Merge branch 'hotfixes-2.3.3' into release
This commit is contained in:
commit
0bd4c25a24
35
NEWS
35
NEWS
|
@ -1,7 +1,40 @@
|
|||
NEWS
|
||||
====
|
||||
|
||||
2.3.2 - Septembre 7th 2010
|
||||
2.3.3 - October 1st 2010
|
||||
------------------------
|
||||
|
||||
44 commits, 264 files changed, 858 insertions, 401 deletions
|
||||
|
||||
Generic:
|
||||
* Fixed a lot of memleaks thanks to valgrind, the greatest tool on earth (with
|
||||
coccinelle).
|
||||
* Add missing annotation creating memleaks in python binding (on lasso_*_dump king of methods).
|
||||
* Fix bad inclusion of an ID-WSF include file when ID-WSF support is not enabled
|
||||
* Benchmarking program was updated to measure each part of a WebSSO
|
||||
independently (AuthnRequest generation/processing, AuthnResponse
|
||||
generation/processing).
|
||||
* Add new macro lasso_strisequal and lasso_strisnotequal to avoid errors with
|
||||
strcmp. (Thanks to coccinelle semantic patches).
|
||||
|
||||
SAMLv2:
|
||||
* Add uniform support for LassoProfileVerifySignatureHint for other profiles
|
||||
than WebSSO.
|
||||
* Report signature errors in response to NameIDNanagement requests
|
||||
* Fix wrong use of macro lasso_foreach breaking the mecanism for finding a
|
||||
default assertion consumer.
|
||||
* Behaviour of lasso_login_build_assertion was modified:
|
||||
- when the NameIDPolicy lacks a Format attribute or the Format attribute is
|
||||
the unspecified format (see the spec for the corresponding URN). Now it
|
||||
results in a transient nameid being generated. If you want it to be
|
||||
persistent you must change it before calling this method.
|
||||
- the setting of the SubjectConfirmationData->NotOnOrAfter attribute was
|
||||
restored as it is mandated by the WebSSO profile. It's the same value as
|
||||
Conditions->NotOnOrAfter.
|
||||
* Fix missing initialization of Destination attribute on Samlp2StatusResponse
|
||||
object for synchronous bindings (Redirect & Post)
|
||||
|
||||
2.3.2 - September 7th 2010
|
||||
--------------------------
|
||||
|
||||
* Fix bug in increment of the libtool version info, increasing the SONAME
|
||||
|
|
|
@ -549,8 +549,8 @@ def parse_header(header_file):
|
|||
|
||||
def parse_headers(srcdir):
|
||||
wsf_prefixes = ['disco_', 'dst_', 'is_', 'profile_service_', 'discovery_',
|
||||
'wsf_', 'interaction_', 'utility_', 'sa_', 'soap_', 'authentication_',
|
||||
'wsse_', 'sec_', 'idwsf2_', 'wsf2_', 'wsa_', 'wsu']
|
||||
'wsf_', 'interaction_', 'utility_', 'sa_', 'authentication_',
|
||||
'wsse_', 'sec_', 'idwsf2_', 'wsf2_', 'wsa_', 'wsu', 'soap_binding']
|
||||
|
||||
srcdir = os.path.abspath(srcdir)
|
||||
parentdir = os.path.dirname(srcdir)
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
#include "../ghashtable.h"
|
||||
#include "../../lasso/utils.h"
|
||||
#include "../utils.c"
|
||||
#include "../../lasso/backward_comp.h"
|
||||
|
||||
#define LASSO_ROOT "com/entrouvert/lasso/"
|
||||
#define check_exception (*env)->ExceptionCheck(env)
|
||||
|
@ -544,7 +545,7 @@ remove_from_list_of_strings(JNIEnv *env, GList **list, jstring jstr) {
|
|||
g_error_if_fail(env && list);
|
||||
lasso_return_val_if_fail(jstr, 1);
|
||||
lasso_return_val_if_fail(jstring_to_local_string(env, jstr, &local_string), 0);
|
||||
found = g_list_find_custom(*list, local_string, (GCompareFunc)strcmp);
|
||||
found = g_list_find_custom(*list, local_string, (GCompareFunc)g_strcmp0);
|
||||
if (found) {
|
||||
g_free(found->data);
|
||||
*list = g_list_delete_link(*list, found);
|
||||
|
|
|
@ -15,7 +15,7 @@ dnl - Second number is the number of supported API versions where API version >
|
|||
dnl first number.
|
||||
dnl - Third number is the current API version implementation version number.
|
||||
dnl See libtool explanations about current, age and release, later in this file.
|
||||
AC_INIT([lasso], 2.3.2, lasso-devel@lists.labs.libre-entreprise.org)
|
||||
AC_INIT([lasso], 2.3.3, lasso-devel@lists.labs.libre-entreprise.org)
|
||||
dnl Check if autoconf ver > 2.53
|
||||
AC_PREREQ(2.53)
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
|
@ -184,7 +184,7 @@ dnl - interfaces removed -> AGE = 0
|
|||
# m = a
|
||||
# r = r
|
||||
current=`expr $VERSION_MAJOR + $VERSION_MINOR`
|
||||
LASSO_VERSION_INFO="12:0:9"
|
||||
LASSO_VERSION_INFO="12:1:9"
|
||||
AC_SUBST(LASSO_VERSION_INFO)
|
||||
|
||||
dnl Compute the minimal supported ABI version for Win32 scripts and resources files.
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
</SVNRepository>
|
||||
</repository>
|
||||
<release>
|
||||
<Version>
|
||||
<created>2010-10-01</created>
|
||||
<revision>2.3.3</revision>
|
||||
</Version>
|
||||
<Version>
|
||||
<created>2010-09-07</created>
|
||||
<revision>2.3.2</revision>
|
||||
|
|
|
@ -377,7 +377,7 @@ lasso_identity_new_from_dump(const gchar *dump)
|
|||
*
|
||||
* Dumps @identity content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_identity_dump(LassoIdentity *identity)
|
||||
|
|
|
@ -2413,7 +2413,7 @@ lasso_login_new_from_dump(LassoServer *server, const gchar *dump)
|
|||
*
|
||||
* Dumps @login content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_login_dump(LassoLogin *login)
|
||||
|
|
|
@ -1405,7 +1405,7 @@ lasso_logout_new_from_dump(LassoServer *server, const char *dump)
|
|||
*
|
||||
* Dumps @logout content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_logout_dump(LassoLogout *logout)
|
||||
|
|
|
@ -770,7 +770,7 @@ lasso_name_registration_new_from_dump(LassoServer *server, const char *dump)
|
|||
*
|
||||
* Dumps @name_registration content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar *
|
||||
lasso_name_registration_dump(LassoNameRegistration *name_registration)
|
||||
|
|
|
@ -49,6 +49,10 @@
|
|||
#include "../xml/soap-1.1/soap_fault.h"
|
||||
#include "../utils.h"
|
||||
#include "../debug.h"
|
||||
#ifdef LASSO_WSF_ENABLED
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#endif
|
||||
|
||||
/*****************************************************************************/
|
||||
/* public functions */
|
||||
|
@ -201,6 +205,9 @@ lasso_profile_get_request_type_from_soap_msg(const gchar *soap)
|
|||
type = LASSO_REQUEST_TYPE_NAME_IDENTIFIER_MAPPING;
|
||||
} else if (strcmp(name, "AuthnRequest") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_LECP;
|
||||
} else if (strcmp(name, "ManageNameIDRequest") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_NAME_ID_MANAGEMENT;
|
||||
#ifdef LASSO_WSF_ENABLED
|
||||
} else if (strcmp(name, "Query") == 0) {
|
||||
if (strcmp((char*)ns->href, LASSO_DISCO_HREF) == 0) {
|
||||
type = LASSO_REQUEST_TYPE_DISCO_QUERY;
|
||||
|
@ -217,12 +224,11 @@ lasso_profile_get_request_type_from_soap_msg(const gchar *soap)
|
|||
}
|
||||
} else if (strcmp(name, "SASLRequest") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_SASL_REQUEST;
|
||||
} else if (strcmp(name, "ManageNameIDRequest") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_NAME_ID_MANAGEMENT;
|
||||
} else if (strcmp(name, "SvcMDRegister") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_REGISTER;
|
||||
} else if (strcmp(name, "SvcMDAssociationAdd") == 0) {
|
||||
type = LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_ASSOCIATION_ADD;
|
||||
#endif
|
||||
} else {
|
||||
message(G_LOG_LEVEL_WARNING, "Unknown node name : %s", name);
|
||||
}
|
||||
|
@ -743,7 +749,7 @@ LassoProviderRole lasso_profile_sso_role_with(LassoProfile *profile, const char
|
|||
return LASSO_PROVIDER_ROLE_NONE;
|
||||
|
||||
/* coherency check */
|
||||
g_return_val_if_fail(g_strcmp0(federation->remote_providerID, remote_provider_id) == 0,
|
||||
g_return_val_if_fail(lasso_strisequal(federation->remote_providerID,remote_provider_id),
|
||||
LASSO_PROVIDER_ROLE_NONE);
|
||||
|
||||
if (LASSO_IS_SAML2_NAME_ID(federation->local_nameIdentifier)) {
|
||||
|
@ -758,9 +764,9 @@ LassoProviderRole lasso_profile_sso_role_with(LassoProfile *profile, const char
|
|||
message(G_LOG_LEVEL_WARNING, "a federation without a NameID was found");
|
||||
return LASSO_PROVIDER_ROLE_NONE;
|
||||
}
|
||||
if (g_strcmp0(remote_provider_id, name_qualifier) == 0) {
|
||||
if (lasso_strisequal(remote_provider_id,name_qualifier)) {
|
||||
return LASSO_PROVIDER_ROLE_SP;
|
||||
} else if (g_strcmp0(provider_id, name_qualifier) == 0) {
|
||||
} else if (lasso_strisequal(provider_id,name_qualifier)) {
|
||||
return LASSO_PROVIDER_ROLE_IDP;
|
||||
}
|
||||
return LASSO_PROVIDER_ROLE_NONE;
|
||||
|
|
|
@ -632,7 +632,7 @@ _lasso_provider_load_key_descriptor(LassoProvider *provider, xmlNode *key_descri
|
|||
|
||||
private_data = provider->private_data;
|
||||
use = xmlGetProp(key_descriptor, (xmlChar*)"use");
|
||||
if (use == NULL || g_strcmp0((char*)use, "signing") == 0) {
|
||||
if (use == NULL || lasso_strisequal((char *)use,"signing")) {
|
||||
lasso_assign_xml_node(private_data->signing_key_descriptor, key_descriptor);
|
||||
}
|
||||
if (use == NULL || strcmp((char*)use, "encryption") == 0) {
|
||||
|
@ -789,6 +789,16 @@ free_list_strings(GList *list)
|
|||
lasso_release_list_of_strings(list);
|
||||
}
|
||||
|
||||
static void
|
||||
lasso_endpoint_free(EndpointType *endpoint_type) {
|
||||
g_free(endpoint_type->binding);
|
||||
g_free(endpoint_type->url);
|
||||
g_free(endpoint_type->kind);
|
||||
g_free(endpoint_type->return_url);
|
||||
g_free(endpoint_type);
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
dispose(GObject *object)
|
||||
{
|
||||
|
@ -840,6 +850,7 @@ dispose(GObject *object)
|
|||
provider->private_data->affiliation_id = NULL;
|
||||
lasso_release(provider->private_data->affiliation_owner_id);
|
||||
provider->private_data->affiliation_owner_id = NULL;
|
||||
lasso_release_list_of_full(provider->private_data->endpoints, lasso_endpoint_free);
|
||||
|
||||
G_OBJECT_CLASS(parent_class)->dispose(G_OBJECT(provider));
|
||||
}
|
||||
|
@ -859,15 +870,6 @@ finalize(GObject *object)
|
|||
/* instance and class init functions */
|
||||
/*****************************************************************************/
|
||||
|
||||
void
|
||||
lasso_endpoint_free(EndpointType *endpoint_type) {
|
||||
g_free(endpoint_type->binding);
|
||||
g_free(endpoint_type->url);
|
