[Release] Lasso 2.3
- update the NEWS file - add abi-2.3 file - update DOAP files - update lasso website template - add temporary message to download pages, as there are no download links currently.
This commit is contained in:
parent
42d1c18a69
commit
5ea1d1f1e5
128
NEWS
128
NEWS
|
@ -1,6 +1,134 @@
|
|||
NEWS
|
||||
====
|
||||
|
||||
2.3 - July 19th 2010
|
||||
--------------------
|
||||
|
||||
391 commits, 332 files changed, 13919 insertions, 7137 deletions
|
||||
|
||||
So what's new ?
|
||||
|
||||
* Misc:
|
||||
- a public key is no more mandatory for building a LassoProvider
|
||||
- date parsing now conforms to XSD and ISO8601 specification,
|
||||
especially with respect to milliseconds (they are just ignored, but
|
||||
parsing do not fails now).
|
||||
- the encryption private key can be loaded with a password (SAMLv2
|
||||
support only)
|
||||
- keep on replacing direct glib data structure manipulation function by
|
||||
safer lasso macros.
|
||||
- remove useless verbosity when there is already some error reporting
|
||||
through method return value.
|
||||
- add a signature_verify_hint parameter to all profiles, which can be
|
||||
used to specify the policy for verifying signatures. The choices are:
|
||||
- maybe, i.e. let Lasso decides,
|
||||
- force, i.e. always verify, even when it is not needed by the spec,
|
||||
- ignore, i.e. verify, but do not block processing on signature
|
||||
verifications error.
|
||||
- add a new snippet type: SNIPPET_COLLECT_NAMESPACES, to collect all
|
||||
declared namespaces in the context of a node. It is needed for
|
||||
interpreting a string value which depend on the locally declared
|
||||
namespaces (like XPath queries).
|
||||
- support full syntax for query strings (lasso missed support for
|
||||
semi-colon separator between query string key-value pairs).
|
||||
- make LassoServer load its public key like LassoProvider
|
||||
- lasso_build_unique_id is now part of the public API
|
||||
- add lasso_profile_sso_role_with to decide on the role we have toward
|
||||
another provider (depending on the Identity, the Session or the
|
||||
Server object in this order).
|
||||
- add a lasso_node_debug method wich output a human friendly dump (i.e.
|
||||
indented) of a serialized LassoNode, contrary to dump which returns a
|
||||
computer friendly one (dump will conserve signature values, not
|
||||
debug).
|
||||
|
||||
* SAMLv2:
|
||||
- constraint on the number of SessionIndex value in a LogoutRequest was
|
||||
worked-around (see
|
||||
lasso_samlp2_logout_request_get/set_session_indexes)
|
||||
- full support for encrypted signing key (ID-FFv1.2 is coming in next
|
||||
release)
|
||||
- The treatment of assertions consumer endpoints metadata was improved to be
|
||||
what the specification says, i.e find the best default.
|
||||
- lasso_assertion_query_build_request_msg now properly initialize the Subject
|
||||
of the query from all possibles sources (first profile->nameIdentifier, then
|
||||
from the identity dump and finally from the session).
|
||||
- when a parsed Assertion contains a signature, we return the
|
||||
original_xmlnode instead of serializing the LassoNode content when
|
||||
calling lasso_node_get_xmlNode. This is in order to keep canonical
|
||||
representation of signed assertions. The result is that parsed and
|
||||
signed assertions should be considered read-only with respect to
|
||||
serialization.
|
||||
- lasso_login_build_assertion no longer initialize sessionNotOnOrAfter,
|
||||
it must be done explicitely by the IdP implementation. Only the
|
||||
assertion lifetime is set by the arguments.
|
||||
- when loading metadata for a provider, we verify that a role
|
||||
descriptor exists for the prescribed role: i.e if you do
|
||||
server.addProvider(lasso.PROVIDER_ROLE_SP, "metadata.xml"), lasso
|
||||
checks that the metadata contain a descriptor for the role "SPSSO".
|
||||
- new helper methods to manipulate and check conditions on
|
||||
SAMLv2 assertions.
|
||||
- move strings to their own header (but keep retro-compatibility
|
||||
through inclusion in xml/strings.h).
