We want to deprecate support for loading PEM formatted key
from ds:KeyValue nodes, before final removal it will have to be activated
through a runtime flag (using LASSO_FLAG environment variable).
xmlsec has removed support for SOAP. The missing xmlSecSoap* functions
and their dependent utiliity functions were added to Lasso following
the model of the existing xmlSec implmentations.
Note: Lasso tried to accommodate both SOAP 1.1 and SOAP 1.2 but SAML2
*only* uses SOAP 1.1 thus the SOAP 1.2 support was superfluous and
confused matters. Therefire the SOAP 1.2 support was removed.
The following new functions were added to Lasso to support SOAP:
* lasso_xml_next_element_node
* lasso_xml_get_node_ns_href
* lasso_xml_is_element_node
* lasso_xml_soap11_get_header
* lasso_xml_soap11_get_body
The following is the mapping from the deprecated xmlSecSoap symbols
to the new Lasso symbols:
xmlSecSoap11Ns -> LASSO_SOAP_ENV_HREF
xmlSecGetNextElementNode -> lasso_xml_next_element_node
xmlSecGetNodeNsHref -> lasso_xml_get_node_ns_href
xmlSecCheckNodeName -> lasso_xml_is_element_node
xmlSecSoap11GetHeader -> lasso_xml_soap11_get_header
xmlSecSoap11GetBody -> lasso_xml_soap11_get_body
This patch also extends the automake version support in autogen.sh to the
current 1.16 version.
License: MIT
Signed-off-by: John Dennis <jdennis@redhat.com>
The fail() function from libcheck is doing a longjump() from inside the
logging subsystem, preventing the depth counter to be reinitialised to 0.
(Seen with g_private_get(&g_log_depth) in a gdb session).
Four new accesors:
lasso_samlp2_extensions_get_any
lasso_samlp2_extensions_set_any
lasso_samlp2_extensions_get_attributes
lasso_samlp2_extensions_set_attributes
The two new pseudo field are fully supported in the python binding.
node = lasso.Samlp2Extensions()
node.any = '<test>ok</test>'
node.attributes = {'{http://entrouvert.org/}attribute1': 'value'}
print node.dump()
validate_idp_list was not using the correct list elements when it
iterated over the known_sp_provided_idp_entries_supporting_ecp list.
It treated them as lists of strings instead of lists of
LassoSamlp2IDPEntry.
Signed-off-by: John Dennis <jdennis@redhat.com>
License: MIT
CFLAGS is initialized to the empty string in configure.ac, this
effectively turned off user supplied values for CFLAGS preventing site
specific values from being used. A further complicating factor was of
all the user supplied values documented in Automake only CFLAGS was
disabled allowing all other user supplied variables to take
effect. Some variables must be coordinated (e.g. CFLAGS with LDFLAGS),
the fact LDFLAGS was picked up from the environment but CFLAGS was
discarded caused build failures due to incompatible combination of
compiler and linker options.
The problem was first introduced in commit: 73d9c98f "Reset CFLAGS
when --enable-debugging is used". This patch simply removes hardcoding
CFLAGS to the empty string and appends the debug options
(--enable-debugging) to the existing CFLAGS.
Proper use of the variables is described in the Automake documentation
in the section "Flag Variables Ordering"
https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
Although the Automake documentation claims manipulating CFLAGS
directly is improper use there are many examples of this in the
existing configure.ac, this patch makes no attempt at addressing this
issue, rather it makes existing usage consistent. In the particular
case of debug flags appending to CFLAGS is probably the only valid
solution because the debug flags must appear at the end of the list of
flags in order to override earlier flags, CFLAGS always appears last
in the Makefile (see above Automake doc).
Signed-off-by: John Dennis <jdennis@redhat.com>
License: MIT
This bug was introduced in commit 8d06806d, the check for a correct namespace on
head node of parsed XML fragments does not handle the case where the node has no
namespace. Using lasso_equal_namespace() fix this.
lasso_log is a private function of lasso and as such cannot be
referenced by the loader.
This is equivalent to commit e0bda691 in the PHP binding which
exhibited the same problem.
lasso_log is referenced in jobject_to_gobject() because of
lasso_assign_gobject macro, which includes the lasso_release_gobject
macro which invokes the message macro which expands to lasso_log.
License: MIT
Signed-off-by: John Dennis <jdennis@redhat.com>
enumeration type were being wrongly interpreted as objects types because
is_object() was used instead of the local specialisation done in
PhpCode.is_object().
Also fix docstring of getters/setters.
Frédéric Péters
Benjamin Dauvergne
John Dennis