||||
g_free(endpoint_type->kind);
|
||||
g_free(endpoint_type->return_url);
|
||||
g_free(endpoint_type);
|
||||
}
|
||||
|
||||
static void
|
||||
instance_init(LassoProvider *provider)
|
||||
{
|
||||
|
@ -889,7 +891,6 @@ instance_init(LassoProvider *provider)
|
|||
provider->private_data->encryption_public_key = NULL;
|
||||
provider->private_data->encryption_mode = LASSO_ENCRYPTION_MODE_NONE;
|
||||
provider->private_data->encryption_sym_key_type = LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128;
|
||||
lasso_release_list_of_full(provider->private_data->endpoints, lasso_endpoint_free);
|
||||
|
||||
/* no value_destroy_func since it shouldn't destroy the GList on insert */
|
||||
provider->private_data->Descriptors = g_hash_table_new_full(
|
||||
|
|
|
@ -703,7 +703,7 @@ lasso_server_new_from_dump(const gchar *dump)
|
|||
*
|
||||
* Dumps @server content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_server_dump(LassoServer *server)
|
||||
|
|
|
@ -376,7 +376,7 @@ lasso_session_is_dirty(LassoSession *session)
|
|||
gint
|
||||
lasso_session_remove_assertion(LassoSession *session, const gchar *providerID)
|
||||
{
|
||||
if (! LASSO_IS_SESSION(session) || lasso_is_empty_string(providerID)) {
|
||||
if (! LASSO_IS_SESSION(session) || lasso_strisempty(providerID)) {
|
||||
return LASSO_PARAM_ERROR_INVALID_VALUE;
|
||||
}
|
||||
|
||||
|
@ -756,7 +756,7 @@ lasso_session_new_from_dump(const gchar *dump)
|
|||
*
|
||||
* Dumps @session content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_session_dump(LassoSession *session)
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#include <libxml/xpathInternals.h>
|
||||
|
||||
#include "./data_service.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
|
||||
#include "../xml/id-wsf-2.0/disco_service_type.h"
|
||||
#include "../xml/id-wsf-2.0/dstref_query.h"
|
||||
|
@ -99,8 +100,8 @@ gint
|
|||
lasso_idwsf2_data_service_set_service_type(LassoIdWsf2DataService *service, const char *prefix,
|
||||
const char *service_type)
|
||||
{
|
||||
if (!LASSO_IS_IDWSF2_DATA_SERVICE(service) || lasso_is_empty_string(prefix)
|
||||
|| lasso_is_empty_string(service_type))
|
||||
if (!LASSO_IS_IDWSF2_DATA_SERVICE(service) || lasso_strisempty(prefix)
|
||||
|| lasso_strisempty(service_type))
|
||||
return LASSO_PARAM_ERROR_INVALID_VALUE;
|
||||
lasso_assign_string(service->private_data->service_type_prefix, prefix);
|
||||
lasso_assign_string(service->private_data->service_type, service_type);
|
||||
|
@ -258,7 +259,7 @@ lasso_idwsf2_data_service_add_query_item(LassoIdWsf2DataService *service, const
|
|||
/* Check duplicates */
|
||||
lasso_foreach(i, service->private_data->query_items) {
|
||||
LassoIdWsf2DstRefQueryItem *old_item = (LassoIdWsf2DstRefQueryItem *)i->data;
|
||||
if (g_strcmp0(old_item->parent.parent.itemID, item_id) == 0) {
|
||||
if (lasso_strisequal(old_item->parent.parent.itemID,item_id)) {
|
||||
return LASSO_IDWSF2_DST_ERROR_DUPLICATE_ITEM;
|
||||
}
|
||||
}
|
||||
|
@ -297,7 +298,7 @@ lasso_idwsf2_data_service_add_modify_item(LassoIdWsf2DataService *service, const
|
|||
}
|
||||
lasso_foreach(i, service->private_data->modify_items) {
|
||||
LassoIdWsf2DstRefModifyItem *old_item = (LassoIdWsf2DstRefModifyItem *)i->data;
|
||||
if (g_strcmp0(old_item->id, item_id) == 0) {
|
||||
if (lasso_strisequal(old_item->id,item_id)) {
|
||||
return LASSO_IDWSF2_DST_ERROR_DUPLICATE_ITEM;
|
||||
}
|
||||
}
|
||||
|
@ -390,7 +391,7 @@ lasso_idwsf2_data_service_get_item(LassoIdWsf2DataService *service,
|
|||
}
|
||||
lasso_foreach(i, service->private_data->query_items) {
|
||||
LassoIdWsf2DstRefQueryItem *old_item = (LassoIdWsf2DstRefQueryItem *)i->data;
|
||||
if (g_strcmp0(old_item->parent.parent.itemID, item_id) == 0) {
|
||||
if (lasso_strisequal(old_item->parent.parent.itemID,item_id)) {
|
||||
return (LassoNode*)old_item;
|
||||
}
|
||||
}
|
||||
|
@ -404,7 +405,7 @@ lasso_idwsf2_data_service_get_item(LassoIdWsf2DataService *service,
|
|||
}
|
||||
lasso_foreach(i, service->private_data->modify_items) {
|
||||
LassoIdWsf2DstRefModifyItem *old_item = (LassoIdWsf2DstRefModifyItem *)i->data;
|
||||
if (g_strcmp0(old_item->id, item_id) == 0) {
|
||||
if (lasso_strisequal(old_item->id,item_id)) {
|
||||
return (LassoNode*)old_item;
|
||||
}
|
||||
}
|
||||
|
@ -427,12 +428,12 @@ gint
|
|||
lasso_idwsf2_data_service_add_namespace(LassoIdWsf2DataService *service, const char *prefix,
|
||||
const char *href)
|
||||
{
|
||||
if (xmlValidateNCName(BAD_CAST prefix, 0) && ! lasso_is_empty_string(href))
|
||||
if (xmlValidateNCName(BAD_CAST prefix, 0) && ! lasso_strisempty(href))
|
||||
return LASSO_PARAM_ERROR_INVALID_VALUE;
|
||||
|
||||
if (g_hash_table_lookup(service->private_data->namespaces, prefix) != NULL ||
|
||||
g_strcmp0(service->private_data->service_type_prefix, prefix) == 0 ||
|
||||
g_strcmp0(prefix, LASSO_IDWSF2_DSTREF_PREFIX) == 0) {
|
||||
lasso_strisequal(service->private_data->service_type_prefix,prefix) ||
|
||||
lasso_strisequal(prefix,LASSO_IDWSF2_DSTREF_PREFIX)) {
|
||||
return LASSO_PARAM_ERROR_INVALID_VALUE;
|
||||
}
|
||||
|
||||
|
@ -832,13 +833,13 @@ lasso_idwsf2_data_service_process_response_msg(
|
|||
if (! status || ! status->code) {
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_STATUS_CODE);
|
||||
}
|
||||
if (g_strcmp0(status->code, LASSO_DST2_STATUS_CODE1_FAILED) == 0) {
|
||||
if (lasso_strisequal(status->code,LASSO_DST2_STATUS_CODE1_FAILED)) {
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS);
|
||||
}
|
||||
if (g_strcmp0(status->code, LASSO_DST2_STATUS_CODE1_PARTIAL) == 0) {
|
||||
if (lasso_strisequal(status->code,LASSO_DST2_STATUS_CODE1_PARTIAL)) {
|
||||
rc = LASSO_IDWSF2_DST_ERROR_PARTIAL_FAILURE;
|
||||
}
|
||||
if (g_strcmp0(status->code, LASSO_DST2_STATUS_CODE1_OK) != 0) {
|
||||
if (lasso_strisnotequal(status->code,LASSO_DST2_STATUS_CODE1_OK)) {
|
||||
rc = LASSO_IDWSF2_DST_ERROR_UNKNOWN_STATUS_CODE;
|
||||
}
|
||||
|
||||
|
@ -909,7 +910,7 @@ lasso_idwsf2_data_service_get_query_item_result(LassoIdWsf2DataService *service,
|
|||
}
|
||||
lasso_foreach(i, service->private_data->query_datas) {
|
||||
LassoIdWsf2DstRefData *data = (LassoIdWsf2DstRefData*)i->data;
|
||||
if (g_strcmp0(data->parent.itemIDRef, item_id) == 0) {
|
||||
if (lasso_strisequal(data->parent.itemIDRef,item_id)) {
|
||||
return data;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -83,6 +83,7 @@
|
|||
#include "../id-ff/providerprivate.h"
|
||||
|
||||
#include "./discovery.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "./soap_binding.h"
|
||||
#include "./idwsf2_helper.h"
|
||||
#include "./saml2_login.h"
|
||||
|
@ -226,7 +227,7 @@ lasso_idwsf2_discovery_status2rc(LassoIdWsf2UtilStatus *status)
|
|||
return LASSO_PROFILE_ERROR_MISSING_STATUS_CODE;
|
||||
|
||||
for (i = 0; i < G_N_ELEMENTS(code2rc); ++i) {
|
||||
if (g_strcmp0(status->code, code2rc[i].code) == 0) {
|
||||
if (lasso_strisequal(status->code,code2rc[i].code)) {
|
||||
rc = code2rc[i].rc;
|
||||
}
|
||||
}
|
||||
|
@ -571,7 +572,7 @@ lasso_idwsf2_discovery_build_request_msg(LassoIdWsf2Discovery *discovery,
|
|||
GList *i;
|
||||
lasso_foreach(i, discovery->private_data->metadatas) {
|
||||
LassoIdWsf2DiscoSvcMetadata *metadata = (LassoIdWsf2DiscoSvcMetadata *)i->data;
|
||||
if (lasso_is_empty_string(metadata->svcMDID)) {
|
||||
if (lasso_strisempty(metadata->svcMDID)) {
|
||||
message(G_LOG_LEVEL_WARNING, "disco:MetadataReplace method called with " \
|
||||
"non registered metadatas " \
|
||||
"(svcMDID attribute is missing)");
|
||||
|
@ -826,7 +827,7 @@ _string_list_intersect(GList *a, GList *b)
|
|||
lasso_foreach(i, a)
|
||||
{
|
||||
lasso_foreach(j, b)
|
||||
if (g_strcmp0(i->data, j->data) == 0) {
|
||||
if (lasso_strisequal(i->data,j->data)) {
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
@ -841,7 +842,7 @@ _string_list_contains(GList *a, const char *str)
|
|||
if (a == NULL)
|
||||
return TRUE;
|
||||
lasso_foreach(i, a)
|
||||
if (g_strcmp0(i->data, str) == 0) {
|
||||
if (lasso_strisequal(i->data,str)) {
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
|
@ -916,7 +917,7 @@ lasso_idwsf2_discovery_match_request_service_and_metadata2(
|
|||
gboolean has20 = FALSE;
|
||||
lasso_foreach (k, endpoint_context->Framework) {
|
||||
LassoIdWsf2SbfFramework *framework = k->data;
|
||||
if (LASSO_IS_IDWSF2_SBF_FRAMEWORK(framework) && g_strcmp0(framework->version, "2.0") == 0)
|
||||
if (LASSO_IS_IDWSF2_SBF_FRAMEWORK(framework) && lasso_strisequal(framework->version,"2.0"))
|
||||
has20 = TRUE;
|
||||
}
|
||||
result = result && has20;
|
||||
|
@ -1033,7 +1034,7 @@ lasso_idwsf2_discovery_validate_md_register(LassoIdWsf2Discovery *discovery)
|
|||
|
||||
response = lasso_idwsf2_disco_svc_md_register_response_new();
|
||||
response->Status =
|
||||
lasso_idwsf2_util_status_new_with_code(LASSO_DISCO_STATUS_CODE_OK, NULL);
|
||||
lasso_idwsf2_util_status_new_with_code(LASSO_IDWSF2_DISCOVERY_STATUS_CODE_OK, NULL);
|
||||
for (SvcMDs = discovery->private_data->metadatas; SvcMDs != NULL; SvcMDs = g_list_next(SvcMDs)) {
|
||||
lasso_list_add_string(response->SvcMDID,
|
||||
LASSO_IDWSF2_DISCO_SVC_METADATA(SvcMDs->data)->svcMDID);
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "identity.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../utils.h"
|
||||
#include "../id-ff/identity.h"
|
||||
#include "../id-ff/identityprivate.h"
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "./idwsf2_helper.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../xml/id-wsf-2.0/disco_abstract.h"
|
||||
#include "../xml/id-wsf-2.0/disco_service_type.h"
|
||||
#include "../xml/id-wsf-2.0/disco_provider_id.h"
|
||||
|
@ -114,7 +115,7 @@ lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism(
|
|||
lasso_foreach_full_begin(LassoIdWsf2DiscoSecurityContext*, context, it1, epr->Metadata->any);
|
||||
if (LASSO_IS_IDWSF2_DISCO_SECURITY_CONTEXT (context)) {
|
||||
lasso_foreach_full_begin(char*, textnode, it2, context->SecurityMechID);
|
||||
if (g_strcmp0 (textnode, security_mech_id) == 0 || sech_mech_predicate(textnode)) {
|
||||
if (lasso_strisequal(textnode,security_mech_id) || sech_mech_predicate(textnode)) {
|
||||
return context;