|
||||
|
||||
* Bindings:
|
||||
- improve general use of bindings/utils.py module inside the bindings
|
||||
to share type matching logic.
|
||||
|
||||
* Python binding:
|
||||
- Glib warning are tunneled through python logging API
|
||||
- camelcasing of uppercase starting fields for python and java bindings has
|
||||
been fixed, old orthograph has been also kept for compatibility. The problem
|
||||
could be seen on LassoAssertion object where the field ID was renamed iD
|
||||
which was difficult to guess.
|
||||
- node class now supports pickling by leveraging existing XML
|
||||
serialization. It posseses the same limitations as the existing XML
|
||||
serialization, for example serializing a LassProfile is not an
|
||||
idempotent operation, it will miss the server, identity and session
|
||||
fields.
|
||||
- empty GList now return an empty tuple, not None (it fixes a lot
|
||||
list traversal codes)
|
||||
- do not forget to emit 'pass' in declaration of class without any
|
||||
content (no method, no field, no constructor)
|
||||
- the code to emit 'freeing' code for values was factorized and improved.
|
||||
- for empty lists returns an empty pyhon list, not None.
|
||||
|
||||
* Perl binding:
|
||||
- support for out parameters was added.
|
||||
- better memory freeing
|
||||
|
||||
* Java binding:
|
||||
- finished exception support for error returning methods.
|
||||
- optimize the makefile for file listing generation
|
||||
- for NULL GList returns an empty ArrayList object, not null.
|
||||
|
||||
* Documentation:
|
||||
- add examples to LassoLogout documentation
|
||||
- fix missing or deprecated methods in lasso-sections.txt
|
||||
- document LassoIdWsf2Profile methods
|
||||
- document runtime flags
|
||||
|
||||
* Tests:
|
||||
- new macros to help in testing (see tests/tests.h), they also make
|
||||
better error reporting (when comparing values, they show the expected
|
||||
and the obtained value).
|
||||
- SAMLv2 AuthnRequest through HTTP-Artifact binding is tested
|
||||
- SAMLv2 LogoutRequest with multiple SessionIndex is tested
|
||||
- force C locale for integration test (we match UI strings, so it is
|
||||
needed).
|
||||
- SAMLv2, test websso with encrypted private keys (idp and sp side)
|
||||
- SAMLv2, add a python test for attribute authority
|
||||
|
||||
* ID-WSF 2.0:
|
||||
- constant strings were moved to their own header
|
||||
(lasso/xml/id-wsf-2.0/idwsf2_strings.h)
|
||||
- add helper method to retrieve the bootstrap EPR from an assertion and
|
||||
to mint assertion to use as WS-Security tokens.
|
||||
- add method lasso_idwsf2_data_service_get_query_item_result_content to
|
||||
retrieve DST query result as text
|
||||
- sign SAMLv2 assertion used as WS-Security tokens
|
||||
|
||||
And many minor bug-fixes...
|
||||
|
||||
2.2.91 - January 26th 2010
|
||||
--------------------------
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -15,7 +15,7 @@ dnl - Second number is the number of supported API versions where API version >
|
|||
dnl first number.
|
||||
dnl - Third number is the current API version implementation version number.
|
||||
dnl See libtool explanations about current, age and release, later in this file.
|
||||
AC_INIT([lasso], 2.2.91, lasso-devel@lists.labs.libre-entreprise.org)
|
||||
AC_INIT([lasso], 2.3, lasso-devel@lists.labs.libre-entreprise.org)
|
||||
dnl Check if autoconf ver > 2.53
|
||||
AC_PREREQ(2.53)
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
</SVNRepository>
|
||||
</repository>
|
||||
<release>
|
||||
<Version>
|
||||
<created>2010-07-19</created>
|
||||
<revision>2.3</revision>
|
||||
</Version>
|
||||
<Version>
|
||||
<created>2010-01-26</created>
|
||||
<revision>2.2.91</revision>
|
||||
|
|
|
@ -37,8 +37,8 @@
|
|||
<div id="download">
|
||||
<h2>Download</h2>
|
||||
<p>
|
||||
The most recent version of Lasso is <strong>2.2.91</strong> and was
|
||||
release on January 26th 2010.
