* lasso/utils.h:
fix lasso_list_add_xml_node, it must copy the node before assigning
it.
add lasso_list_add_new_xml_node for keeping the old behaviour.
* lasso/xml/xml.c:
fix use of lasso_list_add_xml_node, because copying the node before
assigning it is a leak now.
* lasso/xml/xml.c lasso/xml/xml.h:
- fix signature of lasso_node_set_original_xmlnode, fix signature in
documentation of lasso_node_set_original_xmlnode;
- add a new API lasso_node_set_custom_nodename to specify the exact
element name to use when serializing a LassoNode to XML.
- rename internal structure _CustomNamespace to _CustomElement, add a
nodename field to it.
- rework internal functions around _CustomElement to be aware of an
existing attached _CustomElement and re-use if needed.
- move application of _CustomElement hints after the serialization of
the node, so that the normal behaviour of the serialization is kept
-- i.e. do not play with the list of parent classes.
- use the full xsi:type content to find a LassoNode subclass when
de-serializaing XML content, factorize QName->GObject class mapping
for the three executions paths inside
_type_name_from_href_and_nodename:
- element QName,
- xsi:type QName,
- element name with xsi:type namespace
- add a long comment expliciting the way the mapping is done.
- remove direct mapping of EncryptedAssertion element, the registry
declaration on the class LassoSaml2EncryptedElement shoud be
enough.
* lasso/xml/xml.c:
do not mix the return code from xmlSecBase64Decode and the return
code for lasso_node_init_from_message_with_format.
It fixes a segmentation fault in
lasso_login_process_authn_request_msg.
* lasso/id-wsf-2.0/data_service.c: fix uninitialized res variable in
lasso_idwsf2_data_service_process_query_response_soap_fault_msg.
* lasso/xml/saml-2.0/saml2_assertion.c: fix uninitialized rc variable
in get_xmlNode.
* lasso/saml-2.0/login.c:
in lasso_saml20_login_accept_sso check for ni and ni->Format
null-ness before dereferencing, remove idp_ni which is not used
anymore.
remote all use of federation->remote_nameIdentifier, SAML 2.0 only
need one NameID, and it will be local_nameIdentifier.
* lasso/xml/xml.c:
in lasso_node_traversal, check null-ness of node before dereferencing
it, add check for class null-ness also.
* lasso/id-ff/provider.c:
in lasso_provider_get_first_http_method, remove useless check for t2
null-ness -- if found is TRUE, t1 and t2 cannot be null.
* lasso/xml/tools.c:
in lasso_sign_node, add documentation, check for private_key_file and
xmlnode null-ness.
in lasso_get_public_key_from_private_key_file, add a cleanup phase,
check for cert variabl null-ness befor appending, count the number of
certificates added.
in lasso_query_verify_signature, check that URL unescaping and base64
decoding are succesfull before using the decoded strings.
* lasso/saml-2.0/name_id_management.c:
in lasso_name_id_management_validate_request, fix mis-handling of
federation, if federation does not match request name_id, return
UNKNOWN_PRINCIPAL.
* lasso/xml/disco_send_single_logout.c:
* lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c:
* lasso/xml/id-wsf-2.0/subsref_app_data.c:
* lasso/xml/xml.c:
lots of ID-WSF 1.0/2.0 classes were not passing the new
non-regression test on serialization/deserialization.
The main reason was the absence of mapping for their namespace in the
prefix_from_href_and_nodename function. The other reason is that some
class name does not correspond 1-to-1 to the element name
(SendSingleLogOut vs. SendSingleLogout, notice the capitalised 'O').
The last problem was that mapping from nodes to GObject classes was
done after default mapping ("Lasso<prefix><node_name>"), now it's
done before, to reflect the fact that it is a more specialized
mapping.
* lasso/xml/xml.c:
lasso_node_get_xmlnode_for_any_type is broken, if no original_xmlnode
is present, return just cur. Also add all missing cases for the state
of the pair (cur, orignal_xmlnode).
* tests/basic_tests.c:
add a non-regression test, testing all dump/restore functions.
* xml/Makefile.am:
remove the file from the source list
* xml/wsse_security.c:
* xml/wsse_security.h:
remove the files
* xml/xml.c:
use LassoWsSec1SecurityHeader for LASSO_WSSE_HREF namespace also.
* lasso/xml/xml.h lasso/xml/xml.c:
add a new public API lasso_node_set_custom_namespace(node, prefix,
href). It allows to set the precise namespace of a single object, all
other instance of the same class continue to use the default
namespace for the class.
It should be used for difficult consumer of certain nodes (like
wsse:Security) which only know certain namespace or do not use the
namespace going with the specified version of a specification (like
MSP not following ID-WSF 1.0 specification and using
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
instead of
http://schemas.xmlsoap.org/ws/2003/06/secext.
It also allows to share implementation of schema objects common to
many version of the same specification (wsse:Security between ID-WSF
1.0 and ID-WSF 2.0), without creating too many child classes.
* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
* lasso/utils.h:
change 'goto exit' for 'goto cleanup'. rename all goto_exit macros to
goto_cleanup_. rename goto_cleanup_if_fail to
goto_cleanup_if_fail_with_rc and add a
goto_cleanup_if_fail for function which do not return an integer
value. add documentation for goto_cleanup macro family.
* lasso/id-ff/login.c:
* lasso/id-ff/provider.c:
* lasso/id-ff/server.c:
* lasso/id-ff/session.c:
* lasso/id-wsf/discovery.c:
* lasso/id-wsf/wsf_profile.c:
* lasso/saml-2.0/profile.c:
* lasso/utils.h:
* lasso/xml/lib_logout_request.c:
* lasso/xml/tools.c:
* lasso/xml/xml.c:
update name of goto_exit_if_fail macros. rename 'exit' labels to
'cleanup'.
* lasso/xml/xml.c:
if xsi:type is not able to find a GObject typename for the current
node, then do not erase the actual prefix value. change prefix type
to const char.
* lasso/xml/xml.c: use standardized assignment macros (it takes care of
releasing previous valuesm and other peculiarities associated with
safe pointer usage).
* lasso/xml/xml.c: (lasso_node_init_from_saml2_query_fields) Since parsing
of the relayState is now done inside each "_process_*msg" method of
each SAML2 profile, it is not needed anymore in this function.
* lasso/xml/lib_authn_request.c, lasso/xml/lib_logout_request.c,
lasso/xml/lib_register_name_identifier_request.c,
lasso/xml/lib_status_resposne.c:
- build_query: remove build_query overloaded virtual method, use
LassoNode new generic implementation.
- init_from_query:
- change direct call to lasso_node_init_from_query_fields to use of
base implementation from LassoNode.
- make use of utils.h memory handling macros like
lasso_release_gobject and lasso_assign_string.
* lasso/xml/lib_federation_termination_notification.c:
- init_from_query: remove parsing of RelayState parameter
* lasso/xml/xml.c:
In lasso_node_init_from_message_with_format remove direct use of
xmlSecSoap* functions because they emit too much warning by lasso
reimplementations.
Benjamin Dauvergne