|
||||
}
|
||||
lasso_foreach_full_end()
|
||||
|
@ -164,7 +165,7 @@ lasso_wsa_endpoint_reference_get_token_by_usage(
|
|||
epr, sec_mech_predicate, security_mech_id, TRUE);
|
||||
lasso_foreach_full_begin (LassoIdWsf2SecToken*, token, iter, security_context->Token);
|
||||
if (LASSO_IS_IDWSF2_SEC_TOKEN (token)) {
|
||||
if (usage && g_strcmp0(token->usage, usage) == 0) {
|
||||
if (usage && lasso_strisequal(token->usage,usage)) {
|
||||
if (LASSO_IS_NODE(token->any)) {
|
||||
return (LassoNode*)token->any;
|
||||
} else if (token->ref) {
|
||||
|
|
|
@ -38,6 +38,8 @@
|
|||
#include "../saml-2.0/profileprivate.h"
|
||||
|
||||
#include "profile.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "session.h"
|
||||
|
||||
#include "../xml/soap-1.1/soap_fault.h"
|
||||
|
@ -433,7 +435,7 @@ lasso_idwsf2_profile_check_security_mechanism(LassoIdWsf2Profile *profile,
|
|||
name_qualifier = assertion->Subject->NameID->NameQualifier;
|
||||
sp_name_qualifier = assertion->Subject->NameID->SPNameQualifier;
|
||||
}
|
||||
if (! name_qualifier || g_strcmp0(name_qualifier, issuer->ProviderID) != 0)
|
||||
if (! name_qualifier || lasso_strisnotequal(name_qualifier,issuer->ProviderID))
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_ASSERTION);
|
||||
/* There is two cases for the NameID of the security assertion:
|
||||
* - we are the IdP and the Wsp, so the NameQualifier is us and the SPNameQualifier is the
|
||||
|
@ -447,10 +449,10 @@ lasso_idwsf2_profile_check_security_mechanism(LassoIdWsf2Profile *profile,
|
|||
sender_id = lasso_soap_envelope_sb2_get_provider_id(envelope);
|
||||
if (! sender_id)
|
||||
goto_cleanup_with_rc(LASSO_WSF_PROFILE_ERROR_MISSING_SENDER_ID);
|
||||
if (local_service_id && g_strcmp0(local_service_id, name_qualifier) == 0 &&
|
||||
sp_name_qualifier && g_strcmp0(sp_name_qualifier, sender_id) == 0) {
|
||||
if (local_service_id && lasso_strisequal(local_service_id,name_qualifier) &&
|
||||
sp_name_qualifier && lasso_strisequal(sp_name_qualifier,sender_id)) {
|
||||
/* Ok. */
|
||||
} else if (sp_name_qualifier && g_strcmp0(sp_name_qualifier, local_service_id) == 0) {
|
||||
} else if (sp_name_qualifier && lasso_strisequal(sp_name_qualifier,local_service_id)) {
|
||||
/* Ok. */
|
||||
} else {
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_ASSERTION);
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "./saml2_login.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "identity.h"
|
||||
#include "server.h"
|
||||
#include "session.h"
|
||||
|
@ -240,7 +241,7 @@ lasso_saml2_assertion_idwsf2_get_discovery_bootstrap_epr(LassoSaml2Assertion *as
|
|||
continue;
|
||||
|
||||
attribute = LASSO_SAML2_ATTRIBUTE(j->data);
|
||||
if (g_strcmp0(attribute->Name, LASSO_SAML2_ATTRIBUTE_NAME_EPR) != 0)
|
||||
if (lasso_strisnotequal(attribute->Name,LASSO_SAML2_ATTRIBUTE_NAME_EPR))
|
||||
continue;
|
||||
/* There should only one attribute value, and the EPR should be the first
|
||||
* contained node */
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "server.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../id-ff/server.h"
|
||||
#include "../id-ff/serverprivate.h"
|
||||
#include "../xml/id-wsf-2.0/disco_svc_metadata.h"
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
* SECTION:idwsf2-session-extension
|
||||
*/
|
||||
#include "session.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../utils.h"
|
||||
#include "../id-ff/session.h"
|
||||
#include "../id-ff/sessionprivate.h"
|
||||
|
|
|
@ -23,6 +23,8 @@
|
|||
*/
|
||||
|
||||
#include "./soap_binding.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "../xml/id-wsf-2.0/idwsf2_strings.h"
|
||||
#include "../xml/id-wsf-2.0/sb2_sender.h"
|
||||
#include "../xml/id-wsf-2.0/sb2_redirect_request.h"
|
||||
#include "../xml/id-wsf-2.0/sb2_user_interaction_header.h"
|
||||
|
@ -238,7 +240,7 @@ lasso_soap_envelope_get_action(LassoSoapEnvelope *soap_envelope)
|
|||
|
||||
lasso_foreach(i, soap_envelope->Header->Other) {
|
||||
if (LASSO_IS_WSA_ATTRIBUTED_URI(i->data)
|
||||
&& g_strcmp0(lasso_node_get_name((LassoNode*)i->data), "Action")) {
|
||||
&& lasso_strisequal(lasso_node_get_name((LassoNode *)i->data),"Action")) {
|
||||
return ((LassoWsAddrAttributedURI*)i->data)->content;
|
||||
}
|
||||
}
|
||||
|
@ -271,9 +273,9 @@ _get_node(GList **list, GType node_type, const char *node_name, const char *node
|
|||
|
||||
if (LASSO_IS_NODE(node) &&
|
||||
(! node_type || ( G_IS_OBJECT(node) && G_OBJECT_TYPE(node) == node_type)) &&
|
||||
(! node_name || g_strcmp0(lasso_node_get_name(node), node_name) == 0) &&
|
||||
(! node_name || lasso_strisequal(lasso_node_get_name(node),node_name)) &&
|
||||
(! node_namespace ||
|
||||
g_strcmp0(lasso_node_get_namespace(node), node_namespace) == 0)) {
|
||||
lasso_strisequal(lasso_node_get_namespace(node),node_namespace))) {
|
||||
return node;
|
||||
}
|
||||
}
|
||||
|
@ -282,10 +284,10 @@ _get_node(GList **list, GType node_type, const char *node_name, const char *node
|
|||
if (! node) {
|
||||
return NULL;
|
||||
}
|
||||
if (g_strcmp0(lasso_node_get_name(node), node_name) != 0) {
|
||||
if (lasso_strisnotequal(lasso_node_get_name(node),node_name)) {
|
||||
lasso_node_set_custom_nodename(node, node_name);
|
||||
}
|
||||
if (g_strcmp0(lasso_node_get_namespace(node), node_namespace) == 0) {
|
||||
if (lasso_strisequal(lasso_node_get_namespace(node),node_namespace)) {
|
||||
lasso_node_set_custom_namespace(node, node_namespace, node_prefix);
|
||||
}
|
||||
lasso_list_add_new_gobject(*list, node);
|
||||
|
@ -435,11 +437,11 @@ lasso_soap_envelope_get_sb2_user_interaction_hint(LassoSoapEnvelope *soap_envelo
|
|||
header = lasso_soap_envelope_get_sb2_user_interaction_header(soap_envelope, FALSE);
|
||||
if (header) {
|
||||
hint = header->interact;
|
||||
if (g_strcmp0(hint, LASSO_SB2_USER_INTERACTION_INTERACT_IF_NEEDED) == 0)
|
||||
if (lasso_strisequal(hint,LASSO_SB2_USER_INTERACTION_INTERACT_IF_NEEDED))
|
||||
return LASSO_IDWSF2_SB2_USER_INTERACTION_HINT_INTERACT_IF_NEEDED;
|
||||
if (g_strcmp0(hint, LASSO_SB2_USER_INTERACTION_DO_NOT_INTERACT) == 0)
|
||||
if (lasso_strisequal(hint,LASSO_SB2_USER_INTERACTION_DO_NOT_INTERACT))
|
||||
return LASSO_IDWSF2_SB2_USER_INTERACTION_HINT_DO_NOT_INTERACT;
|
||||
if (g_strcmp0(hint, LASSO_SB2_USER_INTERACTION_DO_NOT_INTERACT_FOR_DATA) == 0)
|
||||
if (lasso_strisequal(hint,LASSO_SB2_USER_INTERACTION_DO_NOT_INTERACT_FOR_DATA))
|
||||
return LASSO_IDWSF2_SB2_USER_INTERACTION_HINT_DO_NOT_INTERACT_FOR_DATA;
|
||||
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../utils.h"
|
||||
#include "./authentication.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "../xml/private.h"
|
||||
#include "../xml/sa_sasl_request.h"
|
||||
#include "../xml/sa_sasl_response.h"
|
||||
|
|
|
@ -63,6 +63,7 @@
|
|||
|
||||
#include "./discovery.h"
|
||||
#include "./data_service.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "../xml/dst_query.h"
|
||||
#include "../xml/dst_query_response.h"
|
||||
#include "../xml/dst_modify.h"
|
||||
|
@ -236,8 +237,8 @@ lasso_data_service_get_query_item(LassoDataService *service,
|
|||
{
|
||||
LassoDstQueryItem *query_item = NULL;
|
||||
lasso_extract_node_or_fail(query_item, query_items->data, DST_QUERY_ITEM, LASSO_ERROR_CAST_FAILED);
|
||||
if ((select && g_strcmp0(select, query_item->Select) == 0) ||
|
||||
(item_id && g_strcmp0(item_id, query_item->itemID) == 0))
|
||||
if ((select && lasso_strisequal(select,query_item->Select)) ||
|
||||
(item_id && lasso_strisequal(item_id,query_item->itemID)))
|
||||
{
|
||||
if (output) {
|
||||
lasso_assign_new_gobject(*output, query_item);
|
||||
|
@ -430,7 +431,7 @@ lasso_data_service_get_answers_by_select(LassoDataService *service, const char *
|
|||
if (datas) {
|
||||
lasso_extract_node_or_fail(data, datas->data, DST_DATA,
|
||||
LASSO_ERROR_CAST_FAILED);
|
||||
if (g_strcmp0(select, query_item->Select) != 0) {
|
||||
if (lasso_strisnotequal(select,query_item->Select)) {
|
||||
data = NULL;
|
||||
rc = LASSO_DST_ERROR_QUERY_NOT_FOUND;
|
||||
}
|
||||
|
@ -443,7 +444,7 @@ lasso_data_service_get_answers_by_select(LassoDataService *service, const char *
|
|||
while (iter) {
|
||||
lasso_extract_node_or_fail(query_item, iter->data, DST_QUERY_ITEM,
|
||||
LASSO_ERROR_CAST_FAILED);
|
||||
if (g_strcmp0(query_item->Select, select) == 0) {
|
||||
if (lasso_strisequal(query_item->Select,select)) {
|
||||
break;
|
||||
}
|
||||
query_item = NULL;
|
||||
|
@ -456,7 +457,7 @@ lasso_data_service_get_answers_by_select(LassoDataService *service, const char *
|
|||
while (datas) {
|
||||
lasso_extract_node_or_fail(data, datas->data, DST_DATA,
|
||||
LASSO_ERROR_CAST_FAILED);
|
||||
if (g_strcmp0(data->itemIDRef, query_item->itemID) == 0) {
|
||||
if (lasso_strisequal(data->itemIDRef,query_item->itemID)) {
|
||||
break;
|
||||
}
|
||||
data = NULL;
|
||||
|
@ -509,7 +510,7 @@ lasso_data_service_get_answers_by_item_id(LassoDataService *service, const char
|
|||
datas = query_response->Data;
|
||||
while (datas) {
|
||||
lasso_extract_node_or_fail(data, datas->data, DST_DATA, LASSO_ERROR_CAST_FAILED);
|
||||
if (g_strcmp0(data->itemIDRef, item_id) == 0) {
|
||||
if (lasso_strisequal(data->itemIDRef,item_id)) {
|
||||
break;
|
||||
}
|
||||
data = NULL;
|
||||
|
@ -1039,6 +1040,7 @@ lasso_data_service_apply_queries(LassoDataService *service, LassoDstQueryRespons
|
|||
LassoWsfProfile *wsf_profile = NULL;
|
||||
xmlDoc *doc = NULL;
|
||||
xmlXPathContext *xpathCtx = NULL;
|
||||
GList *query = NULL;
|
||||
|
||||
lasso_bad_param(DATA_SERVICE, service);
|
||||
g_return_val_if_fail(service->private_data, LASSO_PARAM_ERROR_NON_INITIALIZED_OBJECT);
|
||||
|
@ -1066,8 +1068,8 @@ lasso_data_service_apply_queries(LassoDataService *service, LassoDstQueryRespons
|
|||
xpathCtx = xmlXPathNewContext(doc);
|
||||
lasso_register_idwsf_xpath_namespaces(xpathCtx);
|
||||
|
||||
lasso_foreach (queries, queries) {
|
||||
LassoDstQueryItem *item = queries->data;
|
||||
lasso_foreach (query, queries) {
|
||||
LassoDstQueryItem *item = query->data;
|
||||
|
||||
goto_cleanup_if_fail_with_rc(lasso_data_service_apply_query(service, query_response,
|
||||
xpathCtx, item) == 0, query_response->Data ?
