* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
* lasso/id-ff/logout.c:
- (lasso_logout_build_response_msg, lasso_logout_init_request,
lasso_logout_process_request_msg, lasso_logout_process_response_msg,
lasso_logout_validate_request) use lasso_assign_new_object,
lasso_assign_string, lasso_release and lasso_assign_new_string when
possible.
- (lasso_logout_process_response_msg) move the tranfer of the relaystate
from XML object to profile object.
* lasso/id-ff/defederation.c:
- (lasso_defederation_build_notification_msg,
lasso_defederation_init_notification,
lasso_defederation_process_notification_msg,
lasso_defederation_validate_notification): idem
* lasso/id-ff/lecp.c:
- (lasso_lecp_build_authn_request_envelope_msg,
lasso_lecp_build_authn_request_msg,lasso_lecp_build_authn_response_msg,
lasso_lecp_build_authn_response_envelope_msg) idem
* lots of files: Explicitely set all field of initialized structures,
in order to remove -Wno-missing-field-initilizers from needed
compiler options when using -Wall -Wextra.
functions) and creating xmlnode for the wire (export_to_soap...). This
was necessary to keep track of private_key_file to use on an Assertion
while it was kept in a lasso session dump and restored later.
This means the get_xmlNode functions have now a second parameter, gboolean
lasso_dump, TRUE when dumping for lasso internal use.
On the bright side assertions are now signed (that signature is not yet
checked).
to LASSO_ERROR_UNDEFINED (there are forty-three of them).
LASSO_ERROR_UNDEFINED was redefined from -999 to -1 so it is easier to add new
sequences of errros.
profile since it is buggy there). The signature check requires another call to
xmlParseMemory; this makes them 3 per SOAP message (sign check +
lasso_profile_get_request_type_from_soap_msg and lasso_node_init_from_message).
I'll think further about this.
on October 2nd; occasional merges since then).
- Compatible with current souk test suites.
- Missing memory management for everything in xml/
- Missing xmlsec support for SOAP messages.
lasso_login_build_artifact_msg(),
lasso_login_build_authn_response_msg(),
lasso_login_process_federation(),
lasso_lecp_build_authn_response_envelope_msg()
AuthnRequest message accepts now all possible values for the NameIDPolicy:
none, onetime, federated, any
Added lasso_login_must_ask_for_consent() method
This method must be called after lasso_login_process_authn_request_msg()
Added lasso_login_process_without_authn_request_msg() method
This method is useful to initiate SSO from IDP.
Lasso.i was updated according to the changes.
Benjamin Dauvergne
Frédéric Péters
Damien Laniel
Emmanuel Raviart
Valery Febvre