AUTHENTIC_SRCDIR = CONFIG.get('AUTHENTIC_SRCDIR') or '/usr/local/src/authentic' AUTHENTICCTL = CONFIG.get('AUTHENTICCTL') or '/usr/sbin/authenticctl.py' -AUTHENTIC_DATA_DIR = CONFIG.get('AUTHENTIC_DATA_DIR') or '/usr/share/authentic/' +AUTHENTIC_DATADIR = CONFIG.get('AUTHENTIC_DATADIR') or '/usr/share/authentic/' LCSCTL = CONFIG.get('LCSCTL') or '/usr/sbin/lcsctl.py' LCS_DATADIR = CONFIG.get('LCS_DATADIR') or '/usr/share/lcs/' LASSO_BUILDDIR = os.environ.get('LASSO_BUILDDIR') or \ diff --git a/website/convert-to-static.py b/website/convert-to-static.py index c6e4b4a3..a1107644 100644 --- a/website/convert-to-static.py +++ b/website/convert-to-static.py @@ -113,11 +113,16 @@ class Build: if self.changelog: self.changelog = self.changelog.replace('.xml', '') - dom_cl = xml.dom.minidom.parse(file('web' + self.changelog + '.xml')) - self.last_commit_author = getText(dom_cl.getElementsByTagName('author')[-1].childNodes) - self.nb_commits = len(dom_cl.getElementsByTagName('entry')) - if not self.nb_commits: - self.nb_commits = len(dom_cl.getElementsByTagName('logentry')) + try: + dom_cl = xml.dom.minidom.parse(file('web' + self.changelog + '.xml')) + except: + self.nb_commits = '?' + self.last_commit_author = '?' + else: + self.last_commit_author = getText(dom_cl.getElementsByTagName('author')[-1].childNodes) + self.nb_commits = len(dom_cl.getElementsByTagName('entry')) + if not self.nb_commits: + self.nb_commits = len(dom_cl.getElementsByTagName('logentry')) @@ -129,7 +134,6 @@ re_summary = re.compile('[a-z]+\.[0-9]{4}.xml') if not os.path.exists('web-static'): os.mkdir('web-static') - for BUILDLOGS_DIR in ('build-logs', 'build-logs-wsf'): if not os.path.exists('web/%s' % BUILDLOGS_DIR): continue @@ -137,7 +141,7 @@ for BUILDLOGS_DIR in ('build-logs', 'build-logs-wsf'): os.mkdir('web-static/%s' % BUILDLOGS_DIR) for base, dirs, files in os.walk('web/%s' % BUILDLOGS_DIR): - if base.endswith('/CVS') or base.endswith('/.svn'): + if base.endswith('/CVS') or base.endswith('/.svn') or base.endswith('/.git'): continue for dirname in dirs: src_file = os.path.join(base, dirname) @@ -205,7 +209,7 @@ for BUILDLOGS_DIR in ('build-logs', 'build-logs-wsf'): day_dirs = os.listdir('web/%s/' % BUILDLOGS_DIR) day_dirs.sort() day_dirs.reverse() - day_dirs = day_dirs[:20] + day_dirs = day_dirs[:60] main_page = [] @@ -217,12 +221,15 @@ for BUILDLOGS_DIR in ('build-logs', 'build-logs-wsf'): main_page.sort() main_page.reverse() - main_page = main_page[:20] + main_page = main_page[:50] builds = [] for filename in main_page: - builds.append( Build(xml.dom.minidom.parse(filename)) ) - if len(builds) > 1 and builds[-2].date[:8] == builds[-1].date[:8]: - builds[-1].display_date = '' + try: + builds.append( Build(xml.dom.minidom.parse(filename)) ) + if len(builds) > 1 and builds[-2].date[:8] == builds[-1].date[:8]: + builds[-1].display_date = '' + except: + pass fd = StringIO() buildlog_template.generate(fd, {'build': builds}) @@ -255,6 +262,8 @@ for base, dirs, files in os.walk('web'): src_file = os.path.join(base, filename) dst_file = 'web-static/' + src_file[4:] + if os.path.isdir(src_file): continue + if os.path.exists(dst_file) and \ os.stat(dst_file)[stat.ST_MTIME] >= os.stat(src_file)[stat.ST_MTIME]: continue diff --git a/website/templates/base.ezt b/website/templates/base.ezt index ac877c72..b1f144d9 100644 --- a/website/templates/base.ezt +++ b/website/templates/base.ezt @@ -32,25 +32,6 @@
diff --git a/website/web/doap.rdf b/website/web/doap.rdf index 8e002c49..ef98b10e 100644 --- a/website/web/doap.rdf +++ b/website/web/doap.rdf @@ -1,4 +1,4 @@ - Liberty Alliance ID-FF 1.2 - OASIS SAML 2.0 - @@ -61,6 +61,10 @@ + + 2010-09-07 + 2.3.1 + 2010-07-21 2.3.0 diff --git a/website/web/download/index.xml b/website/web/download/index.xml index 2d5d3f6c..cd81df8b 100644 --- a/website/web/download/index.xml +++ b/website/web/download/index.xml @@ -10,7 +10,7 @@

Lasso is licensed under the GNU GPL and the latest release is available here as a gzipped tarball: - lasso-2.3.0.tar.gz + lasso-2.3.0.tar.gz

Binary Downloads

@@ -41,7 +41,7 @@ deb http://deb.entrouvert.org karmic main
  • liblasso3: runtime library
  • liblasso3-dev: C development kit
    • -
  • python-lasso: Python 2.5 & 2.6 bindings
    • +
  • python-lasso: Python 2.5 & 2.6 bindings
  • php5-lasso: PHP bindings
  • liblasso-java: JAVA bindings
  • liblasso3-perl: Perl bindings
    • diff --git a/website/web/index.xml b/website/web/index.xml index 0f30a3db..81b36d1b 100644 --- a/website/web/index.xml +++ b/website/web/index.xml @@ -46,10 +46,10 @@

    - The most recent version of Lasso is 2.1.1. You can + The most recent version of Lasso is 2.3.0. You can download - the 2.1.1 tarball here or get more options on the general download + the 2.3.0 tarball here or get more options on the general download page.

    diff --git a/website/web/news/15-release-2.3.0.xml b/website/web/news/15-release-2.3.0.xml new file mode 100644 index 00000000..439f3d83 --- /dev/null +++ b/website/web/news/15-release-2.3.0.xml @@ -0,0 +1,18 @@ + +
    +

    2010-07-21: Released 2.3.0

    + +

    + Lasso 2.3.0 has been released. + Download it now +

    + +

    + What changed ? + This release contains many bugfixes, better support for profiles outside + of WebSSO (especially Attribute requests), better control over + signatures creation and validation, support for encrypted private + keys, and improved Python, PHP5, Java, and Perl bindings. +

    + +