|
||||
|
|
|
@ -75,6 +75,7 @@
|
|||
#include "../xml/saml_attribute_value.h"
|
||||
#include "../xml/disco_modify.h"
|
||||
#include "../xml/saml_assertion.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
|
||||
#include "../id-ff/server.h"
|
||||
#include "../id-ff/provider.h"
|
||||
|
@ -85,6 +86,7 @@
|
|||
#include "./wsf_profile_private.h"
|
||||
#include "./wsf_utils.h"
|
||||
#include "../utils.h"
|
||||
#include "./discovery.h"
|
||||
|
||||
struct _LassoDiscoveryPrivate
|
||||
{
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
*/
|
||||
|
||||
#include "id_ff_extensions.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "id_ff_extensions_private.h"
|
||||
#include "../xml/disco_description.h"
|
||||
#include "../xml/disco_resource_offering.h"
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "./interaction_profile_service.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "./wsf_profile.h"
|
||||
#include "../xml/soap-1.1/soap_detail.h"
|
||||
#include "../xml/soap-1.1/soap_fault.h"
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../xml/private.h"
|
||||
#include "./personal_profile_service.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "./data_service.h"
|
||||
#include "./wsf_profile_private.h"
|
||||
#include "./discovery.h"
|
||||
|
@ -45,7 +46,7 @@ lasso_personal_profile_service_get_email(LassoPersonalProfileService *service)
|
|||
xmlNode *xmlnode, *child;
|
||||
xmlChar *msgAccount = NULL, *msgProvider = NULL;
|
||||
char *email;
|
||||
GList *answers = NULL;
|
||||
GList *answers = NULL, *answer = NULL;
|
||||
gint rc = 0;
|
||||
|
||||
g_return_val_if_fail(LASSO_IS_PERSONAL_PROFILE_SERVICE(service) == TRUE, NULL);
|
||||
|
@ -53,9 +54,9 @@ lasso_personal_profile_service_get_email(LassoPersonalProfileService *service)
|
|||
rc = lasso_data_service_get_answers_by_select(LASSO_DATA_SERVICE(service),
|
||||
"/pp:PP/pp:MsgContact", &answers);
|
||||
|
||||
lasso_foreach(answers, answers)
|
||||
lasso_foreach(answer, answers)
|
||||
{
|
||||
xmlnode = (xmlNode*)answers->data;
|
||||
xmlnode = (xmlNode*)answer->data;
|
||||
child = xmlnode->children;
|
||||
while (child != NULL) {
|
||||
if (child->type != XML_ELEMENT_NODE) {
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#include "../utils.h"
|
||||
|
||||
#include "./wsf_profile.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
#include "./wsf_profile_private.h"
|
||||
#include "./discovery.h"
|
||||
#include "./wsf_utils.h"
|
||||
|
@ -989,12 +990,14 @@ lasso_wsf_profile_process_soap_response_msg(LassoWsfProfile *profile, const gcha
|
|||
LASSO_WSF_PROFILE_ERROR_MISSING_CORRELATION);
|
||||
|
||||
/* Check message ID */
|
||||
goto_cleanup_if_fail_with_rc(
|
||||
g_strcmp0(lasso_wsf_profile_utils_get_message_id(
|
||||
profile->soap_envelope_request),
|
||||
lasso_wsf_profile_utils_get_ref_message_id(
|
||||
profile->soap_envelope_response)) == 0,
|
||||
LASSO_WSF_PROFILE_ERROR_INVALID_OR_MISSING_REFERENCE_TO_MESSAGE_ID);
|
||||
{
|
||||
const char *message_id =
|
||||
lasso_wsf_profile_utils_get_message_id(profile->soap_envelope_request);
|
||||
const char *ref_message_id =
|
||||
lasso_wsf_profile_utils_get_ref_message_id(profile->soap_envelope_response);
|
||||
goto_cleanup_if_fail_with_rc(lasso_strisequal(message_id, ref_message_id),
|
||||
LASSO_WSF_PROFILE_ERROR_INVALID_OR_MISSING_REFERENCE_TO_MESSAGE_ID);
|
||||
}
|
||||
|
||||
/* Signal soap fault specifically,
|
||||
* find soap redirects. */
|
||||
|
|
|
@ -44,6 +44,7 @@
|
|||
#include <string.h>
|
||||
|
||||
#include "../xml/strings.h"
|
||||
#include "../xml/idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* lasso_security_mech_id_is_null_authentication:
|
||||
|
|
|
@ -286,23 +286,23 @@ void lasso_set_flag(char *flag) {
|
|||
}
|
||||
|
||||
do {
|
||||
if (g_strcmp0(flag, "verify-signature") == 0) {
|
||||
if (lasso_strisequal(flag,"verify-signature")) {
|
||||
lasso_flag_verify_signature = value;
|
||||
continue;
|
||||
}
|
||||
if (g_strcmp0(flag,"memory-debug") == 0) {
|
||||
if (lasso_strisequal(flag,"memory-debug")) {
|
||||
lasso_flag_memory_debug = value;
|
||||
continue;
|
||||
}
|
||||
if (g_strcmp0(flag,"strict-checking") == 0) {
|
||||
if (lasso_strisequal(flag,"strict-checking")) {
|
||||
lasso_flag_strict_checking = value;
|
||||
continue;
|
||||
}
|
||||
if (g_strcmp0(flag,"add-signature") == 0) {
|
||||
if (lasso_strisequal(flag,"add-signature")) {
|
||||
lasso_flag_add_signature = value;
|
||||
continue;
|
||||
}
|
||||
if (g_strcmp0(flag, "sign-messages") == 0) {
|
||||
if (lasso_strisequal(flag,"sign-messages")) {
|
||||
lasso_flag_sign_messages = value;
|
||||
continue;
|
||||
}
|
||||
|
|
|
@ -96,7 +96,8 @@ void lasso_registry_default_shutdown()
|
|||
*
|
||||
* Return value: TRUE if all field of record1 are equal to record2.
