Benjamin Dauvergne
aa9898693a
[saml login] suppress unused argument warning
2010-12-21 10:44:14 +01:00
Benjamin Dauvergne
126a9ac71c
[samlv2 logout] check that the assertion is well formed before accessing the subject nameid
2010-12-17 17:40:28 +01:00
Benjamin Dauvergne
8c28926304
[profile] prefer to lookup the session before the identity for looking up a name identifier;
2010-12-17 17:40:07 +01:00
Benjamin Dauvergne
d02bf096a5
[samlv2 logout] setup the NameID from the assertion
2010-12-17 17:36:17 +01:00
Benjamin Dauvergne
fd52e68094
[samlv2 login] do not setup conditions->notBefore/notOnOrAfter only notOnOrAfter on SubjectConfirmationData
2010-12-17 17:34:59 +01:00
Benjamin Dauvergne
cd6262bbd7
[binding php5] add inline implementation of lasso_log since it is a private function of lasso
2010-12-14 15:19:54 +01:00
Benjamin Dauvergne
4391f1ffb9
[saml2] make LASSO_SIGNATURE_VERIFY_HINT_FORCE as least as stringent as _MAYBE when checking signature on messages
2010-12-14 12:10:47 +01:00
Benjamin Dauvergne
4f5e6c6000
[xml] remove duplicate EncryptedKey around EncryptedData elements
...
The key is already embedded in the EncryptedData, so there is no need to
also fill the EncryptedKey field of the saml:EncryptedElement object.
2010-12-14 02:01:30 +01:00
Benjamin Dauvergne
b324c41237
[xml] add exportation of the encrypting public key in EncryptedData elements
...
This commit check if the given is a simple RSA key or a full certificate
and choose the better serialization method between RSAKeyValue and
X509Data.
2010-12-14 02:00:10 +01:00
Benjamin Dauvergne
447c610c9c
[tools] fix xml decryption
...
This commit rewrite the extraction of the EncryptedKey when it is
embedded inside the EncryptedData element, which seem to be the frequent
case.
2010-12-14 01:58:38 +01:00
Benjamin Dauvergne
185ce3c139
Merge with new field in custome element
2010-12-14 01:58:02 +01:00
Benjamin Dauvergne
355df68dfe
[saml2] use new encryption structure instead for internal field in LassoSaml2Assertion
2010-12-14 01:57:09 +01:00
Benjamin Dauvergne
ec5ec161f7
[xml] add field to contains encryption parameters inside CustomElement structure
2010-12-14 01:55:09 +01:00
Benjamin Dauvergne
b0c2fdab28
[utils] fix typo in lasso_assign_sec_key
2010-12-14 01:53:01 +01:00
Benjamin Dauvergne
762f88cd37
[bindings python] make constructor failure raise a lasso.Error exception
2010-12-14 01:52:31 +01:00
Benjamin Dauvergne
f7dbcbb2b4
[saml2] do not set SPNameQualifier it should be reserved for SP member of an affiliation
2010-12-13 16:20:29 +01:00
Benjamin Dauvergne
6c598662a0
[tests idwsf2] add missing include for ID-WSF strings
2010-12-03 09:40:42 +01:00
Benjamin Dauvergne
255e46bb3b
[tests] include the backward compatibility include for GHashTable
2010-12-01 15:21:13 +01:00
Benjamin Dauvergne
f4c6c96836
[bindings perl] change ghashtable interface to not use GHashTableIter
2010-12-01 15:20:48 +01:00
Benjamin Dauvergne
fbf7ad0537
[bindings perl] add dependency upon the Makefile.perl for the install target
2010-12-01 15:16:23 +01:00
Benjamin Dauvergne
33dcd98bc5
[bindings] add missing static modifier for g_hash_table_get_values replacement
2010-11-17 19:38:12 +01:00
Benjamin Dauvergne
fc8c6d877e
[tests] include header for backward compatible methods on GHashTable structures
2010-11-17 13:53:07 +01:00
Benjamin Dauvergne
d6b1288923
[bindings] fix bad use of lasso_return_if_fail in ghashtable backward compatibility header
2010-11-15 17:04:46 +01:00
Benjamin Dauvergne
76dc05434a
[SAMLv2] fix segfault in has_signature by initializing local variables
2010-10-20 15:42:59 +02:00
Benjamin Dauvergne
11434956dd
Merge branch 'hotfixes-2.3.4' into release
2010-10-13 14:18:06 +02:00
Benjamin Dauvergne
48a7639e58
Update doap and news file
2010-10-13 12:23:21 +02:00
Benjamin Dauvergne
6003310f40
Update NEWS file
2010-10-13 12:06:02 +02:00
Benjamin Dauvergne
3ba1b2b9ba
[tests integration] adapt to string change in lcs/qommon/saml2.ptl
2010-10-11 18:30:53 +02:00
Benjamin Dauvergne
7d90d5e26a
[SAMLv2] delete an unused local variable
2010-10-11 09:58:16 +02:00
Benjamin Dauvergne
c36d6a90dd
[SAMLv2] user server->signature_method when signing request and response
2010-10-09 17:55:31 +02:00
Benjamin Dauvergne
6a8552a04d
[tests] add non regression test on assertion consumer endpoints ordering
2010-10-09 17:53:00 +02:00
Benjamin Dauvergne
4ebb7067a0
[core] check type of first argument of lasso_provider_get_assertion_consumer_url
2010-10-09 15:51:23 +02:00
Benjamin Dauvergne
15781d1960
fix pardus capitalisation in NEWS file
2010-10-08 19:18:30 +02:00
Benjamin Dauvergne
0325ce0867
Update release notes and website for release 2.3.4
2010-10-08 18:34:19 +02:00
Benjamin Dauvergne
758fe88dad
[xml] fix waring on use of strndup on pardus
2010-10-08 14:10:26 +02:00
Jérôme Schneider
270f1743f0
Add missing include <errno.h>
2010-10-08 14:10:02 +02:00
Benjamin Dauvergne
3872f17fcd
[SAMLv2] handle unknown provider in artifact resolve, and also alow to ignore signature validation
...
In lasso_saml20_profile_process_artifact_resolve, we know take a short
path with an error when the remote provider is unknown and we also
respect the lasso_profile_get_signature_verify_hint() when checking the
signature on the artifact resolve message.
2010-10-07 18:48:28 +02:00
Benjamin Dauvergne
4bf2a6c0c0
[SAMLv2] fix bad double free bug in lasso_saml20_provider_get_assertion_consumer_service_url_by_binding
2010-10-07 18:39:06 +02:00
Benjamin Dauvergne
6b2a21d116
[core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2
2010-10-07 18:38:21 +02:00
Benjamin Dauvergne
3e87282db3
[docs lasso-book] add figures to the tarball
2010-10-06 18:43:57 +02:00
Benjamin Dauvergne
21d61b5ba6
[configure.ac] increment version and libtool version info
2010-10-06 17:02:18 +02:00
Benjamin Dauvergne
5d56e4558e
[ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler behaviour for checking signatures
...
There is two sources of advice for signature checking:
AuthnRequestsSigned attribute in service provider metadata files and
value of lasso_profile_get_signature_verify_hint().
If lasso_profile_get_signature_verify_hint() forbid to check signature,
we do not check.
If the SP advise to check signature, we check.
If lasso_profile_get_signature_verify_hint() forces to check signature,
we do not check.
In all other cases we only check if a signature is present, i.e. we
ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
58a3868361
[ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
7a27400a87
[SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequest
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
6be8d9cfa8
[SAMLv2&ID-FFv1.2] improve documentation of lasso_login_process_authn_request_msg
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
06c2ec9d61
[SAMLv2] fix ordering of endpoints
...
Ordering by binding is wrong, first order by isDefault (as stated in
saml-metadata-2.0.pdf) then by index.
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
3d1d90ee31
[Core] change isdefault type in EndpointType structure
...
As integer we can represent the three value of isdefault:
- true
- false
- attribute absent
2010-10-06 17:00:52 +02:00
Benjamin Dauvergne
e2611e16d6
[docs] update copyright years
2010-10-06 17:00:18 +02:00
Benjamin Dauvergne
0bd4c25a24
Merge branch 'hotfixes-2.3.3' into release
2010-10-01 19:13:31 +02:00
Benjamin Dauvergne
19cb0bf52b
[Website] add news about 2.3.3 and update doap and main page
2010-10-01 19:11:32 +02:00