|
||||
The most recent version of Lasso is <strong>2.3</strong> and was
|
||||
release on July 19th 2010.
|
||||
</p>
|
||||
<h3>Binary packages</h3>
|
||||
<p>
|
||||
|
@ -47,8 +47,7 @@
|
|||
</p>
|
||||
<h3>Source</h3>
|
||||
<p>
|
||||
<li><a href="http://labs.libre-entreprise.org/frs/download.php/765/lasso-2.2.91.tar.gz">.tar.gz</a></li>
|
||||
<li><a href="https://dev.entrouvert.org/projects/lasso/repository">Subversion Repository</a></li>
|
||||
<li>Wait for 2.3 updates of download links...</li>
|
||||
</p>
|
||||
</div>
|
||||
[end]
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
</SVNRepository>
|
||||
</repository>
|
||||
<release>
|
||||
<Version>
|
||||
<created>2010-07-19</created>
|
||||
<revision>2.3</revision>
|
||||
</Version>
|
||||
<Version>
|
||||
<created>2010-01-26</created>
|
||||
<revision>2.2.91</revision>
|
||||
|
|
|
@ -10,8 +10,7 @@
|
|||
<p>
|
||||
Lasso is licensed under the GNU GPL and the latest release
|
||||
is available here as a gzipped tarball:
|
||||
<a
|
||||
href="http://labs.libre-entreprise.org/frs/download.php/765/lasso-2.2.91.tar.gz">lasso-2.2.91.tar.gz</a>
|
||||
<a href="">Wait for update of 2.3 release sources...</a>
|
||||
</p>
|
||||
|
||||
<h2>Binary Downloads</h2>
|
||||
|
@ -25,14 +24,14 @@
|
|||
</p>
|
||||
|
||||
<p>
|
||||
Additionnaly there are <i>sarge</i> packages and there may be more
|
||||
Additionnaly there are <i>lenny</i> abd <i>karmic</i> packages and there may be more
|
||||
uptodate packages available in our local apt repository. Pick the
|
||||
one appropriate for your distribution:
|
||||
</p>
|
||||
|
||||
<pre>
|
||||
deb http://deb.entrouvert.org sarge main
|
||||
deb http://deb.entrouvert.org etch main
|
||||
deb http://deb.entrouvert.org lenny main
|
||||
deb http://deb.entrouvert.org karmic main
|
||||
</pre>
|
||||
|
||||
<p>
|
||||
|
@ -42,11 +41,10 @@ deb http://deb.entrouvert.org etch main
|
|||
<ul>
|
||||
<li>liblasso3: runtime library</li>
|
||||
<li>liblasso3-dev: C development kit</li>
|
||||
<li>python2.3-lasso: Python 2.3 bindings</li>
|
||||
<li>php4-lasso: PHP bindings</li>
|
||||
<li>python-lasso: Python 2.5 & 2.6 bindings</li>
|
||||
<li>php5-lasso: PHP bindings</li>
|
||||
<li>liblasso-java: JAVA bindings</li>
|
||||
<li>liblasso-perl: Perl bindings</li>
|
||||
<!--<li>liblasso-cil: .NET bindings</li>-->
|
||||
<li>liblasso3-perl: Perl bindings</li>
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
|
@ -58,8 +56,8 @@ deb http://deb.entrouvert.org etch main
|
|||
<h3>Fedora Core Packages</h3>
|
||||
|
||||
<p>
|
||||
There are RPM packages built on Fedora Core 6; <strong>they will soon
|
||||
be updated for 2.2.1 and a newer Fedora</strong>
|
||||
There are RPM packages built on Fedora Core 6; <strong>beware that
|
||||
they are from an old release</strong>
|
||||
</p>
|
||||
|
||||
<ul>
|
||||
|
@ -109,6 +107,10 @@ deb http://deb.entrouvert.org etch main
|
|||
|
||||
<pre> svn checkout svn://labs.libre-entreprise.org/svnroot/lasso/trunk lasso </pre>
|
||||
|
||||
<p> We are actively moving to git for future development, the details
|
||||
will be given here. For people who cannot use git, regular
|
||||
tarbal of the trunk will be made. </p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
|
Loading…
Reference in New Issue