|
||||
*/
|
||||
gboolean lasso_registry_direct_mapping_equal(LassoRegistryDirectMappingRecord *record1, LassoRegistryDirectMappingRecord *record2)
|
||||
gboolean lasso_registry_direct_mapping_equal(LassoRegistryDirectMappingRecord *record1,
|
||||
LassoRegistryDirectMappingRecord *record2)
|
||||
{
|
||||
return record1->from_namespace == record2->from_namespace
|
||||
&& record1->from_name == record2->from_name
|
||||
|
@ -113,7 +114,8 @@ gboolean lasso_registry_direct_mapping_equal(LassoRegistryDirectMappingRecord *r
|
|||
*
|
||||
* Return value: TRUE if record1 is equal to record2
|
||||
*/
|
||||
gboolean lasso_registry_functional_mapping_equal(LassoRegistryFunctionalMappingRecord *record1, LassoRegistryFunctionalMappingRecord *record2)
|
||||
gboolean lasso_registry_functional_mapping_equal(LassoRegistryFunctionalMappingRecord *record1,
|
||||
LassoRegistryFunctionalMappingRecord *record2)
|
||||
{
|
||||
return record1->from_namespace == record2->from_namespace &&
|
||||
record1->to_namespace == record2->to_namespace;
|
||||
|
|
|
@ -270,28 +270,20 @@ lasso_assertion_query_process_request_msg(LassoAssertionQuery *assertion_query,
|
|||
LassoProfile *profile = NULL;
|
||||
LassoSamlp2SubjectQueryAbstract *subject_query = NULL;
|
||||
LassoSaml2Subject *subject = NULL;
|
||||
int rc = 0, rc1 = 0, rc2 = 0;
|
||||
int rc = 0;
|
||||
|
||||
g_return_val_if_fail(LASSO_IS_ASSERTION_QUERY(assertion_query),
|
||||
LASSO_PARAM_ERROR_INVALID_VALUE);
|
||||
|
||||
profile = LASSO_PROFILE(assertion_query);
|
||||
rc1 = lasso_saml20_profile_process_soap_request(profile, request_msg);
|
||||
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_soap_request(profile, request_msg));
|
||||
lasso_extract_node_or_fail(subject_query, profile->request, SAMLP2_SUBJECT_QUERY_ABSTRACT,
|
||||
LASSO_PROFILE_ERROR_INVALID_MSG);
|
||||
lasso_extract_node_or_fail(subject, subject_query->Subject, SAML2_SUBJECT,
|
||||
LASSO_PROFILE_ERROR_MISSING_SUBJECT);
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_name_identifier_decryption(profile, &subject->NameID, &subject->EncryptedID));
|
||||
|
||||
rc2 = lasso_saml20_profile_process_name_identifier_decryption(profile, &subject->NameID, &subject->EncryptedID);
|
||||
|
||||
rc = rc1;
|
||||
if (rc == 0)
|
||||
rc = rc2;
|
||||
if (rc == 0)
|
||||
rc = profile->signature_status;
|
||||
cleanup:
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
@ -384,16 +376,15 @@ lasso_assertion_query_process_response_msg(
|
|||
LassoAssertionQuery *assertion_query,
|
||||
gchar *response_msg)
|
||||
{
|
||||
LassoProfile *profile;
|
||||
LassoSamlp2StatusResponse *response;
|
||||
LassoProfile *profile = NULL;
|
||||
LassoSamlp2StatusResponse *response = NULL;
|
||||
int rc = 0;
|
||||
|
||||
lasso_bad_param(ASSERTION_QUERY, assertion_query);
|
||||
profile = &assertion_query->parent;
|
||||
response = (LassoSamlp2StatusResponse*)lasso_samlp2_response_new();
|
||||
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_any_response(profile,
|
||||
response, NULL, response_msg));
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_soap_response(profile,
|
||||
response_msg));
|
||||
|
||||
cleanup:
|
||||
lasso_release_gobject(response);
|
||||
|
@ -415,8 +406,8 @@ lasso_assertion_query_lookup_attribute(LassoAssertionQuery *assertion_query, cha
|
|||
lasso_foreach_full_begin(LassoSaml2Attribute*, attribute, it, query->Attribute)
|
||||
{
|
||||
if (LASSO_IS_SAML2_ATTRIBUTE(attribute) &&
|
||||
g_strcmp0(attribute->NameFormat, format) == 0 &&
|
||||
g_strcmp0(attribute->Name, name) == 0)
|
||||
lasso_strisequal(attribute->NameFormat,format) &&
|
||||
lasso_strisequal(attribute->Name,name))
|
||||
{
|
||||
result = attribute;
|
||||
break;
|
||||
|
|
|
@ -112,24 +112,28 @@ cleanup:
|
|||
|
||||
static gboolean want_authn_request_signed(LassoProvider *provider) {
|
||||
char *s;
|
||||
gboolean rc = TRUE;
|
||||
|
||||
s = lasso_provider_get_metadata_one_for_role(provider, LASSO_PROVIDER_ROLE_IDP,
|
||||
LASSO_SAML2_METADATA_ATTRIBUTE_WANT_AUTHN_REQUEST_SIGNED);
|
||||
if (g_strcmp0(s, "false") == 0) {
|
||||
return FALSE;
|
||||
if (lasso_strisequal(s,"false")) {
|
||||
rc = FALSE;
|
||||
}
|
||||
return TRUE;
|
||||
lasso_release_string(s);
|
||||
return rc;
|
||||
}
|
||||
|
||||
static gboolean authn_request_signed(LassoProvider *provider) {
|
||||
char *s;
|
||||
gboolean rc = FALSE;
|
||||
|
||||
s = lasso_provider_get_metadata_one_for_role(provider, LASSO_PROVIDER_ROLE_SP,
|
||||
LASSO_SAML2_METADATA_ATTRIBUTE_AUTHN_REQUEST_SIGNED);
|
||||
if (g_strcmp0(s, "true") == 0) {
|
||||
return TRUE;
|
||||
if (lasso_strisequal(s,"true")) {
|
||||
rc = TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
lasso_release_string(s);
|
||||
return rc;
|
||||
}
|
||||
|
||||
static gboolean
|
||||
|
@ -243,8 +247,7 @@ lasso_saml20_login_build_authn_request_msg(LassoLogin *login)
|
|||
|
||||
/* support old way of doing PAOS */
|
||||
if (login->http_method == LASSO_HTTP_METHOD_SOAP
|
||||
&& g_strcmp0(authn_request->ProtocolBinding,
|
||||
LASSO_SAML2_METADATA_BINDING_PAOS) == 0) {
|
||||
&& lasso_strisequal(authn_request->ProtocolBinding,LASSO_SAML2_METADATA_BINDING_PAOS)) {
|
||||
login->http_method = LASSO_HTTP_METHOD_PAOS;
|
||||
/* PAOS is special, the url passed to build_request is the AssertionConsumerServiceURL of
|
||||
* this SP, not the destination. */
|
||||
|
@ -279,7 +282,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
|
||||
/* AuthnRequest already set by .._init_idp_initiated_authn_request, or from a
|
||||
* previously failed call to process_authn_request that we retry. */
|
||||
request = profile->request;
|
||||
request = lasso_ref(profile->request);
|
||||
} else {
|
||||
request = lasso_samlp2_authn_request_new();
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_any_request(profile, request, authn_request_msg));
|
||||
|
@ -332,15 +335,15 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
if (binding == NULL) {
|
||||
if (service_index == -1)
|
||||
return LASSO_LOGIN_ERROR_NO_DEFAULT_ENDPOINT;
|
||||
} else if (g_strcmp0(binding, "HTTP-Artifact") == 0) {
|
||||
} else if (lasso_strisequal(binding,"HTTP-Artifact")) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART;
|
||||
} else if (g_strcmp0(binding, "HTTP-POST") == 0) {
|
||||
} else if (lasso_strisequal(binding,"HTTP-POST")) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST;
|
||||
} else if (g_strcmp0(binding, "HTTP-Redirect") == 0) {
|
||||
} else if (lasso_strisequal(binding,"HTTP-Redirect")) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_REDIRECT;
|
||||
} else if (g_strcmp0(binding, "SOAP") == 0) {
|
||||
} else if (lasso_strisequal(binding,"SOAP")) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP;
|
||||
} else if (g_strcmp0(binding, "PAOS") == 0) {
|
||||
} else if (lasso_strisequal(binding,"PAOS")) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP;
|
||||
}
|
||||
lasso_release_string(binding);
|
||||
|
@ -352,17 +355,16 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
remote_provider,
|
||||
authn_request->AssertionConsumerServiceURL);
|
||||
}
|
||||
if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_ARTIFACT) == 0) {
|
||||
if (lasso_strisequal(protocol_binding,LASSO_SAML2_METADATA_BINDING_ARTIFACT)) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART;
|
||||
} else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_POST) == 0) {
|
||||
} else if (lasso_strisequal(protocol_binding,LASSO_SAML2_METADATA_BINDING_POST)) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST;
|
||||
} else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_SOAP) == 0) {
|
||||
} else if (lasso_strisequal(protocol_binding,LASSO_SAML2_METADATA_BINDING_SOAP)) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP;
|
||||
} else if (g_strcmp0(protocol_binding,
|
||||
LASSO_SAML2_METADATA_BINDING_REDIRECT) == 0) {
|
||||
} else if (lasso_strisequal(protocol_binding,LASSO_SAML2_METADATA_BINDING_REDIRECT)) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_REDIRECT;
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE);
|
||||
} else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_PAOS) == 0) {
|
||||
} else if (lasso_strisequal(protocol_binding,LASSO_SAML2_METADATA_BINDING_PAOS)) {
|
||||
login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP;
|
||||
} else {
|
||||
rc = LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE;
|
||||
|
@ -383,6 +385,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
lasso_saml20_profile_init_response(profile, response,
|
||||
status1, status2);
|
||||
cleanup:
|
||||
lasso_release_gobject(request);
|
||||
lasso_release_gobject(response);
|
||||
return rc;
|
||||
}
|
||||
|
@ -410,15 +413,15 @@ lasso_saml20_login_must_authenticate(LassoLogin *login)
|
|||
GList *t1, *t2;
|
||||
int compa;
|
||||
|
||||
if (comparison == NULL || g_strcmp0(comparison, "exact") == 0) {
|
||||
if (comparison == NULL || lasso_strisequal(comparison,"exact")) {
|
||||
compa = 0;
|
||||
} else if (g_strcmp0(comparison, "minimum") == 0) {
|
||||
} else if (lasso_strisequal(comparison,"minimum")) {
|
||||
message(G_LOG_LEVEL_CRITICAL, "'minimum' comparison is not implemented");
|
||||
compa = 0;
|
||||
} else if (g_strcmp0(comparison, "better") == 0) {
|
||||
} else if (lasso_strisequal(comparison,"better")) {
|
||||
message(G_LOG_LEVEL_CRITICAL, "'better' comparison is not implemented");
|
||||
compa = 0;
|
||||
} else if (g_strcmp0(comparison, "maximum") == 0) {
|
||||
} else if (lasso_strisequal(comparison,"maximum")) {
|
||||
message(G_LOG_LEVEL_CRITICAL, "'maximum' comparison is not implemented");
|
||||
compa = 0;
|
||||
}
|
||||
|
@ -458,7 +461,7 @@ lasso_saml20_login_must_authenticate(LassoLogin *login)
|
|||
method = as->AuthnContext->AuthnContextClassRef;
|
||||
|
||||
if (compa == 0) { /* exact */
|
||||
if (g_strcmp0(method, class_ref) == 0) {
|
||||
if (lasso_strisequal(method,class_ref)) {
|
||||
matched = TRUE;
|
||||
break;
|
||||
}
|
||||
|
@ -506,7 +509,7 @@ lasso_saml20_login_must_ask_for_consent_private(LassoLogin *login)
|
|||
|
||||
if (name_id_policy) {
|
||||
char *format = name_id_policy->Format;
|
||||
if (g_strcmp0(format, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT) == 0) {
