entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity
5,037 Commits 7 Branches 40 Tags 14 MiB
Commit Graph

5037 Commits

Author SHA1 Message Date
Benjamin Dauvergne aa9898693a [saml login] suppress unused argument warning 2010-12-21 10:44:14 +01:00
Benjamin Dauvergne 126a9ac71c [samlv2 logout] check that the assertion is well formed before accessing the subject nameid 2010-12-17 17:40:28 +01:00
Benjamin Dauvergne 8c28926304 [profile] prefer to lookup the session before the identity for looking up a name identifier; 2010-12-17 17:40:07 +01:00
Benjamin Dauvergne d02bf096a5 [samlv2 logout] setup the NameID from the assertion 2010-12-17 17:36:17 +01:00
Benjamin Dauvergne fd52e68094 [samlv2 login] do not setup conditions->notBefore/notOnOrAfter only notOnOrAfter on SubjectConfirmationData 2010-12-17 17:34:59 +01:00
Benjamin Dauvergne cd6262bbd7 [binding php5] add inline implementation of lasso_log since it is a private function of lasso 2010-12-14 15:19:54 +01:00
Benjamin Dauvergne 4391f1ffb9 [saml2] make LASSO_SIGNATURE_VERIFY_HINT_FORCE as least as stringent as _MAYBE when checking signature on messages 2010-12-14 12:10:47 +01:00
Benjamin Dauvergne 4f5e6c6000 [xml] remove duplicate EncryptedKey around EncryptedData elements 
The key is already embedded in the EncryptedData, so there is no need to
also fill the EncryptedKey field of the saml:EncryptedElement object.
 2010-12-14 02:01:30 +01:00
Benjamin Dauvergne b324c41237 [xml] add exportation of the encrypting public key in EncryptedData elements 
This commit check if the given is a simple RSA key or a full certificate
and choose the better serialization method between RSAKeyValue and
X509Data.
 2010-12-14 02:00:10 +01:00
Benjamin Dauvergne 447c610c9c [tools] fix xml decryption 
This commit rewrite the extraction of the EncryptedKey when it is
embedded inside the EncryptedData element, which seem to be the frequent
case.
 2010-12-14 01:58:38 +01:00
Benjamin Dauvergne 185ce3c139 Merge with new field in custome element 2010-12-14 01:58:02 +01:00
Benjamin Dauvergne 355df68dfe [saml2] use new encryption structure instead for internal field in LassoSaml2Assertion 2010-12-14 01:57:09 +01:00
Benjamin Dauvergne ec5ec161f7 [xml] add field to contains encryption parameters inside CustomElement structure 2010-12-14 01:55:09 +01:00
Benjamin Dauvergne b0c2fdab28 [utils] fix typo in lasso_assign_sec_key 2010-12-14 01:53:01 +01:00
Benjamin Dauvergne 762f88cd37 [bindings python] make constructor failure raise a lasso.Error exception 2010-12-14 01:52:31 +01:00
Benjamin Dauvergne f7dbcbb2b4 [saml2] do not set SPNameQualifier it should be reserved for SP member of an affiliation 2010-12-13 16:20:29 +01:00
Benjamin Dauvergne 6c598662a0 [tests idwsf2] add missing include for ID-WSF strings 2010-12-03 09:40:42 +01:00
Benjamin Dauvergne 255e46bb3b [tests] include the backward compatibility include for GHashTable 2010-12-01 15:21:13 +01:00
Benjamin Dauvergne f4c6c96836 [bindings perl] change ghashtable interface to not use GHashTableIter 2010-12-01 15:20:48 +01:00
Benjamin Dauvergne fbf7ad0537 [bindings perl] add dependency upon the Makefile.perl for the install target 2010-12-01 15:16:23 +01:00
Benjamin Dauvergne 33dcd98bc5 [bindings] add missing static modifier for g_hash_table_get_values replacement 2010-11-17 19:38:12 +01:00
Benjamin Dauvergne fc8c6d877e [tests] include header for backward compatible methods on GHashTable structures 2010-11-17 13:53:07 +01:00
Benjamin Dauvergne d6b1288923 [bindings] fix bad use of lasso_return_if_fail in ghashtable backward compatibility header 2010-11-15 17:04:46 +01:00
Benjamin Dauvergne 76dc05434a [SAMLv2] fix segfault in has_signature by initializing local variables 2010-10-20 15:42:59 +02:00
Benjamin Dauvergne 11434956dd Merge branch 'hotfixes-2.3.4' into release 2010-10-13 14:18:06 +02:00
Benjamin Dauvergne 48a7639e58 Update doap and news file 2010-10-13 12:23:21 +02:00
Benjamin Dauvergne 6003310f40 Update NEWS file 2010-10-13 12:06:02 +02:00
Benjamin Dauvergne 3ba1b2b9ba [tests integration] adapt to string change in lcs/qommon/saml2.ptl 2010-10-11 18:30:53 +02:00
Benjamin Dauvergne 7d90d5e26a [SAMLv2] delete an unused local variable 2010-10-11 09:58:16 +02:00
Benjamin Dauvergne c36d6a90dd [SAMLv2] user server->signature_method when signing request and response 2010-10-09 17:55:31 +02:00
Benjamin Dauvergne 6a8552a04d [tests] add non regression test on assertion consumer endpoints ordering 2010-10-09 17:53:00 +02:00
Benjamin Dauvergne 4ebb7067a0 [core] check type of first argument of lasso_provider_get_assertion_consumer_url 2010-10-09 15:51:23 +02:00
Benjamin Dauvergne 15781d1960 fix pardus capitalisation in NEWS file 2010-10-08 19:18:30 +02:00
Benjamin Dauvergne 0325ce0867 Update release notes and website for release 2.3.4 2010-10-08 18:34:19 +02:00
Benjamin Dauvergne 758fe88dad [xml] fix waring on use of strndup on pardus 2010-10-08 14:10:26 +02:00
Jérôme Schneider 270f1743f0 Add missing include <errno.h> 2010-10-08 14:10:02 +02:00
Benjamin Dauvergne 3872f17fcd [SAMLv2] handle unknown provider in artifact resolve, and also alow to ignore signature validation 
In lasso_saml20_profile_process_artifact_resolve, we know take a short
path with an error when the remote provider is unknown and we also
respect the lasso_profile_get_signature_verify_hint() when checking the
signature on the artifact resolve message.
 2010-10-07 18:48:28 +02:00
Benjamin Dauvergne 4bf2a6c0c0 [SAMLv2] fix bad double free bug in lasso_saml20_provider_get_assertion_consumer_service_url_by_binding 2010-10-07 18:39:06 +02:00
Benjamin Dauvergne 6b2a21d116 [core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2 2010-10-07 18:38:21 +02:00
Benjamin Dauvergne 3e87282db3 [docs lasso-book] add figures to the tarball 2010-10-06 18:43:57 +02:00
Benjamin Dauvergne 21d61b5ba6 [configure.ac] increment version and libtool version info 2010-10-06 17:02:18 +02:00
Benjamin Dauvergne 5d56e4558e [ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler behaviour for checking signatures 
There is two sources of advice for signature checking:
AuthnRequestsSigned attribute in service provider metadata files and
value of lasso_profile_get_signature_verify_hint().

If lasso_profile_get_signature_verify_hint() forbid to check signature,
we do not check.
If the SP advise to check signature, we check.
If lasso_profile_get_signature_verify_hint() forces to check signature,
we do not check.
In all other cases we only check if a signature is present, i.e. we
ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 58a3868361 [ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 7a27400a87 [SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequest 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 6be8d9cfa8 [SAMLv2&ID-FFv1.2] improve documentation of lasso_login_process_authn_request_msg 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 06c2ec9d61 [SAMLv2] fix ordering of endpoints 
Ordering by binding is wrong, first order by isDefault (as stated in
saml-metadata-2.0.pdf) then by index.
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 3d1d90ee31 [Core] change isdefault type in EndpointType structure 
As integer we can represent the three value of isdefault:
- true
- false
- attribute absent
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne e2611e16d6 [docs] update copyright years 2010-10-06 17:00:18 +02:00
Benjamin Dauvergne 0bd4c25a24 Merge branch 'hotfixes-2.3.3' into release 2010-10-01 19:13:31 +02:00
Benjamin Dauvergne 19cb0bf52b [Website] add news about 2.3.3 and update doap and main page 2010-10-01 19:11:32 +02:00