|
||||
if (lasso_strisequal(format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT)) {
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
}
|
||||
if (name_id_policy->AllowCreate == FALSE) {
|
||||
|
@ -533,22 +536,22 @@ lasso_saml20_login_must_ask_for_consent_private(LassoLogin *login)
|
|||
if (consent == NULL)
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_OBTAINED) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_OBTAINED))
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_PRIOR) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_PRIOR))
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_IMPLICIT) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_IMPLICIT))
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_EXPLICIT) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_EXPLICIT))
|
||||
goto_cleanup_with_rc (FALSE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_UNAVAILABLE) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_UNAVAILABLE))
|
||||
goto_cleanup_with_rc (TRUE)
|
||||
|
||||
if (g_strcmp0(consent, LASSO_SAML2_CONSENT_INAPPLICABLE) == 0)
|
||||
if (lasso_strisequal(consent,LASSO_SAML2_CONSENT_INAPPLICABLE))
|
||||
goto_cleanup_with_rc (TRUE)
|
||||
|
||||
cleanup:
|
||||
|
@ -651,8 +654,7 @@ lasso_saml20_login_process_federation(LassoLogin *login, gboolean is_consent_obt
|
|||
if (lasso_saml20_login_must_ask_for_consent_private(login) && !is_consent_obtained) {
|
||||
goto_cleanup_with_rc (LASSO_LOGIN_ERROR_CONSENT_NOT_OBTAINED)
|
||||
}
|
||||
if (g_strcmp0(name_id_policy_format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT) != 0) {
|
||||
if (lasso_strisnotequal(name_id_policy_format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT)) {
|
||||
/* non persistent case, TRANSIENT is handled by lasso_login_build_assertion() and
|
||||
* other format are the sole responsibility of the caller */
|
||||
goto_cleanup_with_rc (0)
|
||||
|
@ -760,6 +762,12 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
|
|||
assertion->Subject->SubjectConfirmation->SubjectConfirmationData =
|
||||
LASSO_SAML2_SUBJECT_CONFIRMATION_DATA(
|
||||
lasso_saml2_subject_confirmation_data_new());
|
||||
lasso_assign_string(
|
||||
assertion->Subject->SubjectConfirmation->SubjectConfirmationData->NotBefore,
|
||||
notBefore);
|
||||
lasso_assign_string(
|
||||
assertion->Subject->SubjectConfirmation->SubjectConfirmationData->NotOnOrAfter,
|
||||
notOnOrAfter);
|
||||
|
||||
/* If request is present, refer to it in the response */
|
||||
if (authn_request) {
|
||||
|
@ -776,8 +784,9 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
|
|||
name_id_policy = authn_request->NameIDPolicy;
|
||||
}
|
||||
/* TRANSIENT */
|
||||
if (!name_id_policy || g_strcmp0(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT) == 0) {
|
||||
if (!name_id_policy || name_id_policy->Format == NULL ||
|
||||
lasso_strisequal(name_id_policy->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED) ||
|
||||
lasso_strisequal(name_id_policy->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT)) {
|
||||
char *id = lasso_build_unique_id(32);
|
||||
|
||||
name_id = (LassoSaml2NameID*)lasso_saml2_name_id_new_with_string(id);
|
||||
|
@ -787,18 +796,18 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
|
|||
lasso_assign_string(name_id->Format, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT);
|
||||
assertion->Subject->NameID = name_id;
|
||||
/* FEDERATED */
|
||||
} else if (g_strcmp0(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT) == 0 ||
|
||||
g_strcmp0(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED) == 0) {
|
||||
} else if (lasso_strisequal(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT) ||
|
||||
lasso_strisequal(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED))
|
||||
{
|
||||
LassoFederation *federation;
|
||||
|
||||
federation = _lasso_login_saml20_get_federation(login);
|
||||
goto_cleanup_if_fail_with_rc(federation != NULL,
|
||||
LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
|
||||
|
||||
if (g_strcmp0(name_id_policy->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED) == 0) {
|
||||
if (lasso_strisequal(name_id_policy->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED)) {
|
||||
do_encrypt_nameid = TRUE;
|
||||
}
|
||||
lasso_assign_gobject(assertion->Subject->NameID,
|
||||
|
@ -1106,7 +1115,7 @@ lasso_saml20_login_check_assertion_signature(LassoLogin *login,
|
|||
if (! Issuer || /* No issuer */
|
||||
! Issuer->content || /* No issuer content */
|
||||
(Issuer->Format &&
|
||||
g_strcmp0(Issuer->Format, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY) != 0))
|
||||
lasso_strisnotequal(Issuer->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY)))
|
||||
/* Issuer format is not entity */
|
||||
{
|
||||
rc = LASSO_PROFILE_ERROR_MISSING_ISSUER;
|
||||
|
@ -1154,7 +1163,7 @@ _lasso_check_assertion_issuer(LassoSaml2Assertion *assertion, const gchar *provi
|
|||
if (! assertion->Issuer || ! assertion->Issuer->content)
|
||||
return FALSE;
|
||||
|
||||
return g_strcmp0(assertion->Issuer->content, provider_id) == 0;
|
||||
return lasso_strisequal(assertion->Issuer->content,provider_id);
|
||||
}
|
||||
|
||||
static gint
|
||||
|
@ -1235,21 +1244,19 @@ lasso_saml20_login_process_response_status_and_assertion(LassoLogin *login)
|
|||
}
|
||||
|
||||
status_value = response->Status->StatusCode->Value;
|
||||
if (status_value && g_strcmp0(status_value, LASSO_SAML2_STATUS_CODE_SUCCESS) != 0) {
|
||||
if (g_strcmp0(status_value, LASSO_SAML2_STATUS_CODE_REQUEST_DENIED) == 0)
|
||||
if (status_value && lasso_strisnotequal(status_value,LASSO_SAML2_STATUS_CODE_SUCCESS)) {
|
||||
if (lasso_strisequal(status_value,LASSO_SAML2_STATUS_CODE_REQUEST_DENIED))
|
||||
return LASSO_LOGIN_ERROR_REQUEST_DENIED;
|
||||
if (g_strcmp0(status_value, LASSO_SAML2_STATUS_CODE_RESPONDER) == 0 ||
|
||||
g_strcmp0(status_value, LASSO_SAML2_STATUS_CODE_REQUESTER)) {
|
||||
if (lasso_strisequal(status_value,LASSO_SAML2_STATUS_CODE_RESPONDER) ||
|
||||
lasso_strisequal(status_value,LASSO_SAML2_STATUS_CODE_REQUESTER)) {
|
||||
/* samlp:Responder */
|
||||
if (response->Status->StatusCode->StatusCode &&
|
||||
response->Status->StatusCode->StatusCode->Value) {
|
||||
status_value = response->Status->StatusCode->StatusCode->Value;
|
||||
if (g_strcmp0(status_value,
|
||||
LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST) == 0) {
|
||||
if (lasso_strisequal(status_value,LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST)) {
|
||||
return LASSO_LOGIN_ERROR_FEDERATION_NOT_FOUND;
|
||||
}
|
||||
if (g_strcmp0(status_value,
|
||||
LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL) == 0) {
|
||||
if (lasso_strisequal(status_value,LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL)) {
|
||||
return LASSO_LOGIN_ERROR_UNKNOWN_PRINCIPAL;
|
||||
}
|
||||
}
|
||||
|
@ -1292,7 +1299,7 @@ lasso_saml20_login_process_response_status_and_assertion(LassoLogin *login)
|
|||
if (login->private_data->request_id) {
|
||||
const char *in_response_to = lasso_saml2_assertion_get_in_response_to(assertion);
|
||||
|
||||
if (g_strcmp0(in_response_to, login->private_data->request_id) != 0) {
|
||||
if (lasso_strisnotequal(in_response_to,login->private_data->request_id)) {
|
||||
rc = LASSO_LOGIN_ERROR_ASSERTION_DOES_NOT_MATCH_REQUEST_ID;
|
||||
goto cleanup;
|
||||
}
|
||||
|
@ -1349,7 +1356,7 @@ lasso_saml20_login_accept_sso(LassoLogin *login)
|
|||
|
||||
ta = t->data;
|
||||
|
||||
if (g_strcmp0(ta->ID, assertion->ID) == 0) {
|
||||
if (lasso_strisequal(ta->ID,assertion->ID)) {
|
||||
lasso_release_list(previous_assertions);
|
||||
return LASSO_LOGIN_ERROR_ASSERTION_REPLAY;
|
||||
}
|
||||
|
@ -1367,8 +1374,7 @@ lasso_saml20_login_accept_sso(LassoLogin *login)
|
|||
|
||||
/* create federation, only if nameidentifier format is Federated */
|
||||
if (ni && ni->Format
|
||||
&& g_strcmp0(ni->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT) == 0) {
|
||||
&& lasso_strisequal(ni->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT)) {
|
||||
federation = lasso_federation_new(LASSO_PROFILE(login)->remote_providerID);
|
||||
|
||||
lasso_assign_gobject(federation->local_nameIdentifier, ni);
|
||||
|
|
|
@ -121,7 +121,7 @@ lasso_saml20_logout_process_request_msg(LassoLogout *logout, char *request_msg)
|
|||
{
|
||||
LassoProfile *profile = NULL;
|
||||
LassoSamlp2LogoutRequest *logout_request = NULL;
|
||||
int rc1 = 0, rc2 = 0;
|
||||
int rc1 = 0, rc2 = 0, rc = 0;
|
||||
|
||||
lasso_bad_param(LOGOUT, logout);
|
||||
lasso_null_param(request_msg);
|
||||
|
@ -130,26 +130,19 @@ lasso_saml20_logout_process_request_msg(LassoLogout *logout, char *request_msg)
|
|||
logout_request = (LassoSamlp2LogoutRequest*) lasso_samlp2_logout_request_new();
|
||||
rc1 = lasso_saml20_profile_process_any_request(profile, (LassoNode*)logout_request,
|
||||
request_msg);
|
||||
goto_cleanup_if_fail_with_rc(rc1 == 0, rc1);
|
||||
|
||||
logout_request = (LassoSamlp2LogoutRequest*)profile->request;
|
||||
if (rc1 && ! logout_request) {
|
||||
return rc1;
|
||||
}
|
||||
/* remember initial request method, for setting it for generating response */
|
||||
logout->initial_http_request_method = profile->http_request_method;
|
||||
|
||||
rc2 = lasso_saml20_profile_process_name_identifier_decryption(profile,
|
||||
&logout_request->NameID,
|
||||
&logout_request->EncryptedID);
|
||||
goto_cleanup_if_fail_with_rc(rc2 == 0, rc2);
|
||||
lasso_check_good_rc(lasso_saml20_profile_check_signature_status(profile));
|
||||
|
||||
cleanup:
|
||||
lasso_release_gobject(logout_request);
|
||||
if (profile->signature_status) {
|
||||
return profile->signature_status;
|
||||
}
|
||||
if (rc1) {
|
||||
return rc1;
|
||||
}
|
||||
return rc2;
|
||||
return rc;
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -182,13 +175,6 @@ lasso_saml20_logout_validate_request(LassoLogout *logout)
|
|||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_SUCCESS, NULL));
|
||||
|
||||
/* verify signature status */
|
||||
if (profile->signature_status != 0) {
|
||||
lasso_saml20_profile_set_response_status_requester(profile,
|
||||
LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE);
|
||||
return profile->signature_status;
|
||||
}
|
||||
|
||||
/* Get the name identifier */
|
||||
name_id = LASSO_SAMLP2_LOGOUT_REQUEST(profile->request)->NameID;
|
||||
if (name_id == NULL) {
|
||||
|
@ -236,7 +222,7 @@ lasso_saml20_logout_validate_request(LassoLogout *logout)
|
|||
}
|
||||
assertion_SessionIndex =
|
||||
((LassoSaml2AuthnStatement*)assertion->AuthnStatement->data)->SessionIndex;
|
||||
if (g_strcmp0(logout_request->SessionIndex, assertion_SessionIndex) != 0) {
|
||||
if (lasso_strisnotequal(logout_request->SessionIndex,assertion_SessionIndex)) {
|
||||
lasso_saml20_profile_set_response_status_responder(profile,
|
||||
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED);
|
||||
return LASSO_LOGOUT_ERROR_UNKNOWN_PRINCIPAL;
|
||||
|
@ -346,9 +332,16 @@ lasso_saml20_logout_build_response_msg(LassoLogout *logout)
|
|||
if (! LASSO_IS_SAMLP2_STATUS_RESPONSE(profile->response)) {
|
||||
/* no response set here means request denied */
|
||||
response = (LassoSamlp2StatusResponse*) lasso_samlp2_logout_response_new();
|
||||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_RESPONDER,
|
||||
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED));
|
||||
/* verify signature status */
|
||||
if (lasso_saml20_profile_check_signature_status(profile) != 0) {
|
||||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_REQUESTER,
|
||||
LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE));
|
||||
} else {
|
||||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_RESPONDER,
|
||||
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED));
|
||||
}
|
||||
}
|
||||
|
||||
/* build logout response message */
|
||||
|
@ -375,6 +368,13 @@ lasso_saml20_logout_process_response_msg(LassoLogout *logout, const char *respon
|
|||
lasso_check_good_rc(lasso_saml20_profile_process_any_response(profile, response,
|
||||
&response_method, response_msg));
|
||||
|
||||
/* only if asked we report, otherwise we do not care */
|
||||
if (profile->signature_status && lasso_profile_get_signature_verify_hint(profile) ==
|
||||
LASSO_PROFILE_SIGNATURE_HINT_FORCE)
|
||||
{
|
||||
goto_cleanup_with_rc(profile->signature_status);
|
||||
}
|
||||
|
||||
remote_provider = lasso_server_get_provider(logout->parent.server,
|
||||
logout->parent.remote_providerID);
|
||||
goto_cleanup_if_fail_with_rc(LASSO_IS_PROVIDER(remote_provider),
|
||||
|
@ -392,11 +392,11 @@ cleanup:
|
|||
|
||||
value = sub_status_code->Value;
|
||||
|
||||
if (g_strcmp0(value, LASSO_SAML2_STATUS_CODE_REQUEST_DENIED) == 0) {
|
||||
if (lasso_strisequal(value,LASSO_SAML2_STATUS_CODE_REQUEST_DENIED)) {
|
||||
rc = LASSO_LOGOUT_ERROR_REQUEST_DENIED;
|
||||
break;
|
||||
}
|
||||
if (g_strcmp0(value, LASSO_SAML2_STATUS_CODE_UNKNOWN_PRINCIPAL) == 0) {
|
||||
if (lasso_strisequal(value,LASSO_SAML2_STATUS_CODE_UNKNOWN_PRINCIPAL)) {
|
||||
rc = LASSO_LOGOUT_ERROR_UNKNOWN_PRINCIPAL;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -159,38 +159,25 @@ gint
|
|||
lasso_name_id_management_process_request_msg(LassoNameIdManagement *name_id_management,
|
||||
char *request_msg)
|
||||
{
|
||||
int rc1 = 0, rc2 = 0;
|
||||
LassoProfile *profile = NULL;
|
||||
LassoSamlp2ManageNameIDRequest *request = NULL;
|
||||
int rc = 0;
|
||||
|
||||
lasso_bad_param(NAME_ID_MANAGEMENT, name_id_management);
|
||||
lasso_null_param(request_msg);
|
||||
|
||||
/* Parsing */
|
||||
profile = LASSO_PROFILE(name_id_management);
|
||||
request = (LassoSamlp2ManageNameIDRequest*)lasso_samlp2_manage_name_id_request_new();
|
||||
rc1 = lasso_saml20_profile_process_any_request(profile,
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_any_request(profile,
|
||||
(LassoNode*)request,
|
||||
request_msg);
|
||||
|
||||
if (! LASSO_IS_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)) {
|
||||
return LASSO_PROFILE_ERROR_MISSING_REQUEST;
|
||||
}
|
||||
|
||||
/* NameID treatment */
|
||||
rc2 = lasso_saml20_profile_process_name_identifier_decryption(profile,
|
||||
&request->NameID, &request->EncryptedID);
|
||||
request_msg));
|
||||
lasso_check_good_rc(lasso_saml20_profile_process_name_identifier_decryption(profile,
|
||||
&request->NameID, &request->EncryptedID));
|
||||
lasso_check_good_rc(lasso_saml20_profile_check_signature_status(profile));
|
||||
|
||||
cleanup:
|
||||
lasso_release_gobject(request);
|
||||
if (profile->signature_status) {
|
||||
return profile->signature_status;
|
||||
}
|
||||
if (rc1)
|
||||
return rc1;
|
||||
if (rc2)
|
||||
return rc2;
|
||||
|
||||
return 0;
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
|
@ -303,6 +290,7 @@ lasso_name_id_management_build_response_msg(LassoNameIdManagement *name_id_manag
|
|||
{
|
||||
LassoProfile *profile = NULL;
|
||||
LassoSamlp2StatusResponse *response;
|
||||
int rc = 0;
|
||||
|
||||
lasso_bad_param(NAME_ID_MANAGEMENT, name_id_management);
|
||||
profile = &name_id_management->parent;
|
||||
|
@ -310,13 +298,22 @@ lasso_name_id_management_build_response_msg(LassoNameIdManagement *name_id_manag
|
|||
/* no response set here means request denied */
|
||||
if (! LASSO_IS_SAMLP2_STATUS_RESPONSE(profile->response)) {
|
||||
response = (LassoSamlp2StatusResponse*)lasso_samlp2_manage_name_id_response_new();
|
||||
lasso_saml20_profile_init_response(profile, response, LASSO_SAML2_STATUS_CODE_RESPONDER,
|
||||
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED);
|
||||
if (lasso_saml20_profile_check_signature_status(profile)) {
|
||||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_REQUESTER,
|
||||
LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE));
|
||||
} else {
|
||||
lasso_check_good_rc(lasso_saml20_profile_init_response(profile, response,
|
||||
LASSO_SAML2_STATUS_CODE_RESPONDER,
|
||||
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED));
|
||||
}
|
||||
lasso_release_gobject(response);
|
||||
}
|
||||
|
||||
/* use the same binding as for the request */
|
||||
return lasso_saml20_profile_build_response_msg(profile, "ManageNameIDService", profile->http_request_method, NULL);
|
||||
rc = lasso_saml20_profile_build_response_msg(profile, "ManageNameIDService", profile->http_request_method, NULL);
|
||||
cleanup:
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
|
@ -348,7 +345,7 @@ lasso_name_id_management_process_response_msg(
|
|||
lasso_check_good_rc(lasso_saml20_profile_process_any_response(profile, response, NULL, response_msg));
|
||||
|
||||
/* Stop here if signature validation failed. */
|
||||
goto_cleanup_if_fail_with_rc(profile->signature_status == 0, profile->signature_status);
|
||||
lasso_check_good_rc(lasso_saml20_profile_check_signature_status(profile));
|
||||
|
||||
if (LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->Terminate) {
|
||||
lasso_identity_remove_federation(profile->identity, profile->remote_providerID);
|
||||
|
@ -530,7 +527,7 @@ lasso_name_id_management_new_from_dump(LassoServer *server, const char *dump)
|
|||
*
|
||||
* Dumps @name_id_management content to an XML string.
|
||||
*
|
||||
* Return value: the dump string. It must be freed by the caller.
|
||||
* Return value:(transfer full): the dump string. It must be freed by the caller.
|
||||
**/
|
||||
gchar*
|
||||
lasso_name_id_management_dump(LassoNameIdManagement *name_id_management)
|
||||
|
|
|
@ -605,8 +605,9 @@ cleanup:
|
|||
* validation fails no error code will be returned, you must explicitely verify the
|
||||
* profile->signature_status code.
|
||||
*
|
||||
* Return value: 0 if parsing is successful (even if signature validation fails), and error code
|
||||
* otherwise.
|
||||
* Return value: 0 if parsing is successful (even if signature validation fails), and otherwise,
|
||||
* LASSO_PROFILE_ERROR_INVALID_MSG, LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE, *
|
||||
* LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
|
||||
*/
|
||||
int
|
||||
lasso_saml20_profile_process_any_request(LassoProfile *profile,
|
||||
|
@ -704,13 +705,15 @@ lasso_saml20_profile_process_soap_request(LassoProfile *profile,
|
|||
remote_provider, request_msg, "ID", LASSO_MESSAGE_FORMAT_SOAP);
|
||||
|
||||
switch (lasso_profile_get_signature_verify_hint(profile)) {
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||||
rc = profile->signature_status;
|
||||
break;
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
|
||||
break;
|
||||
default:
|
||||
g_assert(0);
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST:
|
||||
g_assert_not_reached();
|
||||
break;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
|
@ -1245,6 +1248,11 @@ lasso_saml20_profile_build_response_msg(LassoProfile *profile, char *service,
|
|||
}
|
||||
}
|
||||
|
||||
if (url) {
|
||||
lasso_assign_string(((LassoSamlp2StatusResponse*)profile->response)->Destination,
|
||||
url);
|
||||
}
|
||||
|
||||
switch (method) {
|
||||
case LASSO_HTTP_METHOD_POST:
|
||||
rc = lasso_saml20_profile_build_post_response_msg(profile, url);
|
||||
|
@ -1276,7 +1284,9 @@ _lasso_saml20_is_valid_issuer(LassoSaml2NameID *name_id) {
|
|||
if (! LASSO_IS_SAML2_NAME_ID(name_id))
|
||||
return FALSE;
|
||||
|
||||
if (name_id->Format && g_strcmp0(name_id->Format, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY) != 0) {
|
||||
if (name_id->Format &&
|
||||
lasso_strisnotequal(name_id->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
return TRUE;
|
||||
|
@ -1377,8 +1387,7 @@ lasso_saml20_profile_process_any_response(LassoProfile *profile,
|
|||
LASSO_PROFILE_ERROR_MISSING_STATUS_CODE);
|
||||
lasso_extract_node_or_fail(status_code1, status->StatusCode, SAMLP2_STATUS_CODE,
|
||||
LASSO_PROFILE_ERROR_MISSING_STATUS_CODE);
|
||||
if (g_strcmp0(status_code1->Value,
|
||||
LASSO_SAML2_STATUS_CODE_SUCCESS) != 0)
|
||||
if (lasso_strisnotequal(status_code1->Value,LASSO_SAML2_STATUS_CODE_SUCCESS))
|
||||
{
|
||||
LassoSamlp2StatusCode *status_code2 = status_code1->StatusCode;
|
||||
rc = LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS;
|
||||
|
@ -1604,3 +1613,28 @@ lasso_saml20_profile_setup_encrypted_node(LassoProvider *provider,
|
|||
lasso_release_gobject(*node_to_encrypt);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check the profile->signature_status flag, if signature validation is activated, report it as an
|
||||
* error, if not not return 0.
|
||||
*/
|
||||
int
|
||||
lasso_saml20_profile_check_signature_status(LassoProfile *profile) {
|
||||
int rc = 0;
|
||||
|
||||
if (profile->signature_status) {
|
||||
switch (lasso_profile_get_signature_verify_hint(profile)) {
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
|
||||
rc = profile->signature_status;
|
||||
break;
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
|
||||
break;
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_LAST:
|
||||
g_assert_not_reached();
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
|
|
@ -78,6 +78,7 @@ gint lasso_profile_saml20_setup_message_signature(LassoProfile *profile,
|
|||
gint lasso_saml20_profile_setup_encrypted_node(LassoProvider *provider,
|
||||
LassoNode **node_to_encrypt, LassoNode **node_destination);
|
||||
int lasso_saml20_profile_setup_subject(LassoProfile *profile, LassoSaml2Subject *subject);
|
||||
int lasso_saml20_profile_check_signature_status(LassoProfile *profile);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -186,10 +186,10 @@ compare_endpoint_type(const EndpointType *a, const EndpointType *b) {
|
|||
return -1;
|
||||
if (a->role > b->role)
|
||||
return +1;
|
||||
c = g_strcmp0(a->kind, b->kind);
|
||||
c = g_strcmp0(a->kind,b->kind);
|
||||
if (c != 0)
|
||||
return c;
|
||||
c = g_strcmp0(a->binding, b->binding);
|
||||
c = g_strcmp0(a->binding,b->binding);
|
||||
if (c != 0)
|
||||
return c;
|
||||
if (a->is_default && ! b->is_default)
|
||||
|
@ -347,7 +347,7 @@ load_descriptor(xmlNode *xmlnode, LassoProvider *provider, LassoProviderRole rol
|
|||
break;
|
||||
token = strtok_r(NULL, " ", &saveptr);
|
||||
}
|
||||
if (g_strcmp0(token, LASSO_SAML2_PROTOCOL_HREF) != 0) {
|
||||
if (lasso_strisnotequal(token,LASSO_SAML2_PROTOCOL_HREF)) {
|
||||
lasso_release_xml_string(value);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -507,7 +507,7 @@ lasso_saml20_provider_get_first_http_method(G_GNUC_UNUSED LassoProvider *provide
|
|||
|
||||
lasso_foreach(t, remote_provider->private_data->endpoints) {
|
||||
EndpointType *endpoint_type = (EndpointType*)t->data;
|
||||
if (endpoint_type && g_strcmp0(endpoint_type->kind, kind) == 0) {
|
||||
if (endpoint_type && lasso_strisequal(endpoint_type->kind, kind)) {
|
||||
result = binding_uri_to_http_method(endpoint_type->binding);
|
||||
if (result) break;
|
||||
}
|
||||
|
@ -535,7 +535,7 @@ lasso_saml20_provider_accept_http_method(G_GNUC_UNUSED LassoProvider *provider,
|
|||
lasso_foreach(t, remote_provider->private_data->endpoints) {
|
||||
EndpointType *endpoint_type = (EndpointType*)t->data;
|
||||
if (endpoint_type && endpoint_type->role == remote_provider->role &&
|
||||
g_strcmp0(endpoint_type->kind, kind) == 0) {
|
||||
lasso_strisequal(endpoint_type->kind, kind)) {
|
||||
if (binding_uri_to_http_method(endpoint_type->binding) == http_method) {
|
||||
return TRUE;
|
||||
}
|
||||
|
@ -550,11 +550,11 @@ lasso_saml20_provider_check_assertion_consumer_service_url(LassoProvider *provid
|
|||
{
|
||||
GList *t = NULL;
|
||||
|
||||
lasso_foreach (provider->private_data->endpoints, t) {
|
||||
lasso_foreach (t, provider->private_data->endpoints) {
|
||||
EndpointType *endpoint_type = (EndpointType*) t->data;
|
||||
if (endpoint_type && endpoint_type->role == LASSO_PROVIDER_ROLE_SP
|
||||
&& g_strcmp0(endpoint_type->url, url) == 0
|
||||
&& g_strcmp0(endpoint_type->binding, binding) == 0)
|
||||
&& lasso_strisequal(endpoint_type->url,url)
|
||||
&& lasso_strisequal(endpoint_type->binding,binding))
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
|
@ -569,7 +569,7 @@ static gboolean match_any(const char *key, const char *array[]) {
|
|||
const char **t = array;
|
||||
|
||||
while (*t) {
|
||||
if (g_strcmp0(key, *t) == 0) {
|
||||
if (lasso_strisequal(key,*t)) {
|
||||
return TRUE;
|
||||
}
|
||||
t++;
|
||||
|
@ -590,7 +590,7 @@ lasso_saml20_provider_get_assertion_consumer_service(LassoProvider *provider, in
|
|||
if (! endpoint_type)
|
||||
continue;
|
||||
if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP &&
|
||||
g_strcmp0(endpoint_type->kind, kind) == 0 &&
|
||||
lasso_strisequal(endpoint_type->kind,kind) &&
|
||||
endpoint_type->index == service_id)
|
||||
{
|
||||
result = endpoint_type;
|
||||
|
@ -603,7 +603,7 @@ lasso_saml20_provider_get_assertion_consumer_service(LassoProvider *provider, in
|
|||
if (! endpoint_type)
|
||||
continue;
|
||||
if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP &&
|
||||
g_strcmp0(endpoint_type->kind, kind) == 0 &&
|
||||
lasso_strisequal(endpoint_type->kind,kind) &&
|
||||
match_any(endpoint_type->binding,
|
||||
supported_assertion_consumer_bindings))
|
||||
{
|
||||
|
@ -651,8 +651,8 @@ lasso_saml20_provider_get_assertion_consumer_service_binding_by_url(LassoProvide
|
|||
if (! endpoint_type)
|
||||
continue;
|
||||
if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP &&
|
||||
g_strcmp0(endpoint_type->kind, kind) == 0 &&
|
||||
g_strcmp0(endpoint_type->url, url) == 0)
|
||||
lasso_strisequal(endpoint_type->kind,kind) &&
|
||||
lasso_strisequal(endpoint_type->url,url))
|
||||
{
|
||||
return endpoint_type->binding;
|
||||
}
|
||||
|
@ -672,8 +672,8 @@ lasso_saml20_provider_get_assertion_consumer_service_url_by_binding(LassoProvide
|
|||
if (! endpoint_type)
|
||||
continue;
|
||||
if (endpoint_type->role == LASSO_PROVIDER_ROLE_SP &&
|
||||
g_strcmp0(endpoint_type->kind, kind) == 0 &&
|
||||
g_strcmp0(endpoint_type->binding, binding) == 0)
|
||||
lasso_strisequal(endpoint_type->kind,kind) &&
|
||||
lasso_strisequal(endpoint_type->binding,binding))
|
||||
{
|
||||
return endpoint_type->url;
|
||||
}
|
||||
|
|
|
@ -87,7 +87,7 @@ lasso_saml2_assertion_is_audience_restricted(LassoSaml2Assertion *saml2_assertio
|
|||
if (LASSO_IS_SAML2_AUDIENCE_RESTRICTION(it->data)) {
|
||||
LassoSaml2AudienceRestriction *saml2_audience_restriction;
|
||||
saml2_audience_restriction = (LassoSaml2AudienceRestriction*)it->data;
|
||||
if (g_strcmp0(saml2_audience_restriction->Audience, providerID) == 0)
|
||||
if (lasso_strisequal(saml2_audience_restriction->Audience,providerID))
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
@ -564,7 +564,7 @@ lasso_saml2_assertion_allows_proxying_to(LassoSaml2Assertion *saml2_assertion, c
|
|||
return LASSO_SAML2_ASSERTION_VALID;
|
||||
|
||||
/* FIXME: Change saml2:ProxyRestriction class */
|
||||
if (g_strcmp0(proxy_restriction->Audience, audience) != 0) {
|
||||
if (lasso_strisnotequal(proxy_restriction->Audience,audience)) {
|
||||
return LASSO_SAML2_ASSERTION_INVALID;
|
||||
}
|
||||
|
||||
|
@ -597,7 +597,7 @@ lasso_saml2_assertion_validate_audience(LassoSaml2Assertion *saml2_assertion,
|
|||
lasso_foreach_full_begin (LassoSaml2AudienceRestriction*, saml2_audience_restriction, it,
|
||||
saml2_conditions->AudienceRestriction)
|
||||
did_audience = TRUE;
|
||||
if (g_strcmp0(saml2_audience_restriction->Audience, audience) == 0) {
|
||||
if (lasso_strisequal(saml2_audience_restriction->Audience,audience)) {
|
||||
found_audience = TRUE;
|
||||
}
|
||||
lasso_foreach_full_end()
|
||||
|
@ -654,10 +654,11 @@ lasso_saml2_assertion_get_issuer_provider(const LassoSaml2Assertion *saml2_asser
|
|||
g_return_val_if_fail (LASSO_IS_SAML2_ASSERTION (saml2_assertion), NULL);
|
||||
issuer = saml2_assertion->Issuer;
|
||||
g_return_val_if_fail (LASSO_IS_SAML2_NAME_ID (issuer), NULL);
|
||||
g_return_val_if_fail (issuer->Format == NULL || g_strcmp0(issuer->Format,
|
||||
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY) == 0, NULL);
|
||||
g_return_val_if_fail (issuer->Format == NULL ||
|
||||
lasso_strisequal(issuer->Format,LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY),
|
||||
NULL);
|
||||
g_return_val_if_fail (LASSO_IS_SERVER(server), NULL);
|
||||
if (g_strcmp0(server->parent.ProviderID, issuer->content) == 0) {
|
||||
if (lasso_strisequal(server->parent.ProviderID,issuer->content)) {
|
||||
return (LassoProvider*)&server->parent;
|
||||
}
|
||||
return lasso_server_get_provider (server, issuer->content);
|
||||
|
|
|
@ -477,11 +477,6 @@
|
|||
#define lasso_null_param(name) \
|
||||
g_return_val_if_fail(name != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
|
||||
|
||||
inline static gboolean
|
||||
lasso_is_empty_string(const char *str) {
|
||||
return ((str) == NULL || (str)[0] == '\0');
|
||||
}
|
||||
|
||||
/**
|
||||
* lasso_check_non_empty_string:
|
||||
* @str: a char pointer
|
||||
|
@ -490,7 +485,7 @@ lasso_is_empty_string(const char *str) {
|
|||
* LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ.
|
||||
*/
|
||||
#define lasso_check_non_empty_string(str) \
|
||||
goto_cleanup_if_fail_with_rc(! lasso_is_empty_string(str), \
|
||||
goto_cleanup_if_fail_with_rc(! lasso_strisempty(str), \
|
||||
LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
|
||||
|
||||
/*
|
||||
|
@ -659,4 +654,22 @@ GObject * lasso_extract_gtype_from_list_or_new(GType type, GList **list, gboolea
|
|||
fprintf(stderr, ## args); \
|
||||
}
|
||||
|
||||
/* Lasso string data helpers */
|
||||
inline static gboolean
|
||||
lasso_strisequal(const char *a, const char *b) {
|
||||
return (g_strcmp0(a,b) == 0);
|
||||
}
|
||||
inline static gboolean
|
||||
lasso_strisnotequal(const char *a, const char *b) {
|
||||
return ! lasso_strisequal(a,b);
|
||||
}
|
||||
inline static gboolean
|
||||
lasso_strisempty(const char *str) {
|
||||
return ((str) == NULL || (str)[0] == '\0');
|
||||
}
|
||||
inline static gboolean
|
||||
lasso_xmlstrisnotequal(const xmlChar *a, const xmlChar *b) {
|
||||
return lasso_strisnotequal((char*)a, (char*)b);
|
||||
}
|
||||
|
||||
#endif /* __LASSO_UTILS_H__ */
|
||||
|
|
|
@ -76,6 +76,7 @@ WSF_C_FILES = \
|
|||
utility_status.c
|
||||
|
||||
WSF_H_FILES = \
|
||||
idwsf_strings.h \
|
||||
disco_authenticate_requester.h \
|
||||
disco_authenticate_session_context.h \
|
||||
disco_authorize_requester.h \
|
||||
|
@ -193,7 +194,6 @@ liblasso_xml_la_SOURCES = \
|
|||
|
||||
liblassoinclude_HEADERS = \
|
||||
strings.h \
|
||||
idwsf_strings.h \
|
||||
xml.h \
|
||||
ds_key_info.h \
|
||||
ds_key_value.h \
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_authenticate_requester.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_authenticate_requester
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_authenticate_session_context.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_authenticate_session_context
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_authorize_requester.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_authorize_requester
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_credentials.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_credentials
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_description.h"
|
||||
#include "./idwsf_strings.h"
|
||||
#include "../id-wsf/wsf_utils.h"
|
||||
#include "../utils.h"
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_encrypt_resource_id.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_encrypt_resource_id
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_encrypted_resource_id.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_encrypted_resource_id
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_generate_bearer_token.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_generate_bearer_token
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_insert_entry.h"
|
||||
#include "./idwsf_strings.h"
|
||||
#include "../utils.h"
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_modify.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_modify
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_modify_response.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_modify_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_options.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_options
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_query.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_query
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_query_response.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_query_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_remove_entry.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_remove_entry
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_requested_service_type.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_requested_service_type
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_resource_id.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_resource_id
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_resource_offering.h"
|
||||
#include "./idwsf_strings.h"
|
||||
#include "../utils.h"
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_send_single_logout.h"
|
||||
#include "./idwsf_strings.h"
|
||||
#include "../registry.h"
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "disco_service_instance.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_service_instance
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_data.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_data
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_modification.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_modification
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_modify.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_modify
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_modify_response.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_modify_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_new_data.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_new_data
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_query.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_query
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_query_item.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_query_item
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "private.h"
|
||||
#include "dst_query_response.h"
|
||||
#include "./idwsf_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_query_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_abstract.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_abstract
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_endpoint_context.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
#include "sbf_framework.h"
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_keys.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_keys
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_options.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_options
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_provider_id.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_provider_id
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_query.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_query
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_query_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_query_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_requested_service.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_requested_service
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_security_context.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_security_context
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_service_context.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_service_context
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_service_type.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_service_type
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_add.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_add
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_add_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_add_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_delete.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_delete
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_delete_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_delete_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_query.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_query
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_association_query_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_association_query_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_delete.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_delete
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_delete_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_delete_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_query.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_query
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_query_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_query_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_register.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
#include "disco_svc_metadata.h"
|
||||
|
||||
/**
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_register_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_register_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_replace.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_replace
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_md_replace_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:disco_svc_md_replace_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "disco_svc_metadata.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
#include "disco_endpoint_context.h"
|
||||
#include "disco_service_context.h"
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "dst_data_response_base.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_data_response_base
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "dst_delete_item_base.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_delete_item_base
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "dst_delete_response.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_delete_response
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include "../private.h"
|
||||
#include "dst_request.h"
|
||||
#include "./idwsf2_strings.h"
|
||||
|
||||
/**
|
||||
* SECTION:dst_request
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue