summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2014-08-28 14:01:37 (GMT)
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2014-08-28 14:02:06 (GMT)
commitd95a7afcb6787c79b6d47265ab71fbfacc624f82 (patch)
tree8eafc06e4536a9074f434ab18200fc974faa7628
parent8484e7a065835daa94ac680445c9628afb01afa7 (diff)
downloadlasso-d95a7afcb6787c79b6d47265ab71fbfacc624f82.zip
lasso-d95a7afcb6787c79b6d47265ab71fbfacc624f82.tar.gz
lasso-d95a7afcb6787c79b6d47265ab71fbfacc624f82.tar.bz2
Release 2.4.1v2.4.1
-rw-r--r--ChangeLog42445
-rw-r--r--NEWS12
-rw-r--r--configure.ac2
-rw-r--r--website/web/doap.rdf8
-rw-r--r--website/web/download/index.xml2
-rw-r--r--website/web/news/22-release-2.4.1.xml15
6 files changed, 11718 insertions, 30766 deletions
diff --git a/ChangeLog b/ChangeLog
index 9ffd060..c3e80d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,30082 +1,14727 @@
-2010-09-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-08-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * configure.ac, lasso/saml-2.0/profile.c:
- [SAMLv2] when no artifact message is present, still return a success
- status
+ Add tool gitlog-to-changelog
- It is mandated by the specification.
-
-2010-09-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-
- * tests/integration/saml2/__init__.py:
- [Tests integration] fix configuration variable name
-
-2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-
- * lasso/id-ff/provider.c:
- [Core] fix memory leak in lasso_endpoint_free
+2014-08-12 Frédéric Péters <fpeters@entrouvert.com>
-2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ saml-2.0: set NotOnOrAfter on the Conditions element (#5248)
+ This is actually required for interoperability with Dropbox SAML support.
- * lasso/id-ff/provider.c, lasso/saml-2.0/provider.c:
- [ID-FFv1.2&SAMLv2] add more warning for failure to load metadata file
+2014-08-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- Report detailf of the failure through warning log.
+ doc: add lasso_server_add_provider2 and lasso_server_load_metadata
-2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-08-11 Frédéric Péters <fpeters@entrouvert.com>
- * lasso/saml-2.0/profile.c, lasso/xml/strings.h:
- [SAMLv2] when failing to recreate the content for the ArtefactResponse set a lasso specific status code
+ perl: keep on using PREFIX, required for distcheck
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ reformat gtk-doc function comment to work with gtk-doc 1.21
- * lasso/saml-2.0/profile.c:
- [SAMLv2] change the way content is stored and loaded for the
- HTTP-Artifact binding
+2014-08-11 Simon Josefsson <simon@josefsson.org>
- Previously content was stored as the result of lasso_node_dump method
- then reloaded, and then serialized again as part of the
- ArtifactResponse message. lasso_node_dump was ignoring all hint to
- sign node, but keeping the needed parameters around. That's not what
- must be done, the signature should happen at the generation of the
- artifact and the result must manipulated as is (i.e. XML content) and
- never moved back to the land of LassoNode objects.
-
- Now the content is:
- - first removed of any signature at the message level, because the
- ArtifactResponse will take care of this, (any signature under this
- level (like at the assertion) is kept),
- - serialized using lasso_node_export_to_xml,
- - reloaded using lasso_xml_parse_memory,
- - and put into the ArtifactResponse using a
- lasso_misc_text_node_new_with_xml_node.
+ fix pkg-config typo.
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-08-06 Niko Tyni <ntyni@debian.org>
- * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h:
- [SAMLv2] make lasso_saml20_profile_generate_artifact a static function
+ Use INSTALLDIRS=vendor for the Perl bindings, as per the Debian Perl policy
+ Debian packaged Perl modules should be installed into the vendor
+ directories (currently /usr/lib/perl5 and /usr/share/perl5), but the
+ upstream default puts the into the 'site' ones (modified with the
+ PREFIX setting.) Explicitly using INSTALLDIRS=vendor simplifies
+ the install rules and removes the need for PREFIX, which has
+ been deprecated in ExtUtils::MakeMaker for a long time.
- It is only used in lasso/saml-2.0/profile.c anyway.
+2014-07-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ Restore not-unused code
+ Clang was wrong on one instance, a value must be initialized to its NULL
+ state before using any lasso_assign_ macro with it.
- * lasso/xml/xml.c:
- [Core] load signature parameters
+ Bug introduced in 4789e8d4d68eb.
- Generic signature parameters (attached as qdata to nodes) is now
- reloaded when initializing a node from XML for a node type with a
- signature snippet in its metadatas.
+2014-07-30 Simo Sorce <simo@redhat.com>
- It fixes the problematic usage of ciphered private keys with the
- HTTP-Artifact binding (which needs to keep a copy of the AuthnResponse
- around and to sign it later).
+ One more uninitialized value
+ encode_key may be release when not initialized if va_args returns null
+ on the first while loop.
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * lasso/xml/xml.c:
- [Core] add private function to read an integer attribute
+2014-07-30 Simo Sorce <simo@redhat.com>
- This function does integer parsing and range checks, it returns TRUE if
- all goes well.
+ Fix potential null dereference errors
+ Ina number of cases function inputs are not checked for NULL although
+ values may end up with a NULL value and then they are dereferenced
+ directly.
+ Check values in the function (or the caller) if appropriate.
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * lasso/xml/tools.c, lasso/xml/xml.h:
- [Core] add LAST enum values to LassoSignatureMethod and
- LassoSignatureType enumerations
+2014-07-30 Simo Sorce <simo@redhat.com>
- It helps making range checks.
+ Do not dereference null pointers
+ Sounds like these should all be boolean 'OR's, otherwise,
+ if profile is not in fact a lasso profile then profile->private_data
+ will be dereferenced even if it is NULL.
+ Found by Clang
-2010-09-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * bindings/java/lang.py, bindings/perl/lang.py,
- bindings/php5/wrapper_source.py, bindings/python/lang.py,
- lasso/xml/strings.h:
- [Strings] add string constant for the internal XML attributes used in
- dumps
+2014-07-30 Simo Sorce <simo@redhat.com>
- Add string constants for signature method, signature type, private key
- (file path or content), private key password and certificate (file
- path or content).
+ Rearrange case checking to avoid compiler warnings
+ The compiler was complaining that 'compa' could be uninitialized.
+ USe this occasion to make the code simpler to understand and assign
+ actually meaningful values to the variable, even though the proper
+ actions are not implemented yet.
- Add cast for xmlChar constant strings definition in python bindings,
- it assumed all constant strings were char*.
+ License: MIT
-2010-08-31 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso.doap:
- [DOAP] fix typos
+ Properly exit on error
+ The rc error was being set but then it was being ignored.
+ Get out immediately if an Issuer can't be found.
- Tags were badly formatted.
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/saml-2.0/login.c:
- [SAMLv2] mark Redirect binding as an invalid binding for return AuthnResponse
+ Consistently check dsig_reference_ctx
+ Check if this is not NULL in all cases, to avoid NULL pointer dereference.
+ Found by clang
- This is really not supported by the SAMLv2 protocol.
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/saml-2.0/login.c:
- [SAMLv2] fix string in comment
+ Trim unused code
+ Clang complains these values are never used, avoid even assigning them.
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * lasso/saml-2.0/login.c:
- [SAMLv2] replace use of lasso_provider_get_default_name_id_format with direct use of lasso_provider_get_metadata_one_for_role
+2014-07-30 Simo Sorce <simo@redhat.com>
- The first is trying to use provider->role to know which kind of role
- descriptor to lookup, but for the server object this field is 0 and
- when building authn request we know that we want our default
- NameIDFormat for the SP sso descriptor.
+ Trim dead code
+ These conditions can never be reached as the list is filtered with
+ and and to the value of 0xff, so just drop them, they are misleading.
+ (Also silences checkers which were screaming of deadcode, for each and
+ every unmatchable value ...)
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * lasso/saml-2.0/provider.c:
- [SAMLv2] rebuild specialized LassoProvider methods upon new endpoints storage
+2014-07-30 Simo Sorce <simo@redhat.com>
- The new way of storing endpoints allows to keep ordering between
- endpoints with respect to the order of the index and isDefault field
- for indexed endpoint type, and to the XML node orders for other
- endpoints.
+ Fix confusing loop test
+ Coverity was marking the check for tsnippet after the while loop,
+ confused by the check. Make it more readable, and in the process
+ make checkers happy too.
- It also simplifies the code.
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/id-ff/provider.c:
- [Core] add destroy code for new private field endpoints
+ Fix some uninitialized value
+ The compiler complain about these values not being initialized.
+ come of them do not really matter as they are only really used when
+ later initialized in the code and the code paths would not use them
+ if not initialized in a previous block, however some of these seem
+ real issues.
+ In all cases make the compiler happy so we get less noise in the build
+ and less false positives in code chckers.
- The contained string must be disallocated if the object is destroyed.
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/id-ff/providerprivate.h:
- [Core] add structure to store endpoints type for metadata files
+ Missing check for Sig_Alg value
+ Initialize the sig_alg value to NULL (The compilers was complaining it may
+ be used initialized), but also make sure to check the re is any sig_alg at
+ all, otherwise return a proper error.
- This new C structure will allow to filter ID-FFv1.2 and SAMLv2
- endpoints more easily.
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/xml/xml.c:
- [XML] use strtol instead of atoi to parse XSchema integers
+ Fix boundary check
+ Coverity was marking this as an array overun as the check would never be
+ possible and wuld allow any value for query_request_type, including "unset"
+ wihch is 0.
+ fix the boundary checks.
- This commit also reject negative integers from being parsed (all
- integers in SAMLv2 and ID-FFv1.2 schemas are positive integers).
+ License: MIT
-2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/saml-2.0/login.c:
- [SAMLv2] when AuthnRequest contains invalid attributes returns
- INVALID_REQUEST not NO_DEFAULT_ENDPOINT
+ Fix uninitialized values found by Coverity
+ These values where being used without being initialized at least in some edge
+ cases. Make Coverity happy by properly initializing them.
+ Some of these are real bugs, not just silencing a tool.
- This is the right status to return.
+ License: MIT
-2010-08-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * lasso/id-ff/provider.h:
- [Core] fix change of enumeration value
+ Fix format check for date
+ Coverity was complaining that tm was used uninitialized, but the truth is
+ that a third error condition where the string passed in matches no valid
+ format was not handled. Just return an error in that case.
- This change broke the API, revert it.
+ License: MIT
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * website/web/index.xml:
- [Website] update download link on front page
+ Fix error checking in xml.c
+ Coverity was complaining that 'integer' was being used without
+ initialization (from the caller). Turns out it was erroneously used
+ to test the result instead of the just sourced 'what'.
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ License: MIT
- * website/templates/base.ezt:
- [Website] fix typos
+2014-07-30 Simo Sorce <simo@redhat.com>
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ Fixes for unchecked return values
+ Coverity complains that in a number of places errors are not checked.
+ Some of them are ok not to check so put a silencing (void).
+ Check errors that need to be checked.
- * website/templates/base.ezt, website/web/download/index.xml:
- [Website] fix source and download links
+ Coverity also complains g_malloc() return is never checked but given it is
+ never checked anywahere let it be for now.
- The source repository is now the git repository on dev.entrouvert.org.
- Latest source release is 2.3.0. And git browser is included in our
- redmine.
+ License: MIT
-2010-07-27 Benjamin Dauvergne <bdauvergne@lupin.entrouvert.com>
+2014-07-30 Simo Sorce <simo@redhat.com>
- * website/templates/base.ezt:
- [Website] change position of Download block in right bar
+ Be correct in dealing with varargs
+ Although in this cases it may be safe to omit va_end() that is not generally
+ so with an arbitrary compiler on an arbitrary platform.
-2010-07-27 Benjamin Dauvergne <bdauvergne@lupin.entrouvert.com>
+ Quoting from the spec: "Each invocation of va_start() must be matched by
+ a corresponding invocation of va_end() in the same function."
+ note the "must"
- * website/convert-to-static.py:
- [Website] in convert-to-static.py, work around errors in build logs
+ Checker tools like Coverity complain if va_start() is not always paired with
+ va_end(), so this patch mutes them.
- If Build() constructor fails, keep going.
+ License: MIT
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-06-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * website/web/news/15-release-2.3.0.xml:
- [Website] fix wrong structure for the news file about release 2.3.0
+ bindings/python/tests: session indexes storage preserves order now
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ tests: add target to Makefile to produce valgrind suppression entries
- * website/convert-to-static.py:
- [Website] import convert-to-static.py modification from lupin
+ tests/valgrind: add suppression of all leaks related to initialisation of the GLib type system
-2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ tests: fix leaks
- * website/web/news/15-release-2.3.0.xml:
- [Website] add news file aboute release 2.3.0
+ saml-2.0/profile: fix leak of xmlSecKey when building signed query strings
-2010-07-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ id-ff/provider: fix leak of xmlSecKey
- * website/web/download/index.xml:
- [Website] fix non escaped ampersand
+ xml/samlp2_logout_request: fix leaks around session indexes
-2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ server: fix leak of xmlSecKey objects
- * configure.ac:
- [Release] update libtool version
+ session: fix leak of _NidAndSessionIndex structures
-2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-06-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * website/web/download/index.xml:
- [Website] update download links
+ saml-2.0/server: fix invalid memory access
+ GList must never be allocated through malloc as it internally managed
+ using gslice. Always use Glib constructors and methods.
-2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+ tests: fix leak in log message checker
- * NEWS, configure.ac, lasso.doap, website/web/doap.rdf:
- [Release] Update version number from 2.3 to 2.3.0
+ tests: do not reuse tc_response_new_from_xmlNode test case
-2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-05-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * NEWS:
- [Release] update release date in NEWS file
+ bindings/python: fix conversion of unicode value to UTF-8 for setters
-2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+2014-05-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * ChangeLog:
- [Release] update ChangeLog
+ login: complete document of lasso_login_process_authn_response_msg on expectable error codes
-2010-07-21 17:55 bdauvergne
+2014-04-24 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * NEWS, abi/abi-2.3, configure.ac, lasso.doap, website/templates/base.ezt,
- website/web/doap.rdf, website/web/download/index.xml: [Release] Lasso 2.3
-
- - update the NEWS file
- - add abi-2.3 file
- - update DOAP files
- - update lasso website template
- - add temporary message to download pages, as there are no download
- links currently.
+ website: update links section
-2010-07-21 14:54 bdauvergne
+ website: add news about 2.4.0 release
- * Makefile.am: [Core] add logos to EXTRA_DIST
+ website: fix HTML grammar errors
-2010-07-21 14:54 bdauvergne
+ xml/xml.c: fix liberal use of casting for the SNIPPET_INTEGER and SNIPPET_BOOLEAN case
+ Some behaviour are also made more explicit like the optional if equals
+ to -1 case for integer fields, and the optional if FALSE for boolean
+ fields.
- * Makefile.am: [Core] add HACKING to EXTRA_DIST
+ INSTALL: add php-cli to needed dependencie when compiling on Debian
-2010-07-21 14:14 bdauvergne
+ tests: pass automake CFLAGS when compiling tests2
- * docs/reference/lasso/lasso-sections.txt: [Documentation] add missing declaration
- to lasso-sections.txt
+ lasso/xml/tools.c: fix reference to unitialized memory
-2010-07-21 14:14 bdauvergne
+ NEWS: fix wrong date for 2.4.0 release
- * tests/data/Makefile.am: [Tests] change the way tests data is distributed
-
- Instead of using a Makefile.am in each data directory, each data
- directoy has been added to the EXTRA_DIST for the parent directory
- Makefile.am.
+ update website for 2.4.0 release
+ - remove windows installer reference
+ - update debian repository configuration
+ - point to cgit browser and releases directory
-2010-07-21 14:12 bdauvergne
+2014-04-23 Simo Sorce <simo@redhat.com>
- * .cvsignore, debian/.cvsignore, docs/.cvsignore, docs/lasso-book/.cvsignore,
- docs/lasso-book/figures/.cvsignore, docs/reference/.cvsignore, lasso/.cvsignore,
- lasso/id-ff/.cvsignore, lasso/id-wsf/.cvsignore, lasso/saml-2.0/.cvsignore,
- lasso/xml/.cvsignore, lasso/xml/saml-2.0/.cvsignore, tests/.cvsignore,
- tests/data/.cvsignore, tests/data/ca1-la/.cvsignore,
- tests/data/idp1-la/.cvsignore, tests/data/lecp1-la/.cvsignore,
- tests/data/sp1-la/.cvsignore, win32/.cvsignore, win32/msvc/.cvsignore,
- win32/msvc/java/.cvsignore, win32/msvc/php/.cvsignore,
- win32/msvc/python/.cvsignore, win32/nsis/.cvsignore: [Core] remove now useless
- .cvsignore files
+ Fix generators for parsing of integer values
+ All number types including enums are parse as if they were integers,
+ this breaks in many ways, long and int are not the same size in all
+ architectures as well as enum may vary in size depening on compiler,
+ architecture and optimizations.
-2010-07-21 14:11 bdauvergne
+ Always pass an actual long to PyArg_ParseTuple() and rely on the a
+ cast from long to the destination variable type in the following
+ assignment.
- * ., bindings/perl, bindings/php5/tests, docs/reference/lasso, lasso/xml/soap-1.1,
- tests: [SVN] update svn:ignore properties
+2014-04-15 Simo Sorce <simo@redhat.com>
-2010-07-21 14:01 bdauvergne
+ Fix java version detection
- * bindings/perl/Makefile.am: [Binding perl] move DISCLEANFILES and CLEANFILES
- outside of the condition clauses
+2014-03-31 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:57 bdauvergne
+ update NEWS
- * tests/data/Makefile.am, tests/data/sourceid-2.0beta,
- tests/data/sourceid-2.0beta/login-response.xml,
- tests/sourceid-2.0beta/login-response.xml: [Tests] move sourceid-2.0beta-data to
- data directory
+ bindings/perl/Makefile: it's difficult to control produced code so disable warning on unused-but-set-variable
-2010-07-21 13:57 bdauvergne
+2014-03-31 Frédéric Péters <fpeters@entrouvert.com>
- * tests/format-suppressions.py, tools/format-suppressions.py: [Core] move
- format-suppressions.py to tools directory
+ perl: get required CFLAGS from $(perl -V::ccflags:)
-2010-07-21 13:57 bdauvergne
+2014-03-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * Makefile.am: [Core] add README.JAVA and README.WIN32 files to EXTRA_DIST
+ fix: remove warning by not calling g_type_init() with glib > 2.36 as it's deprecated
-2010-07-21 13:57 bdauvergne
+2014-01-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * README.JAVA: [Core] complete README.JAVA about later release of gcj
+ configure.ac: update LASSO_VERSION_INFO
-2010-07-21 13:56 bdauvergne
+ Revert "configure.ac: desactivate the PHP5 binding if no CLI interpreter is available"
+ This reverts commit a3d53764fa75c30ee9a118088f0a224bc20059e4.
- * Makefile.am: [Core] add lasso.doap to EXTRA_DIST
+ docs: remove section
-2010-07-21 13:56 bdauvergne
+2014-01-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/Makefile.am: [Core] add errors.c to EXTRA_DIST
+ configure.ac: desactivate the PHP5 binding if no CLI interpreter is available
-2010-07-21 13:56 bdauvergne
+ configure.ac: remove checks for SWIG
- * lasso/build-strerror.pl: [Core] remove unused build-strerror.pl
+2013-12-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ configure.ac,fedora/lasso.spec: remove expat dependency
- * docs/reference/lasso/Makefile.am, docs/reference/lasso/style.css,
- docs/reference/style.css: [Doc] move style.css to the reference directory, and
- add it to EXTRA_DIST
+ INSTALL: add paragraph about build dependencies
-2010-07-21 13:56 bdauvergne
+ more work toward release 2.4.0
- * bindings/java/Makefile.am, bindings/perl/Makefile.am, bindings/php5/Makefile.am,
- bindings/python/Makefile.am, bindings/python/tests/Makefile.am: [Bindings]
- improve cleaning and distribution buiding
+2013-12-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ id-ff/providerprivate.h,id-ff/provider.h: make lasso_provider_verify_signature public API
+ It's necessary for the crudeSAML SASL mechanism.
- * bindings/java/tests/Test.java: [Tests java] remove Test.java
-
- Local test file wrongly commited.
+2013-12-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ bindings/python: automatically encode string into utf-8 when passing unicode string to Lasso methods
+ fixes #4077
- * Makefile.am: [Makefile] add abi to EXTRA_DIST
+2013-12-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ id-ff/session.c: fix wrong variable reference in init_from_xml_nid_and_session_index
- * bindings/perl/Makefile.am: [Binding perl] add DISTCLEANFILES for
- Makefile.perl.old file
+2013-12-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ remove the debian directory from the project
- * tests/login_tests_saml2.c: [Tests] remove debugging printf
+2013-12-06 Frédéric Péters <fpeters@entrouvert.com>
-2010-07-21 13:56 bdauvergne
+ doc: remove broken gtk-doc tests for now
- * configure.ac, tests/Makefile.am, tests/data/Makefile.am,
- tests/data/ca1-la/Makefile.am, tests/data/idp1-la/Makefile.am,
- tests/data/idp5-saml2/Makefile.am, tests/data/idp6-saml2/Makefile.am,
- tests/data/idp7-saml2/Makefile.am, tests/data/lecp1-la/Makefile.am,
- tests/data/sp1-la/Makefile.am, tests/data/sp5-saml2/Makefile.am,
- tests/data/sp6-saml2/Makefile.am, tests/data/sp7-saml2/Makefile.am,
- tests/metadata/Makefile.am: [Tests] change the way tests data is distributed
-
- Instead of using a Makefile.am in each data directory, each data
- directoy has been added to the EXTRA_DIST for the parent directory
- Makefile.am.
+ perl: make it compatible with recent libxml2
-2010-07-20 15:46 bdauvergne
+2013-12-05 Frédéric Péters <fpeters@entrouvert.com>
- * bindings/java/tests/BindingTests.java: [Tests] adapt java unit tests to new
- semantic for list fields
-
- GList fields now return an empty list, not null.
+ doc: remove reference to init.xml that is not created anymore
-2010-07-20 14:15 bdauvergne
+ build: replace python $libdir by our own
- * lasso/saml-2.0/login.c: [SAMLv2] simplify logic for handling AuthnResponse with
- binding HTTP-Post
-
- The logic is now simpler:
- - first lasso_saml20_profile_process_any_response check the signature
- on the message
- - then lasso_saml20_login_process_response_status_and_assertion
- traverse all the assertions:
- - if the message is signed all assertion from the same issuer are
- automatically accepted,
- - if the message is not signed, or the signature validation failed,
- or the assertion has a different issuer than the message, we check
- the signature directly on the assertion. If any of the assertions
- fails the signature check, the result will be
- LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE.
-
- The public field profile->signature_status will contain only the message
- level signature status, each assertion signature status is not
- accessible. That will change when signature and key handling is
- reworked.
+2013-12-05 Simo Sorce <simo@redhat.com>
-2010-07-20 14:15 bdauvergne
+ Better python detection in configure.ac
+ License: MIT
- * bindings/perl/Makefile.am: [Binding perl] fix broken distclean-local target
-
- The TOCOPY files need to be cleaned only for out of source directory
- builds.
+ Support automake 1.13 and 1.14
+ License: MIT
-2010-07-19 15:56 bdauvergne
+2013-12-03 Simo Sorce <simo@redhat.com>
- * lasso/xml/saml-2.0/samlp2_logout_request.c: [SAMLv2] comment on SessionIndex
- support hack
+ Fix license boilerplates
+ Instad of referring to an old FSF address, point the reader to the FSF
+ website where the latest licenses and addresses are published.
-2010-07-19 15:45 bdauvergne
-
- * lasso/saml-2.0/Makefile.am, lasso/saml-2.0/saml2_assertion_addons.c,
- lasso/saml-2.0/saml2_assertion_addons.h,
- lasso/saml-2.0/saml2_conditions_addons.c,
- lasso/saml-2.0/saml2_conditions_addons.h,
- lasso/saml-2.0/samlp2_authn_request_addons.c,
- lasso/saml-2.0/samlp2_authn_request_addons.h: [SAMLv2] remove empty files,
- wrongly committed
-
-2010-07-19 15:27 bdauvergne
-
- * lasso/saml-2.0/login.c: [SAMLv2/SSO] when processing AuthnResponse with binding
- HTTP-Post only the assertion need to be signed
-
- If the message is signed, the assertion is also covered, but if only the
- assertion is signed, there is no error to report. If the caller ask for
- forcing the validation of message signature, then we report an error.
-
- This commit also add checking for the binding used, if it is not
- HTTP-Post lasso_login_process_authn_response_msg will now report an
- error.
-
-2010-07-16 19:34 bdauvergne
-
- * bindings/java/lang.py: [Binding java] return empty list for NULL GList value,
- not null
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/lib_logout_response.c,
- lasso/xml/lib_register_name_identifier_response.c: [ID-FFv1.2] add missing
- namespace declarations
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c, lasso/saml-2.0/saml2_helper.c:
- [SAMLv2] add support for encrypted private keys
-
- * support private key with new internal API in signature setting
- methods
-
- Plug lasso_node_set_signature into
- lasso_profile_saml20_setup_message_signature and
- lasso_server_saml2_assertion_setup_signature.
-
- * also use lasso_node_get_signature in has_signature
-
- * add forgottent LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE in switch
- cases
-
- For AuthnResponse checking the semantic is now that if HINT_FORCE is
- used we verify message signature *and* assertion signature. If
- HINT_MAYBE is used we check the assertion signature if its issuer
- differs from the message issuer.
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/name_registration.c: [ID-FFv1.2] move all user of
- lasso_node_export_to_query to lasso_node_export_to_query_with_password
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/tools.c: [Core] Change lasso_apply_signature to use quark stored
- annotated signature parameters
-
- The node containing signature do not handle the private keys passwords.
- As the fields for signature parameters are part of the public ABI we
- cannot add the password field to the public structure for those nodes.
- Instead we use the new quark annotation accessed through
- lasso_node_get/set_signature, and if the sign_type parameter is non-NULL
- we use it instead of the parameters stored in the public structure.
- This is a gross hack :( but at least it is documented.
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/saml-2.0/saml2_assertion.c, lasso/xml/tools.c:
- [Core] add password parameter to lasso_sign_node
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: [Code] add a
- lasso_node_export_to_query_with_password method
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/saml-2.0/profile.c, lasso/xml/private.h, lasso/xml/tools.c,
- lasso/xml/xml.c: [Core] add a password parameter to lasso_query_sign
-
- We force use of the password through a custom OpenSSL password callback.
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/xml.c: [Core] dump custom signature parameters in lasso dumps
-
- The signature parameters are serialized as global attributes from the
- http://lasso.entrouvert.org/lasso/namespaces/0.0 named:
- SignatureType
- SignatureMethod
- PrivateKey
- PrivateKeyPassword
- Certificate
-
-2010-07-16 19:34 bdauvergne
-
- * bindings/python/tests/profiles_tests.py, tests/data/idp7-saml2,
- tests/data/idp7-saml2/Makefile.am, tests/data/idp7-saml2/metadata.xml,
- tests/data/idp7-saml2/password, tests/data/idp7-saml2/private-key.pem,
- tests/data/sp7-saml2/password: [Tests/python] add test case for WebSSO with
- providers using encrypted keys
-
-2010-07-16 19:34 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/xml.c: [Core] add lasso_node_set_signature and
- lasso_node_get_signature
-
- Those two methods allows to associate signature parameters to any node.
- They keep it inside the CustomElement quark. Using a private structure
- may be more performant.
+2013-11-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-12 14:09 bdauvergne
+ jenkins.sh: do not ignore errors
- * lasso/xml/private.h, lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c, lasso/xml/saml_assertion.c,
- lasso/xml/samlp_request_abstract.c, lasso/xml/samlp_response_abstract.c,
- lasso/xml/tools.c, lasso/xml/xml.c: [Core] extract signature adding into base
- class method lasso_node_get_xmlNode
-
- In order to permit subclass to modify the base xmlNode created by
- lasso_node_impl_get_xmlNode we must defer the concrete to the virtual
- method wrapper, lasso_node_get_xmlNode.
-
- To do that it whas needed to make id_attribute another virtual field of
- LassoNode subclasses (it can be accessed through an offset registered in
- the class object).
-
- This commit solves signature validation error since the patch for
- managing more than one SessionIndex element in samlp2:LogoutRequest.
-
- It also factorize the creation of signatures in one place.
+2013-10-23 Frédéric Péters <fpeters@entrouvert.com>
-2010-07-12 14:09 bdauvergne
+ python: do not fail displaying a non-C error (fixes #3866)
+ The binding does a raise Error('failed to create object') but the local Error
+ exception class expects a lasso error code, and will thus fail if printed.
- * lasso/saml-2.0/login.c: [SAMLv2] if service provider supports logout, add a
- SessionIndex from the assertion ID
-
- The standard mandate to provide a SessionIndex to service provider
- advertaising their support of the logout profile. We follow the
- convention of using the assertion ID as a SessionIndex.
+ File ".../lasso.py", line 54, in __str__
+ return '<lasso.%s(%s): %s>' % (self.__class__.__name__, self.code,
+ _lasso.strError(self.code))
+ TypeError: an integer is required
-2010-07-12 14:09 bdauvergne
+2013-10-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * tests/login_tests_saml2.c: [Tests] add a sso then slo soap test
+ saml-2.0/provider: when looking for endpoints take a null role as meanning « take the first one »
-2010-07-12 14:09 bdauvergne
+2013-10-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/lasso.h: [Core] lasso_check_version does not return a proper error code
-
- lasso_check_version returns 0, 1 or -1 and one is not a proper error
- code, so the original int return type is kept.
+ saml-2.0/profile: fix typo in commit 8de55
-2010-07-12 14:09 bdauvergne
+ saml-2.0/profile: add warning message when unable to build an artifact response message due to an unfound artifact resolution endpoint
- * bindings/utils.py: [Bindings] make is_rc only check for lasso_error_t type
+2013-10-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-12 14:09 bdauvergne
+ web: update mailing list urls
- * bindings/php5/php_code.py: [Bindings php5] simplify is_object in php_code.py
+2013-09-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-12 14:09 bdauvergne
+ toosl/git-version-gen: use a dot to separate the commit string from the regular version
- * lasso/id-ff/defederation.h, lasso/id-ff/lecp.h, lasso/id-ff/login.h,
- lasso/id-ff/logout.h, lasso/id-ff/name_identifier_mapping.h,
- lasso/id-ff/name_registration.h, lasso/id-ff/profile.h, lasso/id-ff/provider.h,
- lasso/id-ff/server.h, lasso/id-ff/session.h, lasso/id-wsf-2.0/data_service.h,
- lasso/id-wsf-2.0/discovery.h, lasso/id-wsf-2.0/identity.h,
- lasso/id-wsf-2.0/idwsf2_helper.h, lasso/id-wsf-2.0/profile.h,
- lasso/id-wsf-2.0/saml2_login.h, lasso/id-wsf-2.0/server.h,
- lasso/id-wsf-2.0/session.h, lasso/id-wsf/authentication.h,
- lasso/id-wsf/data_service.h, lasso/id-wsf/discovery.h,
- lasso/id-wsf/id_ff_extensions.h, lasso/id-wsf/interaction_profile_service.h,
- lasso/id-wsf/wsf_profile.h, lasso/lasso.h, lasso/registry.h,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/ecp.h,
- lasso/saml-2.0/name_id_management.h, lasso/saml-2.0/saml2_helper.h,
- lasso/xml/saml-2.0/saml2_encrypted_element.h,
- lasso/xml/ws/wsse_username_token.h, lasso/xml/xml.h: [Core] change return type
- of all error returning methods
-
- The new return type is lasso_error_t, it should allow to pinpoint easily
- methods returning an error code in bindings.
+ lasso/xml/tools.c: fix misuse of xmlURIUnescapeString
+ If the length argument is NULL, the full string is unescaped; the
+ behaviour we expected is to return a 0 length string.
-2010-07-12 14:09 bdauvergne
+ tools/git-version-gen: keep the g before the git commit number
- * bindings/java/lang.py: [Bindings java] use is_int instead of custom methods or
- code
+ .gitignore: add more
-2010-07-12 14:09 bdauvergne
+ bindings/perl: fix type of size variable incompatible with 64 bits arch
- * bindings/perl/lang.py: [Bindings perl] add lasso_errot_t to type to map to T_IV
- typemap (integer types)
+ id-ff/login.c: initialize role status of sp and idp in lasso_login_init_authn_request
-2010-07-12 14:09 bdauvergne
+2013-09-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/utils.py: [Bindings] add lasso_error_t to return code types
+ jenkins.sh: build a first time before running distcheck, in order to have the documentation compiled
-2010-07-12 14:08 bdauvergne
+ tests/data/Makefile: regenerate list of files and directories to distribute
- * bindings/java/lang.py: [Binding java] use is_rc to match error return type
+ docs/Makefile: always set DIST_SUBDIRS
-2010-07-12 14:08 bdauvergne
+ add jenkins.sh script
- * bindings/php5/php_code.py: [Binding php5] use is_rc to match error return type
+2013-09-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-07-12 14:08 bdauvergne
+ saml2/profile.c: add resolving of the endpoint index in artifacts
+ * lasso/saml-2.0/profile.c: add new argument role to lasso_saml20_profile_init_artifact_resolve()
+ for looking up ArtifactResolutionService location; extract endpoint index
+ from artifact and use it to resolve the endpoint location.
+ * login.c: pass new argument ; force msg_url as it is preinitialized by
+ lasso_saml20_profile_init_artifact_resolve()
- * bindings/utils.py: [Core] add lasso_error_t to list of integer types
+ saml2/provider.c: add new function lasso_saml20_provider_get_endpoint_url() for retrieving endpoint locations using the new endpoints list
-2010-07-12 14:08 bdauvergne
+ errors.{c,h}: add new error LASSO_PROFILE_ERROR_ENDPOINT_INDEX_NOT_FOUND for reporting when a recevied artifact does match any declared endpoint
- * lasso/Makefile.am, lasso/ctypes.h, lasso/export.h: [Core] add a lasso_error_t
- typedef
-
- This typedef will serve to mark error returning methods.
- The ctypes.h header piggyback on export.h to be included in all public
- headers.
+ saml2/profile: fix missing ArtifactResolutionService index in artifacts
-2010-07-05 21:27 bdauvergne
+ tests: add non-regression test to check that we correctly provide the ArtifactResolutionService index in artifacts
- * lasso/id-ff/provider.c: [Provider] Fix loading of provider without a public key
-
- This commit also emit propre warning when loading fails for a provider
- *with* a public key.
+ saml2/login: fix role of providers in process_authn_request() and idp_initiated_authn_request()
+ It is necessary for endpoint resolution to know the role of providers.
-2010-07-05 21:24 bdauvergne
+ tests: in check_equals() and check_not_equals() macros use long long int as a catchall type for printing compared values
- * bindings/python/lang.py: [Python binding] do not throw lasso.Error for python
- exceptions
+ fix compilation errors on 64bits architectures
+ * sizeof(unsigned int) != sizeof(size_t)
+ * INT_MAX != LONG_MAX
-2010-06-29 14:49 bdauvergne
+ fix warnings about unused but set variables
- * bindings/perl/Makefile.am, bindings/perl/glist_handling.c: [Perl binding] make
- include from $(srcdir) works in Perl binding
+2013-08-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-29 14:15 bdauvergne
+ Revert "doc: fix EXTRA_DIST definition in reference/lasso/Makefile.am"
+ This reverts commit a223afc6077528792055def999c29ac5f4d8a418.
+ It seems to be incompatible with recent version of gtk-doc, I need to
+ investigate more this problem.
- * bindings/Makefile.am, bindings/java/wrapper_top.c,
- bindings/perl/glist_handling.c, bindings/php5/wrapper_source_top.c,
- bindings/python/wrapper_top.c, bindings/utils.c: [Bindings] accept simple string
- in string<->xmlNode converter
-
- Some use case ask for passing simple libxml content node (i.e just an
- UTF-8 string) when a method argument or a field of the xmlNode* type.
- This commit add a static method in bindings/utils.c named
- lasso_string_fragment_to_xmlnode which does this transform by trying to
- parse an XML document then by trying to parse a well balanced XML
- fragment of only one node (if there is more than one node such as in the
- string " xxx <tag/> yyy ", we free the node list and return NULL).
+ doc: fix EXTRA_DIST definition in reference/lasso/Makefile.am
-2010-06-29 14:15 bdauvergne
+2013-07-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: [Core] add macro to release an xmlNodeList object
+ Merge remote-tracking branch 'origin/libxml2.9-compat'
-2010-06-29 14:15 bdauvergne
+2013-07-20 Frédéric Péters <fpeters@entrouvert.com>
- * bindings/python/tests/Makefile.am, bindings/python/tests/idwsf2_tests.py:
- [ID-WSF2] add idwsf2 test script to test suite
-
- Re-activate ID-WSF 2.0 test script. Fix problem with provider issuing
- assertion role. Need to be fixed more generally in the future.
+ website: fix commercial licencee page location
-2010-06-29 14:14 bdauvergne
+2013-06-19 Tim Newsome <tnewsome@aristanetworks.com>
- * lasso/utils.h: [Core] add macro to release GList of xmlNodeList
+ AM_C_PROTOTYPES is no longer supported in autoconf 1.12.
-2010-06-29 14:14 bdauvergne
+ Add support for automake 1.12.
- * lasso/utils.h: [Core] add macros to manipulate xmlNodeList and GList of
- xmlNodeList
-
- The method to copy them is xmlCopyNodeList and not xmlCopyNode, so we
- need another set of macros.
+2013-06-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-29 09:15 bdauvergne
+ configure.ac: do not passe the full version suffix as the release number
- * lasso/id-ff/provider.c: Merge branch 'issue-101'
+ FAQ.rst: start a FAQ file
-2010-06-29 09:15 bdauvergne
+2013-05-15 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/binding_tests.py, bindings/python/tests/profiles_tests.py,
- lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c,
- tests/data/idp5-saml2/metadata.xml, tests/data/sp5-saml2/metadata.xml: Merge
- branch 'issue-88'
+ configure: generate version number from git revision between tagged release
+ The script git-version-gen is copied from the autoconf project.
-2010-06-29 09:15 bdauvergne
+2013-03-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/profiles_tests.py,
- docs/reference/lasso/lasso-sections.txt,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.h: Merge branch 'issue-86'
+ python: fix logout request parsing test
+ adapt to new checks done on logout request nodes
-2010-06-18 08:05 bdauvergne
+ tests: comment out dump/restore checks against complex nodes
- * tests/integration/valgrind-wrapper.sh: [Tests/integration] add
- G_DEBUG=gc-friendly env. var to valgrind-wrapper
-
- It should improve valgrind ability to trace memory origin.
+ saml-2.0: fix missing signature on logout responses
-2010-06-17 11:42 bdauvergne
+2013-03-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/xml.c: [XML] in lasso_node_export_to_paos_request check return value
- of lasso_node_get_xmlNode
+ pkgconfig: do not leak lasso dependencies to users
+ Change Require into Require.private
-2010-06-17 11:42 bdauvergne
+ Thanks to Thijs Kinkhorst and Olav Morken for the suggestion.
- * lasso/xml/xml.c: [XML] in _lasso_node_export_to_base64 check return value of
- lasso_node_export_to_xml
+2013-01-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-17 11:42 bdauvergne
+ xml-saml-2.0: ManageNameIDRequest must have a NameID
- * lasso/xml/xml.c: [XML] in _lasso_node_export_to_xml check return value of
- lasso_node_get_xmlNode
+ xml-saml-2.0: LogoutRequest must have a NameID
-2010-06-15 11:33 bdauvergne
+ xml: really enforce elements cardinality when parsing messages
+ - add a new SNIPPET_MANDATORY:
+ we could only indicate 0-1 and 0-* cardinalities, now we can also
+ indicate 1-1 and 1-* cardinalities.
+ - repect cadinalities when parsing an xmlNode tree into a LassoNode
+ tree.
- * bindings/java/Makefile.am, bindings/perl/Makefile.am, configure.ac: Comment out
- custom silent rules if automake < 1.11
+ xml-saml-2.0: add missing namespace declaration for the KeyInfoSujectConfirmationData sub-type
-2010-06-15 11:33 bdauvergne
+ fix memory leak in lasso_node_impl_init_from_xml: release the class_list
- * lasso/xml/xml.c: [Core] do not ignore keep_xmlnode flag inherited from parent
- classes
-
- We only looked to the keep_xmlnode flag in the node data of the top
- level class, but any parent class can set this flag and in this case we
- must honor it too.
+ utils: add a lasso_release_slist macro
-2010-06-14 21:21 bdauvergne
+ add a lasso_release_slist
- * bindings/python/tests/binding_tests.py, tests/data/sp7-saml2,
- tests/data/sp7-saml2/Makefile.am, tests/data/sp7-saml2/metadata.xml,
- tests/data/sp7-saml2/password, tests/data/sp7-saml2/private-key.pem: Test: add
- non regression test for reloading a server dump with encrypted keys
+ fix potential segfault in lasso_node_impl_init_from_xml
-2010-06-14 21:21 bdauvergne
+ Fix distcheck build problem in docs/Makefile.am
+ Bug introduced in commit e97a36fa
- * lasso/id-ff/server.c: Core: when reloading a dump, use the signing private key
- password for loading the encryption private key
-
- We currently do not store the encryption private key, instead on reload
- of a dump, we try to use the signing private key as the encryption
- private key. But we forgot to use the stored private key password.
- That's now fixed.
-
- Next step would be to keep the encryption private key around also.
+ fix warning in docs/reference/lasso/Makefile.am
-2010-06-14 21:21 bdauvergne
+2012-09-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/lang.py: Binding python: fix freeing of list return values for
- methods with the transfer full flag
-
- The output 'print' were missing, oups :(
+ Rewrite all xmlNode serialization code to be compatible with libxml 2.9.0
+ Libxml stopped exposing the internal of the xmlOutputBuffer structure;
+ it was replace by proper use of the API and of the xmlBuffer structure.
-2010-06-12 00:43 bdauvergne
+ There could be regression for older version of libxml as some functions
+ appeared in recent version of libxml; but the reference API document
+ does not give any introduction date for functions so it's hard to be
+ sure.
- * bindings/python/wrapper_top.c: Binding python: find a work around for random
- behaviour of PyImport_ImportModule
-
- * it seems that PyImport_ImportModule is not deterministic. Sometimes it
- returns True for modules which we know are present ('logging').
- Importing 'sys' first seems to make 'logging' accessible (complete
- cargo cult programming).
+2012-09-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-12 00:43 bdauvergne
+ fix segfault in saml-2.0/provider.c:load_endpoint_type2
+ Thanks to Hiromitsu Fujita for the patch. fixes #1582.
- * bindings/perl/lang.py, lasso/Makefile.am, lasso/id-ff/name_identifier_mapping.c,
- lasso/lasso.c, lasso/lasso_config.h.in, lasso/logging.c, lasso/logging.h,
- lasso/utils.h, lasso/xml/private.h, lasso/xml/tools.c: Core: move logging
- function and macros to their own module, adapt perl binding
+2012-07-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-12 00:43 bdauvergne
+ tests: add a SSO test with DSA keys to python bindings tests
- * lasso/errors.h, lasso/xml/xml.h: Core: move lasso_strerror declaration to
- errors.h
+2012-06-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-12 00:43 bdauvergne
+ Fix compilation on solaris
+ Thanks Wojciech Lichota for the patch.
- * .gitignore: add .gitignore file
+ Fixes #1516
-2010-06-12 00:43 bdauvergne
+2012-06-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * tools/check-makefile.sh: Tools: add check-makefile.sh script to tools
+ fix SIGSEGV when loading metadata files
+ Thanks Wojciech Lichota for the patch.
-2010-06-12 00:43 bdauvergne
+ Fixes #1516
- * abi/abi-2.2.91: add abi file for 2.2.91
+2012-05-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-12 00:43 bdauvergne
+ [bindings/php5] remove redundant check to is_transfer_full
- * tests/data/idp6-saml2, tests/data/idp6-saml2/Makefile.am,
- tests/data/idp6-saml2/metadata.xml, tests/data/idp6-saml2/private-key.pem:
- Tests: add idp6-saml2 data
+ [bindings/php5] add missing release for xmlnodes in return value wrapper
-2010-06-12 00:43 bdauvergne
+ [abi] update for release 2.4.0
- * bindings/python/tests/profiles_tests.py: Test: add python test for attribute
- requesting
-
- * What's tested:
- - request initialization
- - adding attribute designators
- - building the request message
- - processing the request message
- - accepting the request
- - adding assertion with attributes
- - signing the assertion
- - building the response
- - parsing the response
+ [bindings/python] in constructors wrappers build the return value before
-2010-06-12 00:43 bdauvergne
+ [bindings/python] free xmlnode argument owned by the callee
- * docs/reference/lasso/lasso-sections.txt, lasso/saml-2.0/saml2_helper.c,
- lasso/saml-2.0/saml2_helper.h: SAMLv2: rename
- lasso_saml2_name_id_build_persistent to
- lasso_saml2_name_id_new_with_persistent_format
-
- * keep the old one for compatibility
- * new one will be picked by bindings as a constructor
+ [bindings/python] fix some indentation
-2010-06-12 00:43 bdauvergne
+ [bindings/python] boolean values does not need to be released
- * lasso/saml-2.0/saml2_helper.c: SAMLv2: when initializing signture on assertion,
- setup an ID if there is none
-
- * without the ID lasso refuse to sign (it's mandatory)
+ [bindings] add a default parameter to is_transfer_full whose default is False
-2010-06-12 00:43 bdauvergne
+ [bindings] improve matching for object types
- * lasso/saml-2.0/assertion_query.c: SAMLv2: in
- lasso_assertion_query_build_request_msg setup nameid
-
- * lasso_profile_get_nameIdentifier does not return profile->nameIdentifier
- ,
- so we first try to use profile->nameIdentifier and if it is NULL we use
- lasso_profile_get_nameIdentifier.
+ [xml] fix wrong forward declaration
-2010-06-12 00:42 bdauvergne
+ [xml] add missing include
- * bindings/python/wrapper_top.c: Binding python: fix bad refcounting in get_logger
- and lasso_python_log
+ [xml] fix typos
-2010-06-10 21:26 bdauvergne
+ [lasso] add missing GObjectIntrospection annotations to lasso_node_get_original_xmlnode
- * lasso/xml/private.h, lasso/xml/tools.c: Core: update
- lasso_iso_8601_gmt_to_time_t to support milliseconds
-
- * We now support the two possible formats for xsdtime XSchema datatype:
- - dddd-dd-ddTdd:dd:ddZ
- - dddd-dd-ddTdd:dd:dd.d*Z
-
- Where d denotes a digit, and * is the kleene star.
-
- XSD datetime also supports negative years, but as we cannot represent
- them with time_t, we can reject it at the lexical level.
+ [lasso] add missing GObjectIntrospection annotations to lasso_misc_text_node_get_xml_content
-2010-06-10 21:26 bdauvergne
+ [NEWS] improve 2.4.0 release notes
- * docs/reference/lasso/lasso-sections.txt: Documentation: add new AssertionQuery
- methods to documentation
+ Merge branch 'release-2.4.0'
-2010-06-10 13:38 bdauvergne
+2012-04-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/binding_tests.py: Tests: new python test for
- setEncryptionPrivateKeyWithPassword
+ fix wrong EXTRA_DIST in lasso/xml/dsig/Makefile.am
-2010-06-10 13:38 bdauvergne
+2012-04-26 Thomas NOEL <tnoel@entrouvert.com>
- * lasso/id-ff/server.c: Fix long lines in lasso/id-ff/server.c
+ fix compilation error with xmlsec 1.2.18 / freebsd (#1365)
+ see http://dev.entrouvert.org/issues/1365
-2010-06-10 13:38 bdauvergne
+2012-04-23 Frédéric Péters <fpeters@entrouvert.com>
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/server.c,
- lasso/id-ff/server.h: Core: add method
- lasso_server_set_encryption_private_key_with_password
-
- * fixes #91.
+ Allow building from git without gtk-doc installed
-2010-06-10 13:38 bdauvergne
+2012-04-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/errors.c, lasso/errors.h, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/assertion_query.h: SAMLv2: add new methods to class
- LassoAssertionQuery
-
- * lasso_assertion_query_add_attribute_request:
- helper to setup request attribute for AttributeQuery messages.
- * lasso_assertion_query_get_request_type:
- method to find the type of the last received query.
- * fixes #90
+ [saml2] modify behaviour of lasso_saml2_assertion_add_attribute_with_node
+ If an AttributeStatement already exists, we add the new attribute to it.
-2010-06-10 13:37 bdauvergne
+2012-04-02 Frédéric Péters <fpeters@entrouvert.com>
- * lasso/saml-2.0/assertion_query.c: SAMLv2: fix initialization of subject in
- lasso_assertion_query_build_request_msg
+ build: do not include multiple glib headers
-2010-06-10 13:37 bdauvergne
+2012-03-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: Import tools in utils.h
+ [core] including glib headers directly is deprecated, we must only use <glib.h> now
-2010-06-10 13:37 bdauvergne
+2012-03-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/private.h: Fix collision between defined symbols in tools.h and
- private.h
+ [tests] add test cases for the LassoKey class
-2010-06-10 07:58 bdauvergne
+ [key] add methods to send message using SAML 2.0 redirect and post bindings
- * bindings/python/wrapper_top.c: Binding python: if lasso.logger exists use it for
- logging
-
- * There is now two paths to get a logger in the python binding:
- - first try to get an objet from lasso.logger
- - if it doesn't exist or is None, the try logging.getLogger('lasso')
+ [saml2] fix handling of SingleSignOnServer in lasso_saml20_provider_get_first_http_method
+ When checking if a synchronous http method can be used for sending a
+ request to the SingleSignOnService we must check if the response can
+ received by the AssertionConsumerService with a synchronous binding not
+ the SingleSignOnService.
-2010-06-09 16:54 bdauvergne
+2012-03-05 Frédéric Péters <fpeters@entrouvert.com>
- * lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/idwsf2_helper.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/saml2_login.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/saml2_helper.c, lasso/utils.h,
- lasso/xml/tools.c: Change all logging to use message()
+ php5: use zend_function_entry, for compatibility with PHP 5.4
-2010-06-09 16:54 bdauvergne
+2012-03-02 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/tools.c: Core: in xml error message handler, escape messages to fit on
- one line
+ [bindings php5] fix missing wrappers for constructors
-2010-06-09 16:54 bdauvergne
+2012-02-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/tools.c: Core: remove arrow in log messages
+ [bindings php5] improve generation of php call stubs by using type case helpers, raise exception in unknown case
-2010-06-09 16:54 bdauvergne
+2012-02-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/lang.py, bindings/python/wrapper_bottom.c: Binding python: call
- lasso_init() first in init_lasso()
+ [website] add piwik tracking code to base template
-2010-06-09 16:54 bdauvergne
+2011-12-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/wrapper_bottom.c, bindings/python/wrapper_top.c: Binding python:
- add GLog handler to redirect logs to Python logger named "lasso"
-
- * fixes #20
+ update NEWS
-2010-06-09 16:54 bdauvergne
+ Add release notes
- * lasso/saml-2.0/Makefile.am, lasso/saml-2.0/saml2_assertion_addons.c,
- lasso/saml-2.0/saml2_assertion_addons.h,
- lasso/saml-2.0/saml2_conditions_addons.c,
- lasso/saml-2.0/saml2_conditions_addons.h,
- lasso/saml-2.0/samlp2_authn_request_addons.c,
- lasso/saml-2.0/samlp2_authn_request_addons.h, lasso/utils.c, lasso/utils.h:
- Utils: add function to extract/create node in lists
-
- * lasso_extract_gtype_from_list_or_new will help for method with create
- or extend nodes in lists.
+ Add missing abi files
-2010-06-09 07:51 fpeters
+ Update files for release 2.4.0
- * bindings/overrides.xml, docs/reference/lasso/lasso-sections.txt,
- lasso/xml/tools.c, lasso/xml/tools.h: Add new lasso_log_set_handler and
- lasso_log_remove_handler functions
-
- They are modeled around the g_log... functions of GLib, they just don't
- have a domain parameter.
+ Incompatibility with clang: local functions with closure does not work
-2010-06-06 14:03 bdauvergne
+2011-12-23 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/perl/t/Lasso.t: Binding perl: fix test so that it does not raise on
- add_provider
+ Merge branch 'more-datas-in-sessions'
-2010-06-06 14:03 bdauvergne
+ [tests] remove work-around for letting ID-FF 1.2 tests work with the thin-sessions flag activated
+ But when thin-sessions is activated we use the new way of passing artifact
+ message content around.
- * bindings/java/lang.py, bindings/python/lang.py, bindings/utils.py: Bindings:
- keep retro compatibility for member field names
-
- * Special kludge price go to PHP:
- methods name are insensitive so nothing to do here, BUT, if you use
- getters/setters then your objects fields can be case insensitive too
- ;-) (DNS, dns, DnS, dNs all maps to get_dns ).
+2011-12-23 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-06-06 14:03 bdauvergne
+ [id-ff 1.2] change websso with artifact binding to work as SAML 2.0
+ The old way of transmiting the assertion to return via the session is kept,
+ but a new way more semblable to the one used in the SAML 2.0 code is added.
- * bindings/utils.py: Bindings: fix camelcasing of id fields
+ After lasso_login_build_artifact_msg() you must save the return of
+ lasso_profile_get_artifact_message() linked to the value of the artifact
+ obtained via lasso_profile_get_artifact().
-2010-06-06 14:03 bdauvergne
+ In the artifact-resolve endpoint you must find the artifact message
+ corresponding to the return value of lasso_profile_get_artifact()
+ reinstall the artifact message using lasso_profile_set_artifact_message()
+ just before calling lasso_login_build_response_msg().
- * lasso/saml-2.0/provider.c: SAMLv2: make role checking inactive for LassoServer
-
- * LassoServer have no role defined, so checking breaks loading of
- metadata for LassoServer.
+ This change is necessary for ID-FF 1.2 SSO profile to work with the
+ thin-sessions.
-2010-06-06 14:03 bdauvergne
+2011-12-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: ID-FFv1.2: for idp initiated sso accept any nameIdPolicy
-
- * IdP initiated SSO can be of any kind, no need to limit it.
+ [id-ff 1.2] in lasso_login_build_assertion() always add the assertion to the response
-2010-06-04 09:32 bdauvergne
+ [tests] protect the ID-FF 1.2 test cases from effect of the thin-sessions flag until it is migrated to work also with thin sessions
- * lasso/saml-2.0/provider.c: SAML 2.0: add checks for proper loading of role
- descriptors
-
- * remove warning for descriptors supporting non SAML 2.0 protocols
- * checks that at least one descriptor was loaded and that it was for
- our assigned role.
+ [doc] do some documentation fixing
-2010-06-04 09:32 bdauvergne
+ [id-ff 1.2] provision the SessionIndex into the assertions
+ Without it SLO session management is broken.
- * lasso/id-ff/provider.c: SAMLv2: fix error in naming of function in the
- documentation
+ [id-ff 1.1] add support for multiple SessionIndex to lib:LogoutRequest
+ Combined with the new LassoSession storage for SessionIndex, it
+ should fix many bugs when doing SLO.
-2010-05-31 07:13 bdauvergne
+ [saml 2.0] use the new SessionIndex storage for SLO management
+ It shoulf fix any missing functionnalities regarding missing session indexes
+ in logout requests sent by identity providers or service providers.
- * lasso/saml-2.0/provider.c: SAMLv2: remove HTTP-Redirect as right binding for
- AssertionConsumer
+ [core] add support for thin-sessions environment flag, to reduce size of LassoSession dumps
-2010-05-31 07:13 bdauvergne
+ [core] add simpler storage for SessionIndexes in the LassoSession
- * lasso/saml-2.0/provider.c: SAMLv2: fix bug giving UnuspportedProfile for
- SingleSignOn with HTTP-POST
-
- * The string constant in lasso_saml20_provider_accept_http_method was
- HTTP-Post instead of HTTP-POST.
+2011-12-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-05-31 07:13 bdauvergne
+ [id-ff 1.2] add lasso_saml_name_identifier_equals() to compare NameIDs
- * lasso/xml/tools.c: Core: fix extraction of relaystate when URLs contains only
- one kind of separators
+ [website] remove the buildbox link for now
-2010-05-31 07:13 bdauvergne
+ [website] target the bug report link to on redmine
- * tests/integration/saml2/test_02_slo.py,
- tests/integration/saml2/test_03_defederation.py: Integration test: adapt to new
- behaviour for federation termination
+2011-12-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-05-31 07:13 bdauvergne
+ [saml2] fix lasso_saml20_logout_validate_request when more than one SessionIndex is sent
- * lasso/saml-2.0/provider.c: SAMLv2: simplify
- lasso_saml20_provider_accept_http_method by only checking for remote provider
- support
-
- * Whatever we do, with asyncrhonous bindings the remote provider can
- return the response with any asynchronous binding.
+ [Makefile] add strings.h to the dsig module includes
-2010-05-31 07:13 bdauvergne
+ [xml/saml2] replace magic string by a define
- * lasso/saml-2.0/login.c: SAML 2.0: in lasso_login_build_assertion set conditions
- time limit, no SubjectConfirmationData limits
+ Simplify useless complexity in include paths
-2010-05-31 07:13 bdauvergne
+ [xml] in is_interaction_request.h move new field to the end of the structure fto limit ABI impact
- * lasso/saml-2.0/login.c: SAML 2.0: in lasso_login_build_assertion do not conflate
- sessionNotOnOrAfter with assertion condition notOnOrAfter
+ Merge branch 'rewrite-node-impl'
-2010-05-11 12:03 bdauvergne
+ [tests] fix tests to comply with new implementation of parsing
+ The test around parsing of EncryptedAssertion was wrong since it was
+ missing the XMLEnc namespace declaration.
- * website/templates/base.ezt, website/web/download/index.xml: Website: add
- quicklinks for download links
+2011-12-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-05-11 08:54 bdauvergne
+ [xml] rewrite schema directed serialization/deserialization methods
+ The new implementations of lasso_node_impl_init_from_xml now validate
+ namespace of all child nodes befores parsing. It stops on any error. For
+ node which implement their own parsing of an attribute or a node, it
+ must declare an XmlSnippet with an offset field set to 0. The 0 value is
+ invalid for public GObject structure (it's the place of the GObject
+ machinery like the reference count). The 0 offset can be used for
+ XmlSnippet in a private structure, so never set the offset to 0 with the
+ flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode
+ virtual method.
- * website/web/download/index.xml: Change VCS viewer link to point toward the
- redmine browser
+ Other ameliorations in this commit is the possibility to set attributes
+ with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The
+ syntax for an attribute is inspired by the element tree API from Python:
-2010-05-11 08:54 bdauvergne
+ {namespace}attribute_name
- * lasso/saml-2.0/login.c: SAMLv2: conflate Responder and Requester when checking
- second level status code
-
- * lasso/saml-2.0/login.c:
- I'm not sure that most IdP really make the semantic distinction
- between those two first level status codes, so just conflate them.
+ an example:
-2010-05-11 08:54 bdauvergne
+ {http://www.w3.org/2001/XMLSchema-instance}type
- * lasso/saml-2.0/login.c: SAMLv2: remove warning message for invalid signature on
- AuthnResponse messages
-
- * lasso/saml-2.0/login.c:
- we already return an error, no need to clutter the output with
- warning messages.
+ for the classic xsi:type attribute.
-2010-05-04 16:46 bdauvergne
+2011-12-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * website/web/documentation/index.xml: Website: add a link to a tarball of the
- documentation extracted from the SVN
+ [xml] add LASSO_XMLENC_PREFIX and LASSO_XMLENC_HREF defines
-2010-05-01 05:40 bdauvergne
+ [xml] add missing nodes to LassoIsInteractionRequest
- * docs/reference/lasso/lasso-sections.txt, lasso/saml-2.0/saml2_helper.c,
- lasso/saml-2.0/saml2_helper.h: SAML 2.0 Helper: add
- lasso_saml2_assertion_set_one_time_use
+ [xml] change saml_advice.h to declarer the real node type
+ It also needed a change to bindings.py to parse struct as well as
+ typedef node classes.
-2010-05-01 05:40 bdauvergne
+ [xml] complete missing namespace declarations for child nodes
+ To allow lasso_node_impl_init_from_xmlnode to do proper namespace
+ checking, child node which are not of the same namespace as their parent
+ in their XSD schema must have an explicit namespace declared in the
+ XmlSnippet.
- * lasso/id-wsf-2.0/discovery.c: Fix bad initialization of an rc field from
- revision 4837
+ [core] mark private_data field of the LassoKey structure as private
-2010-05-01 05:40 bdauvergne
+ [tests] improve checking for log output
+ - now any non expected log output is considered an error, by setting a
+ g_log default handler.
+ - block_lasso_logs()/unblock_lasso_logs() will block logging output at
+ the DEBUG level
+ - begin_check_do_log(level, message, endswith)/end_check_do_log() with
+ check that the only message emitted between the two macros is one
+ equals to "message" at the level "level", or ending (to work around
+ variable parts in a log message) with "message" if "endswith" is True.
- * lasso/id-ff/login.c, lasso/id-wsf-2.0/soap_binding.c: Change <p> tags to <para>
+ [tests] rename login test suite, with mentions of ID-FF 1.2 and SAML 2.0
-2010-05-01 05:40 bdauvergne
+ [Makefile] fix missing soap11 nodes when compiling for Mingw
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/profile.c,
- lasso/id-ff/profile.h: Add a lasso_profile_get_signature_status method
+ [core] fix uninitialized pointer to a GError structure
-2010-04-30 09:23 bdauvergne
+ [core] move XMLDsig related nodes in their own sub-library, add X509Data node implementation
+ The goal is to use the KeyInfo structure as a transport format for our cryptographic keys
- * lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/name_identifier_mapping.c, lasso/id-ff/name_registration.c,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/saml2_login.c,
- lasso/id-wsf/authentication.c, lasso/id-wsf/discovery.c,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/profile.c, lasso/xml/dst_modify.c,
- lasso/xml/dst_modify_response.c, lasso/xml/dst_query.c,
- lasso/xml/dst_query_response.c, lasso/xml/misc_text_node.c, lasso/xml/tools.c,
- lasso/xml/ws/wsse_username_token.c, lasso/xml/xml.c, tests/login_tests.c,
- tests/login_tests_saml2.c, tests/perfs.c, tests/tests.c: Initialize all
- uninitialized rc variables
+2011-12-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-30 09:22 bdauvergne
+ remove debugging printf statement
- * tests/basic_tests.c: Test: only test custom namespace if ID-WSF is enabled
+2011-12-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-28 16:52 bdauvergne
+ [provider] fix doc comment
- * lasso/id-wsf-2.0/data_service.c: in
- lasso_idwsf2_data_service_build_response_msg, allows SOAPFault as responses
+ [id-ff] move LassoLogout to use LassoSignatureContext
-2010-04-28 16:52 bdauvergne
+ [logging] add an error() macro
- * lasso/id-wsf-2.0/discovery.c: Fix uninitialized local variable
+ [id-ff] move LassoLogin to use LassoSignatureContext
-2010-04-28 16:52 bdauvergne
+2011-12-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/session.c: in lasso_session_count_assertions, do not emit warning if
- session is not an object
+ [core] rename lasso_provider_set_specific_signing_key to lasso_provider_set_server_signing_key
-2010-04-27 22:55 bdauvergne
+ [perfs] add command line options, add option to use shared secret key cryptography
+ Performance with HMAC-SHA1 is 100x the one with 2048 bits RSA.
- * lasso/saml-2.0/logout.c: SAML 2.0: always restart initial request processing in
- lasso_logout_build_response_msg
-
- * Does it also in process_response_msg if no more assertions are
- present.
- * Take into account that lasso_saml20_profile_process_any_response
- already check for the status code, and so specify finer error code in
- the cleanup code.
+ [core] add the HMAC-SHA1 shared secret signature method
-2010-04-27 22:55 bdauvergne
+ [core] refactor lasso_query_verify_signature and lasso_saml2_query_verify_signature
+ This commit introduces lasso_query_verify_helper which factorize
+ cryptographic operations.
- * lasso/saml-2.0/provider.c: SAML 2.0: fix
- lasso_saml20_provider_get_first_http_method
-
- * LassoServer object can have many roles, use the default role of the
- remote provider to decide on which to assume.
+ [tests] use helper macros in id-ff test case
-2010-04-27 22:55 bdauvergne
+ [core] add lasso_provider_add_key to add other key for signature validation
+ The added key can be appended or prepended, depending on the need for the key:
+ - rollover
+ - improving performances (using simpler cryptographic algorithmss using shared secret keys)
- * lasso/saml-2.0/logout.c: SAML 2.0 Logout: in init_request, remove the assertion
- anyway
-
- * lasso/saml-2.0/logout.c:
- when initiating a logout, if no problem is found, remove the assertion.
- you can always continue by changing profile->http_request_method to
- SOAP for example and redo a build_request_msg.
+ [core] add method lasso_provider_set_specific_signing_key
+ Using this method you can specify a signing which will be used for
+ communication with the specified provider instead of the one configured
+ on the LassoServer object. The main objective is to allow shared secret
+ cryptography instead of public key cryptography.
-2010-04-27 22:55 bdauvergne
+ [core] add a new class LassoKey
+ LassoKey currenly store a LassoSignatureContext inside a
+ reference-counted and bindable object. It will be used to export API
+ around key management to bindings.
- * lasso/saml-2.0/profile.c: SAML 2.0:
- lasso_saml20_profile_process_any_response_msg, change status code checking
+ [core] set the xmlSec log handler globally
+ The log handler is not set in lasso_init().
-2010-04-22 11:19 bdauvergne
+ [saml2] introduce a lasso_saml2_assertion_get_audirence_restrictions to factorize some code
- * lasso/saml-2.0/logout.c: SAML 2.0: lasso_logout_build_response_msg, just verify
- there is saved data from a previous request before switching them
-
- * lasso/saml-2.0/logout.c:
- There is no need to check what the previous remote provider ID was,
- just that initial_remote_providerID is not NULL in order to switch
- request, response and remote_providerID.
+ [core] introduce the LassoSignatureContext context, to pass around signature parameters
+ This structure is used to pass around the signature algorithm
+ and the signature key.
-2010-04-22 11:19 bdauvergne
+ [core] add a lasso_base64_decode function
- * lasso/id-ff/login.c: Fix wrong change g_free -> lasso_release inside example
- code
+ [core] replace explicit allocation of LassoProviderPrivate by use of g_type_class_add_private
+ The private part is allocated contiguously to the public structure data.
-2010-04-22 01:12 bdauvergne
+ [configure.ac] fix compilation on Mac Os X
- * lasso/id-ff/provider.c: Provider: fix problem when reusing the same lists nodes
- in Descriptors
+ [xml] use lasso_node_export_to_query_with_password to implement lasso_node_export_to_query
-2010-04-22 00:45 bdauvergne
+ [tools] fix lasso_sha1 to return a glib allocated string
- * lasso/id-ff/provider.c, lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf-2.0/data_service.c, lasso/registry.c, lasso/utils.h,
- lasso/xml/xml.c: Improve safety by replacing all g_hash_table_destroy use by
- lasso_release_ghashtable
+ [id-ff/saml2] add a lasso_server_add_provider2
+ It allows to add LassoProvider objects directly to a LassoServer object,
+ without using the metadata loading methods.
-2010-04-22 00:44 bdauvergne
+ [utils] add lasso_crypto_memequal function
+ This method compare byte strings in constant time.
- * lasso/id-ff/identity.c, lasso/id-ff/login.c, lasso/id-ff/provider.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/discovery.c, lasso/id-wsf/discovery.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/provider.c,
- lasso/xml/saml-2.0/samlp2_response.c, lasso/xml/xml.c: Improve safety by
- replacing all g_list_free use by lasso_release_list
+ [tools] add a LassoSignatureContext structure to pass signature parameters around
+ Signature parameters are mainly a LassoSignatureMethod and a xmlSecKey.
-2010-04-22 00:44 bdauvergne
+ [xml] add an inline function to validate LassoSignatureMethod values
+ - add also a LASSO_SIGNATURE_METHOD_NONE value
- * lasso/id-wsf-2.0/data_service.c, lasso/utils.c, lasso/xml/samlp_status.c,
- lasso/xml/tools.c, lasso/xml/xml.c: Improve safety by replacing all
- g_string_free use by lasso_release_gstring
+ [utils] add lasso_transfer_xml_node macros
-2010-04-22 00:44 bdauvergne
+ [core] simplify lasso_provider_load_public_key
- * lasso/id-ff/defederation.c, lasso/id-ff/federation.c, lasso/id-ff/identity.c,
- lasso/id-ff/login.c, lasso/id-ff/logout.c, lasso/id-ff/name_registration.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf/authentication.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/wsf_profile.c, lasso/registry.c, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/ecp.c, lasso/saml-2.0/provider.c, lasso/saml-2.0/server.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c, lasso/xml/saml_assertion.c,
- lasso/xml/tools.c, lasso/xml/ws/wsse_username_token.c, lasso/xml/xml.c: Improve
- safety by replacing all g_free use by lasso_release
+2011-11-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-22 00:44 bdauvergne
+ [web] fix link on the download page
- * lasso/id-ff/login.c: Start an example listing for an IdP SingleSignOn endpoint
+ Merge branch 'multi-certificates'
-2010-04-22 00:44 bdauvergne
+ Merge branch 'excl-c14n-fix'
- * tests/random_tests.c: Free xmlSecKey
+ [web] add release news for release 2.3.6
-2010-04-22 00:44 bdauvergne
+ [release] 2.3.6
- * lasso/xml/xml.c: Fix potential SEGFAULT in _lasso_node_free_custom_element
+2011-11-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-22 00:44 bdauvergne
+ [integration tests] does not use full leak report
- * lasso/utils.h: Utils: add lasso_assign_list
+ [integration tests] show more callers when using valgrind memcheck looking for leaks in authentic and lcs
-2010-04-22 00:44 bdauvergne
+ [tests] add test for rollover on the SP side, i.e. rollover of encryption keys
+ This test case is the first to abstract the workflow between two
+ LassoLogin object (for the idp and sp side). This part of the code could
+ be used to simplify the code of other tests in the future.
- * lasso/utils.h: Add lasso_release_gstring
+2011-11-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-22 00:44 bdauvergne
+ [core] do not emit a warning for expected decryption errors
+ The only expected decryption error is on decryption of the symetric key
+ used to crypt the data. All other errors are critical and must be
+ logged.
- * lasso/utils.h: Utils: add lasso_release_ghashtable
+ Client of lasso_node_decrypt_xmlnode can then log the decryption failure
+ of the symetric if they tried with all possible keys (key rollover
+ case).
-2010-04-22 00:44 bdauvergne
+2011-11-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/profile.c: SAML 2.0 Profile: remove unused must_sign variable
+ [core] add a new class of errors for xml encryption errors
+ add LASSO_XMLENC_ERROR_INVALID_ENCRYPTED_DATA for generic unrecoverable
+ xml decryption errors.
-2010-04-22 00:44 bdauvergne
+ [leakcheck] fix leaks seen by the unit tests
+ This commit also improved valgrind suppression file to hide static
+ allocations done by the GLib type system.
- * lasso/id-ff/logout.c: First try to check that objects are fully functionals
- before proceeding
+ [core] fix wrong XML canonicalization when assertion is extracted without its namespace context
-2010-04-22 00:44 bdauvergne
+2011-11-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/logout.c: Fix potential SEGFAULT of an unknown provider
+ [misc] apply changes to remove warning blocking compilation with gcc 4.5.2 and php 5.3.5
+ - gcc now warns when you compate a typedef to the anonymous enum which
+ define it.
+ - some inline function in the zend.h header do compare between signed
+ and unsigned char.
-2010-04-20 09:34 bdauvergne
+2011-11-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/login.c: SAML 2.0: in lasso_saml20_process_federation, only
- handle the case of PERSISTENT format
-
- * lasso/saml-2.0/login.c:
- in lasso_saml20_process_federation:
- - if no name id format can be found by the request, use the default from
- the metadata file (first declared NameIDFormat)
- - instead of checking if format is TRANSIENT, check if it is PERSISTENT,
- and proceed with the federation, if not just return 0.
- - return LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER instead of
- LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
- - in any case, check for consent.
+ [core] multiple decryption keys support
+ This commit complements the support for multiple signing certificate
+ support in the metadata files. The use-case is still key roll-over.
-2010-04-20 09:34 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: in lasso_saml20_login_validate_request, do not
- check signature if not necessary
-
-2010-04-20 09:34 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: find binding when only
- AssertionConsumerServiceURL is set, do not check signature on request if asked
-
-2010-04-20 09:34 bdauvergne
-
- * lasso/saml-2.0/provider.c, lasso/saml-2.0/providerprivate.h: SAML 2.0: add
- internal method to retrieve the binding for an URL
-
-2010-04-20 09:34 bdauvergne
+ The structure LassoServerPrivateData was changed to accomodate multiple
+ decryption keys, and so:
- * lasso/id-ff/profile.h, lasso/saml-2.0/login.c: Login: add internal function
- _lasso_login_must_verify_*signature
-
-2010-04-19 11:51 bdauvergne
-
- * lasso/id-ff/login.c: Login: remove symbol markers in example code
+ xmlSecKey *encryption_private_key
-2010-04-19 11:30 bdauvergne
+ became:
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/login.c,
- lasso/id-ff/provider.c, lasso/id-wsf-2.0/profile.c, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/saml2_helper.c, lasso/xml/xml.c, lasso/xml/xml.h: Fix
- documentation problems
+ GList *encryption_private_keys
-2010-04-16 15:37 bdauvergne
+ All uses of this key were replaced by a loop over this list, terminating
+ with the first key to be able to decrypt the content.
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/profile.c,
- lasso/id-ff/profile.h, lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c,
- tests/metadata_tests.c: Ameliorate support for
- lasso_profile_set_signature_verify_hint
-
- * lasso/id-ff/profile.h:
- - add end symbol for enum LassoProfileSignatureVerifyHint
- * lasso/id-ff/profile.c:
- - fix documentation of lasso_profile_set_signature_verify_hint
- - do not allow to set or return invalid value for the
- signature_verify_hint attribute.
- * lasso/saml-2.0/login.c:
- - handle new enum value
- * lasso/saml-2.0/profile.c:
- - handle new enum value
- - fix missing catch of signature error reporting when
- signature_verify_hint is IGNORE.
- * docs/reference/lasso/lasso-sections.txt:
- - export enums LassoProfileSignatureHint and
- LassoProfileSignatureVerifyHint
- * tests/metadata_tests.c:
- - fix test of all Role enumerations
+ The private key passed to lasso_server_new() or
+ lasso_server_new_from_buffers() is first added to the list of decryption
+ keys. Any other call to
+ lasso_server_set_encryption_private_key_with_password() or
+ lasso_server_set_encryption_private_key() will add a new key to the
+ list.
-2010-04-06 15:00 bdauvergne
+2011-11-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * schemas/saml-2.0/saml-schema-assertion-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-auth-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ip-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ippword-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-kerberos-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-nomad-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-personal-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-pgp-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ppt-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-pword-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-session-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-smartcard-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-smartcardpki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-softwarepki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-spki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-srp-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-sslcert-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-timesync-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-types-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-x509-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-xmldsig-2.0.xsd,
- schemas/saml-2.0/saml-schema-dce-2.0.xsd,
- schemas/saml-2.0/saml-schema-ecp-2.0.xsd,
- schemas/saml-2.0/saml-schema-metadata-2.0.xsd,
- schemas/saml-2.0/saml-schema-protocol-2.0.xsd,
- schemas/saml-2.0/saml-schema-x500-2.0.xsd,
- schemas/saml-2.0/saml-schema-xacml-2.0.xsd: Revert "Core: add XML schemas for
- SAML 2.0"
-
- This reverts commit 5250c2c89e3983189a3c52cd85ad221ff7b6f64b.
+ Merge branch 'extension-abi-respecting'
-2010-04-06 15:00 bdauvergne
+ [saml2] add missing extension point for LassoSaml2SubjectConfirmationData
+ - it can support any content and any attribute without validation
+ xs:any with processContents="lax"
- * lasso/saml-2.0/profile.c: SAML 2.0: add Destination attribute to requests
-
- * lasso/saml-2.0/profile.c:
- this change make Lasso respect paragraphs 3.4.5.2 (HTTP-Redirect
- binding securit considerations ) and 3.5.5.2 (the same for HTTP-Post)
- of the saml-bindings-2.0-os.pdf document, and should allow our Authn
- Requests to be accepted by shiboleth IdP.
+ [xml] allow to store XSchema data into a private stucture
+ - added new macros SNIPPET_STRUCT_MEMBER and SNIPPET_STRUCT_MEMBER_P
+ replaces use of G_STRUCT_MEMBER/_P macros.
+ - we use the GType of the class containing a given XmlSnippet to find
+ the proper private structure.
+ - added flag SNIPPET_PRIVATE to state XmlSnippet whose value
+ should be extracted from the private structure and not the public
+ one.
-2010-04-06 13:11 bdauvergne
+ [binding python] prevent warning in wrapper_top.c under hardy with gcc 4.2.4
- * tools/check-lasso-sections.py: Tools: add usage statement to
- check-lasso-sections.py
+ [core] add missing break to switch/case
-2010-04-06 13:11 bdauvergne
+2011-11-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * docs/reference/lasso/lasso-sections.txt: Docs: add/remove symbols from
- lasso-sections.txt
+ [bindings] fix bug introduced in last commit
-2010-04-06 13:11 bdauvergne
+2011-10-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/data_service.c: ID-WSF 2.0 DST: make
- lasso_idwsf2_data_service_set_status_code works event if no response is
- initialized
+ [bindings] fix tree traversal on windows
+ - The file path separator is not / on all platforms, so do not use it
+ when matching filenames.
-2010-04-06 13:11 bdauvergne
+ [misc] apply changes to remove warning blocking compilation with gcc 4.5.2 and php 5.3.5
+ - gcc now warns when you compate a typedef to the anonymous enum which
+ define it.
+ - some inline function in the zend.h header do compare between signed
+ and unsigned char.
- * tests/basic_tests.c: Tests: add tests for custom namespace functions
+ [xml saml-2.0] add missing annotation for binding generation to header for LassoKeyInformationDataType
-2010-04-06 13:11 bdauvergne
+2011-10-13 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/provider.c: ID-FF 1.2 & SAML 2.0: factorize access to role prefix
+ [xml saml-2.0] add a class to handle the KeyInfoConfirmationData type
+ * use a direct mapping to map this class to SubjectConfirmationData
+ node having the xsi:type attribute.
+ * overload get_xmlNode method to add the xsi:type attribute on output.
-2010-04-06 13:11 bdauvergne
+ [xml] allow node classes to not defined their nodename, useful for simple Type
- * tests/metadata_tests.c: Tests: make role descriptor loading test less verbose
-
- * tests/metadata_tests.c:
- remove printf, add checks
+2011-10-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-06 13:11 bdauvergne
+ [id-wsf2 profile] check provider->private_data->roles instead of provider->role
+ Fixes #140.
- * tests/tests.h: Tests: show actual value in check_equals test macro
+ [id-wsf discovery] provider can now contain multiple public keys, only consider the first key for id-wsf token generation
+ ID-WSF never contemplated the fact that sometimes key roll-over happend
+ (SubjectConfirmation can only containg on ds:KeyInfo), whatever...
-2010-04-06 13:11 bdauvergne
+ [saml-2.0] augment lasso_saml20_provider_get_first_http_method to verify presence of synchronous bindings
- * lasso/id-wsf-2.0/data_service.c, lasso/xml/private.h, lasso/xml/xml.c: XML: add
- custom namespace definition handling
+ [xml] if a SNIPPET_LIST_NODES as the SNIPPET_ANY flag, allows really any kind of node through LassoMiscTextNode
-2010-04-06 13:11 bdauvergne
+ [xml] allows LassoMiscText.init_from_xml to parse any xmlNode
+ If the node has no attributes and has a simple string content, we use the
+ classic embedding by setting, name, ns_href, ns_prefix. Otherwise the complete
+ xmlNode is copied.
- * lasso/saml-2.0/provider.c: SAML 2.0: fix default assertion consumer handling
- when isDefault is missing
-
- * if no default_assertion_consumer value is set after traversing the
- list of endpoint, try to find the first one without isDefault="false"
- and finally take the first one.
+ [tests] add non-regression tests concerning the parsing of any xmlNode tree by LassoMiscTextNode when SNIPPET_ANY is used by a LassoNode
-2010-04-06 13:11 bdauvergne
+ [xml] only try to map an xmlNode to a class ame if the node has a namespace
- * lasso/saml-2.0/provider.c: SAML 2.0: fix default assertion consumer handling
-
- * the default one is the first with the attribute isDefault not the
- last.
+ [xml saml-2.0] change AttributeValue snippets to accept any children
+ An AttributeValue has an XSchema type of xs:any.
-2010-04-06 13:11 bdauvergne
+2011-10-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/idwsf1_tests.py: Binding python tests: update idwsf1 to
- explicitely register PP10 HREF
+ [xml] create a static version of lasso_node_new_from_xmlNode_with_type without error logging
+ When used inside lasso_node_impl_init_from_xml the error logging is
+ prematurely sent as there is a backup procedure for parsing unknown
+ nodes inside a SNIPPET_LIST_NODES by creating a LassoMiscTextNode
+ containing a copy of the parsed xmlNode child.
-2010-04-06 13:11 bdauvergne
+2011-09-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/idwsf2_tests.py: Binding python: update idwsf2 test for
- method change dst.initResponse -> validateRequest
+ [configure.ac] default AM_MAINTAINER_MODE to enable
-2010-04-06 13:11 bdauvergne
+2011-07-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/xml.c: XML: do not register any DST namespace by default
+ [configure.ac] remove useless semi-colons
-2010-04-06 13:11 bdauvergne
+ Fix wrong version exported in the PHP binding
- * lasso/xml/id-wsf-2.0/dstref_result_query.c,
- lasso/xml/id-wsf-2.0/dstref_result_query.h, lasso/xml/xml.c: XML: add a
- SNIPPET_COLLECT_NAMESPACES snippet to DstRefResultQuery
+2011-06-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-06 13:11 bdauvergne
+ Change the glob expression to match darwin $host_os
+ Also use the $DARWIN flag to control the setting of JNI_EXTRA_LDFLAGS.
- * docs/reference/lasso/lasso-sections.txt, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/data_service.h: ID-WSF 2.0 Data Service: new accessor, fix use
- of build_unique_id, change init_response to validate_request
+2011-05-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-06 13:11 bdauvergne
+ [java] try to make test works under Mac Os X
- * lasso/xml/private.h, lasso/xml/xml.c: Core: add a SNIPPET_COLLECT_NAMESPACE
- snippet type
-
- * lasso/xml/private.h lasso/xml/xml.c:
- add a new primary XmlSnippet type for collecting all namespace
- declaration, following parent relation on current node or one of the
- child nodes.
+ [core] finish transition from single encryption key to multiple ones
+ Some code still reference provider->private->encryption_public_key, this
+ commit make them use lasso_provider_get_encryption_public_key().
-2010-04-06 13:11 bdauvergne
+2011-05-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/lang.py: Binding python: fix use of raise_on_rc, simplift
- Node.__setstate__
+ [bindings perl] remove --as-needed from linker flags, it is not supported evrywhere
+ It can come back if we add proper checking of the support on the
+ platform, maybe we can leverage tests made by autoconf.
-2010-04-06 13:11 bdauvergne
+ Disable metadata loading test with the UK federation files
- * lasso/xml/xml.c: Revert "Make lasso_node_get_xmlNode return original_xmlnode if
- there is one"
-
- This reverts commit dfd8f21ab27d2b25a67a52aadd9d4cdce20ebda5.
+2011-05-23 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-06 13:11 bdauvergne
+ Merge branch 'multi-certificates'
- * bindings/python/tests/binding_tests.py, bindings/python/wrapper_top.c: Binding
- python: for empty GList return empty tuples, not None
+2011-05-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-04-06 13:11 bdauvergne
+ [bindings perl] in Makefile.am, gives a default template to mktemp
+ Thanks to Nathan Sowatskey for the bug report and the fix.
- * lasso/id-ff/login.c: Docs: remove from documentation comments characters outside
- ASCII for python bindings
+ [core] start of support multiple keys for encryption
-2010-04-06 13:10 bdauvergne
+ [tests] add unit test for the provider with multiple key feature
- * lasso/saml-2.0/profile.c: Fix return path in lasso_saml20_process_any_response
- for signatures checking
+ [tests] add sample metadata for testing metadata with multiple key descriptors
-2010-04-06 13:10 bdauvergne
+2011-05-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/xml.c: fix documentation of lasso_node_debug
+ [core] first try at multiple signing keys support
+ The idea was to replace every use of an xmlSecKey* by a loop over a
+ GList* of xmlSecKey*.
-2010-04-06 13:10 bdauvergne
+ - In the structure LassoProviderPrivate changed
+ xmlSecKey*public_key -> GList* signing_public_keys
+ xmlNode*signing_key_descriptor -> GList* signing_key_descriptors.
+ - Renamed lasso_provider_try_loading_public_key to
+ lasso_provider_try_loading_public_keys and chaned its signature
+ accordingly
+ - Renamed lasso_provider_get_public_key to
+ lasso_provider_get_public_keys and changed the signature accordingly.
+ - Changed lasso_provider_get_encryption_public_key to return the first
+ signing key from the list as a temporary work around. Multiple
+ encryption keys will be supported later.
+ - Changed lasso_provider_load_public_key to load keys from the passed
+ file on the LassoProvider constructor, from every key descriptors
+ found for signing and eventually from the key descriptor marked for
+ encryption.
+ - Every failure to load from a file or an XML KeyInfo descriptor are
+ noew reported as warning.
+ - Query signature checking was completely moved to
+ lasso_provider_verify_query_signature and
+ lasso_provider_verify_signature now calls it.
+ - lasso_provider_verify_signature is now using lasso_verify_signature
+ from the xml/tools.o module.
+ - lasso_provider_verify_single_signature was modified to support
+ multiple signing keys.
- * lasso/xml/xml.c: Make lasso_node_get_xmlNode return original_xmlnode if there is
- one
-
- * lasso/xml/xml.c:
- this change allow session to contain exact copy of received assertion
- (and not the one lacking signatures) and also to put those assertions
- directly into message, for example as ID-WSF credentials.
- But it could have side effect, so for now I will no merge it.
+2011-05-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-27 17:40 bdauvergne
+ [utils] add macros to append to and release a list of xmlSecKey*
+ [core] make lasso_provider_verify_query_signature use lasso_provider_verify_signature
- * lasso/id-ff/login.c: update documentation of
- lasso_login_build_authn_response_msg
+ [bindings perl] in Makefile.am, gives a default template to mktemp
-2010-03-27 17:40 bdauvergne
+2011-05-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: update documentation of lasso_login_build_authn_request_msg
+ [xml] use g_strndup instead of strndup, as it is more portable
-2010-03-27 17:40 bdauvergne
+2011-05-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: improve documentation of lasso_login_build_artifact_msg
+ [tests] fix broken renater metadata file
+ A modification was introduced which broke the signature, updating to the
+ last version.
-2010-03-27 17:39 bdauvergne
+2011-05-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: use lasso_release_gobject in lasso_login_destroy
+ [tests] move renater metadata files into the metadata/ subdirectory
-2010-03-27 17:39 bdauvergne
+2011-05-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: update lasso_login_accept_sso documentation
+ [saml2] add proper error code for partial logout status code
-2010-03-27 17:39 bdauvergne
+ [saml2] fix build_request_msg for AuthzDecision assertion queries
+ The servicepoints and roles arrays did not match the provider role
+ enumerations.
- * lasso/id-ff/login.c: ID-FF&SAML2: complete documentation of
- lasso_login_build_assertion
+2011-04-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-27 17:39 bdauvergne
+ [saml2] if Status is not Success pass continue processing the response
+ lasso_saml20_login_process_response_status_and_assertion does analyze
+ the response status code login specific error codes, if the generic
+ processing from lasso_saml20_profile_process_any_response returns a
+ status of response is not success, we must continue processing.
- * lasso/backward_comp.h: Make multiple include loading work in
- lasso/backward_comp.h
-
- * lasso/backward_comp.h
- add missing BACKWARD_COMP_H define.
+ [saml2] for any RequestDenied SAML2 response return LASSO_PROFILE_ERROR_REQUEST_DENIED as error
-2010-03-27 16:52 bdauvergne
+ [core] add a generic LASSO_PROFILE_ERROR_REQUEST_DENIED
- * bindings/perl/t/Lasso.t: Binding python: fix test file
+2011-04-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-27 16:52 bdauvergne
+ [core] make LassoServerLoadMetadataFlag enum a typedef
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/profile.h,
- lasso/id-ff/provider.c, lasso/id-ff/provider.h, lasso/id-ff/providerprivate.h,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/profile.c,
- lasso/saml-2.0/profileprivate.h, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/providerprivate.h, lasso/xml/saml-2.0/saml2_strings.h,
- lasso/xml/saml-2.0/saml2_xsd.h, tests/Makefile.am,
- tests/assertion_query_saml2.c, tests/metadata_tests.c, tests/tests.c: SAML
- 2.0&ID-FF 1.2: simplify and complete metadata loading for multi-role support
+2011-04-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-27 16:52 bdauvergne
+ Merge branch 'load-federation'
- * schemas, schemas/saml-2.0, schemas/saml-2.0/saml-schema-assertion-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-auth-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ip-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ippword-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-kerberos-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-nomad-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-personal-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-pgp-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-ppt-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-pword-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-session-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-smartcard-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-smartcardpki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-softwarepki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-spki-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-srp-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-sslcert-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-telephony-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-timesync-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-types-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-x509-2.0.xsd,
- schemas/saml-2.0/saml-schema-authn-context-xmldsig-2.0.xsd,
- schemas/saml-2.0/saml-schema-dce-2.0.xsd,
- schemas/saml-2.0/saml-schema-ecp-2.0.xsd,
- schemas/saml-2.0/saml-schema-metadata-2.0.xsd,
- schemas/saml-2.0/saml-schema-protocol-2.0.xsd,
- schemas/saml-2.0/saml-schema-x500-2.0.xsd,
- schemas/saml-2.0/saml-schema-xacml-2.0.xsd: Core: add XML schemas for SAML 2.0
-
-2010-03-27 16:51 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/xml/soap_binding.h: Doc: add all
- missing methods to documentation section file
-
- * add missing LASSO_EXPORT too for functions already present in the
- documentation, but not exported previously.
-
-2010-03-27 16:51 bdauvergne
-
- * tools/check-lasso-sections.py: Tools: add script to check for missing functions
- in lasso-sections.txt
-
-2010-03-27 16:51 bdauvergne
-
- * lasso/xml/xml.c: XML: in lasso_node_build_xmlNode_from_snippets only set child
- name if SNIPPET is not of ANY type
-
-2010-03-27 16:51 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Core: add
- lasso_set_string_from_prop(char**,xmlNode*,..) function
-
-2010-03-27 16:51 bdauvergne
-
- * lasso/id-ff/profile.c, lasso/id-ff/profile.h: Core: add method to check whether
- we are IdP or SP of another provider
-
- * lasso/id-ff/profile.{c,h}:
- the method lasso_profile_sso_role_with, evaluate using the current
- LassoIdentity content if we are in a relation of IdP or SP toward
- another provider. This is based on the existence of a federation with
- this provider.
-
-2010-03-27 16:51 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_strings.h: SAML 2.0: add attribute profiles strings
-
-2010-03-27 16:51 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/login.c, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/id-ff/providerprivate.h, lasso/id-ff/server.c,
- lasso/id-ff/serverprivate.h, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/provider.c: SAML 2.0: add support for attribute, authentication
- and authorization authorities metadata
-
- * server.c,serverprivate.h: add new private method
- lasso_server_get_firs_providerID_by_role(server, role)w
- * defederation.c: use new private method
- lasso_server_get_first_providerID_by_role for find providerID
- when the argument remote_providerID is null in
- lasso_defederation_init_notification.
- * lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
- method lasso_server_get_first_providerID_by_role.
- * provider.h: add thre new provider role (authn,pdp,attribute) and
- four new services (authn,assertionid,attribute,authz) and also
- a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
- array sizing.
- * provider.h: add a LAST member to LassoMdProtocolType enum.
- * providerprivate.h,provider.c:
- - removes separate hashtable for descriptors depending on provider role,
- use only one table named Descriptors.
- - use the LAST members of enumerations to dimention static string arrays.
- * provider.h: add a LAST member to the e
+ [tools] redirect xmlsec errors to lasso error handler
-2010-03-27 16:51 bdauvergne
+ [tools] use LASSO_LOG_DOMAIN instead of magic constant
- * lasso/xml/xml.c: XML: add support for setting attribute in any namespace using
- element tree syntax
+ [Makefile] move lasso/xml/tools.h to public headers
-2010-03-27 16:51 bdauvergne
+2011-04-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c: Support SignatureVerifyHint in
- SAML 2.0 SSO profile and common message handling
+ [core] add flags parameter to lasso_server_load_metadata to tune signature checking on metadata files
+ The flags parameter allows to control the checking of digital signature
+ upon EntityDescriptor and EntitiesDescriptor nodes in SAML 2.0 metadata
+ files.
-2010-03-27 16:51 bdauvergne
+ The default behaviour is to check all found signatures and to inherit
+ signature from EntitiesDescriptor to their children.
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/profile.c,
- lasso/id-ff/profile.h, lasso/id-ff/profileprivate.h: Add signature_verify_hint
- accessor methods to LassoProfile
-
- * lasso/id-ff/profile.{c,h}:
- add a LassoProfileSignatureVerifyHint enumeration and two accessor
- methods:
- - lasso_profile_get_signature_verify_hint
- - lasso_profile_set_signature_verify_hint
- * lasso/id-ff/profileprivate.h:
- add private field signature_verify_hint.
+ By only enabling checking of EntityDescrtiptor node signatures it's also
+ possible to only check signature at the EntityDescriptor level and so
+ only trust individual entities and not the aggregating provider.
-2010-03-27 16:51 bdauvergne
+2011-04-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/utils.py: Bindings: fix parsing of camelcased ident (Samlp2IDPList ->
- samlp2,idp,list)
+ [core] update documentation of lasso_server_load_metadata
-2010-03-27 16:51 bdauvergne
+2011-04-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/lang.py: Binding python: fix problem of classes without an
- initializer
+ [core] make lasso_server_load_metadata load any metadata file
+ The new code can load metadata file with a EntityDescriptor root node,
+ and with nested EntitiesDescriptor.
-2010-03-27 16:51 bdauvergne
+ Idea and prototype by Olav Morken.
- * tests/tests.h: Tests: add macros to test for string equality
+2011-04-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-27 16:51 bdauvergne
+ [server] in lasso_server_load_metadata do not duplicate checks already made by lasso_verify_signature
+ lasso_verify_signature already checks that reference is to the given
+ signed node, be it referenced through an ID or through an empty
+ reference.
- * tests/login_tests_saml2.c: Tests: in SAML 2.0 tests, use more check_ macros
+ [xml] if signature reference is empty check that signed node is the document root
+ An empty reference means the complete document, so the signed node is
+ the root element of this document. We must check that the parameter
+ signe_node dmatches our assumption.
-2010-03-27 16:51 bdauvergne
+ [core] rename lasso_server_load_federation to lasso_server_load_metadata
+ The aim of this function is now to load any metadata file, and to
+ replace completely the use of lasso_server_add_provider.
+ The metadata content argument is replaced by a metadata file path to
+ more closely match other APIs.
- * tests/tests.h: Tests: add macros check_equals and check_not_equals
+ [web] update download page
-2010-03-27 16:51 bdauvergne
+2011-03-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/xml.c: Core: change GObjectAnnotation of lasso_node_export_to_query to
- state that private_key_file is optional
+ [core] add a loaded_entity_ids output parameter to lasso_server_load_federation
+ It allows to know which entity has been loaded from the metadata file.
+ It must be freed by the caller.
-2010-03-27 16:51 bdauvergne
+ [core] add a blacklisted_entity_ids parameter to lasso_server_load_federation
+ The goal is to prevent loading of provider known to have problems.
- * bindings/bindings.py, lasso/xml/saml-2.0/Makefile.am,
- lasso/xml/saml-2.0/saml2_xsd.h: SAML 2.0 XML: add header listing strings from
- XML schema
+2011-03-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-08 13:19 bdauvergne
+ [tests] remove spurious output
- * lasso/saml-2.0/login.c: SAML 2.0: fix uninitialized variable
+ [tests] continue improving the lasso_server_load_federation test cases
-2010-03-08 13:19 bdauvergne
+ [tests] test lasso_server_load_federation
+ The test operates on the metadata file of the french university network
+ Renater.
- * lasso/id-wsf/id_wsf.h: ID-WSF 1.0: fix bad header name in all inclusive header
- lasso/id-wsf/id_wsf.h
+ [tests] add renater federation metadata file for testing
-2010-03-02 11:58 bdauvergne
+ [core] add a lasso_server_load_federation method
+ This method allows to load providers in bulk from what is called a
+ federation file, i.e a SAML metadata file containing declarations for
+ more than one provider. Those file are usually signed to bind some trust
+ to its content, so lasso_server_load_federation can take an optional
+ file path to a certificate chain file used to check the signature on the
+ given XML content. Only same document signature is accepted (i.e. there
+ must be only one XML signature reference and it should be to the empty
+ string meaning the « current » document).
- * bindings/php5/tests/binding_tests.php: Binding PHP5 tests: fix assertion dump
- test
+ [core] add a private constructor to build LassoProvider object from an xmlNode
+ I'm not sure of the need outside lasso so I will let this method private
+ for the moment. It's an helper method for the
+ lasso_server_load_federation method which traverses an
+ EntitiesDescriptor node to find all the EntityDescriptor contained
+ inside.
-2010-03-02 11:58 bdauvergne
+ [saml2] add and internal method to load a federation metadata file
+ It only loads one kind of provider (idp or sp). It's currently
+ impossible for a provider to have the two roles at the same time toward
+ a given LassoServer object, i.e. the current service is a service
+ provider or an identity provider, it cannot be the two at the same time.
- * lasso/xml/disco_send_single_logout.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.c, lasso/xml/lib_assertion.c,
- lasso/xml/saml-2.0/saml2_condition_abstract.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.c, lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_endpoint_reference.c: XML: move registry mapping into the
- *_get_type() functions
-
- * lassoxml/disco_send_single_logout.c:
- * lassoxml/id-wsf-2.0/sb2_user_interaction_header.c:
- * lassoxml/id-wsf-2.0/subsref_app_data.c:
- * lassoxml/lib_assertion.c:
- * lassoxml/saml-2.0/saml2_condition_abstract.c:
- * lassoxml/saml-2.0/saml2_encrypted_element.c:
- * lassoxml/ws/wsa_attributed_uri.c:
- * lassoxml/ws/wsa_endpoint_reference.c:
- class_init is only called the first time an object of the given type
- is created, registry mappings must exist before this time, so I moved
- the registration code to the _get_type() functions.
+ [saml2] improve reporting of errors when loading a provider metadata file
-2010-03-02 11:58 bdauvergne
+ [xml] allow empty reference in XML signature (document signature)
- * lasso/xml/xml.c, lasso/xml/xml.h: Core: add a level argument to lasso_node_debug
+ [xml] make id_attr_name parameter optional for lasso_verify_signature
-2010-03-02 11:58 bdauvergne
+2011-03-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h: ID-WSF 2.0:
- add lasso_soap_envelope_set_relates_to method
+ [xml] fix lasso_node_get_xmlnode_for_any_type
+ xmlCopyPropList does not copy the property list into the target it just
+ copy it with respect to the target (mainly for namespace references).
-2010-03-02 11:58 bdauvergne
+ This patch adds the real copy into the target node.
- * lasso/utils.h: Core: add macro to remove gobject from lists
+2011-03-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-02 11:57 bdauvergne
+ [core] add missing namespace definitions to internal objects
+ Identity, Lecp, Login, Logout, NameIdentifierMapping, NameRegistration,
+ Session, AssertionQuery, Ecp and NameIdManagement objects were missing a
+ namespace association to their GObject class. It broke when you try to
+ dump a node created by lasso_node_new_from_dump.
- * lasso/xml/Makefile.am, lasso/xml/tools.c, lasso/xml/tools.h: Core: export
- lasso_build_unique_id into public API
-
- * lasso/xml/tools.h:
- add new header to export lasso_build_unique_id as a public API.
-
- * lasso/xml/Makefile.am:
- add tools.h to header list
-
- * lasso/xml/tools.c:
- add GObjectIntrospection annotations to exported functions.
+ [tests] add test case for multiple load and dump of the same object
-2010-03-02 11:57 bdauvergne
+2011-02-08 Frédéric Péters <fpeters@entrouvert.com>
- * lasso/saml-2.0/profile.c: SAML 2.0: change error code for empty ArtifactResolve
- response to LASSO_PROFILE_ERROR_MISSING_RESPONSE
+ [debian] adapt packaging to official section overrides
-2010-03-02 11:57 bdauvergne
+ [debian] sync packaging with official package
- * bindings/java/Makefile.am: Bindings java: do not mask errors from the code
- generator
+2011-01-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-02 11:57 bdauvergne
+ Merge branch 'master' of git@dev.entrouvert.org:lasso
- * lasso/id-ff/profile.c, lasso/id-ff/profile.h, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/profile.c,
- lasso/id-wsf-2.0/profile.h: Core: add an helper method to build a SOAP response
- in a LassoProfile object
-
- * lasso/id-ff/profile.{c,h}:
- add lasso_profile_add_soap_fault_response(char* code, char *string,
- GList *details).
- * lasso/id-wsf-2.0/profile.{c,h}:
- change signature of lasso_idwsf2_profile_init_soap_fault_response.
- * lasso/id-wsf-2.0/data_service.c:
- use new function instead of manually intializing soap faults
- * lasso/id-wsf-2.0/discovery.c:
- init a soap fault when parsed request is of an unknown type, return
- proper error.
+2011-01-25 Jean-Marc Liger <jmliger@athena.siris.sorbonne.fr>
-2010-03-02 11:57 bdauvergne
+ [Fedora RPM] spec file update
- * bindings/python/tests/idwsf2_tests.py: ID-WSF 2.0 python tests: finish tests for
- new ID-WSF 2.0 API
-
- * bindings/python/tests/idwsf2_tests.py:
- all Discovery service request types are tested, and Data Service
- query is tested as well. Data Service testing and API should more
- tested, especially failure cases.
+2011-01-24 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-02 11:57 bdauvergne
+ [tests] change perfs to accept a second parameter giving the data files to use
+ Also add metadata files to check performance with 512 and 1024 bit RSA
+ keys.
- * lasso/id-wsf-2.0/data_service.c: ID-WSF 2.0: add service type to response, parse
- response before using it
+2011-01-14 Frédéric Péters <fpeters@entrouvert.com>
-2010-03-02 11:57 bdauvergne
+ [php5] Comments starting with '#' are deprecated
- * lasso/xml/xml.c: Core: in xml_insure_namespace do not segfault if ns is NULL
-
-2010-03-02 11:57 bdauvergne
-
- * bindings/python/lang.py: Binding python: accept a functio as setter, if it has
- only two arguments
-
-2010-03-02 11:57 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: in lasso_idwsf2_get_name_identifier, use
- lasso_saml2_assertion_decrypt_subject
-
-2010-03-02 11:57 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: in
- lasso_idwsf2_profile_check_security_mechanism, add common logic for SAML 2.0
- secmech, check for presence of a server object,
+2011-01-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-03-02 11:57 bdauvergne
+ Remove right column with download, binary packages and source links
+ It is redundant with other columns.
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: fix MDAssociationQueryResponse
- handling
-
- * lasso/id-wsf-2.0/discovery.c:
- - in lasso_idwsf2_discovery_validate_request, use svcmdids to
- intialize response to MSAssociationQuery requests.
- - in lasso_idwsf2_discovery_process_response_msg, extract received
- svcmdids; use lasso_check_good_rc when needed.
+ [web] fix date and version in news 19
-2010-03-02 11:57 bdauvergne
+ [web] fix typo in news for release 2.3.5
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: change signature of
- lasso_idwsf2_discovery_add_identity_to_epr
-
- * lasso/id-wsf-2.0/discovery.c:
- - in lasso_idwsf2_discovery_add_identity_to_epr, receive an Epr
- instead of an EprMetadata node, and use
- lasso_wsa_endpoint_reference_add_security_token to add the
- assertion token instead of duplicating this logic.
- - in lasso_idwsf2_discovery_build_epr change the call site.
+ Merge branch 'hotfixes-2.3.5'
-2010-03-02 11:57 bdauvergne
+ [ŕelease] Add release notes, update doap files and website
- * lasso/id-wsf-2.0/data_service.c: ID-WSF 2.0: fix documentation of
- lasso_idwsf2_data_service_build_request_msg
+ [dist] create Changelog directly from git
-2010-03-02 11:57 bdauvergne
+2011-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/saml2_helper.c: SAML 2.0: in
- lasso_saml2_assertion_get_issuer_provider, check type of server argument
+ [tests] adapt Makefile.am to new path of metadata dir
-2010-03-02 11:57 bdauvergne
+ Merge branch 'hotfixes-2.3.5'
- * lasso/utils.h: Core: add do/while(0) around block of goto_cleanup_with_rc
+ [wsf] fix wsf preprocessor conditionals
-2010-03-02 11:57 bdauvergne
+ [bindings python] configure basic logging
- * lasso/errors.c, lasso/errors.h: Core: add PROFILE errors around assertion
- validation
-
- * lasso/errors.c lasso/errors.h:
- - add errors concerning invalid assertion, assertion with invalid
- conditions, unknown issuers, or when the issuer is not a provider
- we marked as an IdP.
- - add error for missing sender id in an ID-WSF message.
+ [ghashtable] add G_GNUC_UNUSED to remove unused static functions warning
-2010-03-02 11:57 bdauvergne
+ [saml2] when parsing short numbers reinitialize errno
- * docs/reference/lasso/lasso-sections.txt, lasso/xml/private.h, lasso/xml/tools.c,
- lasso/xml/xml.c, lasso/xml/xml.h: Core: add a level argument to
- lasso_xmlnode_to_string and _lasso_node_export_to_xml
+ [bindings perl] fix get_hash_of_objects
-2010-02-22 15:18 bdauvergne
+ [bindings php5] remove hardcoding the php5 cli interpreter
+ The test script did fail under Centos/Fedora because the interpreter for
+ php5 is named php.
- * bindings/perl/glist_handling.c, bindings/perl/lang.py: Binding perl: add support
- for out parameters
-
- * bindings/perl/lang.py:
- support GObject out parameters.
+2010-12-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-22 15:18 bdauvergne
+ Merge branch 'hotfixes-2.3.5'
- * lasso/xml/saml-2.0/saml2_condition_abstract.c: SAML 2.0:
- LassoSaml2ConditionAbstract does not match its element name anymore, add a
- registry mapping
-
- * lasso/xml/saml-2.0/saml2_condition_abstract.c:
- last commit to this file changed the element name from
- ConditionAbstract to Condition so the XML parser cannot find the
- corresponding GObject class anymore.
-
-2010-02-22 13:30 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/saml-2.0/saml2_helper.c,
- lasso/saml-2.0/saml2_helper.h: SAML 2.0: add more accessors for Conditions
-
- * lasso/saml-2.0/saml2_helper.{c,h}:
- distribute code from lasso_saml2_assertion_validate_conditions to
- lasso_saml2_assertion_validate_time_checks and
- lasso_saml2_assertion_validate_audience.
- add lasso_saml2_assertion_allows_proxying and
- lasso_saml2_assertion_allows_proxying_to, to respectively check for
- proxying of the current assertion, and for proxying to a specific
- provider (you must call both of them to test completely the proxying
- status of an assertion).
- * docs/reference/lasso/lasso-sections.txt:
- reference new functions into documentation.
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/python/lang.py: Bindings python: use more accessors from utils.py
-
- * binings/python/lang.py: remove direct access to type tuples in favor
- of using accesors from utils.py.
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/utils.py: Bindings: make is_int more robust, and fix remove_modifiers
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/php5/wrapper_source.py: Bindings php5: use accessort from
- bindings/utils.py
-
- * bindings/php5/wrapper_source.py:
- do not handle 'type/variable' tuple directly, use accessors.
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/python/lang.py: Binding python: add pickling support to LassoNode
-
- * bindings/python/lang.py:
- support pickling protocol methods __getstate__ and __setstate__
- leveraging the lasso_node_dump and lasso_node_new_from_dump methods
- from Lasso.
+ [bindings perl] downgrade requirement on perl version to 5 instead of 5.10
-2010-02-22 13:30 bdauvergne
+ [bindings perl] downgrade require on perl version to 5 instead of 5.10
- * lasso/xml/private.h, lasso/xml/tools.c: Add lasso_string_to_xsd_integer, to
- parse xsd:integer values
+ Merge branch 'hotfixes-2.3.5'
-2010-02-22 13:30 bdauvergne
+ [xml] fix null pointer access in lasso_node_get_encryption
- * lasso/xml/saml-2.0/saml2_condition_abstract.c: SAML 2.0: fix bad name of
- Condition element, keep xmlNode as it is abstract
-
- * lasso/xml/saml-2.0/saml2_condition_abstract.c:
- saml2:Condition is an element whose type is abstract, it must be used
- as an extension point helped by the xsi:type field. As the content is
- unknown before hand we must keep the original xmlNode for later
- analysis.
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/python/tests/idwsf2_tests.py: Bindings python tests: update
- idwsf2_tests.py
-
-2010-02-22 13:30 bdauvergne
-
- * bindings/utils.py: Bindings: in utils.py, make clean_type handle None value
-
-2010-02-22 13:30 bdauvergne
-
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/discovery.h, lasso/id-wsf-2.0/idwsf2_helper.c,
- lasso/id-wsf-2.0/idwsf2_helper.h, lasso/id-wsf-2.0/profile.c,
- lasso/id-wsf-2.0/saml2_login.c, lasso/id-wsf-2.0/saml2_login.h,
- lasso/id-wsf-2.0/soap_binding.c, tests/idwsf2_tests.c: ID-WSF 2.0: reorganize
- EPR minting, add a process_request method to disco service
-
- * data_service.c:
- remove dependency on discovery.h
- * discovery.{c,h}:
- - add a lasso_idwsf2_discovery_process_request_msg to extract request
- data before validate request (SvcMDID, SvcMD or RequestService).
- - store SvcMDID in a private field, add a setter for it.
- - SvcMDID is now used for building response to MDAssociationQuery and
- parsing request for MDQuery, MDDelete, MDAssociationAdd and
- MDAssociationDelete.
- * idwsf2_helper.{c,h}:
- - change security mechanism argument of
- lasso_wsa_endpoint_reference_add_security_token from a NULL
- terminated string array to a GList.
- * saml2_login.{c,h}:
- - add a lasso_server_create_assertion_as_idwsf2_security_token for
- minting assertion for ID-WSF 2.0 security, to be used in Discovery
- bootstap EPR creation and EPR minting for Discovery service Query
- responses.
- - add a lasso_saml2_assertion_get_discovery_bootstrap_epr, and
- rewirte lasso_login_idwsf2_get_discovery_bootstrap_epr to use it.
- - make lasso_login_idwsf2_add_discovery_bootstrap_epr accept a list
- of security mechanisms, not just one.
- * tests/idwsf2_tests.c:
- - adapt to new argument type of
- lasso_login_idwsf2_add_discovery_bootstrap_epr.
-
-2010-02-22 13:30 bdauvergne
-
- * lasso/id-ff/logout.c: Core: add new example to LassoLogout for asynchronous
- response handling
+2010-12-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-22 13:30 bdauvergne
+ [configure.ac] increment version and libtool version info
- * lasso/build_strerror.py, lasso/errors.c: Support multiline error messages in
- build_strerror.py
+ [saml2] fix errors in lasso)provider_get_first_http_method when a binding is unknown
-2010-02-22 13:30 bdauvergne
+ [saml2 provider] change critical messages to debug messages
- * lasso/saml-2.0/saml2_helper.c, lasso/saml-2.0/saml2_helper.h: SAML 2.0: add
- lasso_saml2_encrypted_element_server_decrypt and
- lasso_saml2_assertion_decrypt_subject
-
-2010-02-22 13:30 bdauvergne
+ [saml2 profile] fix bug in binding_uri_to_http_method with the POST binding
- * tests/data/idp5-saml2/metadata.xml: Fix idp5-saml2 metadatas
-
- * tests/data/idp5-saml2/metadata.xml:
- we do not have the private key for the encryption public key, so I
- copied the signing public key.
-
-2010-02-22 13:30 bdauvergne
-
- * lasso/utils.c, lasso/utils.h: Fix lasso_extract_gobject_from_list
+ [saml login] suppress unused argument warning
-2010-02-21 12:47 mates
+2010-12-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/lasso.c:
-
-2010-02-17 16:08 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/logout.c,
- lasso/id-wsf-2.0/profile.c: Documentation: add example to LassoLogout, fix bad
- markup in id-wsf-2.0/profile.c
+ [samlv2 logout] check that the assertion is well formed before accessing the subject nameid
-2010-02-17 16:08 bdauvergne
+ [profile] prefer to lookup the session before the identity for looking up a name identifier;
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: also check sender match assertion in
- lasso_idwsf2_profile_check_security_mechanism
-
- * lasso/id-wsf-2.0/profile.c:
- for BEARER mechanism, also check that the SPNameQualifier of the
- Subject match the Sender of the request.
-
-2010-02-17 16:08 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.h: ID-WSF 2.0: add
- lasso_idwsf2_discovery_get_svcmdids to public API
+ [samlv2 logout] setup the NameID from the assertion
-2010-02-17 10:15 bdauvergne
+ [samlv2 login] do not setup conditions->notBefore/notOnOrAfter only notOnOrAfter on SubjectConfirmationData
- * tests/integration/saml2/__init__.py: Tests integration: force C locale
-
- * tests/integration/saml2/__init__.py:
- authentic now use 'system locale' by default, so force C locale to
- get english IHM string to make twill happy.
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_assertion.c: SAML 2.0: if assertion possess a signed
- original_xmlnode return it instead of using get_xmlNode
-
- * lasso/xml/saml-2.0/saml2_assertion.c:
- assertion in lasso when read are not usable anymore because the
- signature is lost, this commit allows to keep assertion unaltered
- after reading them if they contained a top level signature (a
- signature contained in the Assertion node).
- This is useful for reusing assertion kept in a LassoSession object
- and for using assertion as security token for ID-WSF.
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/xml/xml.c: Core: use lasso_xmlnode_to_string in LassoNode export functions
-
- * lasso/xml/xml.c:
- remove duplicate codes and use lasso_xmlnode_to_string instead.
+2010-12-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-17 10:15 bdauvergne
+ [binding php5] add inline implementation of lasso_log since it is a private function of lasso
- * bindings/python/tests/idwsf2_tests.py: Current state of ID-WSF 2.0 python test
+ [binding php5] add inline implementation of lasso_log since it is a private function of lasso
-2010-02-17 10:15 bdauvergne
+ Merge branch 'hotfixes-2.3.5'
- * bindings/php5/wrapper_source.py: Binding php5: fix generation of list freeing
-
- * bindings/php5/wrapper_source.py:
- free_glist wants a GList** as first argument.
+ [saml2] make LASSO_SIGNATURE_VERIFY_HINT_FORCE as least as stringent as _MAYBE when checking signature on messages
-2010-02-17 10:15 bdauvergne
+ Merge branch 'hotfixes-2.3.5'
- * lasso/xml/private.h, lasso/xml/tools.c: Core: add a lasso_xmlnode_to_string
- function
-
- * lasso/xml/tools.c lasso/xml/private.h:
- lots of functions duplicate this code, so we factorized it there.
- It has two parameters, the xmlnode and boolean deciding whether to
- format the resulting content (good for reading but bad for
- signatures).
+ [xml] remove duplicate EncryptedKey around EncryptedData elements
+ The key is already embedded in the EncryptedData, so there is no need to
+ also fill the EncryptedKey field of the saml:EncryptedElement object.
-2010-02-17 10:15 bdauvergne
+ [xml] add exportation of the encrypting public key in EncryptedData elements
+ This commit check if the given is a simple RSA key or a full certificate
+ and choose the better serialization method between RSAKeyValue and
+ X509Data.
- * lasso/saml-2.0/profile.c: SAML 2.0: in
- lasso_saml20_profile_set_session_from_dump_decrypt, really decrypt
-
- * lasso/saml-2.0/profile.c:
- dump for already signed assertion containing an EncryptedID as
- Subject does not work as before, the decrypted NameID is no more
- included in it, so instead of trying to plug it in the NameID field
- we resort to really deciphering the EncryptedID.
- That could be a performance problem if the session object is stuffed
- with a lot of assertions.
+ [tools] fix xml decryption
+ This commit rewrite the extraction of the EncryptedKey when it is
+ embedded inside the EncryptedData element, which seem to be the frequent
+ case.
-2010-02-17 10:15 bdauvergne
-
- * bindings/python/tests/idwsf2_tests.py: Current state of idwsf2 tests
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: fix loading of LassoIdWsf2Discovery
- dumps
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/xml/xml.c: Core: add error exit to lasso_node_new_from_xmlNode
-
- * lasso/xml/xml.c:
- if building of the node fails, we must keep the initialization of
- custom nodename and namespace.
-
-2010-02-17 10:15 bdauvergne
-
- * bindings/python/lang.py: Binding python: simplify special constructor, use
- cptrToPy
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: make
- lasso_idwsf2_profile_redirect_user_for_interaction add the transactionID to the
- URL
-
- * lasso/id-wsf-2.0/profile.c:
- simplify use of lasso_idwsf2_profile_redirect_user_for_interaction by
- directly adding the ID of the SOAP response message to the URL.
- Report an error if no MessageID can be found.
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h: ID-WSF 2.0:
- rewrite and document lasso_soap_envelope_sb2_get_redirect_request_url
-
- * lasso/id-wsf-2.0/soap_binding.{c,h}:
- fix error in conception of
- lasso_soap_envelope_sb2_get_redirect_request_url, RedirectRequest is
- part of a SOAP fault not the headers.
- Explain in the documentation how to use the RedirectRequest URL.
- Change the return type to a const string.
-
-2010-02-17 10:15 bdauvergne
-
- * lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h: ID-WSF 2.0:
- add a method to retrieve/create a SOAP Fault to SOAP binding module
-
- * lasso/id-wsf-2.0/soap_binding.{c,h}:
- add method lasso_soap_envelope_get_soap_fault which returns/create
- the first SOAP fault inside the body of the SOAP envelope.
-
-2010-02-17 10:15 bdauvergne
+ Merge with new field in custome element
- * bindings/python/tests/binding_tests.py, bindings/python/tests/profiles_tests.py:
- Binding python tests: adapt test to use TOP_SRCDIR env var
+ [saml2] use new encryption structure instead for internal field in LassoSaml2Assertion
-2010-02-17 10:15 bdauvergne
+ [xml] add field to contains encryption parameters inside CustomElement structure
- * bindings/python/lang.py: Binding python: factorize value freeing generation code
-
- * lasso/python/lang.py:
- extract value freeing generation code to method free_value,
- add proper liberation of values at exit of wrapper functions, remove
- g_free call from return_value generated code.
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/id-ff/logout.c, lasso/id-ff/profile.c, lasso/id-ff/profile.h,
- lasso/id-ff/provider.c, lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/server.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/id_ff_extensions.c, lasso/id-wsf/wsf_profile.c: Core: add missing
- return value owner semantic annotations to getters
-
- * lasso/id-ff/provider.c:
- fix lasso_provider_get_base64_succinct_id, it returned a libxml
- string, copy it with g_strdup before releasing it to stay with GLib
- allocated string in return values.
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/id-ff/identity.c, lasso/id-ff/profile.c, lasso/id-wsf-2.0/saml2_login.c:
- Core: add annotation to getter function about return value owner semantic
-
- * lasso/id-ff/identity.c lasso/id-ff/profile.c:
- precise owner semantic of lasso_profile_get_identity,
- lasso_profile_get_session, lasso_profile_get_server
- * lasso/id-wsf-2.0/saml2_login.c tests/login_tests_saml2.c:
- in the same vein add missing release of assertion returned by
- lasso_login_get_assertion which return a caller owned object.
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: make
- lasso_idwsf2_profile_redirect_user_for_interaction choke on missing redirect
- property on UserInteraction header
-
- * lasso/id-wsf-2.0/profile.c:
- if redirect boolean property is false, refuse to return a redirect
- request.
- automatically create a SOAP fault to signal to the requester that it
- needs to support interaction via redirect.
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: ID-WSF 2.0: add error code signaling that the
- requester does not support redirect request
-
- * lasso/errors.c lasso/errors.h:
- add
- LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST_UNSUPPORTED_BY_REQUESTER.
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h: ID-WSF 2.0:
- add a create arg to lasso_soap_envelope_get_sb2_user_interaction_header, add it
- to public API
-
-2010-02-17 10:14 bdauvergne
-
- * lasso/id-wsf-2.0/idwsf2_helper.c, lasso/id-wsf-2.0/soap_binding.c,
- lasso/id-wsf/data_service.c: ID-WSF 2.0: fix lots of bad usage of g_strcmp0
-
- * lasso/id-wsf-2.0/idwsf2_helper.c lasso/id-wsf-2.0/soap_binding.c
- lasso/id-wsf/data_service.:
- add missing check for the return value of strcmp, maybe we need a
- macro like lasso_strequal.
-
-2010-02-17 10:14 bdauvergne
-
- * tests/login_tests_saml2.c: Tests: in login_tests_saml2.c, add test for
- lasso_saml2_assertion_validate_conditions
-
-2010-02-17 10:14 bdauvergne
-
- * bindings/python/tests/idwsf2_tests.py: in idwsf2_tests.py, merge test case for
- metadata registering, add test case for failure
-
-2010-02-17 10:14 bdauvergne
+ [utils] fix typo in lasso_assign_sec_key
- * bindings/bindings.py: Bindings: parse defines refering to other defines
-
- * bindings/bindings.py:
- Allow to build constants using other constants (prefix string), the
- constant type is retrieved from the prefix existing record.
+ [bindings python] make constructor failure raise a lasso.Error exception
-2010-02-17 10:14 bdauvergne
+2010-12-13 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/tools.c: in tools.c, add defines to permit import of timegm
+ [saml2] do not set SPNameQualifier it should be reserved for SP member of an affiliation
-2010-02-17 10:14 bdauvergne
+2010-12-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/saml2_helper.c: SAML 2.0: make
- lasso_saml2_assertion_validate_conditions really work
+ Merge branch 'hotfixes-2.3.5'
-2010-02-17 10:14 bdauvergne
+ [tests idwsf2] add missing include for ID-WSF strings
- * lasso/xml/tools.c: Core: fix lasso_iso_8601_gmt_to_time_t, use timegm instead of
- mktime
-
- * lasso/xml/tools.c:
- mktime convert works on local time, we need timegm to work with GMT
- time.
+2010-12-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-17 10:14 bdauvergne
+ [tests] include the backward compatibility include for GHashTable
- * lasso/id-ff/profile.c, lasso/id-wsf-2.0/idwsf2_helper.c,
- lasso/id-wsf-2.0/saml2_login.c, lasso/xml/id-wsf-2.0/disco_abstract.c,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.c,
- lasso/xml/id-wsf-2.0/disco_keys.c, lasso/xml/id-wsf-2.0/disco_options.c,
- lasso/xml/id-wsf-2.0/disco_provider_id.c, lasso/xml/id-wsf-2.0/disco_query.c,
- lasso/xml/id-wsf-2.0/disco_query_response.c,
- lasso/xml/id-wsf-2.0/disco_requested_service.c,
- lasso/xml/id-wsf-2.0/disco_security_context.c,
- lasso/xml/id-wsf-2.0/disco_service_context.c,
- lasso/xml/id-wsf-2.0/disco_service_type.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.c,
- lasso/xml/id-wsf-2.0/idwsf2_strings.h, lasso/xml/xml.c: ID-WSF 2.0: add strings
- for Discovery service Actions
+ [bindings perl] change ghashtable interface to not use GHashTableIter
-2010-02-17 10:14 bdauvergne
+ [bindings perl] add dependency upon the Makefile.perl for the install target
- * lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: add
- serialization code for private properties of LassoIdWsf2Profile
+2010-11-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-17 10:14 bdauvergne
+ [bindings] add missing static modifier for g_hash_table_get_values replacement
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: fix missing initialization of request
- field in lasso_idwsf2_discovery_validate_md_register
+ [tests] include header for backward compatible methods on GHashTable structures
-2010-02-17 10:14 bdauvergne
+2010-11-15 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * docs/reference/lasso/lasso-sections.txt: ID-WSF 2.0 Documentation: update
- lasso-sections.txt with LassoIdWsf2Profile methods
+ [bindings] fix bad use of lasso_return_if_fail in ghashtable backward compatibility header
-2010-02-17 10:14 bdauvergne
+2010-10-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: fix
- lasso_idwsf2_discovery_add_simple_service_metadata
-
- * lasso/id-wsf-2.0/discovery.c:
- options is a string list, and security_mech_ids too, so employ the
- corresponding macros.
+ Merge branch 'hotfixes-2.3.5'
-2010-02-17 10:14 bdauvergne
+2010-10-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: Core: in utils.h, use a temporary to store reference to freed
- list
+ [SAMLv2] fix segfault in has_signature by initializing local variables
-2010-02-17 10:14 bdauvergne
+2010-10-13 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: in lasso_idwsf2_discovery_status2rc,
- check second level status code too
+ Merge branch 'hotfixes-2.3.4'
-2010-02-17 10:14 bdauvergne
+ Merge branch 'hotfixes-2.3.4' into release
- * website/web/documentation/index.xml: Website: add a link to the developement
- version documentation
+ Update doap and news file
-2010-02-15 10:37 bdauvergne
+ Update NEWS file
- * bindings/python/lang.py: Binding python: fix leak in string getters
+2010-10-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-15 10:37 bdauvergne
+ [tests data request] add googleapps sample AuthnRequest
- * lasso/saml-2.0/saml2_helper.c: SAML 2.0: fix documentation of
- lasso_saml2_assertion_validate_conditions
+ [tests] move metadata directory into data
-2010-02-15 10:37 bdauvergne
+ [tests data] add idp and sp example with 1024 bits RSA keys, for performance testing purpose
- * lasso/id-wsf-2.0/discovery.c: Add signature on EPR secur token
+ [tools] add a repository for semantic patches as reference
-2010-02-15 10:37 bdauvergne
+ [tests metadata] add more examples of metadata files
- * bindings/python/tests/idwsf2_tests.py: Bindings python: udpate id-wsf 2.0 test
- file
-
- * bindings/python/tests/idwsf2_tests.py:
- Disco Service registering is working, it now needs a bootstrap epr in
- all case (before registering could be done without signatures).
+ [tests integration] adapt to string change in lcs/qommon/saml2.ptl
-2010-02-15 10:37 bdauvergne
+ [SAMLv2] delete an unused local variable
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: add signature to Disco produced EPR
- SAML 2.0 security tokens
+ Merge branch 'hotfixes-2.3.4'
-2010-02-15 10:37 bdauvergne
+2010-10-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: in
- lasso_idwsf2_profile_build_request_msg, properly handle the security token
-
- * lasso/id-wsf-2.0/profile.c:
- security token is a signed assertion by an IdP or a discovery
- service, we must keep as is, that is with the signature, in order to
- do that we extract the original xmlNode from the assertion and embed
- it in the new message using a LassoMiscTextNode.
+ [SAMLv2] user server->signature_method when signing request and response
-2010-02-15 10:37 bdauvergne
+ [tests] add non regression test on assertion consumer endpoints ordering
- * lasso/id-wsf-2.0/saml2_login.c: ID-WSF 2.0: in
- lasso_login_idwsf2_get_discovery_bootstrap_epr, better handle attribute content
-
- * lasso/id-wsf-2.0/saml2_login.c:
- LassoSaml2AttributeValue can contain many children, so traverse them
- all to find the firs LassoWsAddrEndpointReference among them.
+ [core] check type of first argument of lasso_provider_get_assertion_consumer_url
-2010-02-15 10:37 bdauvergne
+2010-10-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/saml2_login.c: ID-WSF 2.0: in
- lasso_login_idwsf2_add_discovery_bootstrap_epr, initialize ID and Issuer
- property on bootstrap assertion.
-
- * lasso/id-wsf-2.0/saml2_login.c:
- initialization of ID and Issuer properties was missing.
+ fix pardus capitalisation in NEWS file
-2010-02-15 10:37 bdauvergne
+ Merge branch 'hotfixes-2.3.4'
+ Conflicts:
+ lasso/xml/xml.c
+ website/web/download/index.xml
+ website/web/index.xml
- * lasso/xml/tools.c: Core: in lasso_verify_signature, fix conditional about single
- reference
-
- * lasso/xml/toosl.c:
- verify that reference is unique if NO_SINGLE_REFERENCE is disabled.
+ Update release notes and website for release 2.3.4
-2010-02-15 10:37 bdauvergne
+ [xml] fix waring on use of strndup on pardus
- * lasso/saml-2.0/saml2_helper.c: SAML 2.0: in saml2_helper.c, better check issuer
- element and also test the LassoServer object for issuance,
- lasso_saml2_assertion_get_issuer_provider
+2010-10-08 Jérôme Schneider <jschneider@entrouvert.com>
-2010-02-15 10:37 bdauvergne
+ Add missing include <errno.h>
- * lasso/id-wsf-2.0/idwsf2_helper.c: ID-WSF 2.0: in
- lasso_wsa_endpoint_reference_new_for_idwsf2_service, do not forget to add
- metadata to epr, fill usage property of token
-
- * lasso/id-wsf-2.0/idwsf2_helper.c:
- add missing initialization code.
+2010-10-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-15 10:37 bdauvergne
+ [SAMLv2] handle unknown provider in artifact resolve, and also alow to ignore signature validation
+ In lasso_saml20_profile_process_artifact_resolve, we know take a short
+ path with an error when the remote provider is unknown and we also
+ respect the lasso_profile_get_signature_verify_hint() when checking the
+ signature on the artifact resolve message.
- * lasso/id-wsf-2.0/idwsf2_helper.c: ID-WSF 2.0: fix bad type checking in
- lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism
-
- * lasso/id-wsf-2.0/idwsf2_helper.c:
- SecurityMechID is a list of strings not LassoMiscTextNode.
+ [SAMLv2] fix bad double free bug in lasso_saml20_provider_get_assertion_consumer_service_url_by_binding
-2010-02-15 10:37 bdauvergne
+ [core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: fix bad conditionnal in
- lasso_idwsf2_discovery_process_metadata_register_response_msg
-
- * lasso/id-wsf-2.0/discovery.c:
- fix check in
- lasso_idwsf2_discovery_process_metadata_register_response_msg
- fix duplication of service metadatas inside private list of service
- metadatas.
+2010-10-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-15 10:37 bdauvergne
+ [docs lasso-book] add figures to the tarball
- * lasso/id-ff/server.c: in server.c, fix missing loading of public keys in
- constructors
-
- * lasso/id-ff/server.c:
- constructor for LassoProvider load public keys but they are not
- called by LassoServer constructors, so we have to explicitely
- duplicate calls to lasso_provider_load_public_keys.
+2010-10-06 Jérôme Schneider <jschneider@entrouvert.com>
-2010-02-15 10:37 bdauvergne
+ Add missing include <errno.h>
- * lasso/xml/id-wsf-2.0/Makefile.am, lasso/xml/id-wsf-2.0/idwsf2_strings.h,
- lasso/xml/idwsf_strings.h: ID-WSF 2.0: moved strings to their own header
+2010-10-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-12 11:04 bdauvergne
+ Merge branch 'hotfixes-2.3.4'
- * lasso/xml/saml-2.0/Makefile.am: Add saml2_strings.h to dist
+ [configure.ac] increment version and libtool version info
-2010-02-12 09:48 bdauvergne
+2010-10-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/lang.py: Bindings python: remove default argument if there is
- parameters without default argument following
+ [ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler behaviour for checking signatures
+ There is two sources of advice for signature checking:
+ AuthnRequestsSigned attribute in service provider metadata files and
+ value of lasso_profile_get_signature_verify_hint().
-2010-02-12 09:48 bdauvergne
+ If lasso_profile_get_signature_verify_hint() forbid to check signature,
+ we do not check.
+ If the SP advise to check signature, we check.
+ If lasso_profile_get_signature_verify_hint() forces to check signature,
+ we do not check.
+ In all other cases we only check if a signature is present, i.e. we
+ ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
- * lasso/xml/xml.c: Use defined symbols instead of magic constants
+2010-10-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-02-12 09:48 bdauvergne
+ [ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest
- * lasso/xml/saml-2.0/saml2_strings.h: Add LASSO_SAML2_FIELD_ENCODING
-
- * lasso/xml/saml-2.0/saml2_strings.h:
- add another field name from SAML 2.0 specifications.
+ [SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequest
-2010-02-12 09:48 bdauvergne
+ [SAMLv2&ID-FFv1.2] improve documentation of lasso_login_process_authn_request_msg
- * lasso/xml/tools.c: Fix lasso_get_relaystate_from_query, support semi-colon and
- parameter at beginning
-
- * lasso/xml/tools.c:
- getting first parameter was broken (query_string does not contain '?'
- at the beginning) and semi-colon support was missing.
+ [SAMLv2] fix ordering of endpoints
+ Ordering by binding is wrong, first order by isDefault (as stated in
+ saml-metadata-2.0.pdf) then by index.
-2010-02-10 17:07 bdauvergne
+ [Core] change isdefault type in EndpointType structure
+ As integer we can represent the three value of isdefault:
+ - true
+ - false
+ - attribute absent
- * docs/reference/lasso/lasso-sections.txt, lasso/xml/saml-2.0/saml2_strings.h:
- Documentation: fix typos in saml2_strings.h documentation, add new string
- symbols to lasso-sections.txt
+ [docs] update copyright years
-2010-02-10 16:00 bdauvergne
+2010-10-05 Frédéric Péters <fpeters@entrouvert.com>
- * lasso/xml/saml-2.0/saml2_strings.h, lasso/xml/strings.h: SAML 2.0: move SAML 2.0
- strings to their own header, add documentation
-
- * lasso/xml/strings.h:
- remove SAML 2.0 strings
- * lasso/xml/saml-2.0/saml2_strings.h:
- move them here, document useful ones.
-
-2010-02-10 13:58 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_name_id_policy.h: Documentation: document
- LsasoSamlp2NameIDPolicy
-
-2010-02-10 13:58 bdauvergne
-
- * lasso/errors.h, lasso/id-wsf/id_ff_extensions.c, lasso/id-wsf/wsf_profile.c,
- lasso/lasso.c, lasso/saml-2.0/saml2_helper.h,
- lasso/xml/id-wsf-2.0/disco_abstract.c, lasso/xml/id-wsf-2.0/disco_provider_id.c,
- lasso/xml/id-wsf-2.0/disco_service_type.c, lasso/xml/lib_assertion.c,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_logout_request.c, lasso/xml/lib_logout_response.c,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_register_name_identifier_response.c, lasso/xml/strings.h,
- lasso/xml/tools.c, lasso/xml/ws/wsa_attributed_qname.c,
- lasso/xml/ws/wsa_attributed_uri.c, lasso/xml/ws/wsa_relates_to.c,
- lasso/xml/ws/wsse_username_token.c: Documentation: complete non finished
- documentation comments
-
- * too much warnings when generating doc, now we can concentrate on
- undocumented symbols (in
- lasso/docs/reference/lasso/lasso-undocumented.txt).
+ [website] "Subversion Status" -> "Git Status"
-2010-02-10 00:59 bdauvergne
-
- * bindings/perl/glist_handling.c: Bindings perl: prevent unused functio warning
- for array_to_glist_gobject
-
-2010-02-10 00:59 bdauvergne
+ [website] Only keep two latest news items
- * bindings/perl/t/Lasso.t: Tests perl: raise number of tests
-
-2010-02-10 00:35 bdauvergne
-
- * docs/reference/lasso/lasso-docs.sgml: Docs: reorder sections in chapter "Lasso
- Architecture"
-
-2010-02-10 00:34 bdauvergne
+ [website] Fixed 2.3.3 release date
- * lasso/saml-2.0/login.c: SAML 2.0: separate
- lasso_saml20_login_process_response_status_and_assertion into multiple functions
-
- * lasso/saml-2.0/login.c:
- in lasso_saml20_login_process_response_status_and_assertion, extract assertion
- decryption, and issuer checking into their own function.
+ [website] Update right download box for 2.3.3
-2010-02-10 00:34 bdauvergne
-
- * lasso/xml/tools.c, tests/Makefile.am, tests/random_tests.c: SAML 2.0: when
- verifying query signature, do not presume order of field and separator
-
- * lasso/xml/tools.c:
- in lasso_saml2_verify_query_signature, extract needed field and order
- them appropriately before computing digest, expect ';' as well as '&'
- as separator.
- * tests/random_test.c:
- add non-regression tests for query signature validation.
- * tests/Makefile.am:
- make tests link agains static version of liblasso, to get access to
- private functions.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/xml/strings.h: SAML 2.0: complete list of field names for SAML 2.0
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/xml/tools.c: Core: in tools.c, enhance urlencoded_to_string to support
- semu-colon separator
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/saml-2.0/saml2_helper.c, lasso/saml-2.0/saml2_helper.h: SAML 2.0: add
- helper method lasso_saml2_assertion_get_in_response_to
-
- * lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
- add a method to access easily the InResponseTo attribute.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: in
- lasso_saml20_login_process_authn_response_msg always report signatures errors
-
- * lasso/saml-2.0/login.c:
- - in lasso_saml20_login_process_authn_response_msg keep around all error
- codes returned by intermediary steps. At the end report the first one.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/saml-2.0/profile.c: SAML 2.0: in lasso_saml20_profile_process_any_response
- do not stop on missing issuer
-
- * lasso/saml-2.0/profile.c:
- Issuer is not a mandatory element of SAML 2.0 response,
- but if we do not remember which issuer we sent the request (of if
- the response is spontaneous) then we will receive a provider not found
- error when trying to check the message signature.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/saml-2.0/profile.c, lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c: Use new SAML2 strings instead of
- hardcoding query string field names
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/lasso.c: Add documentation about runtime flags
-
- * lasso/lasso.c:
- add a table to Initialization documentation section about
- general runtime flags.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/lasso.c: Remove follow-idwsf-stupid-semantic flag
-
- * lasso/lasso.c:
- this flag is useless, that's me that is stupid.
+ [website] Don't duplicate link to git repository in link text
-2010-02-10 00:34 bdauvergne
+ [website] Refer to Git in buildbox title
- * lasso/id-ff/server.c, lasso/id-ff/serverprivate.h: Add internal methods to
- LassoServer to get the signature and encryption private keys
-
- * lasso/id-ff/server.c lasso/id-ff/serverprivate.h:
- add methods lasso_server_get_private_key and
- lasso_server_get_encryption_private_key.
+ [website] Updated copyright years
-2010-02-10 00:34 bdauvergne
-
- * lasso/id-ff/login.c: Add complete error code listing for
- lasso_login_process_response_msg
-
- * lasso/id-ff/login.c:
- list all error codes and their semantic with respect to this call.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/id-ff/login.c: Update code example for LassoLogin
-
- * lasso/id-ff/login.c:
- add code for intializaing request for SAML 2.0, shows how to handler errors
- codes.
-
-2010-02-10 00:34 bdauvergne
-
- * lasso/Makefile.am, lasso/build_strerror.py, lasso/errors.c, lasso/errors.h: Add
- error codes, update error codes documentation, reduce changes in errors.c by
- ordering error codes
-
- * lasso/errors.h lasso/errors.c
- - add to report non schema conforming XML trees, decyrption
- failure due to missing private keys and invalid signatures on assertions.
- - update documentation of LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND,
- LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH,
-
- * lasso/build_strerror.py:
- before outputting switch cases, order error codes
- name lexically in order to reduce change lines
- when adding new error codes.
-
-2010-02-10 00:33 bdauvergne
-
- * lasso/xml/strings.h: Add strings for SAML2 field names for POST, Redirect and
- Artifact bindings
-
-2010-02-10 00:33 bdauvergne
-
- * lasso/registry.c: Update documentation of the registry module
-
-2010-02-10 00:33 bdauvergne
-
- * lasso/id-ff/provider.c: Adapt LassoProvider methods to care for protocol profile
- version when verifying signature
-
- * lasso/id-ff/provider.c:
- there is now 2 methods to verify signatures, methods calling the old
- one must now choose whether to call the liberty one of the SAML 2.0
- one.
-
-2010-02-10 00:33 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Add a function to validate query
- signatures using SAML 2.0 semantic
-
- * lasso/xml/tools.c:
- this new function is a placeholder for the new SAML 2.0 semantic
- following query signature validation function. It will start with the
- old code of lasso_query_verify_signature.
-
-2010-02-10 00:33 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, tests/basic_tests.c: Propagate change
- of name for LASSO_PP_ defines
-
-2010-02-08 09:34 bdauvergne
-
- * lasso/id-ff/server.c, lasso/id-ff/server.h: Core: in LassoServer constructors,
- test if private_key is loadable
-
- * lasso/id-ff/server.c:
- mark private_key as not mandatory as regression tests expect it to
- not be mandatory.
- test if loading of private key to encryption_private_key private
- field worked, if not abort the constructor and return NULL.
- * lasso/id-ff/server.h:
- fix name of constructors argument to corresponds with comments
- (binding generator use this correspondance to apply annotation from
- comments to the model obtained by parsing the headers).
-
-2010-02-08 09:34 bdauvergne
-
- * lasso/xml/tools.c: in lasso_xmlsec_load_private_key_from_buffer, do not let
- xmlSecBase64Decode show warnings
-
-2010-02-05 00:44 bdauvergne
-
- * bindings/bindings.py: fix bad operation in bindings.py
-
-2010-02-04 22:24 bdauvergne
-
- * bindings/bindings.py, bindings/perl/lang.py, bindings/python/lang.py,
- bindings/utils.py: Bindings: restore ID-WSF constants, improve python getters,
-
- * bindings/bindings.py:
- parse idwsf_strings.h to get ID-WSF constants.
- * bindings/utils.py:
- add an is_rc check function, to check for 'error code' return type.
- * bindings/perl/lang.py:
- only raise errors for 'int' or 'gint' return type
- * bindings/python/lang.py:
- - always create a normal function binding.
- - for functions starting with 'get' try to create a corresponding
- property, but if a corresponding member already exists, fails, and
- print a warning about getter function/member field clash.
- - make type dispatching on return_type more explicite.
-
-2010-02-04 22:24 bdauvergne
-
- * lasso/xml/tools.c, tests/metadata/Makefile.am, tests/metadata/metadata_06.xml,
- tests/metadata_tests.c: Core: Finish support for all XMLDsig key formats
-
- * lasso/xml/tools.c:
- xmlsec is not able to load a certificate public key without checking
- it against trusted root certificate, so we must work around and load
- the key by hand.
- lasso_xmlsec_load_private_key_from_buffer is made more robust in the
- same (loading of the key was extracted inside
- _lasso_xmlsec_load_key_from_buffer) and now can load certificates and
- keys directly embedded inside KeyValue nodes (in total opposition to
- the XMLDsig specification but...), with or without PEM headers.
- * tests/metadata/Makefile.am tests/metadata/metadata_06.xml
- tests/metadata_tests.c:
- add test case for RSAKeyValue public keys.
-
-2010-02-04 01:23 bdauvergne
-
- * bindings/python/lang.py: Binding python: fix getter for non-object fields
-
- * bindings/python/lang.py:
- transition to bindings/utils.py methods broke getters.
-
-2010-02-04 01:23 bdauvergne
-
- * lasso/xml/tools.c: Core: in lasso_xmlsec_load_key_info add flag to let xmlSec
- load certificates
-
- * lasso/xml/tools.c:
- adding the flag XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS make
- xmlSec able to load certificate, the 'hand made' code to load
- certificate is then useless.
-
-2010-02-04 00:02 bdauvergne
-
- * tests/login_tests.c: Tests: add more checking to dump generation code in
- login_tests.c
-
-2010-02-04 00:02 bdauvergne
-
- * tests/random_tests.c: Tests: adapt server constructor settings to recent changes
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-ff/profile.c: Core: in lasso_profile_get_request_type_from_soap_msg use
- lasso_xml_parse_memory_with_error
-
- * lasso/id-ff/profile.c: (lasso_profile_get_request_type_from_soap_msg)
- use lasso_xml_parse_memory_with_error instead of xmlParseMemory, use
- error code output argument to log error reports.
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-ff/provider.c: Core: in provider.c, make
- lasso_provider_load_metadata_from_buffer the main metadata loading function
-
- * (init_from_xml) fail initialization if we cannot load the metadatas,
- and log a warning.
- * extract _lasso_provider_load_metadata_from_buffer from
- lasso_provider_load_metadata_from_buffer, which accept a length
- parameter. use it inside lasso_provider_load_metadata, instead of
- xmlParseFile.
- * (lasso_provider_load_public_key) use lasso_xmlsec_load_key_info and
- lasso_xmlsec_load_private_key to load the public keys.
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-ff/server.c: Core: use lasso_xml_parse_file to load affiliation file
-
-2010-02-04 00:02 bdauvergne
+2010-10-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/java/Makefile.am: Binding java: Makefile.am has multiple target rules,
- it cannot support parallel builds
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Core: in tools.c, add function to load
- XML files and KeyInfo nodes
-
- * tools.c:
- add lasso_xml_parse_file, based on g_file_get_contents and
- lasso_xml_parse_memory.
- add lasso_xml_parse_memory_with_error which instead of logging
- errors, can return the xmlError structure.
- add lasso_xmlsec_load_key_info, which allows to load keys from
- ds:KeyInfo XML nodes. It also support the "Lasso" bug of using
- ds:KeyValue directly to store base64 encoded keys and certificates.
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/saml-2.0/name_id_management.c: SAML 2.0: in name_id_management.c, rework
- lasso_name_id_management_new_from_dump
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/utils.h, lasso/xml/xml.c: Core: add more memory tracing, add a tracing
- macro
-
- * lasso/utils.h: add lasso_trace, which as a printf signature.
- * xml/xml.c: add more trace to node initialization code.
-
-2010-02-04 00:02 bdauvergne
-
- * tests/valgrind/lasso.supp: Tests: in valgrind suppressions file add more GLib
- suppressions
-
-2010-02-04 00:02 bdauvergne
-
- * tests/basic_tests.c: Tests: in basic_tests.c, re-enable parsing of
- LassoWsuTimestamp objects
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-ff/identity.c, lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c, lasso/id-ff/session.c: Core: use
- lasso_node_new_from_dump to implement _new_from_dump methods
-
- * provider.c:
- add annotation for nullable arguments (necessary for bindings of
- new_from_buffer).
- * server.c: add annotations, allow to set encryption_private_key from
- buffers
-
-2010-02-04 00:02 bdauvergne
-
- * bindings/perl/lang.py: Binding perl: add cleanup for temporary data of
- trampoline code
-
- * bindings/perl/lang.py:
- data type not common to Perl and C must be allocated for the duration
- of the call (mainly GList and xmlNode), but after the call they must
- be deallocated.
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_response.c: SAML 2.0: in samlp2_response.c, simplify
- code path for assertion encryption
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c, lasso/saml-2.0/login.c, lasso/xml/tools.c,
- lasso/xml/xml.c, tests/basic_tests.c, tests/random_tests.c: Fix leaks
-
- * lasso/id-wsf-2.0/profile.c: release private data object.
- * lasso/saml-2.0/login.c: free NameID content after construction.
- * lasso/xml/tools.c: free algorithm attribute content in
- lasso_node_decrypt_xmlnode.
- * lasso/xml/xml.c: release cutom_element->nodename in destructor.
- remove useless finalize method.
- * tests/basic_tests.c: release xmldoc after use.
- * tests/random_tests.c: free resut of lasso_node_dump.
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/id-ff/federation.c, lasso/id-ff/federation.h, lasso/id-ff/profile.c,
- lasso/id-ff/provider.c, lasso/id-ff/provider.h, lasso/saml-2.0/login.c,
- lasso/xml/xml.c: Fix leaks, change signature of
- lasso_provider_get_sp_name_qualifier, make it return a const char*
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/xml/tools.c: in lasso/xml/tools.c, remove leaks of xmlSecKey and xmlNode
-
-2010-02-04 00:02 bdauvergne
-
- * lasso/xml/tools.c, lasso/xml/xml.c: in lasso_xmlsec_load_private_key, do not
- leak the file buffer, in lasso_node_encrypt do not leak the keys manager
-
-2010-02-01 19:50 bdauvergne
-
- * bindings/perl/Makefile.am, bindings/perl/glist_handling.c,
- bindings/perl/gobject_handling.c, bindings/perl/lang.py,
- bindings/perl/t/Lasso.t: Binding perl: many improvements
-
- * lang.py: use lasso_unref instead of g_object_unref.
- * lang.py: handle 'optional' annotation for more types, needed by
- ID-WSF bindings.
- * lang.py, gobject_handling.c: check object type before making the C
- call
- * Makefile.am: improve silent rules, hide all normal output, show
- errors, and with V=1 shows everything
- * glist_handling.c, gobject_handling.c: make local functions static
- * t/Lasso.t: add non regression test for method receiver type checking.
- * glist_handlind.c; remove unused convertion functions.
- * lang.py: clear the semi-assigned list and croak if all list elements
- do not convert to non-NULL values.
-
-2010-02-01 19:50 bdauvergne
-
- * bindings/overrides.xml, bindings/utils.py: Bindings: re-add binding for
- lasso_session_get_assertions for perl, special case formatting function for
- WsAddressing namespace
-
- * bindings/utils.py:
- type have LassoWsAddr prefix but function have the lasso_wsa_ prefix,
- so we have to adjust generated prefix.
-
-2010-02-01 19:50 bdauvergne
-
- * bindings/ghashtable.h, bindings/java/wrapper_top.c,
- bindings/php5/wrapper_source_top.c, bindings/python/wrapper_top.c: Bindings: use
- lasso_return_xxx macros instead of GLib ones
-
-2010-02-01 19:50 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_requester.h,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authenticate_session_context.h,
- lasso/xml/disco_authorize_requester.c, lasso/xml/disco_authorize_requester.h,
- lasso/xml/disco_encrypt_resource_id.c, lasso/xml/disco_encrypt_resource_id.h,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_generate_bearer_token.h, lasso/xml/disco_modify.c,
- lasso/xml/disco_modify.h, lasso/xml/disco_modify_response.c,
- lasso/xml/disco_modify_response.h, lasso/xml/disco_query.c,
- lasso/xml/disco_query.h, lasso/xml/disco_query_response.c,
- lasso/xml/disco_query_response.h, lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_send_single_logout.h, lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_request.h, lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_response.h, lasso/xml/sa_credentials.c,
- lasso/xml/sa_credentials.h, lasso/xml/sa_parameter.c, lasso/xml/sa_parameter.h,
- lasso/xml/sa_password_transforms.c, lasso/xml/sa_password_transforms.h,
- lasso/xml/sa_sasl_request.c, lasso/xml/sa_sasl_request.h,
- lasso/xml/sa_sasl_response.c, lasso/xml/sa_sasl_response.h,
- lasso/xml/sa_transform.c, lasso/xml/sa_transform.h,
- lasso/xml/soap_binding_consent.c, lasso/xml/soap_binding_consent.h,
- lasso/xml/soap_binding_correlation.c, lasso/xml/soap_binding_correlation.h,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credential.h,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_credentials_context.h,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_service_instance_update.h,
- lasso/xml/soap_binding_ext_timeout.c, lasso/xml/soap_binding_ext_timeout.h,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_processing_context.h, lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_provider.h, lasso/xml/soap_binding_usage_directive.c,
- lasso/xml/soap_binding_usage_directive.h: ID-WSF: remove useless
- new_from_message methods
-
-2010-02-01 19:50 bdauvergne
-
- * lasso/utils.h: Core: in utils.h, add macros to replace verbose
- g_return_val_if_fail
-
-2010-02-01 19:50 bdauvergne
-
- * lasso/id-ff/login.c: Core: document return values of
- lasso_login_validate_request_msg
-
-2010-02-01 19:50 bdauvergne
-
- * lasso/utils.c, lasso/utils.h: Utils: lasso_unref, a safe g_object_unref, and add
- some document about existing family of macros
-
-2010-02-01 19:49 bdauvergne
-
- * lasso/lasso.c: Core: do not emit messages inside lasso_check_version
-
-2010-02-01 01:18 bdauvergne
-
- * bindings/bindings.py: Bindings: os.path.relpath is only present since python
- 2.6, add a local implementation for older python versions
-
-2010-02-01 01:06 bdauvergne
-
- * Makefile.am: Add a dist-hook to remove .svn directories before taring the dist
-
-2010-02-01 00:16 bdauvergne
-
- * bindings/java/Makefile.am, bindings/perl/Makefile.am, bindings/php5/Makefile.am,
- bindings/python/Makefile.am: Bindings: make binding generation more silent
-
- * bindings/java/Makefile.am bindings/perl/Makefile.am
- bindings/php5/Makefile.am bindings/python/Makefile.am:
- use AM_V_GEN, or similar variable for all steps of binding
- generation, normal output can be activated with the V=1 argument to
- the 'make' command.
-
-2010-02-01 00:16 bdauvergne
-
- * bindings/java/Makefile.am: Binding java: use eager evalutation to get list of
- sources files
-
- * bindings/java/Makefile.am:
- use := to provoke eager evaluation so that java-list mode is not
- called many times.
+ [Website] Fix bad date
-2010-01-29 16:42 bdauvergne
+ [Web] chmod +x on convert-to-static.py
- * bindings/bindings.py: Bindings: use 'absolute' header paths to produces bindings
-
- * bindings/bindings.py:
- if files from bindings are using absolute instead of relatives header
- paths they can be independant of the lasso source.
+ [Web] update links for download v2.3.3, add lines to feature matrix
-2010-01-29 16:42 bdauvergne
+ [Web] add news file about 2.3.3
- * bindings/perl/Makefile.PL, bindings/perl/Makefile.am: Bindings perl: simplify
- Makefile.PL
-
- * bindings/perl/Makefile.PL:
- remove as much special casing as possible so that it could eventually
- become a CPAN module.
- use pkg-config to find lasso libs if no explicit LIBS command line
- argument is used.
- * bindings/perl/Makefile.am:
- pass parameters using command line argument instead of environment
- variable, which needed a special Makefile.PL.
+ Merge commit 'v2.3.3'
-2010-01-29 16:42 bdauvergne
+2010-10-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/perl/lang.py, bindings/perl/t/Lasso.t: Binding perl: special case for
- lasso_check_version
-
- * bindings/perl/lang.py:
- special case lasso_check_version for not raising an error when it
- returns 1.
- * bindings/perl/t/Lasso.t:
- add a non regression test.
+ Merge branch 'hotfixes-2.3.3' into release
-2010-01-29 16:42 bdauvergne
+ [Website] add news about 2.3.3 and update doap and main page
- * bindings/perl/gobject_handling.c: Binding perl: remove warning when passing Null
- to croak
-
- * bindings/perl/gobject_handling.c:
- croak is aliased to Perl_croak_nocontext which has a gcc attribute
- 'notnull'. We use Perl_croak and an explicit perl context object, to
- work around this warning.
+ [Release] add release notes
-2010-01-29 16:42 bdauvergne
+2010-10-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/bindings.py: in bindings.py, change header paths
+ [SAMLv2] restore setting of SubjectConfirmationData->NotOnOrAfter
+ This was wrongly removed by me in commit
+ 9d22f29e55524034dfda34c15b76f1b0b78c4413.
-2010-01-29 16:42 bdauvergne
+ This is the responsability of the caller to adjust value on the
+ Conditions and SubjectConfirmationData independently after.
- * NEWS, configure.ac, lasso.doap, website/web/doap.rdf: Update files for a 2.2.91
- release
+2010-10-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-29 16:04 bdauvergne
+ [Binding java] replace use of strcmp by g_strcmp0
- * ChangeLog: update changelog
+ [Tests] add annotation to remove compiler warnings
-2010-01-29 00:58 bdauvergne
+ [Core] replace all use of g_strcmp0 by lasso_strisequal and lasso_strisnotequal
+ Too much human errors with strcmp kind of functions. Also change name os
+ lasso_is_empty_string to lasso_strisempty.
- * bindings/python/lang.py: Binding python: make a better use of
- default value annotation for creating method declarations
+ [Core] add helper API for string comparaison
+ It should remove most errors when comparing strings.
-2010-01-29 00:43 bdauvergne
+ [SAMLv2] add missing compare to 0 introduced in 7386dc8189
+ I hate strcmp.
- * bindings/perl/Makefile.PL, bindings/perl/Makefile.am,
- bindings/perl/ghashtable_handling.c,
- bindings/perl/gobject_handling.c, bindings/perl/lang.py,
- bindings/perl/t/Lasso.t, bindings/perl/test.sh,
- bindings/perl/typemap-in, bindings/perl/typemap-out: Binding
- perl: many improvements
-
- * handle GHashTable of strings and objects.
- * report errors with 'croak' as a Lasso::Error object.
- * add more basic tests.
- * for string arguments, convert undef to NULL, and croak if
- function
- does not accept NULL.
- * fix library paths in Makefile.PL.
+2010-09-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-29 00:43 bdauvergne
+ [Bindings] change prefix for ignoring soap_binding related files
- * bindings/bindings.py: Bindings: in bindings.py, fix regexp and
- annotation parsing for optional arguments and their default
- values
+ [SAMLv2] also initialize Destination for response messages
+ asynchronous bindings needs Destination attribute even for response
+ messages.
-2010-01-29 00:43 bdauvergne
+ [SAMLv2] when NidPolicy->Format is NULL or unspecified, return transient
+ Add more default cases.
- * lasso/id-ff/login.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h,
- lasso/saml-2.0/saml2_helper.c: SAML 2.0: fix annotations,
- documentation and signatures
+2010-09-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-28 15:32 bdauvergne
+ [Tests] update perfs to test each phase of WebSSO separately and use SAMLv2
+ I removed signature at the message level for the response, it should
+ simulate apporiately the artifact binding with SSL transport.
- * bindings/python/tests/idwsf1_tests.py: Bindings python ID-WSF 1.0
- tests: update PP HREF symbol
+ [Bindings] restore presence of SOAP nodes
+ The node to exclude when ID-WSF is disactivated was soap_binding_ ones.
-2010-01-28 15:32 bdauvergne
+ [Core] fix break of lasso_profile_get_request_type_from_soap_msg from commit b9d535625
+ ManageNameIDRequest is not an ID-WSF kind of request.
- * bindings/php5/wrapper_source_top.c: Bindings php5: string
- hashtable methods are only used by ID-WSF bindings, mark them
- unused by default
-
- * bindings/php5/wrapper_source_top.c:
- only id-wsf has field of type GHashtTable<char*,char*> so when
- compiling without --enable-wsf, it give 'unused symbols' errors.
- Lets mark de the concerned functions as unused.
+2010-09-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-28 15:32 bdauvergne
+ [Core] add missing annotation to lasso_*_dump functions
+ The string returned by these functions is newly allocated and must be
+ freed by the caller.
- * lasso/id-ff/server.h: ID-WSF 1.0: make LassoServer.services
- private with respect to the bindings
+ [ID-WSFv1] fix other misuses of the macro lasso_foreach
-2010-01-28 15:32 bdauvergne
+ [SAMLv2] fix wrong order in use of macro lasso_foreach
+ The first argument must be the iterator, the second is the iterable.
+ Also add a non-regression test with Googleapps metadata and and a
+ typical authn request.
- * bindings/java/lang.py, bindings/java/wrapper_top.c: Bindings
- java: use utils.py methods, make set_hash_of_objects more robust
+2010-09-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-28 15:32 bdauvergne
+ [SAMLv2] fix early release of the request when using idp_initiaed login
- * tests/data/Makefile.am: Tests: export sp2-la do dist file for
- dist with id-wsf enabled
+ [SAMLv2] fix memleak of request in lasso_name_id_management_process_request_msg
-2010-01-28 15:31 bdauvergne
+ Add files to .gitignore
- * bindings/utils.py: Bindings: add time_t to integer types, add
- unpointerize method
+ [Tests] remove a valgrind suppression on g_log_default_handler
-2010-01-28 15:31 bdauvergne
+ [Tests] add valgrind targets in the Makefile: leakcheck, leakcheck-reachable and massif
- * bindings/python/tests/idwsf2_tests.py: Binding python ID-WSF 2.0
- tests: update some tests
+ [SAMLv2] fix memleak of request in lasso_saml20_login_process_authn_request_msg
-2010-01-28 15:31 bdauvergne
+ [Core] fix leak of provider->private_data->endpoints
- * bindings/python/tests/Makefile.am: Binding Python ID-WSF 2.0:
- comment out test
+ [Tests] fix leak of content in test01_server_new
-2010-01-28 15:31 bdauvergne
+ [Tests] fix leak of idpLogoutContext in test04_sso_then_slo_soap
- * lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/personal_profile_service.c,
- lasso/xml/idwsf_strings.h, lasso/xml/xml.c: ID-WSF: change name
- of Personal Profile namespace symbols, add symbols for ID-SIS PP
- 1.1
+ [Core] fix leak of provider->private_data->endpoints
-2010-01-28 15:31 bdauvergne
+ [XML] fix memleak in lasso_node_export_to_soap
- * bindings/java/lang.py, bindings/php5/php_code.py,
- bindings/php5/wrapper_source.py,
- bindings/php5/wrapper_source_top.c, bindings/python/lang.py,
- bindings/python/tests/idwsf2_tests.py,
- bindings/python/wrapper_top.c: Bindings: java, php5, python
- simplify logic in binding generator
-
- * use utils.h macros to manipulate fields.
- * use utils.py function to filter variables, argument and return
- types.
- * finish support of hashtables of strings for php5 and python.
+ [XML] fix memleak of xmlSecKeyMngr when loading a key from a KeyInfo node
-2010-01-28 15:31 bdauvergne
+ [XML] fix memleak in get_xmlNode for LassoSamlp2LogoutRequest
- * bindings/bindings.py, bindings/overrides.xml: Bindings: better
- parse oftype annotation for hashtable, allow to skip structures
-
- * bindings/bindings.py:
- add possibility to skip generating bindings for structures to
- overrides.xml.
- parse element-type annotation /* of XXX */ for hashtable objects.
- output to stderr warning about skipped objects.
- parse idwsf_strings.h
- * bindings/overrides.xml:
- skip more ID-WSF 1.0 functions in java and perl.
- skip structure LassoAuthentication.
+ [XML] fix memleak in get_xmlNode for LassoSamlp2Response
-2010-01-28 15:31 bdauvergne
+ [SAMLv2] add missing stack variable initialization
- * lasso/id-ff/provider.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/identity.c, lasso/id-wsf-2.0/server.c,
- lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/id_ff_extensions.c: Core: fix gtk-doc annotations
+ [SAMLv2] fix unused variable warning
-2010-01-28 15:31 bdauvergne
+ [SAMLv2] in profile.c fix uncovered enumeration value in switch
- * lasso/utils.h: Core: add new macros to lasso/utils.h, fix
- lasso_assign_new_list_of_gobjects
-
- * lasso/utils.h:
- add:
- - lasso_assign_new_xml_node
- - lasso_assign_new_list_of_strings
- - lasso_assign_new_list_of_xml_node
- fix lasso_assign_new_list_of_gobjects, bad naming of release
- macro.
-
-2010-01-28 15:31 bdauvergne
-
- * lasso/xml/dst_data.h, lasso/xml/sa_sasl_request.h,
- lasso/xml/soap-1.1/soap_fault.h,
- lasso/xml/soap_binding_ext_credential.h,
- lasso/xml/soap_binding_usage_directive.h: XML: add missing
- element-type annotations
-
-2010-01-28 15:31 bdauvergne
-
- * bindings/utils.py: Bindings: in bindings/utils.py, augment
- robustness of matching functions to work with type alone or
- triples
-
-2010-01-28 15:31 bdauvergne
-
- * bindings/perl/Makefile.am, bindings/perl/lang.py,
- bindings/perl/typemap-in, bindings/perl/typemap-out,
- bindings/perl/typemap.in, bindings/perl/typemap.out: Binding
- perl: update to binding
-
- * change extension of typemap files because if conflicts with
- existing
- * support constant list of strings and gobjects, add input rule
- for
- list of gobjects
- * fix setter for GList fields
-
-2010-01-26 20:59 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/saml2_login.c,
- lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h,
- lasso/id-wsf/authentication.c, lasso/id-wsf/data_service.c,
- lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c,
- lasso/xml/disco_description.c, lasso/xml/idwsf_strings.h: ID-WSF
- 1.0 & 2.0: complete lasso-sections.txt, add internal API to
- access SOAP headers, complete WS-Addressing support
-
- * docs/reference/lasso/lasso-sections.txt: complete documentation
- of
- LassoSoapEnvelope and LassoSoapFault with ID-WSF additions.
-
- * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/soap_binding.c
- lasso/id-wsf-2.0/soap_binding.h:
- add internal function _get_node and _get_header to simplify
- implementation of accessors for headers.
- change signature of lasso_soap_envelope_get_message_id and add
- new
- function lasso_soap_envelope_get_relates_to.
- update call points.
- add a message id when building a SOAP message.
-
- * lasso/xml/idwsf_strings.h:
- add element name for MessageID and RelatesTo WS-Addressing
- elements.
-
- * lasso/id-wsf/authentication.c lasso/id-wsf/data_service.c
- lasso/id-wsf/discovery.c lasso/id-wsf/wsf_profile.c
- lasso/id-wsf-2.0/saml2_login.c lasso/xml/disco_description.c:
- fix path name of header lasso/id-wsf/wsf_utils.h. make all
- internal
- include path relatives.
-
-2010-01-26 20:59 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: Core XML: make
- lasso_node_set_custom_namespace/nodename take const string
-
- * lasso/xml/xml.c lasso/xml/xml.h:
- mark argument of lasso_node_set_custom_namespace and
- lasso_node_set_custom_nodename as const char* strings.
-
-2010-01-26 20:59 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: Core XML: add function to get
- the namespace of a LassoNode
-
- * lasso/xml/xml.c lasso/xml/xml.h:
- if a custome namespace is set, return it, otherwise return the
- class
- namespace (klass->node_data->ns->href).
-
-2010-01-26 13:51 bdauvergne
-
- * bindings/perl/Makefile.PL, bindings/perl/Makefile.am: Binding
- perl: fix include paths in the makefile, again
-
-2010-01-26 13:51 bdauvergne
-
- * bindings/perl/Makefile.PL: in bindings/perl/Makefile.PL, add
- include path for normal builds
-
-2010-01-26 10:39 bdauvergne
-
- * configure.ac: in configure.ac, activate the Perl binding in
- normal builds
-
-2010-01-26 10:39 bdauvergne
-
- * configure.ac: Core: in configure.ac, activate warning when
- debugging, not in normal build
-
- * configure.ac:
- remove -Wxxx flag from AM_CFLAGS, add them if --enable-debugging
- is used.
-
-2010-01-26 10:39 bdauvergne
-
- * lasso/saml-2.0/logout.c: in lasso/saml-2.0/logout.c, fix missing
- declaration
-
-2010-01-26 10:39 bdauvergne
-
- * lasso/errors.c: Core: update errors.c file
-
-2010-01-26 10:39 bdauvergne
-
- * bindings/perl/Makefile.am: in bindings/perl/Makefile.am, change
- permission to make distcheck works
-
-2010-01-26 10:39 bdauvergne
-
- * bindings/perl/Makefile.am: in bindings/perl/Makefile.am, add
- files to EXTRA_DIST
-
-2010-01-25 23:47 bdauvergne
-
- * bindings/Makefile.am, bindings/bindings.py,
- bindings/overrides.xml, bindings/perl,
- bindings/perl/LassoNode.xs, bindings/perl/Makefile.PL,
- bindings/perl/Makefile.am, bindings/perl/__init__.py,
- bindings/perl/glist_handling.c, bindings/perl/gobject_handling.c,
- bindings/perl/lang.py, bindings/perl/t, bindings/perl/t/Lasso.t,
- bindings/perl/test.pl, bindings/perl/test.sh,
- bindings/perl/typemap.in, bindings/perl/typemap.out,
- configure.ac: Bindings: add a new perl binding using the new
- binding infrastructure
-
- * XS files is autogenerated using bindings/binding.py model of
- the
- Lasso API. All constants are in the Lasso::Constants package, the
- LASSO_ prefix is removed.
- All classes are now Lasso::ClassName, field accessor also serves
- as
- setters, i.e you can do this:
- $name_id = Lasso::Saml2NameID::new();
- $name_id->content('coin');
- print $name_id->content;
-
- Is still missing:
- - a lot of test files,
- - support for hashtables,
- - and throwing exceptions when return code is non-zero.
-
-2010-01-25 23:47 bdauvergne
-
- * bindings/utils.py: Bindings: in utils.py, fix is_glist and
- is_hashtable, make arg_type accept simple string as input instead
- of triples
-
-2010-01-25 23:47 bdauvergne
-
- * lasso/xml/saml_attribute_value.h: in
- lasso/xml/saml_attribute_value.h, fix typo in content type
- annotation
-
-2010-01-25 23:47 bdauvergne
-
- * lasso/xml/sa_sasl_response.h: in lasso/xml/sa_sasl_response.h,
- add GList content type annotation to field 'any'
-
-2010-01-25 23:47 bdauvergne
-
- * bindings/php5/wrapper_source.py: Bindings PHP5: use is_cstring to
- match string types
-
-2010-01-25 23:47 bdauvergne
-
- * Makefile.am, configure.ac, java/.cvsignore, java/Makefile.am,
- java/coldfusion/.cvsignore, java/coldfusion/Makefile,
- java/coldfusion/src/CFLassoSingleLogout.java,
- java/coldfusion/src/CFLassoSingleSignOn.java,
- java/coldfusion/web/assertionConsumer.cfm,
- java/coldfusion/web/singleLogout.cfm,
- java/coldfusion/web/singleSignOn.cfm,
- java/doc/ImplantationMapping.rst, java/doc/JNIForDummy.rst,
- java/tests/.cvsignore, java/tests/BindingTests.java,
- java/tests/LoginTest.java, perl/.cvsignore, perl/Makefile.PL,
- perl/Makefile.am, perl/tests/binding_tests.pl, php/.cvsignore,
- php/Makefile.am, php/patch_swig_output.py, php/tests/.cvsignore,
- php/tests/binding_tests.php, php/tests/perfs.php,
- swig/.cvsignore, swig/Lasso-saml2.i, swig/Lasso-wsf-disco.i,
- swig/Lasso-wsf-dst.i, swig/Lasso-wsf-is.i, swig/Lasso-wsf-sa.i,
- swig/Lasso-wsf-soap.i, swig/Lasso-wsf.i, swig/Lasso-wsf2.i,
- swig/Lasso.i, swig/Makefile.am, swig/id-wsf-2.0/Makefile.am,
- swig/id-wsf-2.0/disco_abstract.i,
- swig/id-wsf-2.0/disco_endpoint_context.i,
- swig/id-wsf-2.0/disco_keys.i, swig/id-wsf-2.0/disco_options.i,
- swig/id-wsf-2.0/disco_provider_id.i,
- swig/id-wsf-2.0/disco_query.i,
- swig/id-wsf-2.0/disco_query_response.i,
- swig/id-wsf-2.0/disco_requested_service.i,
- swig/id-wsf-2.0/disco_security_context.i,
- swig/id-wsf-2.0/disco_service_context.i,
- swig/id-wsf-2.0/disco_service_type.i,
- swig/id-wsf-2.0/disco_svc_md_association_add.i,
- swig/id-wsf-2.0/disco_svc_md_association_add_response.i,
- swig/id-wsf-2.0/disco_svc_md_association_delete.i,
- swig/id-wsf-2.0/disco_svc_md_association_delete_response.i,
- swig/id-wsf-2.0/disco_svc_md_association_query.i,
- swig/id-wsf-2.0/disco_svc_md_association_query_response.i,
- swig/id-wsf-2.0/disco_svc_md_delete.i,
- swig/id-wsf-2.0/disco_svc_md_delete_response.i,
- swig/id-wsf-2.0/disco_svc_md_query.i,
- swig/id-wsf-2.0/disco_svc_md_query_response.i,
- swig/id-wsf-2.0/disco_svc_md_register.i,
- swig/id-wsf-2.0/disco_svc_md_register_response.i,
- swig/id-wsf-2.0/disco_svc_md_replace.i,
- swig/id-wsf-2.0/disco_svc_md_replace_response.i,
- swig/id-wsf-2.0/disco_svc_metadata.i,
- swig/id-wsf-2.0/dst_data_response_base.i,
- swig/id-wsf-2.0/dst_delete_item_base.i,
- swig/id-wsf-2.0/dst_delete_response.i,
- swig/id-wsf-2.0/dst_request.i,
- swig/id-wsf-2.0/dst_result_query_base.i,
- swig/id-wsf-2.0/dst_test_item_base.i,
- swig/id-wsf-2.0/dstref_app_data.i,
- swig/id-wsf-2.0/dstref_create.i,
- swig/id-wsf-2.0/dstref_create_item.i,
- swig/id-wsf-2.0/dstref_create_response.i,
- swig/id-wsf-2.0/dstref_data.i,
- swig/id-wsf-2.0/dstref_data_response.i,
- swig/id-wsf-2.0/dstref_delete.i,
- swig/id-wsf-2.0/dstref_delete_item.i,
- swig/id-wsf-2.0/dstref_delete_response.i,
- swig/id-wsf-2.0/dstref_item_data.i,
- swig/id-wsf-2.0/dstref_modify.i,
- swig/id-wsf-2.0/dstref_modify_item.i,
- swig/id-wsf-2.0/dstref_modify_response.i,
- swig/id-wsf-2.0/dstref_query.i,
- swig/id-wsf-2.0/dstref_query_item.i,
- swig/id-wsf-2.0/dstref_query_response.i,
- swig/id-wsf-2.0/dstref_result_query.i,
- swig/id-wsf-2.0/dstref_test_item.i,
- swig/id-wsf-2.0/ims_identity_mapping_request.i,
- swig/id-wsf-2.0/ims_identity_mapping_response.i,
- swig/id-wsf-2.0/ims_mapping_input.i,
- swig/id-wsf-2.0/ims_mapping_output.i,
- swig/id-wsf-2.0/inheritance.h, swig/id-wsf-2.0/is_help.i,
- swig/id-wsf-2.0/is_inquiry.i,
- swig/id-wsf-2.0/is_inquiry_element.i,
- swig/id-wsf-2.0/is_interaction_request.i,
- swig/id-wsf-2.0/is_interaction_response.i,
- swig/id-wsf-2.0/is_interaction_statement.i,
- swig/id-wsf-2.0/is_item.i, swig/id-wsf-2.0/is_parameter.i,
- swig/id-wsf-2.0/is_select.i, swig/id-wsf-2.0/is_text.i,
- swig/id-wsf-2.0/main.h,
- swig/id-wsf-2.0/ps_add_collection_request.i,
- swig/id-wsf-2.0/ps_add_collection_response.i,
- swig/id-wsf-2.0/ps_add_entity_request.i,
- swig/id-wsf-2.0/ps_add_entity_response.i,
- swig/id-wsf-2.0/ps_add_known_entity_request.i,
- swig/id-wsf-2.0/ps_add_known_entity_response.i,
- swig/id-wsf-2.0/ps_add_to_collection_request.i,
- swig/id-wsf-2.0/ps_get_object_info_request.i,
- swig/id-wsf-2.0/ps_get_object_info_response.i,
- swig/id-wsf-2.0/ps_item_data.i,
- swig/id-wsf-2.0/ps_list_members_request.i,
- swig/id-wsf-2.0/ps_list_members_response.i,
- swig/id-wsf-2.0/ps_notification.i, swig/id-wsf-2.0/ps_notify.i,
- swig/id-wsf-2.0/ps_object.i,
- swig/id-wsf-2.0/ps_query_objects_request.i,
- swig/id-wsf-2.0/ps_query_objects_response.i,
- swig/id-wsf-2.0/ps_remove_collection_request.i,
- swig/id-wsf-2.0/ps_remove_entity_request.i,
- swig/id-wsf-2.0/ps_remove_from_collection_request.i,
- swig/id-wsf-2.0/ps_request_abstract.i,
- swig/id-wsf-2.0/ps_resolve_identifier_request.i,
- swig/id-wsf-2.0/ps_resolve_identifier_response.i,
- swig/id-wsf-2.0/ps_resolve_input.i,
- swig/id-wsf-2.0/ps_response_abstract.i,
- swig/id-wsf-2.0/ps_set_object_info_request.i,
- swig/id-wsf-2.0/ps_test_membership_request.i,
- swig/id-wsf-2.0/ps_test_membership_response.i,
- swig/id-wsf-2.0/sb2_consent.i,
- swig/id-wsf-2.0/sb2_credentials_context.i,
- swig/id-wsf-2.0/sb2_endpoint_update.i,
- swig/id-wsf-2.0/sb2_redirect_request.i,
- swig/id-wsf-2.0/sb2_sender.i,
- swig/id-wsf-2.0/sb2_target_identity.i,
- swig/id-wsf-2.0/sb2_timeout.i,
- swig/id-wsf-2.0/sb2_usage_directive.i,
- swig/id-wsf-2.0/sb2_user_interaction_header.i,
- swig/id-wsf-2.0/sbf_framework.i, swig/id-wsf-2.0/sec_token.i,
- swig/id-wsf-2.0/sec_token_policy.i,
- swig/id-wsf-2.0/sec_transited_provider_path.i,
- swig/id-wsf-2.0/subs_notification.i,
- swig/id-wsf-2.0/subs_notify_response.i,
- swig/id-wsf-2.0/subs_ref_item.i,
- swig/id-wsf-2.0/subs_subscription.i,
- swig/id-wsf-2.0/subsref_app_data.i,
- swig/id-wsf-2.0/subsref_create.i,
- swig/id-wsf-2.0/subsref_create_item.i,
- swig/id-wsf-2.0/subsref_create_response.i,
- swig/id-wsf-2.0/subsref_data.i,
- swig/id-wsf-2.0/subsref_data_response.i,
- swig/id-wsf-2.0/subsref_delete.i,
- swig/id-wsf-2.0/subsref_delete_item.i,
- swig/id-wsf-2.0/subsref_delete_response.i,
- swig/id-wsf-2.0/subsref_item_data.i,
- swig/id-wsf-2.0/subsref_modify.i,
- swig/id-wsf-2.0/subsref_modify_item.i,
- swig/id-wsf-2.0/subsref_modify_response.i,
- swig/id-wsf-2.0/subsref_notification.i,
- swig/id-wsf-2.0/subsref_notify.i,
- swig/id-wsf-2.0/subsref_notify_response.i,
- swig/id-wsf-2.0/subsref_query.i,
- swig/id-wsf-2.0/subsref_query_item.i,
- swig/id-wsf-2.0/subsref_query_response.i,
- swig/id-wsf-2.0/subsref_result_query.i,
- swig/id-wsf-2.0/subsref_subscription.i,
- swig/id-wsf-2.0/subsref_test_item.i,
- swig/id-wsf-2.0/util_empty.i, swig/id-wsf-2.0/util_extension.i,
- swig/id-wsf-2.0/util_response.i, swig/id-wsf-2.0/util_status.i,
- swig/inheritance.h, swig/saml-2.0/.cvsignore,
- swig/saml-2.0/Makefile.am, swig/saml-2.0/inheritance.h,
- swig/saml-2.0/main.h, swig/saml-2.0/saml2_action.i,
- swig/saml-2.0/saml2_advice.i, swig/saml-2.0/saml2_assertion.i,
- swig/saml-2.0/saml2_attribute.i,
- swig/saml-2.0/saml2_attribute_statement.i,
- swig/saml-2.0/saml2_attribute_value.i,
- swig/saml-2.0/saml2_audience_restriction.i,
- swig/saml-2.0/saml2_authn_context.i,
- swig/saml-2.0/saml2_authn_statement.i,
- swig/saml-2.0/saml2_authz_decision_statement.i,
- swig/saml-2.0/saml2_base_idabstract.i,
- swig/saml-2.0/saml2_condition_abstract.i,
- swig/saml-2.0/saml2_conditions.i,
- swig/saml-2.0/saml2_encrypted_element.i,
- swig/saml-2.0/saml2_evidence.i,
- swig/saml-2.0/saml2_key_info_confirmation_data.i,
- swig/saml-2.0/saml2_name_id.i,
- swig/saml-2.0/saml2_one_time_use.i,
- swig/saml-2.0/saml2_proxy_restriction.i,
- swig/saml-2.0/saml2_statement_abstract.i,
- swig/saml-2.0/saml2_subject.i,
- swig/saml-2.0/saml2_subject_confirmation.i,
- swig/saml-2.0/saml2_subject_confirmation_data.i,
- swig/saml-2.0/saml2_subject_locality.i,
- swig/saml-2.0/samlp2_artifact_resolve.i,
- swig/saml-2.0/samlp2_artifact_response.i,
- swig/saml-2.0/samlp2_assertion_id_request.i,
- swig/saml-2.0/samlp2_attribute_query.i,
- swig/saml-2.0/samlp2_authn_query.i,
- swig/saml-2.0/samlp2_authn_request.i,
- swig/saml-2.0/samlp2_authz_decision_query.i,
- swig/saml-2.0/samlp2_extensions.i,
- swig/saml-2.0/samlp2_idp_entry.i,
- swig/saml-2.0/samlp2_idp_list.i,
- swig/saml-2.0/samlp2_logout_request.i,
- swig/saml-2.0/samlp2_manage_name_id_request.i,
- swig/saml-2.0/samlp2_name_id_mapping_request.i,
- swig/saml-2.0/samlp2_name_id_mapping_response.i,
- swig/saml-2.0/samlp2_name_id_policy.i,
- swig/saml-2.0/samlp2_request_abstract.i,
- swig/saml-2.0/samlp2_requested_authn_context.i,
- swig/saml-2.0/samlp2_response.i, swig/saml-2.0/samlp2_scoping.i,
- swig/saml-2.0/samlp2_status.i,
- swig/saml-2.0/samlp2_status_code.i,
- swig/saml-2.0/samlp2_status_detail.i,
- swig/saml-2.0/samlp2_status_response.i,
- swig/saml-2.0/samlp2_subject_query_abstract.i,
- swig/saml-2.0/samlp2_terminate.i, swig/ws/Makefile.am,
- swig/ws/inheritance.h, swig/ws/main.h,
- swig/ws/wsa_attributed_any.i, swig/ws/wsa_attributed_qname.i,
- swig/ws/wsa_attributed_unsigned_long.i,
- swig/ws/wsa_attributed_uri.i, swig/ws/wsa_endpoint_reference.i,
- swig/ws/wsa_metadata.i, swig/ws/wsa_problem_action.i,
- swig/ws/wsa_reference_parameters.i, swig/ws/wsa_relates_to.i,
- swig/ws/wsse_embedded.i, swig/ws/wsse_reference.i,
- swig/ws/wsse_security_header.i,
- swig/ws/wsse_security_token_reference.i,
- swig/ws/wsse_transformation_parameters.i,
- swig/ws/wsse_username_token.i, swig/ws/wsu_timestamp.i,
- swig/wsf-support.i.in, swig/wsf2-support.i: Bindings: remove all
- SWIG bindings and SWIG related files
-
-2010-01-25 23:47 bdauvergne
-
- * lasso/utils.h, lasso/xml/xml.c: Add new macro
- lasso_list_add_new_xml_node
-
- * lasso/utils.h:
- fix lasso_list_add_xml_node, it must copy the node before
- assigning
- it.
- add lasso_list_add_new_xml_node for keeping the old behaviour.
- * lasso/xml/xml.c:
- fix use of lasso_list_add_xml_node, because copying the node
- before
- assigning it is a leak now.
-
-2010-01-25 12:47 bdauvergne
-
- * bindings/ghashtable.h: in bindings/ghashtable.h, Add missing
- unused argument hints
-
-2010-01-25 12:47 bdauvergne
-
- * lasso/saml-2.0/logout.c: SAML 2.0 Logout: when in an SP initiated
- logout, lasso_logout_build_response_msg is the finishing call
-
- * lasso/saml-2.0/logout.c:
- when calling lasso_logout_build_response_msg(), if we known that
- we
- are in the middle of an SP initiated logout, i.e. if
- initial_remote_providerID is not NULL, then we can restore the
- intial
- response.
-
-2010-01-25 12:46 bdauvergne
-
- * lasso/errors.c, lasso/errors.h,
- lasso/xml/ws/wsse_username_token.c: Fix name of
- LASSO_WSSEC_BAD_PASSWORD
-
- * lasso/errors.c lasso/errors.h:
- LASSO_WSSE_BAD_PASSWORD -> LASSO_WSSEC_ERROR_BAD_PASSWORD
- * lasso/xml/ws/wsse_username_token.c:
- update client code.
-
-2010-01-25 12:46 bdauvergne
-
- * bindings/java/lang.py: Bindings java: cast return value of
- special constructors
-
- * bindings/java/lang.py:
- in the JAVA API special constructors are made to return their
- real
- type, but usual GObject constructors return their base type (here
- LassoNode) so we have to cast it.
-
-2010-01-25 12:46 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/session.c,
- lasso/id-ff/session.h, lasso/id-ff/sessionprivate.h: Export more
- assertion access API for LassoSession
-
- * lasso/id-ff/session.c lasso/id-ff/session.h
- lasso/id-ff/sessionprivate.h:
- export lasso_session_get_assertion(),
- lasso_session_add_assertion()
- and lasso_session_remove_assertion().
- remove them from private header.
- * docs/reference/lasso/lasso-sections.txt:
- update documentation
-
-2010-01-21 17:54 bdauvergne
-
- * bindings/overrides.xml: Bindings: remove useless overrides
-
- * bindings/overrides.xml:
- It is no more needed to force return type of constructors to
- their
- real types, the bindings check the type dynamically anyway.
-
-2010-01-21 17:54 bdauvergne
-
- * bindings/ghashtable.h: Fix GHashTable backward compatibility
- header
-
- * lasso/ghashtable.h:
- g_hash_table_remove_all_nodes is not a public function, use
- g_hash_table_foreach_remove instead.
-
-2010-01-20 13:33 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_name_id.c: in saml2_name_id.c, include
- utils.h to benefit from replacement for g_strcmp0
-
-2010-01-20 13:33 bdauvergne
-
- * lasso/errors.h, lasso/xml/ws/wsse_username_token.c: Fix
- LASSO_WSSEC_BAD_PASSWORD error, reformat wsse_username_token.c
-
- * lasso/errors.h:
- change error id and error name for LASSO_WSSEC_BAD_PASSWORD
- * lasso/xml/ws/wsse_username_token.c:
- update reference to LASSO_WSSEC_BAD_PASSWORD.
- reformat line longer than 100 characters.
-
-2010-01-19 15:03 bdauvergne
-
- * lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c: ID-WSF
- 2.0: add some annotations
-
-2010-01-19 12:44 bdauvergne
-
- * lasso/backward_comp.h: Core: in backward_comp.h, include string.h
- if g_strcmp0 is used
-
- * lasso/backward_comp.h:
- implementation of g_strcmp0 depends upon string.h.
+ [XML] fix unused variable warnings
-2010-01-19 11:01 bdauvergne
+ [XML] fix mem leak whene releasing CustomElement structures
- * lasso/xml/idwsf_strings.h: WS-Security: fix typo in name of
- string symbols
-
- * lasso/xml/idwsf_strings.h:
- uppercase define for WS-Securities SOAP faults.
+ [Tests] fix mem leaks
-2010-01-19 11:01 bdauvergne
+ [SAMLv2] fix mem leaks
- * docs/reference/lasso/lasso-sections.txt, lasso/errors.c,
- lasso/errors.h, lasso/xml/idwsf_strings.h,
- lasso/xml/ws/wsse_username_token.c,
- lasso/xml/ws/wsse_username_token.h: WS: complete support for
- wsse:UsernameToken
-
- * docs/reference/lasso/lasso-sections.txt:
- add new functions and change type name in documentation.
- * lasso/errors.h lasso/errors.c:
- add an error to report password verification failure
- * lasso/xml/ws/wsse_username_token.h
- lasso/xml/ws/wsse_username_token.c:
- update support for wsse:UsernameToken up to version 1.1,
- implement
- digest and derived keys computations.
- * lasso/xml/idwsf_strings.h:
- add strings for Username WS-Security Token profile
+2010-09-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-19 10:44 bdauvergne
+ [SAMLv2 NID management] report signature error in response, do not check response signature if forbidden
+ - build_response_msg will report signature error in response status
+ code when called without an initialized response (without a call to
+ validate_request)
+ - process_response_msg now use
+ lasso_saml20_profile_check_signature_status to check the signature
+ status only if permitted.
- * lasso/xml/saml-2.0/saml2_authn_context.c: XML SAML-2.0:
- AuthnContext content is a xdf:choice so make content optional
-
- - lasso/xml/saml-2.0/saml2_authn_context.c:
- <AuthnContext/> can contain at least one node among:
- - <AuthnContextClassRef/>
- - <AuthnContextDeclRef/>
- - <AuthnContextDecl/>
- to approximate this possibility, we need to make any of them
- optional.
- <AuthenticatingAuthority/> should be a list but we cannot change
- it
- without breaking the ABI, so we will wait for this.
+2010-09-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-19 09:48 bdauvergne
+ [SAMLv2] move check for signature status to lasso_saml20_build_response_msg
+ And also handle the signature verification hint. If process_msg fails,
+ you must just call build_response_msg directly.
- * website/web/doap.rdf: make an explicit copy of lasso.doap to
- website/web/doap.rdf
+ Only check the signature on the response if asked, most applications
+ should not care.
-2010-01-19 09:44 bdauvergne
+2010-09-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * website/web/news/14-release-2.2.90.xml: Reduce news message to
- fit the news column
+ [configure.ac] increment release version and libtool version info
-2010-01-18 15:08 bdauvergne
+ Add files to .gitignore
- * website/web/download/index.xml: updat download link
+2010-09-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-18 14:41 bdauvergne
+ [SAMLv2] apply the LassoProfileVerifySignatureHint when processing requests
+ The check was missing for processing of logout requests, name id
+ management request and assertion query responses.
- * lasso/id-wsf-2.0/Makefile.am: ID-WSF 2.0: Add saml2_login.h to
- list of headers
+ A new internal function lasso_saml20_profile_check_signature_status is
+ added.
-2010-01-18 14:08 bdauvergne
+2010-09-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * docs/reference/lasso/lasso-docs.sgml: Documentation:
- wsse_security.xml is now wsse_security_header.xml
+ [ID-WSFv1&ID-WSFv2] separate better strings for ID-WSF from other strings
+ Code in core source file which depend upon ID-WSF symbols have been
+ conditionalized, and each id-wsf source file now include directly its
+ need string header.
-2010-01-18 14:08 bdauvergne
+2010-09-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * autogen.sh: By default make autogen.sh to enable gtk doc
+ Merge branches 'master' and 'release' of bdauvergne@xen3.lycope.priv:/var/git/lasso into release
-2010-01-18 13:50 bdauvergne
+2010-09-08 Frédéric Péters <fpeters@entrouvert.com>
- * bindings/php5/Makefile.am, bindings/php5/tests/Makefile.am,
- bindings/php5/tests/binding_tests.php,
- bindings/php5/tests/binding_tests.sh,
- bindings/php5/tests/profile_tests.php,
- bindings/php5/tests/profile_tests.sh, configure.ac: Bindings
- PHP5: rewire php5 tests to the makefiles, make them pass
- distcheck
+ News entry for 2.3.1 & 2.3.2 (combined)
-2010-01-18 11:16 bdauvergne
+2010-09-07 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * autogen.sh: in autogen.sh, move libtoolize and gtkdocize before
- aclocal
+ Merge branch 'hotfixes-2.3.2' into develop
-2010-01-18 11:15 bdauvergne
+ Merge branch 'hotfixes-2.3.2'
- * tests/Makefile.am: fix typo
+ Increment revision in version
-2010-01-18 11:04 bdauvergne
+ Update files for release 2.3.2
- * tests/Makefile.am: Merge EXTRA_DIST declarations in
- tests/Makefile.am
+ Fix lasso soname change
+ If new interfaces are added, first and last number must be incremented.
+ As new enumeration value have been added, this is the case.
-2010-01-18 10:49 bdauvergne
+ Merge commit 'origin/master'
- * lasso.doap: fix bad commit
+ Merge branch 'hotfixes-2.3.1' into develop
-2010-01-18 10:47 bdauvergne
+ Merge branch 'hotfixes-2.3.1'
- * lasso.doap: tag release 2.2.90
+ Update files for release 2.3.1
-2010-01-18 10:40 bdauvergne
+ [SAMLv2] when no artifact message is present, still return a success status
+ It is mandated by the specification.
- * ChangeLog: Update changelog
-2010-01-18 10:04 bdauvergne
+2010-09-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * NEWS, lasso.doap, website/web/news/14-release-2.2.90.xml: Change
- again date of release 2.2.90
+ [Tests integration] fix configuration variable name
-2010-01-18 10:03 bdauvergne
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * tests/Makefile.am: Add tests/valgrind to dist tarballs
+ Merge branch 'develop' into hotfixes-2.3.1
-2010-01-18 10:03 bdauvergne
+ [Core] fix memory leak in lasso_endpoint_free
- * Makefile.am: Add autogen.sh and tools to EXTRA_DIST in top
- Makefile.am
+ [ID-FFv1.2&SAMLv2] add more warning for failure to load metadata file
+ Report detailf of the failure through warning log.
-2010-01-18 10:03 bdauvergne
+ [SAMLv2] when failing to recreate the content for the ArtefactResponse set a lasso specific status code
- * docs/lasso-book/Makefile.am,
- docs/reference/lasso/lasso-sections.txt, lasso/backward_comp.h,
- lasso/id-wsf/wsf_profile.c, lasso/lasso.c,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/profile.c,
- lasso/utils.h, lasso/xml/misc_text_node.c,
- lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/samlp2_authn_request.h,
- lasso/xml/saml-2.0/samlp2_logout_request.h,
- lasso/xml/saml-2.0/samlp2_logout_response.h, lasso/xml/xml.c,
- lasso/xml/xml.h: Documentation: distribute stylesheet, fix
- documentation comments, compelte lasso-sections.txt
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-18 10:03 bdauvergne
+ [SAMLv2] change the way content is stored and loaded for the HTTP-Artifact binding
+ Previously content was stored as the result of lasso_node_dump method
+ then reloaded, and then serialized again as part of the ArtifactResponse
+ message. lasso_node_dump was ignoring all hint to sign node, but keeping
+ the needed parameters around. That's not what must be done, the
+ signature should happen at the generation of the artifact and the result
+ must manipulated as is (i.e. XML content) and never moved back to the
+ land of LassoNode objects.
- * docs/reference/lasso/lasso-overrides.txt: Documentation: add
- empty lasso-overrides.txt, it seems to be necessary
+ Now the content is:
+ - first removed of any signature at the message level, because the
+ ArtifactResponse will take care of this, (any signature under this
+ level (like at the assertion) is kept),
+ - serialized using lasso_node_export_to_xml,
+ - reloaded using lasso_xml_parse_memory,
+ - and put into the ArtifactResponse using a
+ lasso_misc_text_node_new_with_xml_node.
-2010-01-18 10:03 bdauvergne
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/wsf_utils.c: ID-WSF: mark API as Private not
- Internal
+ [SAMLv2] make lasso_saml20_profile_generate_artifact a static function
+ It is only used in lasso/saml-2.0/profile.c anyway.
-2010-01-18 10:03 bdauvergne
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/session.h: Core: complete documentation on
- LassoSession
+ [Core] load signature parameters
+ Generic signature parameters (attached as qdata to nodes) is now
+ reloaded when initializing a node from XML for a node type with a
+ signature snippet in its metadatas.
-2010-01-18 10:03 bdauvergne
+ It fixes the problematic usage of ciphered private keys with the
+ HTTP-Artifact binding (which needs to keep a copy of the AuthnResponse
+ around and to sign it later).
- * lasso/id-ff/profile.h: Core: complete documentation on
- LassoProfile
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-18 10:03 bdauvergne
+ [Core] add private function to read an integer attribute
+ This function does integer parsing and range checks, it returns TRUE if
+ all goes well.
- * lasso/id-ff/login.h: Core: complete documentation on LassoLogin
+ [Core] add LAST enum values to LassoSignatureMethod and LassoSignatureType enumerations
+ It helps making range checks.
-2010-01-18 10:03 bdauvergne
+2010-09-03 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/server.c, lasso/id-wsf-2.0/soap_binding.c: fix typo
- (transfer-none) -> (transfer none)
+ [Strings] add string constant for the internal XML attributes used in dumps
+ Add string constants for signature method, signature type, private key
+ (file path or content), private key password and certificate (file path
+ or content).
-2010-01-18 10:03 bdauvergne
+ Add cast for xmlChar constant strings definition in python bindings, it
+ assumed all constant strings were char*.
- * lasso/id-wsf/Makefile.am, lasso/id-wsf/utils.c,
- lasso/id-wsf/utils.h, lasso/id-wsf/wsf_utils.c,
- lasso/id-wsf/wsf_utils.h: ID-WSF 1.0: change name of utils.{c,h}
- file for documentation parsing
-
- * utils.h:
- this header has the same name as an other header which is not
- parsed
- by the documentation (lasso/utils.h) and the documentation
- process
- just match by filename, so we rename it.
+2010-08-31 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-18 10:03 bdauvergne
+ [DOAP] fix typos
+ Tags were badly formatted.
- * website/web/news/14-release-2.2.90.xml: Website: add news about
- 2.2.90
+2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-16 15:55 bdauvergne
+ [SAMLv2] mark Redirect binding as an invalid binding for return AuthnResponse
+ This is really not supported by the SAMLv2 protocol.
- * bindings/python/Makefile.am: Add bindings/python/examples to dist
- file
+ [SAMLv2] fix string in comment
-2010-01-16 15:14 bdauvergne
+ [SAMLv2] replace use of lasso_provider_get_default_name_id_format with direct use of lasso_provider_get_metadata_one_for_role
+ The first is trying to use provider->role to know which kind of role
+ descriptor to lookup, but for the server object this field is 0 and when
+ building authn request we know that we want our default NameIDFormat for
+ the SP sso descriptor.
- * bindings/php4: remove empty directory
+2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-16 15:13 bdauvergne
+ [SAMLv2] rebuild specialized LassoProvider methods upon new endpoints storage
+ The new way of storing endpoints allows to keep ordering between
+ endpoints with respect to the order of the index and isDefault field for
+ indexed endpoint type, and to the XML node orders for other endpoints.
- * bindings/lang_php5_helpers: remove empty directory
+ It also simplifies the code.
-2010-01-15 09:11 bdauvergne
+2010-08-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * docs/reference/lasso/lasso-sections.txt: Documentation: update
- lasso-sections.txt
+ [Core] add destroy code for new private field endpoints
+ The contained string must be disallocated if the object is destroyed.
-2010-01-15 08:33 bdauvergne
+ [Core] add structure to store endpoints type for metadata files
+ This new C structure will allow to filter ID-FFv1.2 and SAMLv2 endpoints
+ more easily.
- * lasso.doap, website/web/doap.rdf: Update doap file
+ [XML] use strtol instead of atoi to parse XSchema integers
+ This commit also reject negative integers from being parsed (all integers
+ in SAMLv2 and ID-FFv1.2 schemas are positive integers).
-2010-01-15 08:26 bdauvergne
+ [SAMLv2] when AuthnRequest contains invalid attributes returns INVALID_REQUEST not NO_DEFAULT_ENDPOINT
+ This is the right status to return.
- * lasso/id-ff/session.c, lasso/xml/saml_advice.c,
- lasso/xml/saml_advice.h: FIX ABI breakage between 2.2.1 and 2.2.2
- in LassoSamlAdvice
-
- * lasso/xml/saml_advice.c lasso/xml/saml_advice.h:
- restore fields AssertionIDReference and Assertion, remove field
- any
- to restore state from 2.2.1
- * lasso/id-ff/session.c:
- use xmlNode stored inside LassoSamlAssertion objects instead of
- accessing the 'any' list of xmlNode that was inserted in
- LassoSamlAdvice.
+2010-08-25 Frédéric Péters <fpeters@entrouvert.com>
-2010-01-14 16:18 bdauvergne
+ Fixed underlining of title
- * lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_attribute_value.h: FIX ABI breakage when
- addning new field to struct LassoSaml2AttributeValue
+2010-08-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-14 16:18 bdauvergne
+ [Core] fix change of enumeration value
+ This change broke the API, revert it.
- * lasso/build_strerror.py, lasso/errors.h: Fix ABI breakage due to
- change of constant name from LASSO_SOAP_FAULT_REDIRECT_REQUEST to
- LASSO_SOAP_ERROR_REDIRECT_REQUEST_FAULT
+2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-14 16:18 bdauvergne
+ [Website] update download link on front page
- * lasso/errors.c, lasso/errors.h: Fix ABI breakage with respect to
- 2.2.1
+ [Website] fix typos
-2010-01-14 16:18 bdauvergne
+ [Website] fix source and download links
+ The source repository is now the git repository on dev.entrouvert.org.
+ Latest source release is 2.3.0. And git browser is included in our
+ redmine.
- * docs/reference/lasso/lasso-sections.txt: Documentation: add
- lasso_profile_set/get_signature_hint to lasso-sections.txt
+2010-07-27 Benjamin Dauvergne <bdauvergne@lupin.entrouvert.com>
-2010-01-14 16:18 bdauvergne
+ [Website] change position of Download block in right bar
- * abi, abi/abi-2.1.1, abi/abi-2.2.1, abi/abi-2.2.2, abi/abi-2.2.90:
- Add files listings the ABI of Lasso
+ [Website] in convert-to-static.py, work around errors in build logs
+ If Build() constructor fails, keep going.
-2010-01-14 16:18 bdauvergne
+2010-07-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/bindings.py, tools/api.py: Tools: add script to generate
- a listing of Lasso ABI
-
- * tools/api.py:
- use parser from the binding generator to output a list of symbols
- * bindings/bindings.py;
- add private flags to not clobber 'private' fields of structures
- or
- methods not exported in bindings like _get_type.
+ [Website] fix wrong structure for the news file about release 2.3.0
-2010-01-14 16:18 bdauvergne
+ [Website] import convert-to-static.py modification from lupin
- * lasso/xml/Makefile.am, lasso/xml/idwsf_strings.h,
- lasso/xml/strings.h: ID-WSF: separate ID-WSF strings into their
- own header
+ [Website] add news file aboute release 2.3.0
-2010-01-14 16:18 bdauvergne
+2010-07-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * NEWS: start NEWS file for 2.2.90
+ [Website] fix non escaped ampersand
-2010-01-14 16:18 bdauvergne
+2010-07-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * tests/integration/saml2/test_02_slo.py,
- tests/integration/saml2/test_03_defederation.py: Tests
- integration: remove save_html hooks, after fed termination logout
- button should still be there
+ [Release] update libtool version
-2010-01-14 16:18 bdauvergne
+ [Website] update download links
- * bindings/python/lang.py: Bindings python: use is_cstring for
- matching GList element type
+ [Release] Update version number from 2.3 to 2.3.0
-2010-01-14 16:18 bdauvergne
+ [Release] update release date in NEWS file
- * lasso/saml-2.0/logout.c: SAML 2.0 Logout: undo some change to
- when the assertion is removed
-
- * lasso/saml-2.0/logout.c:
- - do not remove the assertion in init_request, as before only if
- all
- fails (event REDIRECT is unsupported).
- - in process_response_msg remove the assertion if we are the IdP
- or
- if there is no error.
- - in validate_request, remove the assertion if there is no error.
-
- I think that there will be more updates to this in the future.
+ [Release] update ChangeLog
-2010-01-14 16:18 bdauvergne
+ [Release] Lasso 2.3
+ - update the NEWS file
+ - add abi-2.3 file
+ - update DOAP files
+ - update lasso website template
+ - add temporary message to download pages, as there are no download
+ links currently.
- * bindings/utils.py: Bindings: make is_cstring usable with tuple
- and with direct type
+ [Core] add logos to EXTRA_DIST
-2010-01-14 16:18 bdauvergne
+ [Core] add HACKING to EXTRA_DIST
- * lasso/id-ff/session.c: Core: remove warning emiting macros from
- lasso_session_remove_assertion
-
- * lasso/id-ff/session.c:
- we already return error code, no need to log more warnings.
+ [Documentation] add missing declaration to lasso-sections.txt
-2010-01-14 16:18 bdauvergne
+ [Tests] change the way tests data is distributed
+ Instead of using a Makefile.am in each data directory, each data
+ directoy has been added to the EXTRA_DIST for the parent directory
+ Makefile.am.
- * lasso/saml-2.0/profile.c: SAML 2.0: report missing request when
- creating artifact resolve response, fix typo in
- lasso_saml20_profile_build_post_response_msg
+ [Core] remove now useless .cvsignore files
-2010-01-14 16:18 bdauvergne
+ [Binding perl] move DISCLEANFILES and CLEANFILES outside of the condition clauses
- * lasso/saml-2.0/login.c: SAML 2.0: Fix typo in
- lasso_saml20_login_build_authn_response_msg
+ [Tests] move sourceid-2.0beta-data to data directory
-2010-01-14 16:18 bdauvergne
+ [Core] move format-suppressions.py to tools directory
- * lasso/id-ff/provider.c, lasso/saml-2.0/provider.c: ID-FF&SAML2:
- if use is not defined on a key descriptor use the key for any use
-
- * lasso/id-ff/provider.c lasso/saml-2.0/provider.c: if the "use"
- attribute is not set on a KeyDescriptor, use the key for signing
- and
- encryption.
+ [Core] add README.JAVA and README.WIN32 files to EXTRA_DIST
-2010-01-12 15:40 bdauvergne
+ [Core] complete README.JAVA about later release of gcj
- * tests/login_tests_saml2.c: Tests SAML2: use & test encryption
+ [Core] add lasso.doap to EXTRA_DIST
-2010-01-12 15:40 bdauvergne
+ [Core] add errors.c to EXTRA_DIST
- * lasso/saml-2.0/Makefile.am: SAML 2.0: add saml2_helper.h to
- include files to install
+ [Core] remove unused build-strerror.pl
-2010-01-12 15:40 bdauvergne
+ [Doc] move style.css to the reference directory, and add it to EXTRA_DIST
- * tests/Makefile.am: Tests: fix inclusion of id-wsf 2.0 tests
+ [Bindings] improve cleaning and distribution buiding
-2010-01-12 15:40 bdauvergne
+ [Tests java] remove Test.java
+ Local test file wrongly commited.
- * lasso/lasso.h: Core: add new SAML 2.0 public header to top level
- header lasso.h
+ [Makefile] add abi to EXTRA_DIST
-2010-01-12 15:40 bdauvergne
+ [Binding perl] add DISTCLEANFILES for Makefile.perl.old file
- * lasso/id-wsf-2.0/Makefile.am: ID-WSF 2.0: remote
- saml2_login_private.h from Makefile.am
+ [Tests] remove debugging printf
-2010-01-12 15:40 bdauvergne
+ [Tests] change the way tests data is distributed
+ Instead of using a Makefile.am in each data directory, each data
+ directoy has been added to the EXTRA_DIST for the parent directory
+ Makefile.am.
- * bindings/java/lang.py, bindings/php5/wrapper_source.py,
- bindings/python/lang.py, bindings/utils.py: Bindings: add support
- for time_t to bindings, add support for 'string' type for list in
- java binding
+2010-07-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:40 bdauvergne
+ [Tests] adapt java unit tests to new semantic for list fields
+ GList fields now return an empty list, not null.
- * lasso/saml-2.0/saml2_helper.c, lasso/saml-2.0/saml2_helper.h: in
- saml2_helper.{c,h}, remote const modifier from time_t type
+2010-07-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:40 bdauvergne
+ [SAMLv2] simplify logic for handling AuthnResponse with binding HTTP-Post
+ The logic is now simpler:
+ - first lasso_saml20_profile_process_any_response check the signature
+ on the message
+ - then lasso_saml20_login_process_response_status_and_assertion
+ traverse all the assertions:
+ - if the message is signed all assertion from the same issuer are
+ automatically accepted,
+ - if the message is not signed, or the signature validation failed,
+ or the assertion has a different issuer than the message, we check
+ the signature directly on the assertion. If any of the assertions
+ fails the signature check, the result will be
+ LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE.
- * lasso/saml-2.0/name_id_management.c: in
- saml-2.0/name_id_management.c: handle NewEncryptedID, only
- encrypt if needed
+ The public field profile->signature_status will contain only the message
+ level signature status, each assertion signature status is not
+ accessible. That will change when signature and key handling is
+ reworked.
-2010-01-12 15:40 bdauvergne
+2010-07-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/logout.c: in saml-2.0/logout.c: remove commented
- code, only encrypt if needed, intialize local variables
+ [Binding perl] fix broken distclean-local target
+ The TOCOPY files need to be cleaned only for out of source directory
+ builds.
-2010-01-12 15:40 bdauvergne
+2010-07-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/login.c: in
- lasso_saml20_login_init_idp_initiated_auhtn_request, do not use
- init_authn_request, manually create the request.
+ [SAMLv2] comment on SessionIndex support hack
-2010-01-12 15:40 bdauvergne
+ [SAMLv2] remove empty files, wrongly committed
- * lasso/saml-2.0/login.c: in lasso_saml20_login_init_authn_request,
- use saml-2.0/profile.c functions to reduce code size
+2010-07-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:40 bdauvergne
+ [SAMLv2/SSO] when processing AuthnResponse with binding HTTP-Post only the assertion need to be signed
+ If the message is signed, the assertion is also covered, but if only the
+ assertion is signed, there is no error to report. If the caller ask for
+ forcing the validation of message signature, then we report an error.
- * lasso/saml-2.0/profile.c: in saml-2.0/profile.c, in
- lasso_saml20_build_response_msg, when no url is given, only stop
- for bindings needing one
+ This commit also add checking for the binding used, if it is not
+ HTTP-Post lasso_login_process_authn_response_msg will now report an
+ error.
-2010-01-12 15:40 bdauvergne
+2010-07-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/profile.c: in saml-2.0/profile.c, in
- lasso_saml20_profile_init_response make direct access
+ [Binding java] return empty list for NULL GList value, not null
-2010-01-12 15:40 bdauvergne
+ [ID-FFv1.2] add missing namespace declarations
- * lasso/saml-2.0/profile.c: in saml-2.0/profile.c, in
- lasso_saml20_init_request better check for supported bindings, do
- not check for identity or session, report SESSION_NOT_FOUND only
- if first_in_session is used, do not stop on missing name_id.
+2010-07-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:40 bdauvergne
+ [SAMLv2] add support for encrypted private keys
+ * support private key with new internal API in signature setting
+ methods
- * lasso/saml-2.0/saml2_helper.c: in saml2_helper.c, remove dead
- code
+ Plug lasso_node_set_signature into
+ lasso_profile_saml20_setup_message_signature and
+ lasso_server_saml2_assertion_setup_signature.
-2010-01-12 15:40 bdauvergne
+ * also use lasso_node_get_signature in has_signature
- * lasso/saml-2.0/provider.c: SAML 2.0: in
- lasso_saml20_provider_accept_http_method, add HTTP-Artifact-POST
- case, better check for bad inputs, and handle special
- SingleSignOn case
+ * add forgottent LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE in switch
+ cases
-2010-01-12 15:40 bdauvergne
+ For AuthnResponse checking the semantic is now that if HINT_FORCE is
+ used we verify message signature *and* assertion signature. If
+ HINT_MAYBE is used we check the assertion signature if its issuer
+ differs from the message issuer.
- * lasso/id-ff/profile.c: Core Profile: remove need for identity in
- lasso_profile_get_nameIdentifier
+2010-07-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:40 bdauvergne
+ [ID-FFv1.2] move all user of lasso_node_export_to_query to lasso_node_export_to_query_with_password
- * lasso/id-ff/server.c: Core Server: make default to load signing
- private key also as encryption private key
+ [Core] Change lasso_apply_signature to use quark stored annotated signature parameters
+ The node containing signature do not handle the private keys passwords.
+ As the fields for signature parameters are part of the public ABI we
+ cannot add the password field to the public structure for those nodes.
+ Instead we use the new quark annotation accessed through
+ lasso_node_get/set_signature, and if the sign_type parameter is non-NULL
+ we use it instead of the parameters stored in the public structure.
+ This is a gross hack :( but at least it is documented.
-2010-01-12 15:40 bdauvergne
+ [Core] add password parameter to lasso_sign_node
- * lasso/xml/xml.c: Commit to delete
+ [Code] add a lasso_node_export_to_query_with_password method
-2010-01-12 15:40 bdauvergne
+ [Core] add a password parameter to lasso_query_sign
+ We force use of the password through a custom OpenSSL password callback.
- * lasso/xml/saml-2.0/samlp2_response.c, lasso/xml/tools.c: Core:
- rewrite lasso_assertion_encrypt using lasso_xmlsect_load_key and
- add recipient argument
+ [Core] dump custom signature parameters in lasso dumps
+ The signature parameters are serialized as global attributes from the
+ http://lasso.entrouvert.org/lasso/namespaces/0.0 named:
+ SignatureType
+ SignatureMethod
+ PrivateKey
+ PrivateKeyPassword
+ Certificate
-2010-01-12 15:39 bdauvergne
+ [Tests/python] add test case for WebSSO with providers using encrypted keys
- * lasso/xml/private.h, lasso/xml/tools.c: Core: add simple function
- to load key from any format
+ [Core] add lasso_node_set_signature and lasso_node_get_signature
+ Those two methods allows to associate signature parameters to any node.
+ They keep it inside the CustomElement quark. Using a private structure
+ may be more performant.
-2010-01-12 15:39 bdauvergne
+2010-07-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/profile.c, lasso/saml-2.0/provider.c,
- lasso/xml/private.h, lasso/xml/tools.c, lasso/xml/xml.c: Core
- Node: add args to lasso_node_encrypt to set recipient of an
- encrypted element
+ [Core] extract signature adding into base class method lasso_node_get_xmlNode
+ In order to permit subclass to modify the base xmlNode created by
+ lasso_node_impl_get_xmlNode we must defer the concrete to the virtual
+ method wrapper, lasso_node_get_xmlNode.
-2010-01-12 15:39 bdauvergne
+ To do that it whas needed to make id_attribute another virtual field of
+ LassoNode subclasses (it can be accessed through an offset registered in
+ the class object).
- * bindings/python/lang.py: Binding python: provide old binding name
- for set_encryptionMode
+ This commit solves signature validation error since the patch for
+ managing more than one SessionIndex element in samlp2:LogoutRequest.
-2010-01-12 15:39 bdauvergne
+ It also factorize the creation of signatures in one place.
- * lasso/errors.c, lasso/errors.h, lasso/id-ff/login.c,
- lasso/id-ff/logout.c, lasso/id-ff/profile.c,
- lasso/id-ff/provider.c, lasso/id-ff/provider.h,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/loginprivate.h,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/logoutprivate.h,
- lasso/saml-2.0/name_id_management.c, lasso/saml-2.0/profile.c,
- lasso/saml-2.0/profileprivate.h, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/saml2_helper.c, lasso/saml-2.0/saml2_helper.h,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c: SAML 2.0: overhaul
- for ubuquitous binding support, still need work for HTTP-Artefact
+2010-07-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2010-01-12 15:39 bdauvergne
+ [SAMLv2] if service provider supports logout, add a SessionIndex from the assertion ID
+ The standard mandate to provide a SessionIndex to service provider
+ advertaising their support of the logout profile. We follow the
+ convention of using the assertion ID as a SessionIndex.
- * lasso/id-ff/profile.c, lasso/id-ff/profile.h,
- lasso/id-ff/profileprivate.h: Core: in profile.c, profile.h,
- profileprivate.h, add a new attribute to express signature needs
+ [Tests] add a sso then slo soap test
-2010-01-12 15:39 bdauvergne
+ [Core] lasso_check_version does not return a proper error code
+ lasso_check_version returns 0, 1 or -1 and one is not a proper error
+ code, so the original int return type is kept.
- * lasso/id-ff/identity.c: Core: in identity.c, do not emit trace
- when lasso_identity_get_federation fails
+ [Bindings] make is_rc only check for lasso_error_t type
-2010-01-12 15:39 bdauvergne
+ [Bindings php5] simplify is_object in php_code.py
- * lasso/xml/private.h, lasso/xml/xml.c: XML Core: in xml.c,
- private.h, add a lasso_node_remove_signature function
+ [Core] change return type of all error returning methods
+ The new return type is lasso_error_t, it should allow to pinpoint easily
+ methods returning an error code in bindings.
-2010-01-12 15:39 bdauvergne
+ [Bindings java] use is_int instead of custom methods or code
- * lasso/xml/id-wsf-2.0/is_interaction_statement.c,
- lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml_assertion.c, lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_response_abstract.c: XML: fill
- node_data->{certificate,private_key}_file_offset for nodes with
- signatures
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/xml/private.h: Core: in xml/private.h, add new field to
- LassoNodeClassData for private_key and certificate handling
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/id-ff/provider.h: Core: in provider.h, add
- LASSO_PROVIDER_ROLE_BOTH
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/saml-2.0/profile.c: Core: in profile.c, make
- lasso_profile_get_nameIdentifier work for transient federations
-
- * lasso/id-ff/profile.c:
- if no LassoIdentity is accessible try to get a name identifier
- through the assertion in the LassoSession object. This allows the
- logout profile to work without an identity object (which is
- normal
- since logout does not modify the federation status).
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/id-ff/provider.h: Core: in provider.h, add new SAML 2.0
- HTTP-Method, PAOS
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h: SAML
- 2.0: add new function to factorize adding signature to a message
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/providerprivate.h: Fix mitm attack using the
- AssertionConsumerURL property on requests
-
- * lasso/saml-2.0/login.c: check that the URL is know before using
- it
- * lasso/saml-2.0/provider.c lasso/saml-2.0/providerprivate.h:
- add a function to check that an URL corresponds to a know
- AssertionConsumer of the given provider.
-
-2010-01-12 15:39 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: fix in documentation
-
-2010-01-04 09:16 bdauvergne
-
- * bindings/bindings.py, bindings/java/lang.py,
- bindings/php5/php_code.py, bindings/php5/wrapper_source.py,
- bindings/python/lang.py, bindings/utils.py: Bindings: simplify
- GList handling
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/xml/disco_description.h,
- lasso/xml/disco_encrypted_resource_id.h,
- lasso/xml/disco_insert_entry.h, lasso/xml/disco_modify.h,
- lasso/xml/disco_options.h, lasso/xml/disco_query.h,
- lasso/xml/disco_query_response.h,
- lasso/xml/disco_service_instance.h, lasso/xml/dst_modify.h,
- lasso/xml/dst_query.h, lasso/xml/dst_query_response.h,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.h,
- lasso/xml/id-wsf-2.0/disco_keys.h,
- lasso/xml/id-wsf-2.0/disco_options.h,
- lasso/xml/id-wsf-2.0/disco_requested_service.h,
- lasso/xml/id-wsf-2.0/disco_security_context.h,
- lasso/xml/id-wsf-2.0/disco_service_context.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.h,
- lasso/xml/id-wsf-2.0/dstref_query_response.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.h,
- lasso/xml/id-wsf-2.0/is_inquiry.h,
- lasso/xml/id-wsf-2.0/is_interaction_request.h,
- lasso/xml/id-wsf-2.0/is_interaction_response.h,
- lasso/xml/id-wsf-2.0/is_interaction_statement.h,
- lasso/xml/id-wsf-2.0/is_select.h,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_list_members_response.h,
- lasso/xml/id-wsf-2.0/ps_notification.h,
- lasso/xml/id-wsf-2.0/ps_notify.h,
- lasso/xml/id-wsf-2.0/ps_object.h,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.h,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.h,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.h,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.h,
- lasso/xml/id-wsf-2.0/sb2_target_identity.h,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.h,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.h,
- lasso/xml/id-wsf-2.0/subs_notification.h,
- lasso/xml/id-wsf-2.0/subs_subscription.h,
- lasso/xml/id-wsf-2.0/subsref_app_data.h,
- lasso/xml/id-wsf-2.0/subsref_create.h,
- lasso/xml/id-wsf-2.0/subsref_data_response.h,
- lasso/xml/id-wsf-2.0/subsref_delete.h,
- lasso/xml/id-wsf-2.0/subsref_modify.h,
- lasso/xml/id-wsf-2.0/subsref_notification.h,
- lasso/xml/id-wsf-2.0/subsref_notify.h,
- lasso/xml/id-wsf-2.0/subsref_query.h,
- lasso/xml/id-wsf-2.0/subsref_query_response.h,
- lasso/xml/id-wsf-2.0/subsref_subscription.h,
- lasso/xml/is_inquiry.h, lasso/xml/is_interaction_request.h,
- lasso/xml/is_interaction_response.h, lasso/xml/is_select.h,
- lasso/xml/is_user_interaction.h, lasso/xml/sa_credentials.h,
- lasso/xml/sa_password_transforms.h, lasso/xml/sa_sasl_request.h,
- lasso/xml/sa_sasl_response.h, lasso/xml/sa_transform.h,
- lasso/xml/saml-2.0/saml2_advice.h,
- lasso/xml/saml-2.0/saml2_attribute.h,
- lasso/xml/saml-2.0/saml2_attribute_value.h,
- lasso/xml/saml-2.0/saml2_evidence.h, lasso/xml/saml_attribute.h,
- lasso/xml/saml_attribute_statement.h,
- lasso/xml/saml_attribute_value.h,
- lasso/xml/saml_audience_restriction_condition.h,
- lasso/xml/saml_authentication_statement.h,
- lasso/xml/saml_conditions.h,
- lasso/xml/saml_subject_confirmation.h,
- lasso/xml/soap-1.1/soap_body.h, lasso/xml/soap-1.1/soap_detail.h,
- lasso/xml/soap-1.1/soap_header.h: XML: add element type
- annotation to all GList fields
-
-2010-01-04 09:15 bdauvergne
-
- * bindings/python/Makefile.am: Bindings: in
- bindings/python/Makefile.am, precise generated files dependencies
-
-2010-01-04 09:15 bdauvergne
-
- * configure.ac, lasso/Makefile.am, lasso/id-ff/profileprivate.h,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h,
- lasso/id-wsf-2.0/soap_binding.h, lasso/id-wsf/data_service.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h,
- lasso/id-wsf/wsf_profile_private.h, lasso/xml/Makefile.am,
- lasso/xml/soap-1.1, lasso/xml/soap-1.1/Makefile.am,
- lasso/xml/soap-1.1/soap_body.c, lasso/xml/soap-1.1/soap_body.h,
- lasso/xml/soap-1.1/soap_detail.c,
- lasso/xml/soap-1.1/soap_detail.h,
- lasso/xml/soap-1.1/soap_envelope.c,
- lasso/xml/soap-1.1/soap_envelope.h,
- lasso/xml/soap-1.1/soap_fault.c, lasso/xml/soap-1.1/soap_fault.h,
- lasso/xml/soap-1.1/soap_header.c,
- lasso/xml/soap-1.1/soap_header.h,
- lasso/xml/soap-1.1/xml_soap11.h, lasso/xml/soap_binding.h,
- lasso/xml/soap_body.c, lasso/xml/soap_body.h,
- lasso/xml/soap_detail.c, lasso/xml/soap_detail.h,
- lasso/xml/soap_envelope.c, lasso/xml/soap_envelope.h,
- lasso/xml/soap_fault.c, lasso/xml/soap_fault.h,
- lasso/xml/soap_header.c, lasso/xml/soap_header.h,
- lasso/xml/xml_idff.h, lasso/xml/xml_idwsf.h: XML: move SOAP API
- to its own sub directory
-
-2010-01-04 09:15 bdauvergne
-
- * bindings/overrides.xml: Bindings: in overrides.xml, remove noew
- useless directives
-
-2010-01-04 09:15 bdauvergne
-
- * bindings/python/tests/idwsf1_tests.py,
- bindings/python/tests/idwsf2_tests.py: Python binding: update
- test scripts to new ID-WSF API
-
-2010-01-04 09:15 bdauvergne
-
- * bindings/overrides.xml: Binding ID-WSF 2.0: do not bind
- lasso_wsa_endpoint_reference_get_*_token methods
-
-2010-01-04 09:15 bdauvergne
-
- * tests/Makefile.am, tests/basic_tests.c, tests/idwsf2_tests.c,
- tests/tests.c: Tests: add idwsf2_tests.c, call from tests.c,
- update Makefile.am
-
-2010-01-04 09:15 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/data_service.h,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/discovery.h,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h: ID-WSF
- 2.0: in profile.{c,h}, discovery.{c,h}, data_service.{c,h},
- overhaul all profiles.
-
- * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.h:
- - lasso_idwsf2_profile_get_name_identifier returns the NameID
- found
- in an assertion used as a WS-Security token when security
- mechanism
- Bearer or SAML are used.
- - complete the function lasso_id_wsf2_profile_build_soap_envelope
- with construction of the Sender element which is used to transmit
- the providerID of the message sender by the SOAP binding ID-WSF
- 2.0
- specification.
- - remove useless instance_init function in profile object
- - reset some profile fields in process_soap_request_msg
- (response,
- body, nameIdentifier). use
- lasso_saml20_profile_name_identifier_decryption for handling
- NameID
- from WS-Security mechanism assertion.
- - add private_data
- - change signature of lasso_idwsf2_profile_init_soap_request to
- use
- and EPR and a security mechanism specifier when building the SOAP
- request.
- - change signature of lasso_idwsf2_profile_process_soap_request
- to
- verify security_mech_id of received messages.
- * docs/reference/lasso/lasso-sections.txt:
- add the function to the documentation.
-
- * lasso/id-wsf-2.0/discovery.{c,h}:
- - use utils.h macros instead of g_return_val_if_fail because it
- removes useless warning, since it returns an error code. release
- acquired resources.
- - in lasso_idwsf2_discovery_metadata_register_self, return error
- code
- instead of identifier string for the new service, use an out
- parmeter to return the identifier, use utils.h macros.
- - in lasso_idwsf2_discovery_init_metadata_register, use utils.h
- macros, check return code of
- lasso_idwsf2_profile_init_soap_request.
- - change signature of
- lasso_idwsf2_discovery_init_metadata_register
- to support security_mech_id, try to get URL from an existing
- Discovery service EPR (from Session object).
- - change signature of
- lasso_idwsf2_discovery_process_metadata_register_msg,
- lasso_idwsf2_discovery_init_metadata_association_add,
- lasso_idwsf2_discovery_process_metadata_association_add_msg,
- lasso_idwsf2_discovery_init_query,
- lasso_idwsf2_discovery_process_query_msg, to support security
- mechanism.
- - improve lasso_idwsf2_discovery_build_query_response_eprs.
- - add lasso_idwsf2_discovery_get_nth_data_service to acces
- returned
- services.
- * lasso/id-wsf-2.0/data_service.{c,h}:
- - redo all the API
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/id-wsf-2.0/session.c: ID-WSF 2.0: in session.c, fix memory
- handling errors
-
-2010-01-04 09:15 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/errors.c,
- lasso/errors.h, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf/wsf_profile.c: ID-WSF 2.0&ID-WSF: in profile.c,
- wsf_profile.c, errors.c, errors.h, and in lasso-sections.txt
- change LASSO_SOAP_FAULT_REDIRECT_REQUEST to
- LASSO_SOAP_ERROR_REDIRECT_REQUEST_FAULT
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: ID-WSF 2.0 Errors: in
- errors.{c,h}, add new errors code for ID-WSF 2.0
-
- - add LASSO_DST_ERROR_EMPTY_REQUEST
- - add LASSO_WSF_PROFILE_ERROR_SECURITY_MECHANISM_CHECK_FAILED
- - add new errors codes for generic profiles and disco service
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/xml/strings.h: ID-WSF 2.0 XML: in strings.h, add
- identifiers from ID-WSF 2.0
- standards
-
- - add status code for ID-WSF 2.0 DST
- - add token usage identifiers
- - conform security mechanism identifiers to ID-WSF 2.0 Liberty
- Sech
- Mech specification
- - add Discovery Service status codes
- - add Soap Binding status codes
- - add disco result type and user interaction hint strings
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/xml/id-wsf-2.0/sec_token.c: ID-WSF 2.0 XML: in sec_token.c,
- remove extra SNIPPET_ANY
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/xml/id-wsf-2.0/util_response.c,
- lasso/xml/id-wsf-2.0/util_response.h: ID-WSF 2.0 XML: in
- util_response.{c,h}, add helper functions to idwsf2_util_status
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/id-wsf-2.0/server.c: ID-WSF 2.0: in server.c, change
- annotation of lasso_server_get_svc_metadatas_with_id_and_type.
-
-2010-01-04 09:15 bdauvergne
-
- * docs/reference/lasso/lasso-docs.sgml,
- docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf-2.0/saml2_login.c, lasso/id-wsf-2.0/saml2_login.h,
- lasso/id-wsf-2.0/saml2_login_private.h: ID-WSF 2.0: in
- saml2_login.c, change API
-
- * lasso/id-wsf-2.0/saml2_login.c:
- - change private lasso_saml20_login_assertion_add_discovery to
- public
- lasso_login_idwsf2_add_discovery_bootstrap_epr.
- - remove lasso_saml20_login_copy_assertion_epr, add
- lasso_login_idwsf2_get_discovery_bootstrap_epr.
- * docs/reference/lasso/lasso-docs.sgml:
- - add sections id_wsf_2_0_login
- * docs/reference/lasso/lasso-sections.txt:
- - add new functions to section id_wsf_2_0_login
-
-2010-01-04 09:15 bdauvergne
-
- * lasso/id-wsf-2.0/idwsf2_helper.c,
- lasso/id-wsf-2.0/idwsf2_helper.h: ID-WSF 2.0: in idwsf2_helper.c,
- add new functions, fix old things
-
- - add lasso_wsa_endpoint_reference_get_service,
- lasso_wsa_endpoint_reference_associate_service_type_uri,
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf-2.0/Makefile.am, lasso/id-wsf-2.0/idwsf2_helper.c,
- lasso/id-wsf-2.0/idwsf2_helper.h: ID-WSF 2.0: create
- idwsf2_helper.{c,h}, new module for manipulating EPR elements
-
- * lasso/id-wsf-2.0/idwsf2_helper.c
- lasso/id-wsf-2.0/idwsf2_helper.h:
- add new functions
- lasso_wsa_endpoint_reference_get_idwsf2_service_type,
- lasso_wsa_endpoint_reference_get_idwsf2_provider_id,
- lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism,
- lasso_wsa_endpoint_reference_get_token_by_usage,
- lasso_wsa_endpoint_reference_get_security_token,lasso_wsa_endpoint_reference_get_target_identity_token,
- lasso_wsa_endpoint_reference_new_for_idwsf2_service,
- and lasso_wsa_endpoint_reference_add_security_token.
- * lasso/id-wsf-2.0/idwsf2_helper.h:
- declare new functions.
- * lasso/id-wsf-2.0/Makefile.am:
- add new files to source list
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf-2.0/soap_binding.c, lasso/id-wsf-2.0/soap_binding.h:
- ID-WSF 2.0: in soap_binding.{c,h}, add new functions
-
-2010-01-04 09:14 bdauvergne
-
- * docs/reference/lasso/lasso-docs.sgml,
- docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf-2.0/Makefile.am, lasso/id-wsf-2.0/soap_binding.c,
- lasso/id-wsf-2.0/soap_binding.h: ID-WSF 2.0: add files
- soap_binding.c, soap_binding.h
-
- * lasso/id-wsf-2.0/Makefile.am
- - reference new source files in Makefile.am
- * lasso/id-wsf-2.0/soap_binding.c
- * lasso/id-wsf-2.0/soap_binding.h:
- - add extraction functions
- lasso_soap_envelope_sb2_get_provider_id,
- lasso_soap_envelope_sb2_get_redirect_request_url,
- lasso_soap_envelope_sb2_get_target_identity_header,
- lasso_soap_envelope_add_action and
- lasso_soap_envelope_get_action.
- - add SOAP security headers accessors
- - add lasso_soap_envelope_get_saml2_security_token which simplify
- retrieving a SAML 2.0 assertion used as a WS-Security token.
- complete documentation of other functions.
- * docs/reference/lasso/lasso-sections.txt:
- - reference the new functions in a new section soap_binding2
- * docs/reference/lasso/lasso-docs.sgml:
- - add new section soap_binding2
-
- ID-WSF 2.0: in soap_binding.{c,h}: add function
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf/id_ff_extensions.c: ID-WSF: in id_ff_extensions.c,
- add SECTION gtk-doc declaration
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/interaction_profile_service.h: ID-WSF: in
- interaction_profile_service.{c,h}, make initialization of a
- redirect request, part of LassoWsfProfile methods.
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf/discovery.c: ID-WSF: in
- discovery.c:lasso_discovery_init_resource_offering, add doc
- annotations, use assignment macros to set output argument
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf/discovery.c: ID-WSF: in discovery.c, update
- documentation annotations
-
- * lasso/id-wsf/discovery.c:
- - add annotations to lasso_discovery_init_query,
- lasso_discovery_init_modify, lasso_discovery_process_request_msg.
- - initialize response in lasso_discovery_process_query_mesg and
- lasso_discovery_process_modify_msg, so that modifications of the
- response can be done between _process_ and _build_ calls.
-
-2010-01-04 09:14 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/id-wsf/data_service.c, lasso/id-wsf/data_service.h: ID-WSF:
- in data_service.c:lasso_data_service_init_query check absent
- resource offering, support security_mech_id argument
-
- * lasso/id-wsf/data_service.c lasso/id-wsf/data_service.h:
- - in lasso_data_service_apply_modifications, dst_modification
- initialization is missing.
- - remove lasso_data_service_get_redirect_request_url
- - change LASSO_DATA_SERVICE_CANNOT_ADD_ITEM to
- LASSO_DATA_SERVICE_ERROR_CANNOT_ADD_ITEM
- - in lasso_data_service_init_query, complete documentation, fix
- mem
- leak
- - factorize code between
- lasso_data_service_build_modify_response_msg
- and lasso_data_service_build_query_response_msg, create
- lasso_data_service_build_response_msg
- - in lasso_data_service_get_answer, add out annotation to output
- parameter
- - simplify API, simplify code path for query and modification
- processing
- - add lasso_data_service_process_request_msg,
- lasso_data_service_build_modify_response_msg,
- lasso_data_service_validate_request.
- - remove lasso_data_service_process_query_msg and
- lasso_data_service_process_modify_msg from public API.
- - in lasso_data_service_process_query_msg and
- lasso_data_service_process_modify_msg add arg checks, make them
- static and move preprocessing of the request in
- lasso_data_service_process_request_msg.
- - in lasso_data_service_get_answer, fix request/response
- mismatch.
- - add accessors lasso_data_service_set_resource_data and
- lasso_data_service_get_resource_data.
- - add securit_mech_id arg to data_service_init_modify, export
- resource_data accessor methods
- - remove lasso_data_service_get_redirect_request_url
- - fix missing intializations and leaks
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c: ID-WSF: in wsf_profile.c, fix mem
- leaks
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/dst_modification.c: ID-WSF XML: in dst_modification.c,
- add SNIPPET_BOOLEAN to overrideAllowed attribute snippet
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/dst_modify.c, lasso/xml/dst_modify.h: ID-WSF XML: in
- dst_modify.{c,h}, remove extra argument to the constructor of
- LassoDstModify
-
- * lasso/xml/dst_modify.c:
- * lasso/xml/dst_modify.h:
- remove parameters of the default constructor.
-
-2010-01-04 09:14 bdauvergne
-
- * tests/login_tests.c: Tests: in tests/login_tests.c, change path
- of header utils.h
-
-2010-01-04 09:14 bdauvergne
-
- * tests/basic_tests.c: Tests: in basic_tests.c, fix, do not
- overwrite known elements mappings
-
- * tests/basic_tests.c:
- when testing functionality of lasso registries which map
- namespace
- elements to lasso objects, do not use liberty namespace because
- it
- interacts with other tests -- deserialization of lib:Assertion
- node
- was broken by this test -- when running them in CK_FORK=no mode.
- Changed namespace LASSO_LIB_HREF, for "coin" which is less
- dangerous.
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_attributed_uri.h,
- lasso/xml/ws/wsa_endpoint_reference.c: WS XML: change signature
- of lasso_wsa_attributed_uri_new_with_string, add mappings
-
- * wsa_attributed_uri.c:
- - constify first argument of
- lasso_wsa_attributed_uri_new_with_string.
- - add add direct mappings from wsa:Action,wsa:To to
- LassoWsAddrAttributedURI and from
- wsa:From,wsa:ReplyTo,wsa:FaultTo
- to LassoWsAddrEndpointReference
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: in login.c, use
- lasso_server_saml2_assertion_setup_signature
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/private.h: XML: in private.h, remove duplicate
- declaration of lasso_xml_parse_memory
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/lib_assertion.c: ID-FF XML: in lib_assertion.c, add
- registry mapping for lib:AssertionType
-
- * xml/lib_assertion.c:
- this object is really a container for lib:AssertionType, so
- register
- it.
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/provider.h: Core: in
- provider.c, add lasso_provider_verify_single_node_signature
-
- * lasso/id-ff/provider.c lasso/id-ff/provider.h:
- add a new function to check an enclosed single signature on a
- LassoNode, given that the LassoNode retained its original xml
- node
- content.
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: in login.c, fix memleaks
-
- * lasso/saml-2.0/login.c:
- return value from lasso_provider_get_sp_name_qualifier must be
- freed.
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: in login.c, remove discovery
- bootstrap handling
-
-2010-01-04 09:14 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt, lasso/id-ff/login.c,
- lasso/id-ff/login.h, lasso/saml-2.0/login.c: Core Login: in
- login.c, add assertion accessor
-
- * docs/reference/lasso/lasso-sections.txt:
- declare new function
- * lasso/id-ff/login.c lasso/id-ff/login.h:
- add new function lasso_login_get_assertion.
- * lasso/saml-2.0/login.c:
- store created assertions
- * lasso/id-ff/login.h:
- make assertion field private for bindings.
-
-2010-01-04 09:14 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/saml-2.0/Makefile.am, lasso/saml-2.0/saml2_helper.c,
- lasso/saml-2.0/saml2_helper.h: SAML 2.0: in saml2_helper.c, add
- new methods to manipulate SAML2 assertions
-
- * lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
- - add lasso_server_saml2_assertion_setup_signature, to help in
- defining signature upon saml2:Assertion nodes.
- - add new symbols LASSO_DURATION_MINUTE, LASSO_DURATION_HOUR,
- LASSO_DURATION_DAY, LASSO_DURATION_WEEK.
- - add method lasso_saml2_assertion_add_attribute_with_node
-
- * docs/reference/lasso/lasso-sections.txt:
- declare new functions in saml2_helper section.
-
-2010-01-04 09:14 bdauvergne
-
- * tests/basic_tests.c: Tests: in basic_tests.c, check
- LassoSaml2EncryptedElement handling
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.c: SAML 2.0 XML: map
- EncryptedID, EncryptedAssertion, EncryptedAttribute and
- NewEncryptedID element to saml2:EncryptedElement
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.c:
- add registry mapping from EncryptedID, EncryptedAssertion,
- EncryptedAttribute and NewEncryptedID element to
- saml2:EncryptedElement
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/strings.h: SAML 2.0 XML: in strings.h, add the
- identifier for the holder of key subject confirmation method
-
-2010-01-04 09:14 bdauvergne
-
- * docs/reference/lasso/lasso-sections.txt,
- lasso/saml-2.0/Makefile.am, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/provider.h: SAML 2.0: in provider.c, add node
- encryption function and reference it in doc
-
- * lasso/saml-2.0/Makefile.am:
- add new header provider.h
- * lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
- add new function lasso_provider_saml2_node_encrypt to encrypt
- nodes
- and encapslutate the XML Enc datas in a
- LassoSaml2EncryptedElement
- node.
- * docs/reference/lasso/lasso-sections.txt:
- add function to saml2_utils section
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_endpoint_reference.c: WS XML: add forgotten
- include file to wsa_attributed_uri.c and wsa_endpoint_reference.c
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: WS Errors: in errors.h errors.c,
- add new error section for WS-Security handling
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-ff/server.c, lasso/id-ff/server.h: Core: in server.c,
- change signature of lasso_server_get_provider, add anottations on
- return value
-
- * lasso/id-ff/server.h lasso/id-ff/server.c:
- - constify first argument of lasso_server_get_provider
- - add annotation about caller owned return value
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/xml/tools.c: Core: in tools.c, complete documentation of
- lasso_verify_signature
-
-2010-01-04 09:14 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/providerprivate.h: Core: in
- provider.c, add accessors for encryption informations
-
- * lasso/id-ff/provider.c:
- add getters for encryption_sym_key_type and
- encryption_public_key.
- * lasso/id-ff/providerprivate.h:
- declare new accessors.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: Core XML: in xml.{c,h}, add new
- function lasso_node_get_name to get the element name for an
- object
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/misc_text_node.c, lasso/xml/misc_text_node.h: Core XML:
- make first argument of lasso_misc_text_node_new_with_string const
-
- * lasso/xml/misc_text_node.h lasso/xml/misc_text_node.c:
- change signature of lasso_misc_text_node_new_with_string, string
- argument is const.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Core XML: in xml/tools.c,
- add conversion method from iso8601 to time_t
-
- * lasso/xml/tools.c:
- add function lasso_iso_8601_gmt_to_time_t
- * lasso/xml/private.h:
- declare new function.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: Core XML: in xml.c, keep
- original node names, handle xsi:type attribute better
-
- * lasso/xml/xml.c lasso/xml/xml.h:
- - fix signature of lasso_node_set_original_xmlnode, fix signature
- in
- documentation of lasso_node_set_original_xmlnode;
- - add a new API lasso_node_set_custom_nodename to specify the
- exact
- element name to use when serializing a LassoNode to XML.
- - rename internal structure _CustomNamespace to _CustomElement,
- add a
- nodename field to it.
- - rework internal functions around _CustomElement to be aware of
- an
- existing attached _CustomElement and re-use if needed.
- - move application of _CustomElement hints after the
- serialization of
- the node, so that the normal behaviour of the serialization is
- kept
- -- i.e. do not play with the list of parent classes.
-
- - use the full xsi:type content to find a LassoNode subclass when
- de-serializaing XML content, factorize QName->GObject class
- mapping
- for the three executions paths inside
- _type_name_from_href_and_nodename:
- - element QName,
- - xsi:type QName,
- - element name with xsi:type namespace
- - add a long comment expliciting the way the mapping is done.
- - remove direct mapping of EncryptedAssertion element, the
- registry
- declaration on the class LassoSaml2EncryptedElement shoud be
- enough.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/xml.c: Core XML: in xml.c, parse attributes with
- namespace checking
-
- * lasso/xml/xml.c:
- - use snippet->ns_uri and snippet->ns_name to parse attributes
- outside of the parent node namespace.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/xml/tools.c: Core XML: in xml/tools.c, improve
- lasso_eval_xpath_expression, do not fail when nodeset is empty
-
- * lasso/xml/tools.c:
- only check that the query returned a nodeset object, do not check
- its
- content size.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/utils.c, lasso/utils.h: Core: in utils.h, add a macros, fix
- existing
-
- * lasso/utils.h:
- - add macro lasso_ref(object), if object is not null, call
- g_object_ref on it, and return the value, otherwise do nothing
- and
- return NULL.
- - make a better reporting of bad object release
- - change format type for __LINE__ and dest arguments in
- lasso_release_gobject warning display.
- - add a lasso_check_non_empty_string macro
- - add new macro to extract a specific node type from a list of
- GObject objects.
- - use xmlStrdup not g_strdup for lasso_assign_xml_string
- - add lasso_list_add_gstrv and lasso_check_good_rc
- - add macro lasso_list_get_first_child
- - add inline function to test empty string
- - change macro lasso_check_non_empty_string to use the new inline
- function and go to cleanup
- - fix lasso_check_non_empty_string macro
- * lasso/utils.c:
- - add lasso_gobject_is_of_type returns 0 if first parameters is a
- gobject whose GType is equal to the second parameter, and 1
- otherwise.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: Core: add new errors
- LASSO_PROFILE_ERROR_INVALID_RESPONSE,
- LASSO_PROFILE_ERROR_INVALID_REQUEST.
-
-2010-01-04 09:13 bdauvergne
-
- * bindings/bindings.py, bindings/java/lang.py,
- bindings/php5/wrapper_source.py, bindings/utils.py: Bindings: in
- bindings.py, parse '(in)' gobject-introspection annotation, in
- utils.py, use it to reverse default annotation for pointer of
- pointers
-
- Bindings: in bindings.py, improve regular expression for
- declarations
-
- Bindings: parse gobject-introspection annotation in return value
- documentation, add cast to C calls when parameter type is const
- in java
- binding, problem arise with const char ** arrays
-
-2010-01-04 09:13 bdauvergne
-
- * bindings/bindings.py: Bindings: do not stop on failing to parse a
- declaration, but skip the function and print a warning
-
-2010-01-04 09:13 bdauvergne
-
- * bindings/python/wrapper_top.c: Python binding: add a
- pyobject->time_t conversion function
-
-2010-01-04 09:13 bdauvergne
-
- * bindings/python/wrapper_top.c: Bindings python: in wrapper_top.c,
- mark internal function as potentially unused
-
-2010-01-04 09:13 bdauvergne
-
- * bindings/bindings.py, bindings/java/lang.py,
- bindings/overrides.xml, bindings/php5/php_code.py,
- bindings/php5/wrapper_source.py, bindings/python/lang.py,
- bindings/python/tests/Makefile.am,
- bindings/python/tests/idwsf1_tests.py,
- bindings/python/tests/idwsf2_tests.py, bindings/utils.py:
- Bindings: make the binding infrastructure understand
- GObject-introspections annotations
-
- * bindings/bindings.py
- * bindings/utils.py:
- add convenience function to treat arguments tuple:
- (type,name,{annotations}).
- introduce new argument options, fix that arguments are 3-tuple of
- the
- form (type,name,annotations), where annotations is a dictionary.
- Key of this dictionnary can be:
- - optional, wheter the argument is necessary, it means it has a
- default value.
- - out, means that the pointer is a pointer of pointer, for
- bindings
- that can return exceptions, it will be returned instead of the
- integer error code, the only way to access error codes will be
- exceptions.
- - element-type, contained type of a list or an array,
- - key-type, value-type, type of respectively the key and value of
- a
- GHashTable.
- - transfer, wheter a the callee(for arguments)/caller(for return
- values) owns the values passed, it can be none,container(if the
- callee/caller only owns the container not the contained value) or
- full.
- doc.parameters is now a 3-tuple of (attribute-name,
- attribute-description, attribute-annotations) where
- attribute-annotations is a string of the form '(option1)(option2
- option-arguments) etc.'.
- - add predicates for xml, list and time_t values. improve
- predicates
- for cstring and const modifier.
-
- * bindings/overrides.xml:
- 'out' arguments are not well supported for java, so skip
- functions
- using them.
-
- * bindings/java/lang.py bindings/php5/php_code.py
- bindings/php5/wrapper_source.py bindings/python/lang.py:
- - update language specifig binding generators for handling new
- annotations.
- - improve python method declaration, handle optional arguments
- with
- default values, factorize this chode in two methods,
- get_python_arg_decl and defval_to_python_value.
-
- * bindings/python/tests/Makefile.am
- bindings/python/tests/idwsf1_tests.py
- bindings/python/tests/idwsf2_tests.py:
- make test work with out of source build dir.
-
-2010-01-04 09:13 bdauvergne
-
- * docs/reference/lasso/lasso-docs.sgml: Documentation: in
- lasso-docs.sgml, add glossary to the index, add book part
- delimitations
-
- * docs/reference/lasso/lasso-docs.sgml:
- add the glossary to the index.
-
-2010-01-04 09:13 bdauvergne
-
- * lasso/registry.c: Core: in registry.c, change type cast to
- compile on amd64 platform
-
- * registry.c:
- use ptrdiff_t to cast to integer big enough to receive a pointer,
- then apply integer operations, then cast to the pointer type
- expected
- by g_direct_hash.
-
-2009-12-16 09:28 bdauvergne
-
- * lasso/utils.h: Core: in utils.h, change __STRING(x) for #x
-
- * lasso/utils.h:
- __STRING(x) does not seem more portable than #x so change,
- problem
- with AIX.
+ [Bindings perl] add lasso_errot_t to type to map to T_IV typemap (integer types)
-2009-12-09 06:51 bdauvergne
+ [Bindings] add lasso_error_t to return code types
- * configure.ac: Downgrade version 2.2.90 to make a pre-release
+ [Binding java] use is_rc to match error return type
-2009-12-08 10:15 bdauvergne
+ [Binding php5] use is_rc to match error return type
- * tests/tests.h: in tests/tests.h, Add checks for true and false
- conditions
+ [Core] add lasso_error_t to list of integer types
-2009-12-08 10:14 bdauvergne
+ [Core] add a lasso_error_t typedef
+ This typedef will serve to mark error returning methods.
+ The ctypes.h header piggyback on export.h to be included in all public
+ headers.
- * bindings/bindings.py, bindings/php4/Makefile.am,
- bindings/php4/__init__.py, bindings/php4/_lasso.h,
- bindings/php4/lang.py, bindings/php4/lasso_php4_helper.c: Remove
- beginning of a PHP4 binding
+2010-07-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-12-08 09:19 bdauvergne
+ [Provider] Fix loading of provider without a public key
+ This commit also emit propre warning when loading fails for a provider
+ *with* a public key.
- * configure.ac: Upgrade version number
+ [Python binding] do not throw lasso.Error for python exceptions
-2009-12-08 09:19 bdauvergne
+2010-06-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/id-wsf-2.0/Makefile.am, lasso/xml/ws/Makefile.am: Add
- missing headers to makefile, to pass make distcheck
-
- * lasso/xml/id-wsf-2.0/Makefile.am:
- make xml_idwsf2.h appear in the distribution file
- * lasso/xml/ws/Makefile.am:
- make xml_ws.h appear in the distribution file
+ [Perl binding] make include from $(srcdir) works in Perl binding
-2009-12-04 09:05 bdauvergne
+ [Bindings] accept simple string in string<->xmlNode converter
+ Some use case ask for passing simple libxml content node (i.e just an
+ UTF-8 string) when a method argument or a field of the xmlNode* type.
+ This commit add a static method in bindings/utils.c named
+ lasso_string_fragment_to_xmlnode which does this transform by trying to
+ parse an XML document then by trying to parse a well balanced XML
+ fragment of only one node (if there is more than one node such as in the
+ string " xxx <tag/> yyy ", we free the node list and return NULL).
- * lasso/saml-2.0/profile.c: in
- lasso_saml20_profile_export_to_query, checks return values
-
- * lasso/saml-2.0/profile.c:
- in lasso_saml20_profile_export_to_query, check return value of of
- lasso_node_build_query and lasso_query_sign.
+ [Core] add macro to release an xmlNodeList object
-2009-12-01 02:06 bdauvergne
+ [ID-WSF2] add idwsf2 test script to test suite
+ Re-activate ID-WSF 2.0 test script. Fix problem with provider issuing
+ assertion role. Need to be fixed more generally in the future.
- * tests/Makefile.am, tests/login_tests_saml2.c, tests/tests.h: Add
- SP initiated logout test to SAML 2.0 regression tests
-
- * tests/login_tests_saml2.c:
- add logout to first SAML 2.0 login regression test.
- * tests/tests.h:
- add macros to simplify checking of return value with check macros
- (encapsulate fail_unless macro to check for NULL/non-NULL values
- and
- good rc value (0) or expected bad value).
+ [Core] add macro to release GList of xmlNodeList
-2009-11-30 22:58 bdauvergne
+ [Core] add macros to manipulate xmlNodeList and GList of xmlNodeList
+ The method to copy them is xmlCopyNodeList and not xmlCopyNode, so we
+ need another set of macros.
- * lasso/id-ff/profile.c: Restore ancient semantic of
- lasso_profile_is_session_dirty
-
- * lasso/id-ff/profile.c:
- lasso_is_session_dirty must return FALSE if session is NULL.
+ Merge branch 'issue-101'
-2009-11-30 22:58 bdauvergne
+ Merge branch 'issue-88'
- * lasso/id-ff/login.c: Fix double g_object_unref
-
- * lasso/id-ff/login.c:
- status is already freed by lasso_assign_gobject, do not free it
- first
- with lasso_node_destroy.
+ Merge branch 'issue-86'
-2009-11-30 15:16 bdauvergne
+2010-06-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * autogen.sh: Restore call to autoheader in autogen.sh
-
- * autogen.sh:
- call to autoheader was removed during simplification of the
- autogen.sh script.
+ [Tests/integration] add G_DEBUG=gc-friendly env. var to valgrind-wrapper
+ It should improve valgrind ability to trace memory origin.
-2009-11-30 15:16 bdauvergne
+2010-06-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/profile.c: Remove message level signature on
- redirect messages
-
- * lasso/saml-2.0/profile.c:
- remove message level signatures before building query strings.
+ [XML] in lasso_node_export_to_paos_request check return value of lasso_node_get_xmlNode
-2009-11-30 15:16 bdauvergne
+ [XML] in _lasso_node_export_to_base64 check return value of lasso_node_export_to_xml
- * lasso/saml-2.0/profile.c: Add more check to remove_signature
-
- * lasso/saml-2.0/profile.c:
- check for NULL when accessing klass datas.
+ [XML] in _lasso_node_export_to_xml check return value of lasso_node_get_xmlNode
-2009-11-02 15:18 bdauvergne
+2010-06-15 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/tools.c: Augment query string limit for relaystate
- extraction to 8192 bytes
-
- * lasso/xml/tools.c:
- some application transfer relaystate longer thant the
- specification
- advised 80 bytes, try to cater for their needs.
+ Comment out custom silent rules if automake < 1.11
-2009-11-02 15:18 bdauvergne
+ [Core] do not ignore keep_xmlnode flag inherited from parent classes
+ We only looked to the keep_xmlnode flag in the node data of the top
+ level class, but any parent class can set this flag and in this case we
+ must honor it too.
- * lasso/xml/tools.c: Add documentation for
- lasso_get_relaystate_from_query
-
- * lasso/xml/tools.c:
- add documentation on the internal function
- lasso_get_relaystate_from_query
-
-2009-10-30 15:04 bdauvergne
-
- * lasso/xml/strings.h: Add C defines for SAML 2 'unspecified'
- authncontext class
-
- * lasso/xml/strings.h:
- add C defines for AuhtnContextClassRef,
- urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified.
-
-2009-10-30 14:55 bdauvergne
-
- * lasso/saml-2.0/name_id_management.c: Fix bad macro choice,
- precise error for bad formatted NIDM request
-
- * saml-2.0/name_id_management.c:
- use specialized lasso_saml20_profile_set_response_status
- set 'MissingNameID' second level error with requester first level
- error code when request is missing a name id.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/xml/xml.c: Fix reporting of error in message parsing
-
- * lasso/xml/xml.c:
- do not mix the return code from xmlSecBase64Decode and the return
- code for lasso_node_init_from_message_with_format.
- It fixes a segmentation fault in
- lasso_login_process_authn_request_msg.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/id-ff/profile.c, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/saml-2.0/login.c: Core: factorize
- code to obtain a SPNameQualifier
-
- * lasso/id-ff/provider.c lasso/id-ff/provider.h:
- add a method giving the SPNameQualifier for a provider (its
- entity id
- or its affiliation id).
-
- * lasso/id-ff/profile.c:
- * lasso/saml-2.0/login.c:
- update use sites.
-
-2009-10-30 14:47 bdauvergne
-
- * configure.ac: Make php4 and perl binding disabled by default
-
- * configure.ac:
- make default for --enable-perl and --enable-php4 to "no". Those
- binding will not be maintained in the future.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/saml-2.0/logout.c: SAML2 Logout: initialize SessionIndex
- from the assertion
-
- * lasso/saml-2.0/logout.c:
- when creating a logout request message initialize the
- SessionIndex
- element with the correponding content in the stored assertion for
- this session.
-
-2009-10-30 14:47 bdauvergne
-
- * tests/integration/saml2/__init__.py: Tests: fix __FILE__ ->
- __file__
-
- * tests/integration/saml2/__init__.py:
- path to the current python file is __file__ not __FILE__.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h: SAML2:
- change lasso_saml20_profile_set_response_status signature
-
- * lasso/saml-2.0/profile.c:
- * lasso/saml-2.0/profileprivate.h:
- make lasso_saml20_profile_set_response_status2 the new
- implementation
- of lasso_saml20_profile_set_response_status.
- add helper macros to set success, responder and requester first
- level
- status code.
- * saml-2.0/assertion_query.c:
- * saml-2.0/login.c:
- * saml-2.0/logout.c:
- * saml-2.0/name_id_management.c:
- adapt consumers to the new signature.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/id-ff/logout.c, lasso/id-ff/logoutprivate.h: ID-FF: add a
- partial_logout flag to LassoLogout private_data
-
- * lasso/id-ff/logout.c:
- * lasso/id-ff/logout.h:
- add a flag to store the status of a partial logout
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/saml2_name_id.h: SAML2: add an equals operator
- to the NameID class
-
- * lasso/xml/saml-2.0/saml2_name_id.c:
- * lasso/xml/saml-2.0/saml2_name_id.h:
- add a lasso_saml2_name_id_equals method which return TRUE if two
- NameId are equal.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/saml-2.0/profile.c: SAML2: use the static get_provider
- helper method in generic profile methods
-
- * lasso/saml-2.0/profile.c:
- instead of accessing directly profile->server use the helper
- method
- get_provider.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/saml-2.0/logout.c: SAML2: in logout_build_response_msg do
- not fail on missing remote_providerID
-
- * lasso/saml-2.0/logout.c:
- remote_providerId is verified in build_redirect_simple and is not
- necessary for SOAP response with a failure and profile->response
- cannot be null (we just created a response if it was missing).
- So this error case is now unnecessary.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/errors.h, lasso/id-ff/defederation.c, lasso/id-ff/lecp.c,
- lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/name_registration.c, lasso/id-wsf/wsf_profile.c,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c,
- lasso/saml-2.0/profile.c: ID-FF1.2 and SAML2: remove direct
- access to profile->server->providers
-
- * client of LassoServer should use lasso_server_get_provider.
- * LASSO_PROFILE_ERRROR_UNKNOWN_PROVIDER was a mistake, it is
- superfluous, use LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
-
-2009-10-30 14:47 bdauvergne
-
- * lasso/id-ff/profile.c: Core: in profile, use
- lasso_server_get_provider
-
- - lasso/id-ff/profile.c:
- replace direct access to server->provider by
- lasso_server_get_provider.
-
-2009-09-29 13:20 bdauvergne
-
- * tests/basic_tests.c, tests/data/sp5-saml2/metadata.xml: Tests:
- add a test of NameIDFormat extraction
-
- - tests/basic_test.c:
- add test11_get_default_name_id_format which parse a metadata file
- and
- try to extract the default name id format.
- - tests/data/sp5-saml2/metadata.xml:
- add NameIDFormat node for testing.
-
-2009-09-29 13:20 bdauvergne
-
- * lasso/id-ff/logout.c, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/saml-2.0/logout.c,
- lasso/saml-2.0/provider.c: Core: add const modifier to return
- value of lasso_provider_get_metadata_list
-
- - lasso/id-ff/provider.c lasso/id-ff/provider.h:
- change return type of lasso_provider_get_metadata_list from
- GList* to
- const GList*.
- - lasso/id-ff/logout.c lasso/saml-2.0/logout.c
- lasso/saml-2.0/provider.c:
- change consumers of the API
-
-2009-09-29 13:20 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/provider.h,
- lasso/saml-2.0/provider.c, lasso/saml-2.0/providerprivate.h:
- Core: Add const modifiers to LassoProvider methods
-
- * lasso/id-ff/provider.c lasso/id-ff/provider.h
- lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
- add const modifier where they could be added.
-
-2009-09-29 13:20 bdauvergne
-
- * lasso/id-ff/federation.c, lasso/id-ff/logout.c,
- lasso/id-ff/profile.c, lasso/id-ff/provider.c,
- lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf/authentication.c, lasso/saml-2.0/ecp.c,
- lasso/xml/xml.c: Do not use g_new, use g_new0
-
- * lasso/id-ff/federation.c:
- * lasso/id-ff/logout.c:
- * lasso/id-ff/profile.c:
- * lasso/id-ff/provider.c:
- * lasso/id-ff/server.c:
- * lasso/id-ff/session.c:
- * lasso/id-wsf/authentication.c:
- * lasso/saml-2.0/ecp.c:
- * lasso/xml/xml.c:
- even for private datas, use g_new0, it is safer.
-
-2009-09-29 13:20 bdauvergne
-
- * lasso/id-ff/login.c, lasso/saml-2.0/login.c: Change setting of
- default NameIDFormat for SAML 2.0 login
-
- * saml-2.0/login.c:
- in lasso_saml20_login_init_authn_request,
- lasso_saml20_login_init_idp_initiated_authn_request, if the
- service
- provider provided a list of supported name id formats, use the
- first
- one as default for new AuthnRequest.
- * id-ff/login.c:
- modify documentation to report the new way of choosing a default.
-
-2009-09-29 13:20 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/provider.h: Add method to
- Provider to retrieve default NameIDFormat
-
- * lasso/id-ff/provider.c lasso/id-ff/provider.h:
- add lasso_provider_get_default_name_id_format, which returns the
- firs
- listed NameIDFormat from the SAML 2.0 metadatas of the provider.
-
-2009-09-29 13:12 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation of
- lasso_login_init_authn_request concerning the NameIDFormat
-
- * lasso/id-ff/login.c:
- in lasso_login_init_authn_request, add docbook formatting, add
- remarks about the different NameIDFormat for ID-FF 1.2 and SAML
- 2.0.
-
-2009-09-17 15:05 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-wsf-2.0/data_service.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/name_id_management.c,
- lasso/xml/saml-2.0/saml2_assertion.c, lasso/xml/tools.c,
- lasso/xml/xml.c: Fix bugs found via coverity (thanks to Bhaskar
- Jain)
-
- * lasso/id-wsf-2.0/data_service.c: fix uninitialized res variable
- in
- lasso_idwsf2_data_service_process_query_response_soap_fault_msg.
- * lasso/xml/saml-2.0/saml2_assertion.c: fix uninitialized rc
- variable
- in get_xmlNode.
- * lasso/saml-2.0/login.c:
- in lasso_saml20_login_accept_sso check for ni and ni->Format
- null-ness before dereferencing, remove idp_ni which is not used
- anymore.
- remote all use of federation->remote_nameIdentifier, SAML 2.0
- only
- need one NameID, and it will be local_nameIdentifier.
- * lasso/xml/xml.c:
- in lasso_node_traversal, check null-ness of node before
- dereferencing
- it, add check for class null-ness also.
- * lasso/id-ff/provider.c:
- in lasso_provider_get_first_http_method, remove useless check for
- t2
- null-ness -- if found is TRUE, t1 and t2 cannot be null.
- * lasso/xml/tools.c:
- in lasso_sign_node, add documentation, check for private_key_file
- and
- xmlnode null-ness.
- in lasso_get_public_key_from_private_key_file, add a cleanup
- phase,
- check for cert variabl null-ness befor appending, count the
- number of
- certificates added.
- in lasso_query_verify_signature, check that URL unescaping and
- base64
- decoding are succesfull before using the decoded strings.
- * lasso/saml-2.0/name_id_management.c:
- in lasso_name_id_management_validate_request, fix mis-handling of
- federation, if federation does not match request name_id, return
- UNKNOWN_PRINCIPAL.
-
-2009-09-17 09:38 bdauvergne
-
- * lasso/id-wsf-2.0/session.c: ID-WSF: finish unsealing field «
- is_dirty » of LassoSession
-
- * lasso/id-wsf-2.0/session.c:
- remove direct acces to LassoSession private field.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-ff/session.c, lasso/id-ff/session.h,
- lasso/id-ff/sessionprivate.h: Core: unseal LassoSession public
- field
-
- * lasso/id-ff/session.c:
- * lasso/id-ff/session.h:
- * lasso/id-ff/sessionprivate.h:
- unseal session->is_dirty and session->assertions, remove the
- mirror
- version in the private data structure, and restore direct acces
- by
- methods.
- move the "private" comment before those two fields to hide them
- in
- the gtk-doc reference manual, normal access should be done by
- get_assertion and is_dirty methods.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/disco_send_single_logout.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.c, lasso/xml/xml.c: XML
- ID-WSF: Fix parsing of most ID-WSF elements
-
- * lasso/xml/disco_send_single_logout.c:
- * lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c:
- * lasso/xml/id-wsf-2.0/subsref_app_data.c:
- * lasso/xml/xml.c:
- lots of ID-WSF 1.0/2.0 classes were not passing the new
- non-regression test on serialization/deserialization.
- The main reason was the absence of mapping for their namespace in
- the
- prefix_from_href_and_nodename function. The other reason is that
- some
- class name does not correspond 1-to-1 to the element name
- (SendSingleLogOut vs. SendSingleLogout, notice the capitalised
- 'O').
-
- The last problem was that mapping from nodes to GObject classes
- was
- done after default mapping ("Lasso<prefix><node_name>"), now it's
- done before, to reflect the fact that it is a more specialized
- mapping.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/registry.c: Core: remove warning when
- lasso_registry_get_direct_mapping fails
-
- * lasso/registry.c (lasso_registry_get_direct_mapping):
- g_return_val_if_fail output a warning when condition fails, use a
- simple if instead.
+2010-06-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-09-11 15:51 bdauvergne
+ Test: add non regression test for reloading a server dump with encrypted keys
- * tests/random_tests.c: Tests: add more assertion to random test
-
- * tests/random_tests.c:
- add more assertion testing for various return values or field
- values.
+2010-06-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-09-11 15:51 bdauvergne
+ Core: when reloading a dump, use the signing private key password for loading the encryption private key
+ We currently do not store the encryption private key, instead on reload
+ of a dump, we try to use the signing private key as the encryption
+ private key. But we forgot to use the stored private key password.
+ That's now fixed.
- * lasso/xml/xml.c, tests/basic_tests.c: XML: Fix seg-fault bug
- introduced in commit 4108
-
- * lasso/xml/xml.c:
- lasso_node_get_xmlnode_for_any_type is broken, if no
- original_xmlnode
- is present, return just cur. Also add all missing cases for the
- state
- of the pair (cur, orignal_xmlnode).
- * tests/basic_tests.c:
- add a non-regression test, testing all dump/restore functions.
+ Next step would be to keep the encryption private key around also.
-2009-09-11 15:51 bdauvergne
+2010-06-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: Core: add new macros to traverse lists
-
- * lasso/utils.h:
- lasso_foreach_full_begin(_type, _data, _iter, _list)
- traverse GList* _list, using _iter as iteration variable
- extract data field to variable _data of type _type.
-
-2009-09-11 15:51 bdauvergne
-
- * tests/Makefile.am: Test: fix Makefile.am to work with 'out of
- source' build directory
-
- * tests/Makefile.am:
- rpath must refer to the build directory, not the source
- directory.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/extract_symbols.py: Core: fix extract_symbols regular
- expression
-
- * lasso/extract_symbols.py:
- the regular expression was not matching declaration over multiple
- lines,
- and would catch argument starting with lasso_. Fixed.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/id-wsf-2.0/xml_idwsf2.h, lasso/xml/ws/xml_ws.h,
- lasso/xml/xml_idwsf.h: XML: add all inclusive header files for
- id-wsf2, ws, id-wsf XML elements
-
- * lasso/xml/wsf/xml_ws.h:
- * lasso/xml/id-wsf-2.0/xml_idwsf2.h:
- * lasso/xml/xml_idwsf.h:
- new files.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h: ID-WSF
- 2.0: add set_request/set_response method to Profile object
-
- * lasso/id-wsf-2.0/profile.c:
- * lasso/id-wsf-2.0/profile.h:
- add two methods that set the response object and replace the
- content
- of the SOAP message with this object.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/soap_fault.c, lasso/xml/soap_fault.h: XML SOAP: add new
- soap fault constructor
-
- * lasso/xml/soap_fault.c:
- * lasso/xml/soap_fault.h:
- add a full constructor allowing to set faultcode and faultstring
- in
- one call.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/misc_text_node.c: XML ID-WSF 2.0: make non simple
- constructor of MiscTextNode return real type
-
- * lasso/xml/misc_text_node.c:
- non simple constructor must return the real object type because
- Java
- binding does not work without it.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/samlp_request.c: XML SAML 1.1: fix schema figure for
- samlp:Request
-
-2009-09-11 15:51 bdauvergne
-
- * docs/reference/lasso-sections.txt.in: Docs: remove old
- lasso-sections.txt file
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h: ID-WSF
- 2.0: add accessor for field of LassoIdWsf2Profile
-
- * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.c:
- add two accessor to get to soap_response and soap_request object,
- next step is to make those two fields really private.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/strings.h: ID-WSF: fix duplication of namespace string
- declaration, add fault codes for WS-Security
-
- * lasso/xml/strings.h:
- namespace of WS-Security 1.0 was duplicated,
- add specified fault code linked to WS-Security.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/Makefile.am, lasso/xml/wsse_security.c,
- lasso/xml/wsse_security.h, lasso/xml/xml.c: ID-WSF: remove
- LassoWsseSecurity in favor of LasoWsSec1SecurityHeader
-
- * xml/Makefile.am:
- remove the file from the source list
- * xml/wsse_security.c:
- * xml/wsse_security.h:
- remove the files
- * xml/xml.c:
- use LassoWsSec1SecurityHeader for LASSO_WSSE_HREF namespace also.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c: ID-WSF 1.0: use the common
- wsse:Security object
-
- * lasso/id-wsf/wsf_profile.c:
- use the common LassoWsSec1SecurityHeader object instead of the
- specific LassoWsseSecurity, and set the needed namespace using
- lasso_node_set_custom_namespace.
- add implementation comments.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/ws/wsse_security_header.c: WS: register
- LassoWsSec1SecurityHeader for all namespace associated to
- WS-Security
-
- * lasso/xml/ws/wsse_security_header.c:
- register all namespace that contains a Security header object.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/xml.c, lasso/xml/xml.h: XML: add an API to set
- namespace on a single instance of a LassoNode
-
- * lasso/xml/xml.h lasso/xml/xml.c:
- add a new public API lasso_node_set_custom_namespace(node,
- prefix,
- href). It allows to set the precise namespace of a single object,
- all
- other instance of the same class continue to use the default
- namespace for the class.
- It should be used for difficult consumer of certain nodes (like
- wsse:Security) which only know certain namespace or do not use
- the
- namespace going with the specified version of a specification
- (like
- MSP not following ID-WSF 1.0 specification and using
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
- instead of
- http://schemas.xmlsoap.org/ws/2003/06/secext.
- It also allows to share implementation of schema objects common
- to
- many version of the same specification (wsse:Security between
- ID-WSF
- 1.0 and ID-WSF 2.0), without creating too many child classes.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.h: ID-WSF 2.0: remove obsolete FIXME
- in discovery.h
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/id-ff/session.c: Core: remove a use of lasso_node_destroy
- in LassoSession
-
-2009-09-11 15:51 bdauvergne
-
- * bindings/java/lang.py, bindings/python/lang.py: Bindings: add
- support for guchar
-
- * bindings/java/lang.py:
- * bindings/python/lang.py:
- add guchar to list of C types everywhere.
-
-2009-09-11 15:51 bdauvergne
-
- * lasso/xml/misc_text_node.c, lasso/xml/misc_text_node.h: XML: add
- support for free xml content to LassoMiscTextNode
-
- * lasso/xml/misc_text_node.c:
- * lasso/xml/misc_text_node.h:
- it is often necessary to be able to put completely determined
- content
- inside lasso generated request (for example when copying an
- assertion
- for a Bearer authentication method). In this case you can use
- lasso_node_get_original_xml_node to get at the original content
- and
- lasso_misc_text_node_new_with_xml_node to get a LassNode with the
- same content.
- There are two additional function to acces this xml payload:
- lasso_misc_text_node_get_xml_content and
- lasso_misc_text_node_set_xml_content.
-
-2009-08-28 14:31 bdauvergne
-
- * configure.ac: Core: fix commit 4313, restore support for
- --enable-wsf
-
- * configure.ac:
- I throwed the baby with the bathwater..
-
-2009-08-28 14:26 bdauvergne
-
- * lasso/id-wsf-2.0/Makefile.am, lasso/xml/Makefile.am: Core: fix
- make dist with --enable-wsf
-
- * lasso/id-wsf-2.0/Makefile.am:
- * lasso/xml/Makefile.am:
- some files were missing from the dist files, add them.
-
-2009-08-28 14:26 bdauvergne
-
- * configure.ac: Core: remove SWIG ID-WSF warning from configure.ac
-
- * configure.ac:
- as ID-WSF support in SWIG in not maintained anymore we can remove
- the
- warning about using pre-generated SWIG files with a different
- setting
- for the --enable-wsf flag.
-
-2009-08-28 14:26 bdauvergne
-
- * bindings/overrides.xml: Binding: skip
- lasso_data_service_get_query_item
-
- * bindings/overrides.xml:
- bindings do not support out arguments, so skip generating
- bindings
- for lasso_data_service_get_query_item for the moment.
-
-2009-08-28 14:26 bdauvergne
-
- * configure.ac: Core: set tar-pax as dist file format
-
- * configure.ac:
- we could have more than 99 characters long path in the dist
- files,
- the pax format for tar archives support it.
-
-2009-08-28 14:26 bdauvergne
-
- * lasso/id-wsf/data_service.h, lasso/id-wsf/discovery.h,
- lasso/id-wsf/interaction_profile_service.h, lasso/id-wsf/utils.h,
- lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h,
- lasso/id-wsf/wsf_profile_private.h: ID-WSF 1.0: Fixed missing or
- deprecated functions in public headers
-
- Some new functions were missing from the headers, others were
- deprecated
- some time ago and as the API is not considered stable for ID-WSF,
- I
- removed them definitely.
-
-2009-08-27 12:07 bdauvergne
-
- * bindings/overrides.xml: Bindings: Skip
- lasso_data_service_get_answers
-
- * bindings/overrides.xml: skip unsupported function.
-
-2009-08-27 12:07 bdauvergne
-
- * tests/integration/README, tests/integration/saml2/__init__.py:
- Tests: add configuration file loading to integration test
-
- * tests/integration/README:
- * tests/integration/saml2/__init__.py:
- If ~/.config/lasso_integration.conf exists, load it to find path
- to
- authentic and lcs.
- Add support for three environement variables:
- - LASSO_BUILDDIR, to specify an out of source build directory to
- test,
- - NO_SILENT, to allow authentic and lcs outputs,
- - VALGRIND, to check memory leaks using valgrind.
-
-2009-08-26 15:42 fpeters
-
- * autogen.sh: Call gtkdocize before automake
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/Makefile.am: Core: errors.c is a generated file, when
- generating it place it in $(srcdir) not build directory
-
- * lasso/Makefile.am:
- the place for errors.c is in the source directory, not the build
- directory.
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: Fix bug introduced in commit
- 4235
-
- * lasso/saml-2.0/login.c:
- profile->msg_url is released before being used ;( Restore the
- code
- copying the URL before passing it to
- lasso_saml20_profile_build_http_redirect, to free it after.
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/Makefile.am: Core: Fix errors.c generation
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_advice.h,
- lasso/xml/saml-2.0/saml2_evidence.h: XML SAML2: remove typedef of
- LassoSaml2Assertion in saml2_advice.h and saml2_evidence.h
-
- * xml/saml-2.0/saml2_advice.h xml/saml-2.0/saml2_evidence.h:
- the declaration of LassoSaml2Assertion for supposedly preventing
- recursive include is useless now.
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/errors.h: Core: fix spurious semi-colon inserted in commit
- 4093
-
- * lasso/errors.h:
- remove useless semi-colon
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/lasso.h: Core: add assertion query to exported profiles
-
- * lasso/lasso.h:
- include lasso/saml-2.0/assertion_query.h
-
-2009-08-26 15:15 bdauvergne
-
- * bindings/bindings.py, lasso/xml/Makefile.am,
- lasso/xml/saml-2.0/Makefile.am, lasso/xml/saml-2.0/xml_saml2.h,
- lasso/xml/xml_idff.h, lasso/xml/xml_idwsf.h: XML: Add all
- including header fil for saml2, id-ff and id-wsf
-
- * lasso/xml/xml_idff.h:
- this header file reference all id-ff 1.2 elements
- * lasso/xml/xml_idwsf.h:
- this header file reference all id-wsf 1.0 elements
- * lasso/xml/saml-2.0/xml_saml2.h:
- this header file reference all saml-2.0 elements
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/registry.c, lasso/registry.h: Core: Remove include of
- lasso.h in registry.h
-
- * lasso/registry.h:
- include of lasso.h is useless, replace by including directly
- export.h
- * lasso/registry.c:
- directly include errors.h
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/id-wsf-2.0/server.h: ID-WSF: remove OFTYPE usage from
- header
-
-2009-08-26 15:15 bdauvergne
-
- * Makefile.am, autogen.sh, configure.ac, docs/Makefile.am,
- docs/reference/Makefile.am, docs/reference/lasso,
- docs/reference/lasso-sections.txt,
- docs/reference/lasso-sections.txt.in, docs/reference/lasso.sgml,
- docs/reference/lasso.types.in, docs/reference/lasso/Makefile.am,
- docs/reference/lasso/lasso-docs.sgml,
- docs/reference/lasso/lasso-sections.txt,
- docs/reference/lasso/lasso.types.in,
- docs/reference/lasso/version.xml.in,
- docs/reference/snippet-types.rst, docs/reference/version.xml.in,
- lasso/Makefile.am, lasso/build_strerror.py, lasso/errors.c,
- lasso/errors.h, lasso/extract_sections.py,
- lasso/id-ff/defederation.c, lasso/id-ff/federation.c,
- lasso/id-ff/identity.c, lasso/id-ff/login.h,
- lasso/id-ff/logout.c, lasso/id-ff/providerprivate.h,
- lasso/id-ff/session.c, lasso/id-ff/session.h,
- lasso/id-wsf-2.0/server.c, lasso/id-wsf/authentication.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/data_service.h,
- lasso/id-wsf/id_ff_extensions.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/personal_profile_service.c, lasso/id-wsf/utils.c,
- lasso/id-wsf/wsf_profile.c, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/login.c,
- lasso/utils.c, lasso/xml/ds_key_info.c, lasso/xml/ds_key_value.c,
- lasso/xml/ds_rsa_key_value.c, lasso/xml/saml-2.0/saml2_action.c,
- lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_statement.c, lasso/xml/soap_fault.c,
- lasso/xml/strings.h, lasso/xml/tools.c, lasso/xml/xml.h,
- m4/gtk-doc.m4: Docs: change the doc production and lot of other
- fixes
-
- * lasso/Makefile.am:
- distribute extract_sections.py
- * docs/references/lasso/lasso.types.in: add missing class (mainly
- SAML2
- and ID-WSF 1.0/2.0) from docs/references/lasso.types.in
-
- * lasso/xml/strings.h:
- add lots of documentation, or at least documentation template to
- strings constants.
- * id-ff/login.h:
- * saml-2.0/assertion_query.h:
- * xml/xml.h:
- document undocumented enumerations.
- * lasso/errors.h:
- add proper documentation about error codes.
- * lasso/errors.c:
- new version of the lasso_strerror function
- * lasso/build_strerror.py:
- update the script that generater lasso_strerror from the
- documentation comments.
-
- Remove usage of OFTYPE
-
- * lasso/id-ff/session.c:
- * lasso/id-ff/session.h:
- remove usage of oftype, prefer gtk-introspection annotations
- instead.
- * lasso/id-wsf/data_service.h:
- * lasso/id-wsf/data_service.c:
- do the same.
-
- Add a script to build lasso-sections.txt
-
- * lasso/extract_sections.py:
- this script parses header files and generated lasso-sections.txt
- content for GObject class descriptions.
-
- Add a template file for the lasso-section.txt file
-
- * docs/references/lasso-sections.txt.in:
- this file serves as a base for the generation of
- lasso-sections.txt
-
- Update docs/references/Makefile.am for generating
- lasso-sections.txt
-
- * docs/references/Makefile.am:
- always rebuild template, using out of source build directory is
- too
- weird without it.
- call new script extract_sections.py to regenerate
- lasso-sections.txt
- if header files changed.
-
- Update lasso.sgml file with all missing sections
-
- * docs/reference/lasso.sgml:
- add all missing sections, mainly objects from XML schemas.
-
- * docs/reference/lasso-sections.txt: update it
-
- * *.c: add section documentation to some files.
- * lasso/xml/strings.h: fix bad usage or docbook markup
-
-2009-08-26 15:15 bdauvergne
-
- * lasso/Makefile.am: Core: fix makefile for generating errors.h in
- out of source dir build
-
- * lasso/Makefile.am:
- errors.h is expected to be in srcdir not builddir.
-
-2009-08-26 15:15 bdauvergne
-
- * bindings/bindings.py: Bindings: for functions that must be
- totally skiped do it during parsing
-
- * bindings/bindings.py:
- parsing of argument type is still not advanced enough, so in
- order to
- remove spurious warnings, skip function directly during parsing
- just
- before the treatment of function signature.
-
-2009-08-26 15:15 bdauvergne
-
- * tests/integration/saml2/__init__.py: Tests: in integration test
- do not set the PYTHONPATH
-
- * tests/integration/saml2/__init__.py:
- to permit using build directory different from the src directory,
- do
- not force the PYTHONPATH to be relative to src dir to find lasso
- python module.
-
-2009-08-26 15:14 bdauvergne
-
- * tests/integration/valgrind-wrapper.sh: Tests: do not hardcode
- PYTHONPATH in the valgrind wrapper
-
- * tests/integration/valgrind-wrapper.sh: remove PYTHONPATH
- setting.
-
-2009-08-26 15:14 bdauvergne
-
- * tests/Makefile.am: Tests: distribute integration tests
-
- * tests/Makefile.am:
- add integration directory to the distdir.
-
-2009-08-26 15:14 bdauvergne
-
- * Makefile.am, autogen.sh, configure.ac,
- docs/reference/Makefile.am, lasso/Makefile.am, m4,
- m4/ac_check_class.m4, m4/ac_check_classpath.m4,
- m4/ac_check_java_home.m4, m4/ac_check_junit.m4,
- m4/ac_check_rqrd_class.m4, m4/ac_java_options.m4,
- m4/ac_prog_jar.m4, m4/ac_prog_java.m4, m4/ac_prog_java_cc.m4,
- m4/ac_prog_java_works.m4, m4/ac_prog_javac.m4,
- m4/ac_prog_javac_works.m4, m4/ac_prog_javadoc.m4,
- m4/ac_prog_javah.m4, m4/ac_try_compile_java.m4,
- m4/ac_try_run_javac.m4, m4/as-compiler-flag.m4, m4/check.m4,
- m4/dps_java_check_class.m4, m4/dps_libgcj_jar.m4,
- m4/dps_xtra_classpath.m4, m4/gtk-doc.m4,
- macros/ac_check_class.m4, macros/ac_check_classpath.m4,
- macros/ac_check_java_home.m4, macros/ac_check_junit.m4,
- macros/ac_check_rqrd_class.m4, macros/ac_java_options.m4,
- macros/ac_prog_jar.m4, macros/ac_prog_java.m4,
- macros/ac_prog_java_cc.m4, macros/ac_prog_java_works.m4,
- macros/ac_prog_javac.m4, macros/ac_prog_javac_works.m4,
- macros/ac_prog_javadoc.m4, macros/ac_prog_javah.m4,
- macros/ac_try_compile_java.m4, macros/ac_try_run_javac.m4,
- macros/as-compiler-flag.m4, macros/check.m4,
- macros/dps_java_check_class.m4, macros/dps_libgcj_jar.m4,
- macros/dps_xtra_classpath.m4: Core: Use automake-1.11 when
- possible
-
- * Makefile.am:
- use new automake-1.11 silent rules if possible
- move macros to m4 directory
- * m4/gtk-doc.m4:
- add gtk-doc macros.
- * lasso/Makefile.am:
- add missing -f flag to rm, to unbreak make distcheck
- * docs/references/Makefile.am:
- fix problem between libtool and gtk-doc
- * autogen.sh:
- update to autogen.sh from gtk-doc, add support for automake-1.11
-
-2009-08-26 15:14 bdauvergne
-
- * tests/data/Makefile.am: Tests: Add data files to EXTRA_DIST
-
- * tests/data/Makefile.am:
- data file for tests2 were missing (to pass distcheck).
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_credentials.c, lasso/xml/disco_description.c,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.h,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_modify.c,
- lasso/xml/disco_modify_response.c, lasso/xml/disco_options.c,
- lasso/xml/disco_query.c, lasso/xml/disco_query_response.c,
- lasso/xml/disco_remove_entry.c,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_resource_id.c,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_service_instance.c, lasso/xml/ds_key_info.c,
- lasso/xml/ds_key_value.c, lasso/xml/ds_rsa_key_value.c,
- lasso/xml/dst_data.c, lasso/xml/dst_modification.c,
- lasso/xml/dst_modify.c, lasso/xml/dst_modify_response.c,
- lasso/xml/dst_new_data.c, lasso/xml/dst_query.c,
- lasso/xml/dst_query_item.c, lasso/xml/dst_query_response.c,
- lasso/xml/id-wsf-2.0/disco_abstract.c,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.c,
- lasso/xml/id-wsf-2.0/disco_keys.c,
- lasso/xml/id-wsf-2.0/disco_options.c,
- lasso/xml/id-wsf-2.0/disco_provider_id.c,
- lasso/xml/id-wsf-2.0/disco_query.c,
- lasso/xml/id-wsf-2.0/disco_query_response.c,
- lasso/xml/id-wsf-2.0/disco_requested_service.c,
- lasso/xml/id-wsf-2.0/disco_security_context.c,
- lasso/xml/id-wsf-2.0/disco_service_context.c,
- lasso/xml/id-wsf-2.0/disco_service_type.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.c,
- lasso/xml/id-wsf-2.0/dst_data_response_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.c,
- lasso/xml/id-wsf-2.0/dst_request.c,
- lasso/xml/id-wsf-2.0/dst_result_query_base.c,
- lasso/xml/id-wsf-2.0/dst_test_item_base.c,
- lasso/xml/id-wsf-2.0/dstref_app_data.c,
- lasso/xml/id-wsf-2.0/dstref_create.c,
- lasso/xml/id-wsf-2.0/dstref_create_item.c,
- lasso/xml/id-wsf-2.0/dstref_data.c,
- lasso/xml/id-wsf-2.0/dstref_data_response.c,
- lasso/xml/id-wsf-2.0/dstref_delete.c,
- lasso/xml/id-wsf-2.0/dstref_delete_item.c,
- lasso/xml/id-wsf-2.0/dstref_item_data.c,
- lasso/xml/id-wsf-2.0/dstref_modify.c,
- lasso/xml/id-wsf-2.0/dstref_modify_item.c,
- lasso/xml/id-wsf-2.0/dstref_modify_response.c,
- lasso/xml/id-wsf-2.0/dstref_query.c,
- lasso/xml/id-wsf-2.0/dstref_query_item.c,
- lasso/xml/id-wsf-2.0/dstref_query_response.c,
- lasso/xml/id-wsf-2.0/dstref_result_query.c,
- lasso/xml/id-wsf-2.0/dstref_test_item.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c,
- lasso/xml/id-wsf-2.0/ims_mapping_input.c,
- lasso/xml/id-wsf-2.0/ims_mapping_output.c,
- lasso/xml/id-wsf-2.0/is_help.c,
- lasso/xml/id-wsf-2.0/is_inquiry.c,
- lasso/xml/id-wsf-2.0/is_inquiry_element.c,
- lasso/xml/id-wsf-2.0/is_interaction_request.c,
- lasso/xml/id-wsf-2.0/is_interaction_response.c,
- lasso/xml/id-wsf-2.0/is_interaction_statement.c,
- lasso/xml/id-wsf-2.0/is_item.c,
- lasso/xml/id-wsf-2.0/is_parameter.c,
- lasso/xml/id-wsf-2.0/is_select.c, lasso/xml/id-wsf-2.0/is_text.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.c,
- lasso/xml/id-wsf-2.0/ps_item_data.c,
- lasso/xml/id-wsf-2.0/ps_list_members_request.c,
- lasso/xml/id-wsf-2.0/ps_list_members_response.c,
- lasso/xml/id-wsf-2.0/ps_notification.c,
- lasso/xml/id-wsf-2.0/ps_notify.c,
- lasso/xml/id-wsf-2.0/ps_object.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.c,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.c,
- lasso/xml/id-wsf-2.0/ps_resolve_input.c,
- lasso/xml/id-wsf-2.0/ps_response_abstract.c,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.c,
- lasso/xml/id-wsf-2.0/sb2_consent.c,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.c,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.c,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.c,
- lasso/xml/id-wsf-2.0/sb2_sender.c,
- lasso/xml/id-wsf-2.0/sb2_timeout.c,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/sbf_framework.c,
- lasso/xml/id-wsf-2.0/sec_token.c,
- lasso/xml/id-wsf-2.0/sec_token_policy.c,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.c,
- lasso/xml/id-wsf-2.0/subs_notification.c,
- lasso/xml/id-wsf-2.0/subs_ref_item.c,
- lasso/xml/id-wsf-2.0/subs_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.c,
- lasso/xml/id-wsf-2.0/subsref_create.c,
- lasso/xml/id-wsf-2.0/subsref_create_item.c,
- lasso/xml/id-wsf-2.0/subsref_data.c,
- lasso/xml/id-wsf-2.0/subsref_data_response.c,
- lasso/xml/id-wsf-2.0/subsref_delete.c,
- lasso/xml/id-wsf-2.0/subsref_delete_item.c,
- lasso/xml/id-wsf-2.0/subsref_item_data.c,
- lasso/xml/id-wsf-2.0/subsref_modify.c,
- lasso/xml/id-wsf-2.0/subsref_modify_item.c,
- lasso/xml/id-wsf-2.0/subsref_notification.c,
- lasso/xml/id-wsf-2.0/subsref_notify.c,
- lasso/xml/id-wsf-2.0/subsref_query.c,
- lasso/xml/id-wsf-2.0/subsref_query_item.c,
- lasso/xml/id-wsf-2.0/subsref_query_response.c,
- lasso/xml/id-wsf-2.0/subsref_result_query.c,
- lasso/xml/id-wsf-2.0/subsref_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_test_item.c,
- lasso/xml/id-wsf-2.0/util_response.c,
- lasso/xml/id-wsf-2.0/util_status.c, lasso/xml/is_help.c,
- lasso/xml/is_inquiry.c, lasso/xml/is_inquiry_element.c,
- lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_statement.c, lasso/xml/is_item.c,
- lasso/xml/is_parameter.c, lasso/xml/is_redirect_request.c,
- lasso/xml/is_select.c, lasso/xml/is_text.c,
- lasso/xml/is_user_interaction.c, lasso/xml/lib_assertion.c,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_authn_context.c, lasso/xml/lib_authn_request.c,
- lasso/xml/lib_authn_request_envelope.c,
- lasso/xml/lib_authn_response.c,
- lasso/xml/lib_authn_response_envelope.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_idp_entries.c, lasso/xml/lib_idp_entry.c,
- lasso/xml/lib_idp_list.c, lasso/xml/lib_logout_request.c,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_request_authn_context.c, lasso/xml/lib_scoping.c,
- lasso/xml/lib_status_response.c, lasso/xml/lib_subject.c,
- lasso/xml/misc_text_node.c, lasso/xml/sa_credentials.c,
- lasso/xml/sa_parameter.c, lasso/xml/sa_password_transforms.c,
- lasso/xml/sa_sasl_request.c, lasso/xml/sa_sasl_response.c,
- lasso/xml/sa_transform.c, lasso/xml/saml-2.0/saml2_action.c,
- lasso/xml/saml-2.0/saml2_advice.c,
- lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/saml2_attribute.c,
- lasso/xml/saml-2.0/saml2_attribute_statement.c,
- lasso/xml/saml-2.0/saml2_audience_restriction.c,
- lasso/xml/saml-2.0/saml2_authn_context.c,
- lasso/xml/saml-2.0/saml2_authn_statement.c,
- lasso/xml/saml-2.0/saml2_authz_decision_statement.c,
- lasso/xml/saml-2.0/saml2_base_idabstract.c,
- lasso/xml/saml-2.0/saml2_conditions.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.c,
- lasso/xml/saml-2.0/saml2_evidence.c,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/saml2_proxy_restriction.c,
- lasso/xml/saml-2.0/saml2_subject.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_subject_locality.c,
- lasso/xml/saml-2.0/samlp2_artifact_resolve.c,
- lasso/xml/saml-2.0/samlp2_artifact_response.c,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_attribute_query.c,
- lasso/xml/saml-2.0/samlp2_authn_query.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_authz_decision_query.c,
- lasso/xml/saml-2.0/samlp2_idp_entry.c,
- lasso/xml/saml-2.0/samlp2_idp_list.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_policy.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_scoping.c,
- lasso/xml/saml-2.0/samlp2_status.c,
- lasso/xml/saml-2.0/samlp2_status_code.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c,
- lasso/xml/saml_advice.c, lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_authentication_statement.c,
- lasso/xml/saml_authority_binding.c, lasso/xml/saml_conditions.c,
- lasso/xml/saml_subject.c, lasso/xml/saml_subject_confirmation.c,
- lasso/xml/saml_subject_locality.c,
- lasso/xml/saml_subject_statement_abstract.c,
- lasso/xml/samlp_request.c, lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_response.c, lasso/xml/samlp_response_abstract.c,
- lasso/xml/samlp_status.c, lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_usage_directive.c, lasso/xml/soap_body.c,
- lasso/xml/soap_detail.c, lasso/xml/soap_envelope.c,
- lasso/xml/soap_fault.c, lasso/xml/soap_header.c,
- lasso/xml/utility_status.c, lasso/xml/ws/wsa_attributed_any.c,
- lasso/xml/ws/wsa_attributed_qname.c,
- lasso/xml/ws/wsa_attributed_unsigned_long.c,
- lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_endpoint_reference.c,
- lasso/xml/ws/wsa_metadata.c, lasso/xml/ws/wsa_problem_action.c,
- lasso/xml/ws/wsa_reference_parameters.c,
- lasso/xml/ws/wsa_relates_to.c, lasso/xml/ws/wsse_embedded.c,
- lasso/xml/ws/wsse_reference.c,
- lasso/xml/ws/wsse_security_header.c,
- lasso/xml/ws/wsse_security_token_reference.c,
- lasso/xml/ws/wsse_username_token.c, lasso/xml/ws/wsu_timestamp.c,
- lasso/xml/wsse_security.c: XML: remove all useless instance_init
- functions
-
- * Use Coccinelle semantic patch tool (http://coccinelle.lip6.fr/)
- to
- remove useless instance_init functions, the first patch applied
- was:
- @@
- type T,V;
- identifier I, J;
- parameter list P;
- expression E1;
- @@
-
- V instance_init(T node)
- {
- <...
- (
- - E1 = 0;
- |
- - E1 = NULL;
- |
- - E1 = FALSE;
- )
- ...>
- }
- It removes useless initialization to 0 (GObject already zeroes
- allocated objects).
- The second one is:
- @ rule1 @
- type T;
- identifier node,fn;
- @@
-
- - static void fn(T *node) { }
-
- @ rule2 extends rule1 @
- typedef GType, GInstanceInitFunc;
- identifier type_constructor;
- @@
- GType type_constructor()
- {
- <...
- - (GInstanceInitFunc)fn
- + NULL
- ...>
- }
- It removes empty instance_init functions.
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/xml/id-wsf-2.0/sb2_target_identity.c,
- lasso/xml/id-wsf-2.0/sb2_target_identity.h: sb2:TargetIdentity
- can have a content
-
- * lasso/xml/id-wsf-2.0/sb2_target_identity.c:
- * lasso/xml/id-wsf-2.0/sb2_target_identity.h:
- add support for any content.
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/errors.c, lasso/errors.c.in, lasso/id-ff/defederation.c,
- lasso/id-ff/defederation.h, lasso/id-ff/federation.c,
- lasso/id-ff/federation.h, lasso/id-ff/identity.c,
- lasso/id-ff/identity.h, lasso/id-ff/identityprivate.h,
- lasso/id-ff/lecp.c, lasso/id-ff/lecp.h, lasso/id-ff/login.c,
- lasso/id-ff/login.h, lasso/id-ff/loginprivate.h,
- lasso/id-ff/logout.c, lasso/id-ff/logout.h,
- lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/name_identifier_mapping.h,
- lasso/id-ff/name_registration.c, lasso/id-ff/name_registration.h,
- lasso/id-ff/profile.c, lasso/id-ff/profile.h,
- lasso/id-ff/profileprivate.h, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/id-ff/server.c,
- lasso/id-ff/server.h, lasso/id-ff/session.c,
- lasso/id-ff/session.h, lasso/id-ff/sessionprivate.h,
- lasso/id-wsf-2.0/Makefile.am, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/data_service.h, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/discovery.h, lasso/id-wsf-2.0/id_wsf_2.h,
- lasso/id-wsf-2.0/identity.c, lasso/id-wsf-2.0/identity.h,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h,
- lasso/id-wsf-2.0/saml2_login.c,
- lasso/id-wsf-2.0/saml2_login_private.h,
- lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/server.h,
- lasso/id-wsf-2.0/serverprivate.h, lasso/id-wsf-2.0/session.c,
- lasso/id-wsf-2.0/session.h, lasso/id-wsf-2.0/sessionprivate.h,
- lasso/id-wsf/Makefile.am, lasso/id-wsf/authentication.c,
- lasso/id-wsf/authentication.h, lasso/id-wsf/data_service.c,
- lasso/id-wsf/data_service.h, lasso/id-wsf/id_ff_extensions.c,
- lasso/id-wsf/id_ff_extensions.h,
- lasso/id-wsf/id_ff_extensions_private.h, lasso/id-wsf/id_wsf.h,
- lasso/id-wsf/identity.h,
- lasso/id-wsf/interaction_profile_service.h,
- lasso/id-wsf/personal_profile_service.h, lasso/id-wsf/utils.c,
- lasso/id-wsf/wsf_profile.h, lasso/lasso.c, lasso/lasso.h,
- lasso/registry.h, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/ecp.h, lasso/saml-2.0/federation.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/loginprivate.h,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/logoutprivate.h,
- lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/name_id_management.h, lasso/saml-2.0/profile.c,
- lasso/saml-2.0/profileprivate.h, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/providerprivate.h, lasso/saml-2.0/server.c,
- lasso/saml-2.0/serverprivate.h,
- lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_requester.h,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authenticate_session_context.h,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_authorize_requester.h,
- lasso/xml/disco_credentials.c, lasso/xml/disco_credentials.h,
- lasso/xml/disco_description.c, lasso/xml/disco_description.h,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypt_resource_id.h,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.h,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_generate_bearer_token.h,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_insert_entry.h,
- lasso/xml/disco_modify.c, lasso/xml/disco_modify.h,
- lasso/xml/disco_modify_response.c,
- lasso/xml/disco_modify_response.h, lasso/xml/disco_options.c,
- lasso/xml/disco_options.h, lasso/xml/disco_query.c,
- lasso/xml/disco_query.h, lasso/xml/disco_query_response.c,
- lasso/xml/disco_query_response.h, lasso/xml/disco_remove_entry.c,
- lasso/xml/disco_remove_entry.h,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_requested_service_type.h,
- lasso/xml/disco_resource_id.c, lasso/xml/disco_resource_id.h,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_resource_offering.h,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_send_single_logout.h,
- lasso/xml/disco_service_instance.c,
- lasso/xml/disco_service_instance.h, lasso/xml/ds_key_info.c,
- lasso/xml/ds_key_info.h, lasso/xml/ds_key_value.c,
- lasso/xml/ds_key_value.h, lasso/xml/ds_rsa_key_value.c,
- lasso/xml/ds_rsa_key_value.h, lasso/xml/dst_data.c,
- lasso/xml/dst_data.h, lasso/xml/dst_modification.c,
- lasso/xml/dst_modification.h, lasso/xml/dst_modify.c,
- lasso/xml/dst_modify.h, lasso/xml/dst_modify_response.c,
- lasso/xml/dst_modify_response.h, lasso/xml/dst_new_data.c,
- lasso/xml/dst_new_data.h, lasso/xml/dst_query.c,
- lasso/xml/dst_query.h, lasso/xml/dst_query_item.c,
- lasso/xml/dst_query_item.h, lasso/xml/dst_query_response.c,
- lasso/xml/dst_query_response.h,
- lasso/xml/id-wsf-2.0/disco_abstract.h,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.h,
- lasso/xml/id-wsf-2.0/disco_keys.h,
- lasso/xml/id-wsf-2.0/disco_options.h,
- lasso/xml/id-wsf-2.0/disco_provider_id.h,
- lasso/xml/id-wsf-2.0/disco_query.h,
- lasso/xml/id-wsf-2.0/disco_query_response.h,
- lasso/xml/id-wsf-2.0/disco_requested_service.h,
- lasso/xml/id-wsf-2.0/disco_security_context.h,
- lasso/xml/id-wsf-2.0/disco_service_context.h,
- lasso/xml/id-wsf-2.0/disco_service_type.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.h,
- lasso/xml/id-wsf-2.0/dst_data_response_base.h,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.h,
- lasso/xml/id-wsf-2.0/dst_delete_response.h,
- lasso/xml/id-wsf-2.0/dst_request.h,
- lasso/xml/id-wsf-2.0/dst_result_query_base.h,
- lasso/xml/id-wsf-2.0/dst_test_item_base.h,
- lasso/xml/id-wsf-2.0/dstref_app_data.h,
- lasso/xml/id-wsf-2.0/dstref_create.h,
- lasso/xml/id-wsf-2.0/dstref_create_item.h,
- lasso/xml/id-wsf-2.0/dstref_create_response.h,
- lasso/xml/id-wsf-2.0/dstref_data.h,
- lasso/xml/id-wsf-2.0/dstref_data_response.h,
- lasso/xml/id-wsf-2.0/dstref_delete.h,
- lasso/xml/id-wsf-2.0/dstref_delete_item.h,
- lasso/xml/id-wsf-2.0/dstref_delete_response.h,
- lasso/xml/id-wsf-2.0/dstref_item_data.h,
- lasso/xml/id-wsf-2.0/dstref_modify.h,
- lasso/xml/id-wsf-2.0/dstref_modify_item.h,
- lasso/xml/id-wsf-2.0/dstref_modify_response.h,
- lasso/xml/id-wsf-2.0/dstref_query.h,
- lasso/xml/id-wsf-2.0/dstref_query_item.h,
- lasso/xml/id-wsf-2.0/dstref_query_response.h,
- lasso/xml/id-wsf-2.0/dstref_result_query.h,
- lasso/xml/id-wsf-2.0/dstref_test_item.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.h,
- lasso/xml/id-wsf-2.0/ims_mapping_input.h,
- lasso/xml/id-wsf-2.0/ims_mapping_output.h,
- lasso/xml/id-wsf-2.0/is_help.h,
- lasso/xml/id-wsf-2.0/is_inquiry.h,
- lasso/xml/id-wsf-2.0/is_inquiry_element.h,
- lasso/xml/id-wsf-2.0/is_interaction_request.h,
- lasso/xml/id-wsf-2.0/is_interaction_response.h,
- lasso/xml/id-wsf-2.0/is_interaction_statement.h,
- lasso/xml/id-wsf-2.0/is_item.h,
- lasso/xml/id-wsf-2.0/is_parameter.h,
- lasso/xml/id-wsf-2.0/is_select.h, lasso/xml/id-wsf-2.0/is_text.h,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.h,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.h,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.h,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.h,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.h,
- lasso/xml/id-wsf-2.0/ps_item_data.h,
- lasso/xml/id-wsf-2.0/ps_list_members_request.h,
- lasso/xml/id-wsf-2.0/ps_list_members_response.h,
- lasso/xml/id-wsf-2.0/ps_notification.h,
- lasso/xml/id-wsf-2.0/ps_notify.h,
- lasso/xml/id-wsf-2.0/ps_object.h,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.h,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.h,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_request_abstract.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.h,
- lasso/xml/id-wsf-2.0/ps_resolve_input.h,
- lasso/xml/id-wsf-2.0/ps_response_abstract.h,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.h,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.h,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.h,
- lasso/xml/id-wsf-2.0/sb2_consent.h,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.h,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.h,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.h,
- lasso/xml/id-wsf-2.0/sb2_sender.h,
- lasso/xml/id-wsf-2.0/sb2_target_identity.h,
- lasso/xml/id-wsf-2.0/sb2_timeout.h,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.h,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.h,
- lasso/xml/id-wsf-2.0/sbf_framework.h,
- lasso/xml/id-wsf-2.0/sec_token.h,
- lasso/xml/id-wsf-2.0/sec_token_policy.h,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.h,
- lasso/xml/id-wsf-2.0/subs_notification.h,
- lasso/xml/id-wsf-2.0/subs_notify_response.h,
- lasso/xml/id-wsf-2.0/subs_ref_item.h,
- lasso/xml/id-wsf-2.0/subs_subscription.h,
- lasso/xml/id-wsf-2.0/subsref_app_data.h,
- lasso/xml/id-wsf-2.0/subsref_create.h,
- lasso/xml/id-wsf-2.0/subsref_create_item.h,
- lasso/xml/id-wsf-2.0/subsref_create_response.h,
- lasso/xml/id-wsf-2.0/subsref_data.h,
- lasso/xml/id-wsf-2.0/subsref_data_response.h,
- lasso/xml/id-wsf-2.0/subsref_delete.h,
- lasso/xml/id-wsf-2.0/subsref_delete_item.h,
- lasso/xml/id-wsf-2.0/subsref_delete_response.h,
- lasso/xml/id-wsf-2.0/subsref_item_data.h,
- lasso/xml/id-wsf-2.0/subsref_modify.h,
- lasso/xml/id-wsf-2.0/subsref_modify_item.h,
- lasso/xml/id-wsf-2.0/subsref_modify_response.h,
- lasso/xml/id-wsf-2.0/subsref_notification.h,
- lasso/xml/id-wsf-2.0/subsref_notify.h,
- lasso/xml/id-wsf-2.0/subsref_notify_response.h,
- lasso/xml/id-wsf-2.0/subsref_query.h,
- lasso/xml/id-wsf-2.0/subsref_query_item.h,
- lasso/xml/id-wsf-2.0/subsref_query_response.h,
- lasso/xml/id-wsf-2.0/subsref_result_query.h,
- lasso/xml/id-wsf-2.0/subsref_subscription.h,
- lasso/xml/id-wsf-2.0/subsref_test_item.h,
- lasso/xml/id-wsf-2.0/util_empty.h,
- lasso/xml/id-wsf-2.0/util_extension.h,
- lasso/xml/id-wsf-2.0/util_response.h,
- lasso/xml/id-wsf-2.0/util_status.h, lasso/xml/is_help.c,
- lasso/xml/is_help.h, lasso/xml/is_inquiry.c,
- lasso/xml/is_inquiry.h, lasso/xml/is_inquiry_element.c,
- lasso/xml/is_inquiry_element.h,
- lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_request.h,
- lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_response.h,
- lasso/xml/is_interaction_statement.c,
- lasso/xml/is_interaction_statement.h, lasso/xml/is_item.c,
- lasso/xml/is_item.h, lasso/xml/is_parameter.c,
- lasso/xml/is_parameter.h, lasso/xml/is_redirect_request.c,
- lasso/xml/is_redirect_request.h, lasso/xml/is_select.c,
- lasso/xml/is_select.h, lasso/xml/is_text.c, lasso/xml/is_text.h,
- lasso/xml/is_user_interaction.c, lasso/xml/is_user_interaction.h,
- lasso/xml/lib_assertion.c, lasso/xml/lib_assertion.h,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_authentication_statement.h,
- lasso/xml/lib_authn_context.c, lasso/xml/lib_authn_context.h,
- lasso/xml/lib_authn_request.c, lasso/xml/lib_authn_request.h,
- lasso/xml/lib_authn_request_envelope.c,
- lasso/xml/lib_authn_request_envelope.h,
- lasso/xml/lib_authn_response.c, lasso/xml/lib_authn_response.h,
- lasso/xml/lib_authn_response_envelope.c,
- lasso/xml/lib_authn_response_envelope.h,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_federation_termination_notification.h,
- lasso/xml/lib_idp_entries.c, lasso/xml/lib_idp_entries.h,
- lasso/xml/lib_idp_entry.c, lasso/xml/lib_idp_entry.h,
- lasso/xml/lib_idp_list.c, lasso/xml/lib_idp_list.h,
- lasso/xml/lib_logout_request.c, lasso/xml/lib_logout_request.h,
- lasso/xml/lib_logout_response.c, lasso/xml/lib_logout_response.h,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_request.h,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_name_identifier_mapping_response.h,
- lasso/xml/lib_register_name_identifier_request.h,
- lasso/xml/lib_register_name_identifier_response.c,
- lasso/xml/lib_register_name_identifier_response.h,
- lasso/xml/lib_request_authn_context.c,
- lasso/xml/lib_request_authn_context.h, lasso/xml/lib_scoping.c,
- lasso/xml/lib_scoping.h, lasso/xml/lib_status_response.c,
- lasso/xml/lib_status_response.h, lasso/xml/lib_subject.c,
- lasso/xml/lib_subject.h, lasso/xml/misc_text_node.h,
- lasso/xml/private.h, lasso/xml/sa_credentials.c,
- lasso/xml/sa_credentials.h, lasso/xml/sa_parameter.c,
- lasso/xml/sa_parameter.h, lasso/xml/sa_password_transforms.c,
- lasso/xml/sa_password_transforms.h, lasso/xml/sa_sasl_request.c,
- lasso/xml/sa_sasl_request.h, lasso/xml/sa_sasl_response.c,
- lasso/xml/sa_sasl_response.h, lasso/xml/sa_transform.c,
- lasso/xml/sa_transform.h, lasso/xml/saml-2.0/saml2_action.h,
- lasso/xml/saml-2.0/saml2_advice.h,
- lasso/xml/saml-2.0/saml2_assertion.h,
- lasso/xml/saml-2.0/saml2_attribute.h,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_attribute_value.h,
- lasso/xml/saml-2.0/saml2_authn_context.h,
- lasso/xml/saml-2.0/saml2_base_idabstract.h,
- lasso/xml/saml-2.0/saml2_condition_abstract.h,
- lasso/xml/saml-2.0/saml2_conditions.h,
- lasso/xml/saml-2.0/saml2_evidence.h,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.h,
- lasso/xml/saml-2.0/saml2_name_id.h,
- lasso/xml/saml-2.0/saml2_statement_abstract.h,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.h,
- lasso/xml/saml-2.0/saml2_subject_locality.h,
- lasso/xml/saml-2.0/samlp2_extensions.h,
- lasso/xml/saml-2.0/samlp2_idp_entry.h,
- lasso/xml/saml-2.0/samlp2_name_id_policy.h,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.h,
- lasso/xml/saml-2.0/samlp2_status_code.h,
- lasso/xml/saml-2.0/samlp2_status_detail.h,
- lasso/xml/saml-2.0/samlp2_terminate.h, lasso/xml/saml_advice.c,
- lasso/xml/saml_advice.h, lasso/xml/saml_assertion.c,
- lasso/xml/saml_assertion.h, lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute.h,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_designator.h,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_attribute_statement.h,
- lasso/xml/saml_attribute_value.c,
- lasso/xml/saml_attribute_value.h,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_audience_restriction_condition.h,
- lasso/xml/saml_authentication_statement.c,
- lasso/xml/saml_authentication_statement.h,
- lasso/xml/saml_authority_binding.c,
- lasso/xml/saml_authority_binding.h,
- lasso/xml/saml_condition_abstract.c,
- lasso/xml/saml_condition_abstract.h, lasso/xml/saml_conditions.c,
- lasso/xml/saml_conditions.h, lasso/xml/saml_name_identifier.c,
- lasso/xml/saml_name_identifier.h,
- lasso/xml/saml_statement_abstract.c,
- lasso/xml/saml_statement_abstract.h, lasso/xml/saml_subject.c,
- lasso/xml/saml_subject.h, lasso/xml/saml_subject_confirmation.c,
- lasso/xml/saml_subject_confirmation.h,
- lasso/xml/saml_subject_locality.c,
- lasso/xml/saml_subject_locality.h,
- lasso/xml/saml_subject_statement.c,
- lasso/xml/saml_subject_statement.h,
- lasso/xml/saml_subject_statement_abstract.c,
- lasso/xml/saml_subject_statement_abstract.h,
- lasso/xml/samlp_request.c, lasso/xml/samlp_request.h,
- lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_request_abstract.h, lasso/xml/samlp_response.c,
- lasso/xml/samlp_response.h, lasso/xml/samlp_response_abstract.c,
- lasso/xml/samlp_response_abstract.h, lasso/xml/samlp_status.c,
- lasso/xml/samlp_status.h, lasso/xml/samlp_status_code.c,
- lasso/xml/samlp_status_code.h,
- lasso/xml/sec_resource_access_statement.c,
- lasso/xml/sec_resource_access_statement.h,
- lasso/xml/soap_binding.c, lasso/xml/soap_binding.h,
- lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_consent.h,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_correlation.h,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credential.h,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_credentials_context.h,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_service_instance_update.h,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_ext_timeout.h,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_processing_context.h,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_provider.h,
- lasso/xml/soap_binding_usage_directive.c,
- lasso/xml/soap_binding_usage_directive.h, lasso/xml/soap_body.c,
- lasso/xml/soap_body.h, lasso/xml/soap_detail.c,
- lasso/xml/soap_detail.h, lasso/xml/soap_envelope.c,
- lasso/xml/soap_envelope.h, lasso/xml/soap_fault.c,
- lasso/xml/soap_fault.h, lasso/xml/soap_header.c,
- lasso/xml/soap_header.h, lasso/xml/tools.c,
- lasso/xml/utility_status.c, lasso/xml/utility_status.h,
- lasso/xml/ws/wsa_attributed_any.h,
- lasso/xml/ws/wsa_attributed_qname.h,
- lasso/xml/ws/wsa_attributed_unsigned_long.h,
- lasso/xml/ws/wsa_attributed_uri.h,
- lasso/xml/ws/wsa_endpoint_reference.h,
- lasso/xml/ws/wsa_metadata.h, lasso/xml/ws/wsa_problem_action.h,
- lasso/xml/ws/wsa_reference_parameters.h,
- lasso/xml/ws/wsa_relates_to.h, lasso/xml/ws/wsse_embedded.h,
- lasso/xml/ws/wsse_reference.h,
- lasso/xml/ws/wsse_security_header.h,
- lasso/xml/ws/wsse_security_token_reference.h,
- lasso/xml/ws/wsse_transformation_parameters.h,
- lasso/xml/ws/wsse_username_token.h, lasso/xml/ws/wsu_timestamp.h,
- lasso/xml/wsse_security.c, lasso/xml/wsse_security.h,
- lasso/xml/xml.c, lasso/xml/xml.h, lasso/xml/xml_enc.h,
- tests/basic_tests.c, tests/login_tests.c,
- tests/login_tests_saml2.c, tests/metadata_tests.c, tests/perfs.c,
- tests/random_tests.c, tests/tests.c: All: Rework include files
- handling, separated ID-WSF code from SAML2/ID-FF code
-
- * nearly all C files: change includes for relative paths.
- * lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top
- level
- public include files for ID-WSF 1.0 and ID-WSF 2.0.
- * lasso/id-ff/server.*, lasso/id-ff/session.*,
- lasso/id-ff/identity.*:
- remove most of the code related to ID-WSF and push into
- lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
- lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
- * lasso/id-wsf-2.0/saml2_login.c,
- lasso/id-wsf-2.0/saml2_login_private.h: same change but for
- ID-WSF
- 2.0 support in SAML2 SSO profile.
-
-2009-08-26 15:14 bdauvergne
-
- * bindings/overrides.xml: Bindings: skip ID-WSF methods with
- unsupported signatures
-
- * bindings/overrides.xml:
- some functions have output parameters (pointer on pointers) that
- are
- currently not supported by our binding generator, so we skip
- them.
-
-2009-08-26 15:14 bdauvergne
-
- * swig/Lasso-wsf.i, swig/Lasso.i: SWIG: unplug id-wsf support in
- SWIG
-
- * swig/Lasso.i:
- force LASSO_WSF_ENABLED to be undefined.
-
-2009-08-26 15:14 bdauvergne
-
- * tests/Makefile.am, tests/tests2.c: Tests: allow tests2 to pass
- distcheck
-
- * tests/Makefile.am
- add an SRCDIR symbol.
- remove unused include paths.
- * tests/tests2.c:
- use SRCDIR to find data files.
-
-2009-08-26 15:14 bdauvergne
-
- * tests/data/response-3: Tests: remove internal content from data
- files
-
- * tests/data/response-3:
- this dump of a SAML message contains elements and attribute
- outside
- the SAML schema, implementation detail from Lasso. They broke
- execution of tests/tests2.
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.h: XML&SAML 2.0: add
- missing include files
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.h:
- xmlSecKey is present in a function signature, so include
- xmlsec/xmlsec.h.
-
-2009-08-26 15:14 bdauvergne
-
- * swig/Lasso.i: SWIG: implement change to LassoSession in the SWIG
- interface file
-
- * swig/Lasso.i:
- remove LassoSession::is_dirty attribute and rewrite the
- getProviderIds function.
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/xml/Makefile.am: XML: only recurse into xml/id-wsf subdirs
- if --enable-wsf is true
-
- * lasso/xml/Makefile.am:
- put id-wsf and id-wsf2 subdirs under a conditionnal.
-
-2009-08-26 15:14 bdauvergne
-
- * lasso/id-wsf/Makefile.am: ID-WSF 1.0: remove absent header file
- from the Makefile.am
-
- * lasso/id-wsf/Makefile.am:
- remove data_service_private.h from header file list.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/extract_symbols.py, lasso/extract_types.py,
- lasso/xml/Makefile.am: Core: SOAP is also used by SAML bindings
-
- * extract_symbols.py, extract_types.py:
- export SOAP types whatever the value of the flag --enable-wsf.
- It still worked because constructor for GObject calls get_type,
- but
- there is a race condition: if you receive a SOAP message before
- sending one, it fails. Only soap_binding types must be removed.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-ff/login.c, lasso/id-ff/logout.c, lasso/id-ff/profile.c,
- lasso/id-ff/session.c, lasso/id-ff/session.h,
- lasso/id-ff/sessionprivate.h, lasso/saml-2.0/login.c,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/profile.c, lasso/utils.h:
- ID-FF&Core: Seal public field of LassoSession
-
- * id-ff/session.h: seal public fields.
-
- * id-ff/session.c, id-ff/sessionprivate.h: add accessors for
- reading
- the is_dirty flag and counting store assertions.
-
- * id-ff/logout.c, id-ff/login.c, saml-2.0/login.c,
- saml-2.0/logout.c,
- saml-2.0/profile.c: use the new accessors.
-
- * id-ff/profile.c: include the private header file, use the new
- accessors, and remove unnecessary setting of is_dirty to FALSE
- (it
- should be false at instanciation).
-
- * utils.h: add a macro to access private content, prepare for
- using
- G_TYPE_INSTANCE_GET_PRIVATE and the GObject infrastructure for
- private structures eventually.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: remove unused variable
-
- - lasso/id-wsf-2.0/discovery.c: remove unused variable in
- discovery.c
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/utils.h: Core: fix bad name of
- lasso_unlink_and_release_node
-
- * lasso/utils.h:
- - rename lasso_unlink_and_release_node to
- lasso_release_list_of_xml_node.
- - add a GList iteration macro: lasso_foreach.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf/data_service.c, lasso/id-wsf/data_service.h,
- lasso/id-wsf/data_service_private.h, lasso/id-wsf/discovery.c,
- lasso/id-wsf/discovery.h,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/personal_profile_service.c,
- lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h,
- lasso/id-wsf/wsf_profile_private.h, lasso/xml/dst_modify.c:
- ID-WSF: Lots of modifications
-
- Migrate lots of code to use new utility macros. Try to simplify
- most
- code paths or to factorize with LassoWsfProfile.
-
- * lasso/id-wsf/wsf_profile.c:
- Add API:
- - lasso_wsf_profile_build_soap_response_msg to build SOAP fault
- for
- Lasso errors,
- - lasso_wsf_profile_set_msg_url_from_description, to set the
- destination URL using the chosen LassoDiscoDescription (with
- respect to the security mechanism),
- - lasso_wsf_profile_init_soap_response to initialize a response
- to
- the current request, to use in sub classes,
- - lasso_wsf_profile_get_remote_provider_id, retrieve the SOAP
- binding corresponding information,
- - lasso_wsf_profile_get_remote_provider, simplification of
- lasso_wsf_profile_get_remote_provider_id,
- - lasso_wsf_profile_get_soap_fault, retrieve the last setted SOAP
- fault, used by sub classes,
- - lasso_wsf_profile_set_soap_fault, set a SOAP fault, to be
- returned
- by the next call by lasso_wsf_profile_build_soap_response_msg, to
- use in sub classes,
- - lasso_wsf_profile_set/get_status_code, set/get the stored
- status
- code, to use in the next lasso_xxx_build_response_message, to use
- in sub classes.
- Change name lasso_wsf_profile_get_description_autos to
- lasso_wsf_profile_get_description_auto.
- Do not access directly the session is_dirty field (it has been
- sealed).
-
- * lasso/id-wsf/wsf_profile.h:
- Add helper macro lasso_wsf_profile_helper_set_status to set
- status
- code of an ID-WSF response message containing a Status element
- using
- the stored status code.
- * lasso/id-wsf/wsf_profile_private.h:
- Add new fields (moved public fields).
- Add lasso_wsf_profile_set_msg_url_from_description,
- lasso_wsf_profile_build_soap_fault_response_msg.
- * lasso/id-wsf/data_service_private.h:
- Remove file.
- * lasso/id-wsf/data_service.h: Remove all public fields.
- * lasso/id-wsf/data_service.c:
- Remove private structure. Use the equivalents LassoWsfProfile
- private
- fields. Update documentation. Use LassoWsfProfile generic
- functions
- for initializing requests. Add API
- lasso_data_service_get_query_item,
- lasso_data_service_get_answers, lasso_data_service_get_answer,
- lasso_data_service_get_answers_by_select,
- lasso_data_service_get_answer_for_item_id,
- lasso_data_service_add_modification.
- Remove lasso_data_service_need_redirect_user use equivalent
- function
- lasso_interaction_profile_service_build_redirect_response_msg.
- Remove
- lasso_data_service_get_resource_offering,
- lasso_data_service_set_offering.
- * lasso/id-wsf/discovery.c:
- Add documentation. Change some signatures. Remove
- lasso_discovery_get_description_auto. Change name of
- lasso_discovery_init_insert to lasso_discovery_init_modify. Add a
- generic lasso_discovery_process_request_msg.
- Add internal function lasso_discovery_init_offering, to get
- automatically an offering if possible. Remove useless
- init_from_xml.
- Rework lasso_discovery_build_credential implementation.
- overloading. Remove lasso_discovery_destroy.
- * lasso/id-wsf/discovery.h:
- Remove lasso_discovery_destroy.
- * lasso/id-wsf/interaction_profile_service.c:
- Add
- lasso_interaction_profile_service_build_redirect_response_msg.
- * lasso/id-wsf/personal_profile_service.c:
- Update lasso_personal_profile_service_get_email to use
- lasso_data_service_get_answers_by_select.
- * lasso/xml/dst_modify.c:
- make modification parameter optional to the constructor.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: Core: Add new error types
-
- * lasso/errors.h lasso/errors.c:
- add error types: LASSO_ERROR_CAST_FAILED,
- LASSO_DATA_SERVICE_CANNOT_ADD_ITEM,
- LASSO_WSF_PROFILE_ERROR_INVALID_OR_MISSING_REFERENCE_TO_MESSAGE_ID,
- LASSO_DST_ERROR_QUERY_NOT_FOUND, LASSO_DST_ERROR_NO_DATA,
- LASSO_DST_ERROR_MALFORMED_QUERY.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: XML: Add time formatting
- function for ISO 8601 format
-
- * xml/private.h:
- * xml/tools.c:
- add util function to format time_t values in the ISO 8601 format.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_attribute_value.h: XML: Add any
- attribute parsing to Saml2AttributeValue
-
- * xml/saml-2.0/saml2_attribute_value.h:
- add new public field GHashTable *attributes;
- * xml/saml-2.0/saml2_attribute_value.c:
- add parsing instructions to populate attributes field.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/xml/tools.c: XML: add documentation for
- lasso_eval_xpath_expression
-
- * lasso/xml/tools.c: add documentation for xpath helper
- evaluation
- function lasso_eval_xpath_expression.
+ Binding python: fix freeing of list return values for methods with the transfer full flag
+ The output 'print' were missing, oups :(
-2009-08-26 15:13 bdauvergne
+2010-06-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/strings.h: XML: add string constant for client soap
- errors
-
- * lasso/xml/strings.h: add new string constant
- LASSO_SOAP_FAULT_CODE_CLIENT.
+ Binding python: find a work around for random behaviour of PyImport_ImportModule
+ * it seems that PyImport_ImportModule is not deterministic. Sometimes it
+ returns True for modules which we know are present ('logging').
+ Importing 'sys' first seems to make 'logging' accessible (complete
+ cargo cult programming).
-2009-08-26 15:13 bdauvergne
+ Core: move logging function and macros to their own module, adapt perl binding
- * lasso/xml/id-wsf-2.0/disco_svc_md_register.c: XML: add
- documentation for lasso_idwsf2_disco_svc_md_register_new_full
-
- * lasso/xml/id-wsf-2.0/disco_svc_md_register.c: add documentation
- for constructor function
- lasso_idwsf2_disco_svc_md_register_new_full.
+ Core: move lasso_strerror declaration to errors.h
-2009-08-26 15:13 bdauvergne
+ add .gitignore file
- * lasso/errors.c, lasso/errors.h: ID-WSF 1.0: Add new error to
- signal unknown entry
-
- * lasso/errors.{c,h}: add a new error for the ID-WSF 1.0 module,
- to
- signal unknown entry in discovery responses.
+ Tools: add check-makefile.sh script to tools
-2009-08-26 15:13 bdauvergne
-
- * swig/Lasso-wsf2.i: SWIG Binding: reflect changes in the signature
- of struct LassoIdWsfDiscovery
-
- * swig/Lasso-wsf2.i (LassoIdWsfDiscovery):
- add new fields metadatas and svcMDIDS, remove old ones (metadata
- and svcMDID).
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c: ID-WSF 1.0: fix off-by one ref
- counting error in lasso_wsf_profile_init_soap_request
-
- * lasso/id-wsf/wsf_profile.c
- (lasso_wsf_profile_init_soap_request):
- envelope is an argument, increment its ref count
- before storing it.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c: ID-WSF 1.0: improve error recovery in
- lasso_wsf_profile_comply_with_saml_authentication
-
- * lasso/id-wsf/wsf_profile.c
- (lasso_wsf_profile_comply_with_saml_authentication):
- reuse existing wsse-security element if present,
- remove useless comments, move core code after argument type
- checks,
- return error if enveloppe or header is missing,
- fail if any referenced assertion is missing,
- correctly handle reference count of wsse_security depending on
- the situation (new or reused).
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf/discovery.c: ID-WSF 1.0: fix memory leak
-
- * lasso/id-wsf/discovery.c (lasso_discovery_add_insert_entry):
- the rule is that callee is responsible for becoming owner of a
- resource,
- so no g_object_ref before a call on an argument.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h: ID-WSF
- 2.0: publicize lasso_idwsf2_profile_build_soap_envelope
-
- * lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h
- (lasso_idwsf2_profile_build_soap_envelope):
- as for ID-WSF 1.0 export this function to allow easier
- implementation
- of external ID-WSF 2.0 services. remove FIXME comment and fill
- equivalent bugzilla reports.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: review
- lasso_idwsf2_discovery_process_metadata_register_response_msg
-
- * lasso/id-wsf-2.0/discovery.c
- (lasso_idwsf2_discovery_process_metadata_register_response_msg):
- change return code variable to rc, move argument casting after
- argument
- type check, copy all the service metadata ids,
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/discovery.h:
- ID-WSF 2.0: review
- lasso_idwsf2_discovery_process_metadata_register_msg
-
- * lasso/id-wsf-2.0/discovery.c
- (lasso_idwsf2_discovery_init_metadata_register):
- add documentation comment, move argument casting after type
- checking,
- change return code name to rc to comply with standardisation,
- use lasso_build_unique_id instead of duplicating the code,
- add iteration over all the registered service, add iteration
- to return all the generated service metadata ids, use new
- assignment
- macros.
- * lasso/id-wsf-2.0/discovery.h (struct _LassoIdWsf2Discovery):
- change field LassoIdWsf2DiscoSvcMetadata metadata to GList*
- metadatas
- and gchar *svcMDID to GList *svcMDIDs in order to support
- multiple
- services in requests.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: review
- lasso_idwsf2_discovery_metadata_register_self
-
- * lasso/id-wsf-2.0/discovery.c
- (lasso_idwsf2_discovery_metadata_register_self):
- Add documentation, add code for getting the service URL.
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: add documentation to
- lasso_idwsf2_discovery_register_self
-
- * lasso/id-wsf-2.0/discovery.c
- (lasso_idwsf2_discovery_register_self)
- move casting after argument type check, simplify code by using
- lasso_build_unique_id, remove useless comments
-
-2009-08-26 15:13 bdauvergne
-
- * lasso/id-wsf-2.0/discovery.c: ID-WSF 2.0: simplify gobject
- boilerplate
-
- * lasso/id-wsf-2.0/discovery.c: (get_xmlNode, instance_init,
- class_init)
- remove useless method get_xmlNode, remove useless NULLing or
- instance fields.
-
-2009-08-26 15:12 bdauvergne
-
- * lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/profile.c: ID-WSF 2.0: use new macros
-
- * lasso/id-wsf-2.0/data_service.c
- (lasso_idwsf2_data_service_init_query,
- lasso_idwsf2_data_service_parse_query_items,
- lasso_idwsf2_data_service_init_modify,
- lasso_idwsf2_data_service_parse_one_modify_item,
- lasso_idwsf2_data_service_parse_modify_items):
- add cast, change macros for stealing version, fix name of macro
- * lasso/id-wsf-2.0/profile.c:
- (lasso_idwsf2_profile_init_soap_request)
- use list handling macro, add missing casts
- * lasso/id-wsf-2.0/discovery.c:
- (lasso_idwsf2_discovery_process_metadata_association_add_msg,
- lasso_idwsf2_discovery_init_query) add missing casts
-
-2009-08-26 15:12 bdauvergne
-
- * lasso/xml/id-wsf-2.0/util_status.c,
- lasso/xml/id-wsf-2.0/util_status.h: ID-WSF 2.0: add a new
- constructor for UtilStatus
-
- - lasso/xml/id-wsf-2.0/utils_status.h
- (lasso_idwsf2_util_status_new_with_code):
- this constructor allow to construct and fill a UtilStatus node
- with
- one line. It has two arguments to construct nested two level
- status objects (with two status codes). If you omit the second
- argument you get a one level status object.
-
-2009-08-26 15:12 bdauvergne
-
- * lasso/id-wsf-2.0/data_service.c: ID-WSF 2.0: add initialization
- of local variables
-
-2009-08-26 15:12 bdauvergne
-
- * lasso/id-wsf-2.0/data_service.c: ID-WSF 2.0: Use new XPath API in
- DST
-
- - lasso/id-wsf-2.0/data_service.c:
- - lasso_idwsf2_data_service_parse_query_items: use the new API to
- remove error outputs from libxml, and generate an additional
- status
- code containing newly returned libxml error code.
- - lasso_idwsf2_data_service_parse_one_modify_item: use the new
- API.
-
-2009-08-26 15:12 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: XML: add API to simplify
- evaluation of XPath expressions
-
- * lasso/xml/tools.c,lasso/xml/private.h:
- - lasso_eval_xpath_expression(xmlXPathContextPtr xpathCtx,
- const char *expression, xmlXPathObjectPtr *xpathObjectPtr,
- int *xpathErrorCode) is a boolean returning function handling
- call
- to libxml API to evaluate en XPath expression in the xpathCtx
- context. It eventually save the returned nodeset in the variable
- pointed by xpathObjectPtr if it is not-NULL
- (and eventually deallocate previous value)
- and if an error happend it copy its code into the variable
- pointed to by xpathErrorCode if it is not NULL.
-
-2009-08-26 15:12 bdauvergne
-
- * tests/data/response-4, tests/tests2.c: Tests: Add a fourth data
- loading test
-
- * tests/data/response-4: test content
- * tests/tests2.c: add loading of the new file.
-
-2009-07-06 16:06 bdauvergne
-
- * lasso/Makefile.am: Only recurse into id-wsf if it is enabled
-
- * lasso/Makefile.am:
- only add id-wsf and id-wsf-2.0 to SUBDIRS if wsf is enabled.
-
-2009-07-06 16:06 bdauvergne
-
- * lasso/Makefile.am: Fix: backward_comp.h is missing from tarballs.
-
- * lasso/Makefile.am:
- add backward_comp.h to EXTRA_DIST
-
-2009-06-15 12:38 bdauvergne
-
- * bindings/python/wrapper_top.c: Python Binding: fix bug of
- uninitialized ppos argument to PyDict_Next
-
- * bindings/pyhton/wrapper_top.c (set_hashtable_of_pygobject):
- second argument (int*ppos) of PyDict_Next must be reinitialized
- to
- zero before each traversal (see Python C API
- http://docs.python.org/c-api/dict.html).
-
- Patch from Iban Rodríguez of the Desarrollo de Producto
- Electrónico,
- Spain.
-
-2009-06-15 12:27 bdauvergne
-
- * lasso.doap: Update doap file
-
-2009-06-15 12:27 bdauvergne
-
- * lasso/saml-2.0/profile.c: Do not remove signatures on assertion
- when using HTTP Redirect
-
- * lasso/saml-2.0/profile.c:
- HTTP Redirect binding mandate to remove signature at the SAML
- message
- level, but signatures at the assertion, especially if the SP
- asked for
- it, must be preserved.
-
-2009-05-07 12:36 bdauvergne
-
- * lasso/registry.c: Fix bug in lasso_registry_destroy / shutdown
-
- * lasso/registry.c:
- if not initialized, do not free. do not segfault on NULL
- argument.
-
-2009-05-07 12:36 bdauvergne
-
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/private.h,
- lasso/lasso.c: Do not respect default semantic of dst:Query
-
- * lasso/id-wsf-2.0/data_service.c:
- the specification for data service template indicat that the
- query
- must fail at the first failing query, we think this is a stupid
- behaviour so I set the default to keep running query until the
- last
- one and returning a partial result if at least one failed and a
- failed result if absolutely no query matched.
- * lasso/id-wsf-2.0/private.h:
- declare the lasso_flag_follow_id_wsf_supid_semantic flag.
- * lasso.c:
- declare the lasso_flag_follow_id_wsf_supid_semantic flag, it's
- conditionned by the LASSO_WSF_ENABLED preprocessor symbol.
-
-2009-04-30 14:58 bdauvergne
-
- * tests/integration/saml2/__init__.py,
- tests/integration/valgrind-wrapper.sh: Add valgrind support to
- integration tests
-
- * tests/integration/saml2/__init__.py:
- if /usr/bin/valgrind exist, use script valgrind-wrapper.sh to
- launch
- tests, it stores log files in
- {authentic,lcs}_$ISODATE_pid$PID.log.
-
-2009-04-30 14:58 bdauvergne
-
- * bindings/python/wrapper_top.c: Fix leak in python binding
-
- * bindings/python/wrapper_top.c:
- keep a pointer on beginning of list to free it.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/lasso.c, lasso/registry-private.h, lasso/registry.c: Fix
- leak of mapping registry
-
- * lasso/lasso.c:
- * lasso/registry-private.h:
- * lasso/registry.c:
- make the registry be freed in lasso_shutdown.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/id-ff/login.c, lasso/id-ff/logout.c, lasso/id-ff/profile.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c: ID-FF 1.2: Fix
- leaks, reduce code
-
- * id-ff/login.c:
- * id-ff/logout.c:
- * id-ff/profile.c:
- * id-ff/provider.c:
- * id-ff/server.c:
- fix leaks by using field setting macros which frees previous
- values,
- it also reduce code length sometimes.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/debug.h: Export the new flag
-
- * lasso/debug.h:
- export new flag lasso_flag_sign_messages.
-
-2009-04-30 14:58 bdauvergne
-
- * tests/basic_tests.c, tests/login_tests.c,
- tests/login_tests_saml2.c, tests/random_tests.c: Fix leaks in
- tests
-
- * basic_tests.c:
- * login_tests.c:
- * login_tests_saml2.c:
- * random_tests.c:
- free replaced string, unref used nodes, initialize local
- variables
- when necessary, free newly allocated strings.
-
-2009-04-30 14:58 bdauvergne
-
- * tests/format-suppressions.py: Add a script to format suppression
- file
-
- * tests/format-suppressions.py:
- this is the script used to generate valgrind/lasso.supp and
- valgrind/glib.supp.
-
-2009-04-30 14:58 bdauvergne
-
- * tests/Makefile.am, tests/data/response-1, tests/data/response-2,
- tests/data/response-3, tests/tests2.c: Add a stress test for
- serializing/deserializing code
-
- * Makefile.am:
- add targets
- * tests2.c:
- this simple makes lots of serializing, deserializing.
- * data/response-1:
- * data/response-2:
- * data/response-3:
- data test files
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c,
- lasso/saml-2.0/name_id_management.c, lasso/saml-2.0/profile.c,
- lasso/saml-2.0/provider.c: SAML 2.0: Fix many leaks
-
- * lasso/saml-2.0/login.c:
- * lasso/saml-2.0/logout.c:
- * lasso/saml-2.0/name_id_management.c:
- * lasso/saml-2.0/profile.c:
- * lasso/saml-2.0/provider.c:
- do not mix g_malloc strings with libxml strings, use the
- string/gobject handling macros as much as possible, be a good
- memory
- citizen, don't put your elbows on the table.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/xml/xml.c: LassoNode: Fix leaks
-
- * lasso/xml/xml.c:
- fix more and more leaks.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/xml/xml.c: Add debugging code to
- lasso_node_impl_init_from_xml
-
- * lasso/xml/xml.c:
- add more debugging code for the memory-debug flag.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/xml/xml.c: Add debugging code to lasso_set_orginal_xmlnode
-
- * lasso/xml/xml.c:
- add code to trace allocation and deallocation of original xmlnode
- associated to LassoNodes.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/xml/lib_authentication_statement.c,
- lasso/xml/saml-2.0/samlp2_name_id_policy.c,
- lasso/xml/saml_name_identifier.c: Remove useless code
-
- * lasso/xml/lib_authentication_statement.c:
- * lasso/xml/saml-2.0/samlp2_name_id_policy.c:
- * lasso/xml/saml_name_identifier.c:
- remove useless initialization code.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/xml/tools.c: Fix leak in lasso_url_add_parameters
-
- * lasso/xml/tools.c:
- in lasso_url_add_parameters free intermediate strings.
-
-2009-04-30 14:58 bdauvergne
-
- * lasso/utils.h: Fix debug echo on stdout
-
- * lasso/utils.h:
- make lasso_mem_debug output on stderr and not stdout
-
-2009-04-30 14:58 bdauvergne
-
- * tests/valgrind/glib.supp, tests/valgrind/lasso.supp: Add new
- valgrind memleak suppression files
-
- * tests/valgrind/glib.supp:
- suppress all "static" allocation by glib, usually for the type
- system.
- * tests/valgrind/lasso.supp:
- suppress allocations from lasso that we cannot actually remove,
- they
- are all from "called only once" code, so it should not really be
- a
- problem for embedded codes.
-
-2009-04-27 15:48 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c,
- lasso/saml-2.0/name_id_management.c, lasso/saml-2.0/profile.c:
- More work on signature validation for SAML 2.0
-
- * lasso/saml-2.0/profile.c:
- in lasso_saml20_profile_process_any_request and
- lasso_saml20_profile_process_any_response do not make signature
- validation failure as call failure, just store the result in
- profile->signature_status and let the upper level functions
- handle
- what to do with it. also add documentation about those two
- functions.
-
- * lasso/saml-2.0/logout.c:
- * lasso/saml-2.0/name_id_management.c:
- handle new signature_status semantic.
-
- * lasso/saml-2.0/login.c:
- add internal documentation for
- lasso_saml20_login_process_authn_response_msg.
-
-2009-04-27 14:31 bdauvergne
-
- * lasso/saml-2.0/login.c: Update signature_status when checking
- signature on assertions
-
- * lasso/saml-2.0/login.c:
- if signature_status is SIGNATURE_NOT_FOUND, check one on the
- assertion and keep the result in signature_status.
-
-2009-04-27 14:31 bdauvergne
-
- * tests/integration/saml2/__init__.py: Increase wait time for
- integration test
-
- * tests/integration/saml2/__init__.py:
- wait 5 seconds for dameons to start.
-
-2009-04-27 14:31 bdauvergne
-
- * lasso/lasso.c: review later
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/saml-2.0/login.c: FIX: verify assertion signature for SAML
- 2.0 when response is not signed
-
- * lasso/saml-2.0/login.c:
- if response was not signed, check the signature on the assertion.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/saml-2.0/login.c: new function
- lasso_saml20_login_check_assertion_signature()
-
- * lasso/saml-2.0/login.c:
- lasso_saml20_login_check_assertion_signature() find the issuer of
- an
- assertion, look it up in the server object and try to validate
- its
- signature. It returns an error code if any of this step fails.
-
-2009-04-27 08:19 bdauvergne
-
- * tests/login_tests_saml2.c: Test: Remove spurious debugging printf
-
- * tests/login_tests_saml2.c:
- remove debug code.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_status_response.c: Add keep_xmlnode
- flag to SAML 2.0 req, resp and assertions
-
- * lasso/xml/saml-2.0/saml2_assertion.c:
- * lasso/xml/saml-2.0/samlp2_request_abstract.c:
- * lasso/xml/saml-2.0/samlp2_response.c:
- * lasso/xml/saml-2.0/samlp2_status_response.c:
- set keep_xmlnode flag to 1 in class_init.
-
-2009-04-27 08:19 bdauvergne
-
- * bindings/overrides.xml, lasso/id-ff/profile.c,
- lasso/id-ff/profile.h: new function lasso_profile_get_server()
-
- * lasso/id-ff/profile.c:
- * lasso/id-ff/profile.h:
- in a move to try to remove direct access to object content, add a
- function to retrieve the LassoServer object of a LassoProfile.
- * bindings/overrides.xml:
- it conflicts with direct access to the public field server, so we
- do
- not export it in the binding for now.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/xml/tools.c: fix: in lasso_verify_signature() only look for
- the first direct child Signature element
-
- * lasso/xml/tools.c:
- in SAML message signatures are usually envelopped signatures, so
- just
- lookup for the first direct child which is a Signature node.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/utils.h: fix: handle non-LHS argument for
- lasso_extract_node_or_fail()
-
- * lasso/utils.h:
- create a temporary varaible to store result of second argument
- evaluation to prevent spurious side effects.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/saml-2.0/profile.c:
- lasso_saml20_profile_init_artifact_resolve(): check http_method
-
- * lasso/saml-2.0/profile.c:
- check the given http_method it must one in
- - LASSO_HTTP_METHOD_ARTIFACT_POST,
- - LASSO_HTTP_METHOD_ARTIFACT_GET.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: lasso_login_init_request(): change error
- code for invalid artifacts
-
- * lasso/id-ff/login.c:
- if artifact is invalid return
- LASSO_PROFILE_ERROR_INVALID_ARTIFACT as
- in lasso_saml20_profile_init_artifact_resolve().
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation of
- lasso_login_init_request
-
- * lasso/id-ff/login.c:
- add precision on usage. add all possible return codes with
- meanings.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: lasso_login_init_authn_request: complete doc
-
- * lasso/id-ff/login.c:
- add all possible return codes and their meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: lasso_login_init_authn_request: change error
- code for missing remote provider ID
-
- * lasso/id-ff/login.c:
- change the return code for when no remote provider ID could be
- defined (because the argument is NULL and the server object
- contains
- no providers) so that we can distingish the case where the given
- provider is unknown or if there is no providers configured.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Add a deprecated tag to lasso_login_destroy
- doc
-
- * lasso/id-ff/login.c:
- all destroy functions are deprecated, g_object_unref() should be
- used
- instead.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation of
- lasso_login_byuld_response_msg
-
- * lasso/id-ff/login.c:
- add all possible return codes with meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation of
- lasso_login_build_request_msg
-
- * lasso/id-ff/login.c:
- add all possible return codes with meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complet documentation for
- lasso_login_build_authn_response_msg
-
- * lasso/id-ff/login.c:
- add all possible return codes with meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation of
- lasso_login_build_authn_request
-
- * lasso/id-ff/login.c:
- add all possible return codes with meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete documentation for
- lasso_login_build_artifact_msg
-
- * lasso/id-ff/login.c:
- add all possible return codes with meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complet documentation of
- lasso_login_accept_sso
-
- * lasso/id-ff/login.c:
- add all possible return codes.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete doc for static function
- lasso_login_musk_ask_for_consent
-
- * lasso/id-ff/login.c:
- precise return value meaning.
-
-2009-04-27 08:19 bdauvergne
-
- * lasso/id-ff/login.c: Complete document of
- lasso_login_build_assertion
-
- * lasso/id-ff/login.c:
- add possible return codes.
-
-2009-04-27 08:18 bdauvergne
-
- * lasso/id-ff/logout.c: Complete doc of
- lasso_logout_validate_request
-
- * lasso/id-ff/logout.c:
- add description of all possible return codes.
-
-2009-04-22 23:49 bdauvergne
-
- * lasso/id-ff/login.c, lasso/id-ff/provider.c,
- lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c,
- lasso/utils.h, lasso/xml/lib_logout_request.c, lasso/xml/tools.c,
- lasso/xml/xml.c: Rework cleanup handling
-
- * lasso/utils.h:
- change 'goto exit' for 'goto cleanup'. rename all goto_exit
- macros to
- goto_cleanup_. rename goto_cleanup_if_fail to
- goto_cleanup_if_fail_with_rc and add a
- goto_cleanup_if_fail for function which do not return an integer
- value. add documentation for goto_cleanup macro family.
- * lasso/id-ff/login.c:
- * lasso/id-ff/provider.c:
- * lasso/id-ff/server.c:
- * lasso/id-ff/session.c:
- * lasso/id-wsf/discovery.c:
- * lasso/id-wsf/wsf_profile.c:
- * lasso/saml-2.0/profile.c:
- * lasso/utils.h:
- * lasso/xml/lib_logout_request.c:
- * lasso/xml/tools.c:
- * lasso/xml/xml.c:
- update name of goto_exit_if_fail macros. rename 'exit' labels to
- 'cleanup'.
-
-2009-04-22 23:49 bdauvergne
-
- * lasso/xml/xml.c: XML: Fix prefix clobbering by xsi:type handling
-
- * lasso/xml/xml.c:
- if xsi:type is not able to find a GObject typename for the
- current
- node, then do not erase the actual prefix value. change prefix
- type
- to const char.
-
-2009-04-22 23:49 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c: SAML 2.0: Use
- new API lasso_url_add_parameter
-
- * lasso/saml-2.0/profile.c:
- use new API lasso_url_add_parameter to handle RelayState
- parameter
- creation.
-
-2009-04-22 23:49 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: Check http_method in
- build_artifact_msg
-
- * lasso/saml-2.0/login.c:
- if http_method is not among ARTIFACT_GET and ARTIFACT_POST,
- return an
- INVALID_HTTP_METHOD error.
-
-2009-04-22 23:49 bdauvergne
-
- * tests/basic_tests.c: Tests: Add test parsing a Ping Federate
- assertion.
-
- * tests/basic_tests.c:
- load data/response-1 and try to parse it.
-
-2009-04-22 23:49 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Add a new internal API
- for parameters building
-
- * xml/tools.c:
- add lasso_url_add_parameter that concat the string &key=value to
- an
- existing URL where key and value are url-encoded.
- * xml/private.h:
- declare lasso_url_add_parameter.
-
-2009-04-22 23:49 bdauvergne
-
- * tests/Makefile.am, tests/login_tests_saml2.c, tests/tests.c:
- Tests: Add a SAML2 login test
-
- * tests/login_tests_saml2.c:
- add a C login test for SAML 2.
- * tests/Makefile.am:
- add the new test to dependencies.
-
-2009-04-21 12:22 bdauvergne
-
- * lasso/xml/xml.c: If no typename could be determined, stop
- parsing.
-
- * lasso/xml/xml.c:
- in lasso_node_new_from_xmlNode if no typename is found for the
- given
- xmlNode, return NULL.
-
-2009-04-17 14:12 jschneider
-
- * bindings/python/wrapper_top.c: Fix python 2.4 binding build
-
-2009-04-14 07:51 bdauvergne
-
- * lasso/xml/tools.c, lasso/xml/xml.c: Core: Add cast to first
- argument of isalnum
-
- * lasso/xml/xml.c:
- * lasso/xml/tools.c:
- isalnum takes a int as first arg.
-
-2009-04-14 07:51 bdauvergne
-
- * lasso/backward_comp.h, lasso/lasso.c, lasso/utils.h,
- tests/login_tests.c: Core: add an header file for backward
- compatibility
-
- * lasso/backward_comp.h:
- this header will contain substitue function, defines or types for
- compatibility with older versions of dependencies.
- * lasso/utils.h:
- remove declaration of g_strcmp0
- * lasso.c:
- * tests/login_tests.c:
- use backward_comp.h
+ add abi file for 2.2.91
-2009-04-09 16:55 jschneider
+ Tests: add idp6-saml2 data
- * bindings/java/lang.py, bindings/python/wrapper_top.c,
- lasso/registry.c: Fix build issues on amd64 / gcc 4.3
-
- * bindings/java/lang.py:
- fix cast issue
- * bindings/python/wrapper_top.c
- fix type issue
- * lasso/registry.c
- fix cast issue
+ Test: add python test for attribute requesting
+ * What's tested:
+ - request initialization
+ - adding attribute designators
+ - building the request message
+ - processing the request message
+ - accepting the request
+ - adding assertion with attributes
+ - signing the assertion
+ - building the response
+ - parsing the response
-2009-04-02 17:16 bdauvergne
+ SAMLv2: rename lasso_saml2_name_id_build_persistent to lasso_saml2_name_id_new_with_persistent_format
+ * keep the old one for compatibility
+ * new one will be picked by bindings as a constructor
- * lasso/utils.h, tests/login_tests.c: Tests&Core: add g_strcmp0 if
- glib is old
-
- * lasso/utils.h:
- if glib is older than 2.16, export g_strcmp0 as part of internal
- headers, in order to use it in login_tests.c
- * tests/login_tests.c:
- include utils.h
-
-2009-03-27 17:01 bdauvergne
-
- * website/web/download/index.xml,
- website/web/news/13-release-2.2.2.xml: Update website download
- page
-
- * website/web/download/index.xml:
- update link for last release download
- * website/web/news/13-release-2.2.2.xml:
- add news about release 2.2.2
-
-2009-03-27 16:44 bdauvergne
-
- * configure.ac, fedora/lasso.spec, lasso.doap: Update lasso version
- to 2.2.2
-
- * configure.ac:
- * fedora/lasso.spec:
- * lasso.doap:
- update lasso version to 2.2.2, this commit will be the reference
- for
- the 2.2.2 release.
-
-2009-03-27 16:44 bdauvergne
-
- * lasso/Makefile.am: Makefile: change dependencies to pass
- distcheck
-
- * lasso/Makefile.am:
- source dependencies must refer to $(srcdir) in order to pass
- distcheck, I forgot to do it in types.c and symbols.sym target
- changes.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/lib_logout_request.c: ID-FF 1.2: if logout request
- parsing fails, take a shortcut
-
- * lasso/xml/lib_logout_request.c:
- immediately return from init_from_query if overloaded parent
- method
- fails.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/saml-2.0/profile.c: SAML 2.0: Update generic relaystate
- handling
-
- * lasso/saml-2.0/profile.c:
- in lasso_saml20_profile_build_redirect_request_msg and
- lasso_saml20_profile_build_redirect_response, use new function
- lasso_saml20_profile_build_http_redirect.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/debug.h, lasso/lasso.c: Core: add a add-signature flag
-
- * lasso/debug.h:
- * lasso/lasso.c:
- add a lasso_flag_add_signature flag variable (default to TRUE),
- and parsing code to change it from LASSO_FLAG environment
- variable.
- ("env LASSO_FLAG=no-add-signature test").
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/login.c: ID-FF 1.2: Only verify InResponseTo if
- strict checking is on
-
- * lasso/id-ff/login.c:
- add condition upon checking of the InResponseTo field: checks
- only if
- strict checking is activated as it could stop old code using
- Lasso
- from working.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/debug.h, lasso/lasso.c: Core: Add a flag for enabling more
- strict checking
-
- * lasso/debug.h:
- declare lasso_flag_strict_checking global boolean variable.
-
- * lasso/lasso.c:
- add parsing for new option called 'strict-checking'.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/xml.c: XML: use macro for assignment
-
- * lasso/xml/xml.c: use standardized assignment macros (it takes
- care of
- releasing previous valuesm and other peculiarities associated
- with
- safe pointer usage).
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/profile.c: ID-FF 1.2: Add trace in dispose for
- LassoProfile
-
- * lasso/id-ff/profile.c: add tracing code activaged by
- LASSO_FLAG=memory-debug to print release of field values.
- Complement the existing code in generic deallocation procedure in
- LassoNode.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/debug.h: Core: debug.h need export.h
-
- * lasso/debug.h:
- export.h is needed for the LASSO_EXPORT macro.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/utils.h: Core: Macros to print deallocation messages
-
- * lasso/utils.h:
- lasso_mem_debug print deallocation message with respect to class
- and
- field.
+ SAMLv2: when initializing signture on assertion, setup an ID if there is none
+ * without the ID lasso refuse to sign (it's mandatory)
-2009-03-27 15:06 bdauvergne
+ SAMLv2: in lasso_assertion_query_build_request_msg setup nameid
+ * lasso_profile_get_nameIdentifier does not return profile->nameIdentifier
+ ,
+ so we first try to use profile->nameIdentifier and if it is NULL we use
+ lasso_profile_get_nameIdentifier.
- * lasso/utils.h: Core: remove type check equality on gobject macros
-
- * lasso/utils.h:
- assignment to the temporary variable allow to check for the
- typing,
- do not use lasso_check_type_equality.
+ Binding python: fix bad refcounting in get_logger and lasso_python_log
-2009-03-27 15:06 bdauvergne
+2010-06-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: Core: add macros to handle xmlSecKey
-
- * lasso/utils.h:
- macros to assign and release xmlSecKey(s).
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/tools.c, lasso/xml/xml.c: XML: fix memory leaks
-
- * lasso/xml/tools.c:
- * lasso/xml/xml.c:
- release xmlDoc, properly steal nodes by using
- xmlSetTreeDoc(xmlnode, NULL);
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/logout.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c: ID-FF 1.2: fix
- style fault
-
- * lasso/id-ff/defederation.c:
- * lasso/id-ff/logout.c:
- * lasso/id-ff/profile.c:
- * lasso/id-ff/provider.c:
- * lasso/id-ff/server.c:
- add missings casts, remove useless wrappers
- * lasso/id-ff/logout.c:
- In lasso_logout_process_request_msg change sequence of "if" for a
- "switch".
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-ff/session.c: ID-FF 1.2: fix some real and potential
- memory leaks
-
- * lasso/id-ff/provider.c:
- * lasso/id-ff/server.c:
- * lasso/id-ff/session.c:
- use macros to release previous value when necessary,
- release object used as parameters to constructors,
- free the encryption key associated with a provider,
- release the key manager created for a saml signature
- verification.
-
-2009-03-27 15:06 bdauvergne
-
- * tests/basic_tests.c, tests/login_tests.c, tests/metadata_tests.c,
- tests/random_tests.c, tests/tests.c: Test: add missing release of
- objects and memory
-
- * tests/basic_tests.c:
- * tests/login_tests.c:
- * tests/metadata_tests.c:
- * tests/random_tests.c:
- * tests/tests.c:
- add missing g_free and g_object_unref calls.
-
-2009-03-27 15:06 bdauvergne
-
- * bindings/bindings.py: Bindings: skip DEPRECATED variables
-
- * bindings/bindings.py: when parsing headers, skipped deprecated
- struct
- fields.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/logout.c: ID-FF 1.2: Add
- handling of relaystate for logout requests
-
- * lasso/id-ff/logout.c (lasso_logout_process_request_msg,
- lasso_logout_validate_request): transfer relaystate from request
- message to profile field.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/lecp.c,
- lasso/id-ff/logout.c: ID-FF 1.2: Use new macros in logout,
- defederation and lecp
-
- * lasso/id-ff/logout.c:
- - (lasso_logout_build_response_msg, lasso_logout_init_request,
- lasso_logout_process_request_msg,
- lasso_logout_process_response_msg,
- lasso_logout_validate_request) use lasso_assign_new_object,
- lasso_assign_string, lasso_release and lasso_assign_new_string
- when
- possible.
- - (lasso_logout_process_response_msg) move the tranfer of the
- relaystate
- from XML object to profile object.
-
- * lasso/id-ff/defederation.c:
- - (lasso_defederation_build_notification_msg,
- lasso_defederation_init_notification,
- lasso_defederation_process_notification_msg,
- lasso_defederation_validate_notification): idem
-
- * lasso/id-ff/lecp.c:
- - (lasso_lecp_build_authn_request_envelope_msg,
- lasso_lecp_build_authn_request_msg,lasso_lecp_build_authn_response_msg,
- lasso_lecp_build_authn_response_envelope_msg) idem
-
-2009-03-27 15:06 bdauvergne
-
- * configure.ac: Autoconf: Do not include optimisation flags in
- AM_CFLAGS
-
- * configure.ac: when --enable-debugging set CFLAGS,
- do not modify AM_CFLAGS.
+ Core: update lasso_iso_8601_gmt_to_time_t to support milliseconds
+ * We now support the two possible formats for xsdtime XSchema datatype:
+ - dddd-dd-ddTdd:dd:ddZ
+ - dddd-dd-ddTdd:dd:dd.d*Z
-2009-03-27 15:06 bdauvergne
+ Where d denotes a digit, and * is the kleene star.
- * tests/login_tests.c: ID-FF 1.2 Tests: Add test for relaystate
-
- * tests/login_tests.c:
- - (test02_serviceProviderLogin) add assertion concerning the
- relaying
- of the RelayState parameter during an SP initiated SSO.
+ XSD datetime also supports negative years, but as we cannot represent
+ them with time_t, we can reject it at the lexical level.
-2009-03-27 15:06 bdauvergne
+2010-06-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/login.c: ID-FF 1.2 Login: Use allocation macros
-
- * lasso/id-ff/login.c: (lasso_login_init_authn_request) again a
- passing by
- correction, use lasso_assign_string for copying information from
- the request to the profile object.
+ Documentation: add new AssertionQuery methods to documentation
-2009-03-27 15:06 bdauvergne
-
- * lasso/id-ff/login.c: ID-FF 1.2: Handle RelayState inside
- LassoLogin
-
- * lasso/id-ff/login.c:
- - (lasso_login_init_request) catch RelayState in the query_fields
- and
- copy it to msg_relayState
- - (lasso_login_process_authn_request_msg) copy RelayState from
- the
- request object to the profile object.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml_assertion.c, lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_response_abstract.c: XML ID-FF 1.2 & SAML 2.0:
- Handle signature failure
-
- * lasso/xml/saml_assertion.c:
- * lasso/xml/samlp_response_abstract.c:
- * lasso/xml/samlp_request_abstract.c:
- * lasso/xml/saml-2.0/samlp2_request_abstract.c:
- * lasso/xml/saml-2.0/saml2_assertion.c:
- * lasso/xml/saml-2.0/samlp2_status_response.c:
- if a failure occur in the signing process, free the xmlnode,
- return
- NULL and print a warning.
-
-2009-03-27 15:06 bdauvergne
+ Tests: new python test for setEncryptionPrivateKeyWithPassword
- * lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c: XML SAML 2.0:
- Delete parent_class static variable
-
- * lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c.
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c:
- - remove static variable parent_class
- - (class_init) remove intialization of parent_class
+ Fix long lines in lasso/id-ff/server.c
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_authn_request.h,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.h,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_logout_response.h: XML SAML 2.0: Mark
- RelayState field from SAML 2.0 deprecated
-
- * lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- - (instance_init) remove initialization of relayState field
-
- * lasso/xml/saml-2.0/samlp2_logout_response.c:
- - (instance_init) remove empty function, since it
- only initialized relayState.
- - (lasso_samlp2_logout_reponse_get_type) remove instance_init
- from the type initialization structure.
-
- * lasso/xml/saml-2.0/samlp2_authn_request.h,
- lasso/xml/saml-2.0/samlp2_logout_request.h,
- lasso/xml/saml-2.0/samlp2_logout_response.h:
- - (struct _LassoSamlp2*) mark relaystate field as deprecated.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c: XML SAML 2.0:
- Clean query string parsing/building
-
- * lasso/xml/saml-2.0/samlp2_status_response.c:
- - (init_from_query) remove useless stub code for parsing
- RelayState
-
- * lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c, :
- - (class_init) remove overloading of init_from_query, use version
- from samlp2_status_response instead.
- - (init_from_query) Useless so deleted.
-
- * lasso/xml/saml-2.0/samlp2_request_abstract.c:
- - (class_init) add overloaded method for init_from_query virtual
- method.
- - (init_from_query) generic implementation for SAML 2.0 requests
-
- * lasso/xml/saml-2.0/samlp2_subject_query_abstract.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.c:
- - (class_init) remove overloading of init_from_query, use version
- from samlp2_request_abstract instead.
- - (init_from_query) Useless so deleted.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/xml.c: XML: Remove useless parsing of RelayState in
- lasso_node_init_from_saml2_query_fields
-
- * lasso/xml/xml.c: (lasso_node_init_from_saml2_query_fields)
- Since parsing
- of the relayState is now done inside each "_process_*msg" method
- of
- each SAML2 profile, it is not needed anymore in this function.
-
-2009-03-27 15:06 bdauvergne
-
- * lasso/xml/xml.c: XML: Use memory macros inside
- lasso_node_export_to_query
-
- * lasso/xml/xml.c (lasso_node_export_to_query): use lasso own
- memory
- handling macros.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/lib_authn_request.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_logout_request.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_status_response.c, lasso/xml/xml.c: ID-FF 1.2:
- review HTTP-Redirect binding parsing/building
-
- * lasso/xml/lib_authn_request.c, lasso/xml/lib_logout_request.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_status_resposne.c:
- - build_query: remove build_query overloaded virtual method, use
- LassoNode new generic implementation.
- - init_from_query:
- - change direct call to lasso_node_init_from_query_fields to use
- of
- base implementation from LassoNode.
- - make use of utils.h memory handling macros like
- lasso_release_gobject and lasso_assign_string.
-
- * lasso/xml/lib_federation_termination_notification.c:
- - init_from_query: remove parsing of RelayState parameter
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/defederation.c: ID-FF 1.2: Defederation, changes
- includes for relative paths
-
- * lasso/id-ff/defederation.c: header path should be relative to
- the
- implementation, I will try to do it to most files.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/defederation.c: ID-FF 1.2: Defederatopm HTTP-Redirect
- binding, handle relaystate
-
- * lasso/id-ff/defederation.c: get relaystate directly from the
- query
- string using lasso_get_relaystate_from_query.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/login.c: SAML 2.0: In login change includes for
- relative paths
-
- * lasso/id-ff/login.c: changes headers for relatives paths
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/errors.c, lasso/errors.c.in: Core: Remove ending blanks
- from erros.c.in
-
- * lasso/errors.c.in: errors.c template contains blanks at end of
- lines.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/profile.c: SAML 2.0: add
- direct treatment of relaystate for HTTP-Redirect binding
-
- * lasso/saml-2.0/login.c: In
- lasso_saml20_login_process_authn_request_msg change handling of
- relayState do not rely upon parsing by the node object, but
- extract
- directly from the query string. Use new function
- lasso_get_relaystate_from_query.
- * lasso/saml-2.0/logout.c: In
- lasso_saml20_logout_process_request_msg
- change handling of relayState do not rely upon parsing by the
- node
- object, but extract directly from the query string.
- * lasso/saml-2.0/profile.c: In
- lasso_saml20_profile_init_artifact_resolve, add handling of the
- relayState transmitted to the assertion consumer URL.
- * lasso/saml-2.0/name_id_management.c: In
- lasso_name_id_management_process_request_msg change handling of
- relayState do not rely upon parsing by the node
- object, but extract directly from the query string.
+ Core: add method lasso_server_set_encryption_private_key_with_password
+ * fixes #91.
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c: SAML 2.0:
- simplify redirect binding code path
-
- * lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c,
- lasso/saml-2.0/name_id_management.c: simplify code path
- associated
- with generation of the url for the HTTP-Redirect binding using
- the
- rencently introduced function
- lasso_saml20_profile_build_http_redirect.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_status_response.c: SAML 2.0: remove
- TODO comment about RelayState
-
- * lasso/xml/saml-2.0/samlp2_status_response.c: do it:)
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c: XML SAML2:
- Remove unnecessary overloading of build_query in request/respons
- objects
-
- * lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c: remove
- useless
- overloading of build_query virtual method, revert to
- implementations
- in LassoSamlp2RequestAbstract and LassoSamlp2StatusResponse.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_request_abstract.c: XML SAML 2.0: add a
- build query to request base class
-
- * lasso/xml/saml-2.0/samlp2_request_abstract.c: add a build query
- overloaded function to LassoSamlp2RequestAbstract class, the base
- class of all saml 2.0 request nodes.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h: SAML
- 2.0: Add helper function to implement the HTTP-Redirect binding
-
- * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h:
- - remove_all_signature traverse a tree of LassoNode objects to
- unset
- all signature_type field in on nodes supporting signature
- generation.
- - lasso_saml20_profile_export_to_query does the job of
- generateing
- the url containing the message content and the relaystate, then
- sign it using lasso_query_sign.
- - lasso_saml20_profile_build_http_redirect use those two
- functions
- and the metadatas to build the signed redirect url.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: XML: Add const modifiers
- to lasso_concat_url_query arguments
-
- * lasso/xml/private.h, lasso/xml/tools.c: add const modifier to
- lasso_concat_url_query arguments.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/xml.c: XML: Remove static modifier
- on lasso_node_build_query
-
- * lasso/xml/private.h, lasso/xml/xml.c: remove static modifier to
- lasso_node_build_query and export it for use in id-ff profiles.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: XML: Tool function to
- extract relaystate from query
-
- * lasso/xml/tools.c, lasso/xml/private.h: new function
- lasso_get_relaystate_from_query to help in relaystate handling.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c, lasso/utils.h, lasso/xml/xml.c: Core:
- rename lasso_release_xmlchar to lasso_release_xml_string
-
- * lasso/id-wsf/wsf_profile.c, lasso/utils.h, lasso/xml/xml.c:
- rename
- lasso_release_xmlchar to lasso_release_xml_string.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/utils.h: Core: Fix double instantiation of macro parameters
-
- * lasso/utils.h:
- - (lasso_assign_new_string,lasso_assign_gobject) if source
- parameter
- is a function call it could be called two times and have
- unexpected
- side effects. Copy the returned value to a temp variable and use
- it
- instead.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/utils.h: Core: Fix corner case in deallocation macros
-
- * lasso/utils.h: When setting strings using lasso_assing_string
- or
- lasso_assign_new_string, verify that new string is different than
- the
- target value string before deallocating the target.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/provider.c: Add missing intializations
-
- * initialize local variables.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: replace direct use of xmlSecSoap function
- by wrapper
-
- * lasso/xml/xml.c:
- In lasso_node_init_from_message_with_format remove direct use of
- xmlSecSoap* functions because they emit too much warning by lasso
- reimplementations.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: remove use of XPath
-
- * lasso/xml/xml.c:
- in lasso_node_new_from_soap, instead of using XPath use function
- lasso_xml_get_soap_content.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: fix comment for
- lasso_node_init_from_message
-
- * lasso/xml/xml.c:
- state the return code type.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: remove lasso_node_decrypt implementation
-
- * lasso/xml/xml.c:
- remove code for lasso_node_decrypt.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: make comment agree with the code
-
- * lasso/xml/xml.c:
- change comment about xsi:type handling, we try to honor every
- xsi:type.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/xml.c: Core: remove commented code
-
- * lasso/xml/xml.c:
- remove commented code to handle a specific lasso extension.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/xml/tools.c, lasso/xml/xml.c: Core:
- use lasso_xml_parse_memory instead of xmlParseDoc
-
- * lasso/id-ff/provider.c:
- use internal wrapper instead of direct call to libxml for
- parsing.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/name_id_management.c, lasso/xml/private.h,
- lasso/xml/tools.c, lasso/xml/xml.c: Core: move parse xml wrapper
- from xml.c to tools.c
-
- * lasso/xml/xml.c:
- remove lasso_xml_parse_memory.
- * lasso/xml/tools.c:
- add lasso_xml_parse_memory to wrap xmlParseDocument.
- * lasso/saml-2.0/name_id_management.c:
- use lasso_xml_parse_memory
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/server.c, lasso/id-ff/serverprivate.h,
- lasso/saml-2.0/name_id_management.c: SAML 2.0 NameIDManagement:
- use new generic methods
-
- * lasso/saml-2.0/name_id_management.c:
- use new generic methods in lasso_name_id_management_init_request,
- lasso_name_id_management_build_request_msg,
- lasso_name_id_management_process_request_msg,
- lasso_name_id_management_validate_request,
- lasso_name_id_management_build_response_msg,
- lasso_name_id_management_process_response_msg.
- Remove useless boilerplate code.
-
- * lasso/id-ff/server.c:
- * lasso/id-ff/serverprivate.h:
- last user of lasso_server_nameid_decrypt removed, so remove the
- code.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/logout.c: SAML 2.0 Logout: use generic methods
-
- * lasso/saml-2.0/logout.c:
- use new generic methods in
- lasso_saml20_logout_process_request_msg, and
- lasso_saml20_logout_process_response_msg.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0 Login: use generic methods
-
- * lasso/saml-2.0/login.c:
- use new generic profile methods for saml 2.0 in
- lasso_saml20_login_process_paos_response_msg,
- lasso_saml20_login_process_authn_response_msg,
- lasso_saml20_login_process_response_status_and_assertion.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: add name id include to login.c
-
- * lasso/saml-2.0/login.c:
- add include saml2_name_id.h
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.c: XML SAML 2.0: add a
- decrypt function to Saml2EncryptedElement
-
- * lasso/xml/saml-2.0/saml2_encrypted_element.c:
- using new function lasso_node_decrypt_xmlnode implement the new
- method, int lasso_saml2_encrypted_element_decrypt(
- LassoSaml2EncryptedElement* encrypted_element,
- xmlSecKey *encryption_private_key, LassoNode **decrypted_node).
- This function is currently not exported by bindings because of
- the
- last ouput argument which is not supported by the binding
- generator.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: SAML 2.0: replace
- lasso_node_decrypt by lasso_node_decrypt_xmlnode
-
- * lasso/xml/private.h:
- * lasso/xml/tools.c:
- replace implementation of lasso_node_decrypt by a new one called
- lasso_node_decrypt_xmlnode, and use it where old one was used.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/assertion_query.c: SAML 2.0: reduce code in
- lasso_assertion_query_process_request
-
- * lasso/saml-2.0/assertion_query.c:
- use new code in SAML 2.0 profile.c to parse requests and decrypt
- nameid, chains calls so that error are kept but all actions are
- accomplished anyway (if first call fails, keep the error but
- continue
- the processing, then at end return the first returned error).
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h: SAML
- 2.0: add internal generic implementation
-
- * lasso/saml-2.0/profile.c:
- * lasso/saml-2.0/profileprivate.h:
- the current effort is to simplify implementation code in saml-2.0
- and
- much of the other frameworks. Those new methods:
- lasso_saml20_init_request
- lasso_saml20_profile_process_name_identifier_decryption
- lasso_saml20_profile_process_soap_request
- lasso_saml20_profile_process_soap_response
- lasso_saml20_profile_process_any_request
- lasso_saml20_profile_process_any_response
- lasso_saml20_profile_setup_request_signing
- lasso_saml20_profile_build_request_msg
- lasso_saml20_profile_build_response
- lasso_saml20_profile_init_response
- should help reduce code in login.c, logout.c,
- name_id_management.c
- and assertion_query.c. They should also permit to make all
- profiles
- at the same level of binding support
- (GET,REDIRECT,POST,ARTIFACT_GET,ARTIFACT_POST).
-
- Those function centralize error code handling, initialization of
- commong class (LassoSamlp2StatusResponse and
- LassoSamlp2RequestAbstract) and also the handling of NameID
- decryption.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/utils.h: Core: add new internal macro
- lasso_extract_node_or_fail
-
- * lasso/utils.h:
- this new macro try to extract a field from a structre (or any
- left-hand-side value), try to typecheck it using 'LASSO_IS_XXX',
- if succesfull, the value is assigned to the variable given as
- first
- argument or we jump to the 'cleanup' goto label, setting the 4th
- argument as the current error code (value of variable 'rc').
-
-2009-03-27 15:05 bdauvergne
-
- * bindings/python/tests/idwsf2_tests.py,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf/data_service.c,
- lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c: ID-WSF 2.0:
- make it work with --enabe-debugging
-
- * lasso/id-wsf-2.0/data_service.c:
- * lasso/id-wsf-2.0/discovery.c:
- * lasso/id-wsf-2.0/profile.c:
- * lasso/id-wsf/data_service.c:
- * lasso/id-wsf/discovery.c:
- * lasso/id-wsf/wsf_profile.c:
- when --enable-debugging is activated much more type checking is
- done
- by internal macros, and code do not pass compile anymore.
- * bindings/python/tests/idwsf2_tests.py: nameIdentifier packing
- in SOAP
- ID-WSF calls headers is no longer supported, do not test it.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/server.c: Core: add argument checking to
- lasso_server_get_provider
-
- * lasso/id-ff/server.c:
- In lasso_server_get_provider, return NULL if provider server is
- not
- one, provider is null or 0-length.
-
-2009-03-27 15:05 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/providerprivate.h,
- lasso/xml/private.h, lasso/xml/tools.c: Core: add new internal
- API lasso_provider_verify_query_signature
-
- * lasso/id-ff/provider.c:
- try to keep some homgeneity between lasso_verify_signature and
- lasso_verify_query_signature functions, by having mirror methods
- inside the LassoProvider class. this new methods comes with
- complete
- documentation.
- * lasso/xml/tools.c:
- add a xmlDoc argument to lasso_verify_signature, in order to
- reuse an already built message context, and possible problems
- with
- interned string in parsed xml documents.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/id-ff/login.c, lasso/id-ff/provider.c,
- lasso/id-ff/providerprivate.h: Core: add xmlDoc parameter to
- lasso_provider_verify_saml_signature
-
- * lasso/id-ff/provider.c:
- add an xmlDoc parameter to lasso_provider_verify_saml_signature,
- reflecting change in lasso_verify_signature.
- fix memory leaks of an xmlSecKeysMngr.
- complete arguments checking.
- * lasso/id-ff/login.c:
- update use of lasso_provider_verify_signature in LassoLogin
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/id-ff/provider.h: Core: add a terminating value to enum
- LassoHttpMethod
-
- * lasso/id-ff/provider.h:
- add LASSO_HTTP_METHOD_LAST to enum LassoHttpMethod.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/id-ff/login.c: ID-FF 1.2: rework
- lasso_login_process_status_and_assertion
-
- * lasso/id-ff/login.c:
- reword lasso_login_process_status_and_assertion,
- remove wrong NameID decryption code (it cannot work),
- adapt to new signature of lasso_provider_verify_saml_signature,
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c, lasso/xml/xml.c: Core:
- new init method with format limit and xmlDoc output argument
-
- * lasso/xml/private.h:
- * lasso/xml/xml.c:
- lasso_node_init_from_message_with_format permit to initialize a
- node
- and to keep the corresponding xml document, in order for example
- to
- validate a signature.
- * lasso/xml/tools.c:
- lasso_xml_parse_message is able to parse a message of any type,
- or of
- a given type. If a message of another than the one specified is
- found, the call fails, and a LASSO_MESSAGE_FORMAT_ERROR is
- returned.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Core: add function to
- extract SOAP message content
-
- * lasso/xml/tools.c:
- add lasso_xml_is_soap, to verify that a message is SOAP.
- add lasso_xml_get_soap_content, to retrieve the first child of
- the
- SOAP body, whatever the SOAP content version.
-
-2009-03-27 15:04 bdauvergne
-
- * bindings/overrides.xml, lasso/xml/private.h,
- lasso/xml/saml-2.0/saml2_encrypted_element.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.h,
- lasso/xml/xml_enc.h: SAML 2.0: API for Saml2EncryptedElement
- decrypt
-
- * lasso/xml/xml_enc.h:
- remove old functions
- * lasso/xml/private.h:
- remove lasso_node_(de/en)crypt from public headers API, they were
- not
- exported anyway. move them to internal header.
- * lasso/xml/saml-2.0/saml2_encrypted_element.{c,h}:
- add a new decrypt function to convert a EncryptedElement to the
- contained encrypted node objects.
- * bindings/overrrides.xml:
- do not export the new method, wait for implementation of output
- arguments.
- * lasso/id-ff/server.c:
- remove lasso_decrypt_nameid from lasso/id-ff/server.c
-
-2009-03-27 15:04 bdauvergne
-
- * bindings/php5/php_code.py, bindings/php5/wrapper_source.py:
- Bindings php5: add support for xmlNode arguments
-
- * bindings/php5/php_code.py:
- * bindings/php5/wrapper_source.py:
- complete error reporting about on documentation treatment.
- treat xmlNode* arguments (convert string to xmlNode, give as
- argument, then frees it).
-
-2009-03-27 15:04 bdauvergne
-
- * bindings/bindings.py, bindings/java/lang.py: Bindings: fix
- documentation parsing
-
- * bindings/bindings.py:
- fix regex to match documentation (remove condition terminating on
- '**/')
- print error messages to stderr.
- * bindings/java/lang.py: remove commented debugging code
-
-2009-03-27 15:04 bdauvergne
-
- * docs/reference/lasso-sections.txt: Docs: add declaration of
- missing LassoNode public methods
-
- * docs/reference/lasso-sections.txt:
- add missing lasso_node_*() functions.
-
-2009-03-27 15:04 bdauvergne
-
- * docs/reference/lasso-sections.txt, docs/reference/lasso.sgml,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml_attribute_value.c: Docs: fix doc on Attribute
- related classes
-
- * xml/saml-2.0/saml2_attribute_value.c:
- * xml/saml-2.0/samlp2_extensions.c:
- * xml/saml_attribute_value.c:
- add documentation about the special way of setting those classes
- content, that is using lasso_node_set_original_xmlnode.
- * docs/reference/lasso-sections.txt:
- * docs/reference/lasso.sgml:
- add missing declarations for documentation of LassoSamlAttribute,
- LassoSamlAttributeValue, LassoSamlAttributeDesignator,
- LassoSamlStatement and LassoSaml2AttributeValue.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml_attribute_value.c, lasso/xml/xml.c,
- lasso/xml/xml.h: Fix bug #94: permit any content for
- AttributeValue
-
- * lasso/xml/private.h:
- * lasso/xml/xml.h
- * lassoi/xml/xml.c:
- add an implementation helper for the AttributeValue objects
- implementation of get_xmlNode.
- make lasso_node_set_original_xmlnode public API.
- * lasso/xml/saml-2.0/samlp2_extensions.c:
- * lasso/xml/saml-2.0/saml2_attribute_value.c:
- * lasso/xml/saml_attribute_value.c:
- implement get_xmlNode for the AttributeValue and Extensions
- objects.
- If the any field is empty, use the original_xmlnode value. In
- order
- to support free-style content, you must use the method
- lasso_node_set_original_xmlnode, properties and children are
- extracted from the given node and added to the node created by
- the
- generic get_xmlNode virtual method.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/xml.c: XML Core: add new snippet
- type SNIPPET_KEEP_XMLNODE
-
- * private.h:
- add the new constant to the enum type
- * xml.c:
- fix lasso_node_traversal, add support for the new contanst in
- lasso_node_imp_init_from_xmlNode.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: Core: add error codes, fix error
- strings
-
- * lasso/errors.c, lasso/errors.h:
- remove useless error code LASSO_SERVER_ERROR_INVALID_XML,
- fix string for LASSO_PROFILE_ERROR_INVALID_ISSUER,
- add errors codes LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE,
- LASSO_PROFILE_ERROR_CANNOT_FIND_A_PROVIDER and
- LASSO_PROVIDER_ERROR_MISSING_PUBLIC_KEY.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/Makefile.am, lasso/extract_types.py: Makefile: missing
- dependencies for built sources
-
- * lasso/Makefile.am:
- remove .PHONY declaration on built sources and set appropriate
- dependencies.
- * lasso/extract_types.py: with new dependencies well defined in
- Makefile no need to verify change in the content of the file,
- just
- overwrite it.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/xml.c: Core: Fix argument checking in init_from_xml
-
- * lasso/xml/xml.c:
- In lasso_node_impl_init_from_xml if xmlnode is null, return an
- error
- but if no node_data specification is present, do not fail but
- print a
- warning. It is not an error for a class to not have a node_data
- private field.
- add a comment to fix return code later.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/xml/tools.c: Core: handle g_io_channel creation failure
-
- * lasso/xml/tools.c:
- in lasso_load_certs_from_pem_certs_chain_file if
- g_io_channel_new_file fails return NULL and print a warning.
- If path is NULL or 0-length also returns NULL.
-
-2009-03-27 15:04 bdauvergne
-
- * lasso/id-ff/defederation.c, lasso/id-ff/federation.c,
- lasso/id-ff/identity.c, lasso/id-ff/lecp.c, lasso/id-ff/login.c,
- lasso/id-ff/logout.c, lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/name_registration.c, lasso/id-ff/profile.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/profile.c,
- lasso/id-wsf/authentication.c, lasso/id-wsf/data_service.c,
- lasso/id-wsf/discovery.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/personal_profile_service.c, lasso/id-wsf/utils.c,
- lasso/id-wsf/wsf_profile.c, lasso/lasso.c,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/federation.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/profile.c, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/server.c,
- lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_credentials.c, lasso/xml/disco_description.c,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_modify.c,
- lasso/xml/disco_modify_response.c, lasso/xml/disco_options.c,
- lasso/xml/disco_query.c, lasso/xml/disco_query_response.c,
- lasso/xml/disco_remove_entry.c,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_resource_id.c,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_service_instance.c, lasso/xml/ds_key_info.c,
- lasso/xml/ds_key_value.c, lasso/xml/ds_rsa_key_value.c,
- lasso/xml/dst_data.c, lasso/xml/dst_modification.c,
- lasso/xml/dst_modify.c, lasso/xml/dst_modify_response.c,
- lasso/xml/dst_new_data.c, lasso/xml/dst_query.c,
- lasso/xml/dst_query_item.c, lasso/xml/dst_query_response.c,
- lasso/xml/id-wsf-2.0/disco_abstract.c,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.c,
- lasso/xml/id-wsf-2.0/disco_keys.c,
- lasso/xml/id-wsf-2.0/disco_options.c,
- lasso/xml/id-wsf-2.0/disco_provider_id.c,
- lasso/xml/id-wsf-2.0/disco_query.c,
- lasso/xml/id-wsf-2.0/disco_query_response.c,
- lasso/xml/id-wsf-2.0/disco_requested_service.c,
- lasso/xml/id-wsf-2.0/disco_security_context.c,
- lasso/xml/id-wsf-2.0/disco_service_context.c,
- lasso/xml/id-wsf-2.0/disco_service_type.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.c,
- lasso/xml/id-wsf-2.0/dst_data_response_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_response.c,
- lasso/xml/id-wsf-2.0/dst_request.c,
- lasso/xml/id-wsf-2.0/dst_result_query_base.c,
- lasso/xml/id-wsf-2.0/dst_test_item_base.c,
- lasso/xml/id-wsf-2.0/dstref_app_data.c,
- lasso/xml/id-wsf-2.0/dstref_create.c,
- lasso/xml/id-wsf-2.0/dstref_create_item.c,
- lasso/xml/id-wsf-2.0/dstref_create_response.c,
- lasso/xml/id-wsf-2.0/dstref_data.c,
- lasso/xml/id-wsf-2.0/dstref_data_response.c,
- lasso/xml/id-wsf-2.0/dstref_delete.c,
- lasso/xml/id-wsf-2.0/dstref_delete_item.c,
- lasso/xml/id-wsf-2.0/dstref_delete_response.c,
- lasso/xml/id-wsf-2.0/dstref_item_data.c,
- lasso/xml/id-wsf-2.0/dstref_modify.c,
- lasso/xml/id-wsf-2.0/dstref_modify_item.c,
- lasso/xml/id-wsf-2.0/dstref_modify_response.c,
- lasso/xml/id-wsf-2.0/dstref_query.c,
- lasso/xml/id-wsf-2.0/dstref_query_item.c,
- lasso/xml/id-wsf-2.0/dstref_query_response.c,
- lasso/xml/id-wsf-2.0/dstref_result_query.c,
- lasso/xml/id-wsf-2.0/dstref_test_item.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c,
- lasso/xml/id-wsf-2.0/ims_mapping_input.c,
- lasso/xml/id-wsf-2.0/ims_mapping_output.c,
- lasso/xml/id-wsf-2.0/is_help.c,
- lasso/xml/id-wsf-2.0/is_inquiry.c,
- lasso/xml/id-wsf-2.0/is_inquiry_element.c,
- lasso/xml/id-wsf-2.0/is_interaction_request.c,
- lasso/xml/id-wsf-2.0/is_interaction_response.c,
- lasso/xml/id-wsf-2.0/is_interaction_statement.c,
- lasso/xml/id-wsf-2.0/is_item.c,
- lasso/xml/id-wsf-2.0/is_parameter.c,
- lasso/xml/id-wsf-2.0/is_select.c, lasso/xml/id-wsf-2.0/is_text.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.c,
- lasso/xml/id-wsf-2.0/ps_item_data.c,
- lasso/xml/id-wsf-2.0/ps_list_members_request.c,
- lasso/xml/id-wsf-2.0/ps_list_members_response.c,
- lasso/xml/id-wsf-2.0/ps_notification.c,
- lasso/xml/id-wsf-2.0/ps_notify.c,
- lasso/xml/id-wsf-2.0/ps_object.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.c,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_request_abstract.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.c,
- lasso/xml/id-wsf-2.0/ps_resolve_input.c,
- lasso/xml/id-wsf-2.0/ps_response_abstract.c,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.c,
- lasso/xml/id-wsf-2.0/sb2_consent.c,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.c,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.c,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.c,
- lasso/xml/id-wsf-2.0/sb2_sender.c,
- lasso/xml/id-wsf-2.0/sb2_target_identity.c,
- lasso/xml/id-wsf-2.0/sb2_timeout.c,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/sbf_framework.c,
- lasso/xml/id-wsf-2.0/sec_token.c,
- lasso/xml/id-wsf-2.0/sec_token_policy.c,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.c,
- lasso/xml/id-wsf-2.0/subs_notification.c,
- lasso/xml/id-wsf-2.0/subs_notify_response.c,
- lasso/xml/id-wsf-2.0/subs_ref_item.c,
- lasso/xml/id-wsf-2.0/subs_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.c,
- lasso/xml/id-wsf-2.0/subsref_create.c,
- lasso/xml/id-wsf-2.0/subsref_create_item.c,
- lasso/xml/id-wsf-2.0/subsref_create_response.c,
- lasso/xml/id-wsf-2.0/subsref_data.c,
- lasso/xml/id-wsf-2.0/subsref_data_response.c,
- lasso/xml/id-wsf-2.0/subsref_delete.c,
- lasso/xml/id-wsf-2.0/subsref_delete_item.c,
- lasso/xml/id-wsf-2.0/subsref_delete_response.c,
- lasso/xml/id-wsf-2.0/subsref_item_data.c,
- lasso/xml/id-wsf-2.0/subsref_modify.c,
- lasso/xml/id-wsf-2.0/subsref_modify_item.c,
- lasso/xml/id-wsf-2.0/subsref_modify_response.c,
- lasso/xml/id-wsf-2.0/subsref_notification.c,
- lasso/xml/id-wsf-2.0/subsref_notify.c,
- lasso/xml/id-wsf-2.0/subsref_notify_response.c,
- lasso/xml/id-wsf-2.0/subsref_query.c,
- lasso/xml/id-wsf-2.0/subsref_query_item.c,
- lasso/xml/id-wsf-2.0/subsref_query_response.c,
- lasso/xml/id-wsf-2.0/subsref_result_query.c,
- lasso/xml/id-wsf-2.0/subsref_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_test_item.c,
- lasso/xml/id-wsf-2.0/util_empty.c,
- lasso/xml/id-wsf-2.0/util_extension.c,
- lasso/xml/id-wsf-2.0/util_response.c,
- lasso/xml/id-wsf-2.0/util_status.c, lasso/xml/is_help.c,
- lasso/xml/is_inquiry.c, lasso/xml/is_inquiry_element.c,
- lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_statement.c, lasso/xml/is_item.c,
- lasso/xml/is_parameter.c, lasso/xml/is_redirect_request.c,
- lasso/xml/is_select.c, lasso/xml/is_text.c,
- lasso/xml/is_user_interaction.c, lasso/xml/lib_assertion.c,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_authn_context.c, lasso/xml/lib_authn_request.c,
- lasso/xml/lib_authn_request_envelope.c,
- lasso/xml/lib_authn_response.c,
- lasso/xml/lib_authn_response_envelope.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_idp_entries.c, lasso/xml/lib_idp_entry.c,
- lasso/xml/lib_idp_list.c, lasso/xml/lib_logout_request.c,
- lasso/xml/lib_logout_response.c,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_register_name_identifier_response.c,
- lasso/xml/lib_request_authn_context.c, lasso/xml/lib_scoping.c,
- lasso/xml/lib_status_response.c, lasso/xml/lib_subject.c,
- lasso/xml/misc_text_node.c, lasso/xml/private.h,
- lasso/xml/sa_credentials.c, lasso/xml/sa_parameter.c,
- lasso/xml/sa_password_transforms.c, lasso/xml/sa_sasl_request.c,
- lasso/xml/sa_sasl_response.c, lasso/xml/sa_transform.c,
- lasso/xml/saml-2.0/saml2_action.c,
- lasso/xml/saml-2.0/saml2_advice.c,
- lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/saml2_attribute.c,
- lasso/xml/saml-2.0/saml2_attribute_statement.c,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_audience_restriction.c,
- lasso/xml/saml-2.0/saml2_authn_context.c,
- lasso/xml/saml-2.0/saml2_authn_statement.c,
- lasso/xml/saml-2.0/saml2_authz_decision_statement.c,
- lasso/xml/saml-2.0/saml2_base_idabstract.c,
- lasso/xml/saml-2.0/saml2_condition_abstract.c,
- lasso/xml/saml-2.0/saml2_conditions.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.c,
- lasso/xml/saml-2.0/saml2_evidence.c,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/saml2_one_time_use.c,
- lasso/xml/saml-2.0/saml2_proxy_restriction.c,
- lasso/xml/saml-2.0/saml2_statement_abstract.c,
- lasso/xml/saml-2.0/saml2_subject.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_subject_locality.c,
- lasso/xml/saml-2.0/samlp2_artifact_resolve.c,
- lasso/xml/saml-2.0/samlp2_artifact_response.c,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_attribute_query.c,
- lasso/xml/saml-2.0/samlp2_authn_query.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_authz_decision_query.c,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml-2.0/samlp2_idp_entry.c,
- lasso/xml/saml-2.0/samlp2_idp_list.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_policy.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_scoping.c,
- lasso/xml/saml-2.0/samlp2_status.c,
- lasso/xml/saml-2.0/samlp2_status_code.c,
- lasso/xml/saml-2.0/samlp2_status_detail.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c,
- lasso/xml/saml-2.0/samlp2_terminate.c, lasso/xml/saml_advice.c,
- lasso/xml/saml_assertion.c, lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_attribute_value.c,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_authentication_statement.c,
- lasso/xml/saml_authority_binding.c,
- lasso/xml/saml_condition_abstract.c, lasso/xml/saml_conditions.c,
- lasso/xml/saml_name_identifier.c,
- lasso/xml/saml_statement_abstract.c, lasso/xml/saml_subject.c,
- lasso/xml/saml_subject_confirmation.c,
- lasso/xml/saml_subject_locality.c,
- lasso/xml/saml_subject_statement.c,
- lasso/xml/saml_subject_statement_abstract.c,
- lasso/xml/samlp_request.c, lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_response.c, lasso/xml/samlp_response_abstract.c,
- lasso/xml/samlp_status.c, lasso/xml/samlp_status_code.c,
- lasso/xml/sec_resource_access_statement.c,
- lasso/xml/soap_binding.c, lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_usage_directive.c, lasso/xml/soap_body.c,
- lasso/xml/soap_detail.c, lasso/xml/soap_envelope.c,
- lasso/xml/soap_fault.c, lasso/xml/soap_header.c,
- lasso/xml/tools.c, lasso/xml/utility_status.c,
- lasso/xml/ws/wsa_attributed_any.c,
- lasso/xml/ws/wsa_attributed_qname.c,
- lasso/xml/ws/wsa_attributed_unsigned_long.c,
- lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_endpoint_reference.c,
- lasso/xml/ws/wsa_metadata.c, lasso/xml/ws/wsa_problem_action.c,
- lasso/xml/ws/wsa_reference_parameters.c,
- lasso/xml/ws/wsa_relates_to.c, lasso/xml/ws/wsse_embedded.c,
- lasso/xml/ws/wsse_reference.c,
- lasso/xml/ws/wsse_security_header.c,
- lasso/xml/ws/wsse_security_token_reference.c,
- lasso/xml/ws/wsse_transformation_parameters.c,
- lasso/xml/ws/wsse_username_token.c, lasso/xml/ws/wsu_timestamp.c,
- lasso/xml/wsse_security.c, lasso/xml/xml.c, lasso/xml/xml.h:
- Core: do not mix public and private headers
-
- * lots of files:
- explicitely load the internal header xml/private.h where needed.
-
-2009-03-23 13:21 fpeters
-
- * NEWS: tentative NEWS file
-
-2009-03-09 14:05 bdauvergne
-
- * docs/reference/lasso.sgml: Doc: Update index sgml file to cope
- with gtkdoc 1.11
-
- * docs/references/lasso.sgml:
- change entity path for LassoSamlp2AssertionIDRequest.
-
-2009-03-09 14:05 bdauvergne
-
- * lasso/saml-2.0/name_id_management.c: SAML 2.0: Fix #90, simplify
- NameID decryption for NameIdManagement
-
- * lasso/saml-2.0/name_id_management.c:
- (lasso_saml2_name_id_management_process_request)
- simplify code, remove explicit decryption of nameid and handling
- of
- error cases, delegate to lasso_decrypt_nameid (from xml/tools.c).
-
-2009-03-09 14:05 bdauvergne
-
- * lasso/errors.c, lasso/errors.h, lasso/id-ff/server.c,
- lasso/id-ff/serverprivate.h: Core: add a method to decrypt
- nameid, handling error cases
-
- * lasso/id-dff/serverprivate.h:
- * lasso/id-ff/server.c:
- lasso_server_decrypt_nameid handle error case of NameID
- decryption,
- and update passed field pointers.
- * lasso/errors.h:
- add new error codes:
- LASSO_DS_ERROR_DECRYPTION_FAILED -118
- - Decryption of an encrypted node failed
- LASSO_PROFILE_ERROR_MISSING_SERVER -438
- - No server object set in the profile
-
-2009-03-09 10:24 bdauvergne
-
- * lasso/xml/lib_logout_request.c: XML SAML 1.0: fix bug 85
-
- * lasso/xml/lib_logout_request.c: do not break parsing when
- NameIdentifier->Format attribute is NULL.
-
-2009-03-03 20:52 bdauvergne
-
- * lasso/saml-2.0/login.c: SAML 2.0: remove NotBefore attribute when
- not answering an AuthnRequest
-
- * lasso/saml-2.0/login.c:
- In specification saml-profile-2.0-os.pdf, in paragraph 4.1.4.3,
- it is
- said that the SubjectConfirmationData node MUST NOT contain a
- NotBefore attribute if it contains an InReponseTo attribute,
- understanding that the response cannot (it the ID of the request
- is
- sufficiently random) arrive before the request and be valid with
- respect to the InResponseTo attribute.
-
-2009-03-03 20:52 bdauvergne
-
- * tests/login_tests.c: Test: Add test for testing new InResponseTo
- checking code
-
- * tests/login_tests.c:
- after first test of parsing the soap response message in the
- login
- test, try to parse it a second time, after modifying the
- InResponseTo
- id of the assertion and disabling signature checking.
-
-2009-03-03 20:52 bdauvergne
-
- * lasso/id-ff/login.c, lasso/saml-2.0/login.c: ID-FF 1.2 & SAML
- 2.0: fix "fix bug 173" match assertion and not the response with
- authn request id
-
- * lasso/id-ff/login.c:
- * lasso/saml-2.0/login.c:
- Serialize/Unserialize request_id private field in LassoLogin
- dumps.
- Match InResponseTo assertion attribute (ID-FF 1.2) or
- SubjectConfirmationData attribute (SAML 2.0) to original request
- id
- if it is present.
-
-2009-03-03 20:52 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: Core: rename
- LOGIN_ERROR_REFER_TO_UNKNOWN_REQUEST
-
- * lasso/errors.h:
- * lasso/errors.c:
- rename LASSO_LOGIN_ERROR_REFER_TO_UNKNOWN_REQUEST to
- LASSO_LOGIN_ERROR_ASSERTION_DOES_NOT_MATCH_REQUEST_ID.
-
-2009-03-03 20:52 bdauvergne
-
- * lasso/xml/xml.c: Core: fix handling of xsi:type
-
- * lasso/xml/xml.c:
- xsi:type handling is broken since commit 3982, restore it.
- move prefix/nodename matching in static helper functions, and
- reuse
- them inside xsi:type code path.
-
-2009-03-03 20:52 bdauvergne
-
- * lasso/xml/private.h, lasso/xml/tools.c: Core: enforce flag
- verify-signature in function lasso_verify_signature
-
- * lasso/xml/tools.c: in lasso_verify_signature always return
- success if
- lasso_flag_verify_signature is FALSE.
- * lasso/xml/private.h: change return type to int.
-
-2009-03-02 12:08 bdauvergne
-
- * configure.ac: Fix BSD compatibility bug in configure.ac
-
- * configure.ac: remove GNUism, use -eq and = instead of == with
- test
- tool. (Patch from Emmanuel Dreyfus)
-
-2009-02-17 17:02 bdauvergne
-
- * lasso/id-ff/login.c, lasso/id-ff/loginprivate.h,
- lasso/saml-2.0/login.c: ID-FF 1.2 & SAML 2.0: Fix #173, check
- InReponseTo in authn responses
-
- * id-ff/login.h:
- add a string field named request_id in the private part of
- LassoLogin
- to store request id from the original AuthnRequest.
- * id-ff/login.c:
- if request_id field is not null check the InResponseTo attribute
- of
- the samlp:Response.
- * saml-2.0/login.c:
- if request_id field is not null check the InResponseTo attribute
- of
- the samlp:Response.
-
-2009-02-06 11:08 dlaniel
-
- * lasso/id-ff/session.h, lasso/id-wsf-2.0/server.h: fixed binding
- generation
-
-2009-02-06 11:08 dlaniel
-
- * lasso/xml/saml_audience_restriction_condition.h: removed trailing
- whitespace
+ SAMLv2: add new methods to class LassoAssertionQuery
+ * lasso_assertion_query_add_attribute_request:
+ helper to setup request attribute for AttributeQuery messages.
+ * lasso_assertion_query_get_request_type:
+ method to find the type of the last received query.
+ * fixes #90
-2009-02-05 16:56 dlaniel
+ SAMLv2: fix initialization of subject in lasso_assertion_query_build_request_msg
- * bindings/bindings.py, lasso/id-wsf-2.0/server.h: fixed parsing of
- OFTYPE
+ Import tools in utils.h
-2009-01-26 18:07 dlaniel
+ Fix collision between defined symbols in tools.h and private.h
- * docs/reference/lasso-sections.txt: added all string constants to
- the API doc
+ Binding python: if lasso.logger exists use it for logging
+ * There is now two paths to get a logger in the python binding:
+ - first try to get an objet from lasso.logger
+ - if it doesn't exist or is None, the try logging.getLogger('lasso')
-2009-01-26 18:07 dlaniel
+2010-06-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/strings.h: reorganised string constants definitions
+ Change all logging to use message()
-2009-01-26 17:18 dlaniel
+ Core: in xml error message handler, escape messages to fit on one line
- * docs/reference/lasso.sgml: added an index to quickly find symbols
+ Core: remove arrow in log messages
-2009-01-26 16:42 dlaniel
+ Binding python: call lasso_init() first in init_lasso()
- * docs/reference/lasso-sections.txt: fixed some functions name
+ Binding python: add GLog handler to redirect logs to Python logger named "lasso"
+ * fixes #20
-2009-01-26 16:42 dlaniel
+ Utils: add function to extract/create node in lists
+ * lasso_extract_gtype_from_list_or_new will help for method with create
+ or extend nodes in lists.
- * lasso/id-ff/provider.c, lasso/id-ff/session.h,
- lasso/id-wsf/discovery.c, lasso/lasso.c,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_audience_restriction_condition.h:
- documentation-related fixes
+2010-06-09 Frederic Peters <fpeters@entrouvert.com>
-2009-01-26 16:10 dlaniel
+ Add new lasso_log_set_handler and lasso_log_remove_handler functions
+ They are modeled around the g_log... functions of GLib, they just don't
+ have a domain parameter.
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/discovery.h, lasso/id-wsf/data_service.c,
- lasso/id-wsf/discovery.c: added documentation for id-wsf 2.0
- functions
+2010-06-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-26 16:09 dlaniel
+ Binding perl: fix test so that it does not raise on add_provider
- * docs/reference/lasso-sections.txt: added
- lasso_data_service_new_full and removed
- lasso_idwsf2_discovery_destroy in api doc
+ Bindings: keep retro compatibility for member field names
+ * Special kludge price go to PHP:
+ methods name are insensitive so nothing to do here, BUT, if you use
+ getters/setters then your objects fields can be case insensitive too
+ ;-) (DNS, dns, DnS, dNs all maps to get_dns ).
-2009-01-24 09:34 bdauvergne
+ Bindings: fix camelcasing of id fields
- * lasso/utils.h: Core: if OFTYPE is already defined, skip
+ SAMLv2: make role checking inactive for LassoServer
+ * LassoServer have no role defined, so checking breaks loading of
+ metadata for LassoServer.
-2009-01-24 09:34 bdauvergne
+ ID-FFv1.2: for idp initiated sso accept any nameIdPolicy
+ * IdP initiated SSO can be of any kind, no need to limit it.
- * lasso/id-ff/session.h: Core: add decorator on GList return value
- in LassoSession header
-
- * lasso/id-ff/session.h: add the OFTYPE decorator to the return
- type of
- lasso_session_get_assertions.
+2010-06-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-24 09:34 bdauvergne
+ SAML 2.0: add checks for proper loading of role descriptors
+ * remove warning for descriptors supporting non SAML 2.0 protocols
+ * checks that at least one descriptor was loaded and that it was for
+ our assigned role.
- * bindings/java/tests/LoginTest.java: Java: add assertions
-
- * bindings/java/tests/LoginTest.java: add assertion for the
- return code
- of lasso_logout_process_request_msg.
+ SAMLv2: fix error in naming of function in the documentation
-2009-01-24 09:34 bdauvergne
+2010-05-31 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/logout.c: ID-FF 1.2: review of logout validate
- request
-
- * lasso/id-ff/logout.c (lasso_logout_validate_request): use new
- macros.
+ SAMLv2: remove HTTP-Redirect as right binding for AssertionConsumer
-2009-01-24 09:34 bdauvergne
+ SAMLv2: fix bug giving UnuspportedProfile for SingleSignOn with HTTP-POST
+ * The string constant in lasso_saml20_provider_accept_http_method was
+ HTTP-Post instead of HTTP-POST.
- * lasso/id-ff/logout.c: ID-FF 1.2: review
- logout_process_request_msg
-
- * lasso/id-ff/logout.c (lasso_logout_process_request_msg): use
- the
- new allocation macros, add checking of the parsed object type,
- add
- validation of some schema constraints before processing, like
- presence of the name identifier.
+ Core: fix extraction of relaystate when URLs contains only one kind of separators
-2009-01-24 09:34 bdauvergne
+ Integration test: adapt to new behaviour for federation termination
- * lasso/id-ff/identity.c: Core: make caller owner of the list, fix
- refcount leak
+ SAMLv2: simplify lasso_saml20_provider_accept_http_method by only checking for remote provider support
+ * Whatever we do, with asyncrhonous bindings the remote provider can
+ return the response with any asynchronous binding.
-2009-01-24 09:34 bdauvergne
+ SAML 2.0: in lasso_login_build_assertion set conditions time limit, no SubjectConfirmationData limits
- * configure.ac, macros/as-compiler-flag.m4: Autoconf: new macro
- AS_COMPILER_FLAGS to check flag support
-
- * macros/as-compiler-flags.m4 configure.ac: add a new files of
- autoconf macro
- to check support of warning flags, add needed line in
- configure.ac to define
- variable WARNING_FLAGS, containing only supported flags.
+ SAML 2.0: in lasso_login_build_assertion do not conflate sessionNotOnOrAfter with assertion condition notOnOrAfter
-2009-01-24 09:34 bdauvergne
+2010-05-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/disco_insert_entry.c: Core: replace manual reference
- handling with macros
-
- - lasso/xml/disco_insert_entry.c (lasso_disco_insert_entry_new) :
- replace manual g_object_ref with assignment macro.
+ Website: add quicklinks for download links
-2009-01-24 09:34 bdauvergne
+ Change VCS viewer link to point toward the redmine browser
- * lasso/xml/disco_resource_offering.c: Core: replace manual
- handling of references with macros
-
- - lasso/xml/disco_resource_offering.c
- (lasso_disco_resource_offering_new)
- replace manual g_object_ref with assignment macro.
+ SAMLv2: conflate Responder and Requester when checking second level status code
+ * lasso/saml-2.0/login.c:
+ I'm not sure that most IdP really make the semantic distinction
+ between those two first level status codes, so just conflate them.
-2009-01-24 09:34 bdauvergne
+ SAMLv2: remove warning message for invalid signature on AuthnResponse messages
+ * lasso/saml-2.0/login.c:
+ we already return an error, no need to clutter the output with
+ warning messages.
- * lasso/xml/tools.c: Core: synchronize lasso_verify_signature with
- new macros
+2010-05-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-24 09:34 bdauvergne
+ Website: add a link to a tarball of the documentation extracted from the SVN
- * lasso/xml/xml.c: Core: add new error code to
- lasso_node_init_from_message
-
- - add new return code LASSO_MESSAGE_FORMAT_XSCHEMA_ERROR
- - fix SOAP_FORMAT bizarre if conditional
- - remove old comments
+2010-05-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-24 09:34 bdauvergne
+ SAML 2.0 Helper: add lasso_saml2_assertion_set_one_time_use
- * lasso/xml/xml.c: Core: review of lasso_node_encrypt
-
- - use new memory macros
- - copying nodes instead of stealing nodes
+ Fix bad initialization of an rc field from revision 4837
-2009-01-24 09:34 bdauvergne
+ Change <p> tags to <para>
- * lasso/id-ff/login.c: ID-FF 1.2: fix leak of instance object
+ Add a lasso_profile_get_signature_status method
-2009-01-24 09:34 bdauvergne
+2010-04-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/xml.h: Core: add a new messsage format error for
- XSchema constraint failure
+ Initialize all uninitialized rc variables
-2009-01-24 09:34 bdauvergne
+ Test: only test custom namespace if ID-WSF is enabled
- * lasso/id-ff/logout.c: ID-FF 1.2: review logout_validate_request
-
- * lasso/id-ff/logout.c (lasso_logout_validate_request):
- - when signature verification failed in process_request_msg,
- do not continue validation of the request, stop immediately and
- return the signature status code.
- - use utils.h macro for memory allocation handling. Fix potential
- leak
- of the profile->response object.
-
-2009-01-24 09:34 bdauvergne
-
- * lasso/id-ff/login.c, lasso/xml/samlp_response.c: ID-FF 1.2:
- validate signatures on responses during the BRWS/Artifact profile
-
- - lasso/id-ff/login.c:
- - the lasso_login_process_response_msg is used to process SOAP
- response
- to artifact resolution requests. The answer contains an
- samlp:Response
- that can be signed, and each contained assertion MUST be
- individually
- signed.
- - lasso/xml/samlp_response.c:
- - set keep_xmlnode flag on the class metadatas to help in
- signature
- validations.
-
-2009-01-24 09:34 bdauvergne
-
- * lasso/id-ff/login.c: ID-FF 1.2: add validation of assertion
- signatures
-
- - lasso/id-ff/login.c:
- - lasso_login_process_response_status_and_assertion:
- - if signature_status is not 0 and an assertion is present, we
- validate the signature on this assertion using the
- internal API lasso_provider_verify_saml_signature.
+2010-04-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-24 09:33 bdauvergne
+ in lasso_idwsf2_data_service_build_response_msg, allows SOAPFault as responses
- * lasso/errors.c, lasso/errors.h: Core: add error code
- LOGIN_ERROR_REFER_TO_UNKNOWN_REQUEST
-
- * lasso/errors.h, lasso/errors.c:
- - LASSO_LOGIN_ERROR_REFER_TO_UNKNOWN_REQUEST is raised when a
- samlp:Response contains an attribute inResponseTo when when no
- previous request can be found inside the LassoLogin object or if
- the
- given ID is not the as the one fome the previous request.
+ Fix uninitialized local variable
-2009-01-24 09:33 bdauvergne
+ in lasso_session_count_assertions, do not emit warning if session is not an object
- * lasso/id-ff/login.c: ID-FF 1.2: fix signature validation in
- login_process_authn_response_msg
-
- * lasso/id-ff/login.c:
- when signature validation fails on a message, then return the
- signature status as return code. There is a security fix.
+ SAML 2.0: always restart initial request processing in lasso_logout_build_response_msg
+ * Does it also in process_response_msg if no more assertions are
+ present.
+ * Take into account that lasso_saml20_profile_process_any_response
+ already check for the status code, and so specify finer error code in
+ the cleanup code.
-2009-01-24 09:33 bdauvergne
+ SAML 2.0: fix lasso_saml20_provider_get_first_http_method
+ * LassoServer object can have many roles, use the default role of the
+ remote provider to decide on which to assume.
- * lasso/id-ff/provider.c, lasso/id-ff/providerprivate.h: XML: new
- LassoProvider API to verify XMLDsig signatures
-
- * lasso/id-ff/provider.c, lasso/id-ff/providerprivate.h:
- - (lasso_provider_verify_saml_signature) validate a signed
- saml Request, Response or Assertion, using the public key
- of the given provider.
-
-2009-01-24 09:33 bdauvergne
-
- * lasso/xml/saml_assertion.c: XML: Make LassoSamlAssertion keep its
- XML form when created by parsing
-
- * lasso/xml/saml_assertion.c: set the keep_original flag of class
- LassoSamlAssertion to true, to keep a copy of the original libxml
- tree
- used to initialize eache instance of this object. We will use it
- to
- validate signature on assertions.
+ SAML 2.0 Logout: in init_request, remove the assertion anyway
+ * lasso/saml-2.0/logout.c:
+ when initiating a logout, if no problem is found, remove the assertion.
+ you can always continue by changing profile->http_request_method to
+ SOAP for example and redo a build_request_msg.
-2009-01-24 09:33 bdauvergne
+ SAML 2.0: lasso_saml20_profile_process_any_response_msg, change status code checking
- * lasso/xml/private.h, lasso/xml/tools.c: XML: Add internal API to
- validate XMLDsig signatures
-
- * lasso/xml/tools.c:
- - lasso_saml_constrain_dsigctxt() add constraints following SAML
- specifications on XMLDsig signatures to an libxmlsec DSig
- context.
- - lasso_verify_signature() this function given an xmlNode and a
- key or
- a keys manager (for a set of AC or AC chains) validate the
- envelopped signature set upon this node. It can be instructed to
- follow constraints of the SAML 1.0 specification.
-
-2009-01-24 09:33 bdauvergne
-
- * lasso/errors.c, lasso/errors.h: Core: add new error codes
-
- * lasso/errors.h: add error codes for,
- - out of memory situation,
- - excess of references during validation of signature on SAML
- protocols message or assertions,
- - an invalid reference during validation of signatures on SAML
- protocols message or assertions,
- - an mismatch between requested assertion issuer and received
- assertion issuer.
-
-2009-01-24 09:33 bdauvergne
-
- * configure.ac: Autoconf: redirect shell warning in one of
- configure.ac tests
-
- - configure.ac: when testing if bindings have been already
- generated
- with differents settings do not let grep emit warnings.
-
-2009-01-24 09:33 bdauvergne
-
- * bindings/php5/wrapper_source.py, bindings/python/wrapper_top.c,
- configure.ac, lasso/id-ff/defederation.c,
- lasso/id-ff/federation.c, lasso/id-ff/identity.c,
- lasso/id-ff/lecp.c, lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/name_registration.c, lasso/id-ff/profile.c,
- lasso/id-ff/profile.h, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/id-ff/providerprivate.h,
- lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf/authentication.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/personal_profile_service.c,
- lasso/id-wsf/wsf_profile.c, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/ecp.c, lasso/saml-2.0/name_id_management.c,
- lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_credentials.c, lasso/xml/disco_description.c,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_modify.c,
- lasso/xml/disco_modify_response.c, lasso/xml/disco_options.c,
- lasso/xml/disco_query.c, lasso/xml/disco_query_response.c,
- lasso/xml/disco_remove_entry.c,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_resource_id.c,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_service_instance.c, lasso/xml/ds_key_info.c,
- lasso/xml/ds_key_value.c, lasso/xml/ds_rsa_key_value.c,
- lasso/xml/dst_data.c, lasso/xml/dst_modification.c,
- lasso/xml/dst_modify.c, lasso/xml/dst_modify_response.c,
- lasso/xml/dst_new_data.c, lasso/xml/dst_query.c,
- lasso/xml/dst_query_item.c, lasso/xml/dst_query_response.c,
- lasso/xml/id-wsf-2.0/disco_abstract.c,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.c,
- lasso/xml/id-wsf-2.0/disco_keys.c,
- lasso/xml/id-wsf-2.0/disco_options.c,
- lasso/xml/id-wsf-2.0/disco_provider_id.c,
- lasso/xml/id-wsf-2.0/disco_query.c,
- lasso/xml/id-wsf-2.0/disco_query_response.c,
- lasso/xml/id-wsf-2.0/disco_requested_service.c,
- lasso/xml/id-wsf-2.0/disco_security_context.c,
- lasso/xml/id-wsf-2.0/disco_service_context.c,
- lasso/xml/id-wsf-2.0/disco_service_type.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.c,
- lasso/xml/id-wsf-2.0/dst_data_response_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_response.c,
- lasso/xml/id-wsf-2.0/dst_request.c,
- lasso/xml/id-wsf-2.0/dst_result_query_base.c,
- lasso/xml/id-wsf-2.0/dst_test_item_base.c,
- lasso/xml/id-wsf-2.0/dstref_app_data.c,
- lasso/xml/id-wsf-2.0/dstref_create.c,
- lasso/xml/id-wsf-2.0/dstref_create_item.c,
- lasso/xml/id-wsf-2.0/dstref_create_response.c,
- lasso/xml/id-wsf-2.0/dstref_data.c,
- lasso/xml/id-wsf-2.0/dstref_data_response.c,
- lasso/xml/id-wsf-2.0/dstref_delete.c,
- lasso/xml/id-wsf-2.0/dstref_delete_item.c,
- lasso/xml/id-wsf-2.0/dstref_delete_response.c,
- lasso/xml/id-wsf-2.0/dstref_item_data.c,
- lasso/xml/id-wsf-2.0/dstref_modify.c,
- lasso/xml/id-wsf-2.0/dstref_modify_item.c,
- lasso/xml/id-wsf-2.0/dstref_modify_response.c,
- lasso/xml/id-wsf-2.0/dstref_query.c,
- lasso/xml/id-wsf-2.0/dstref_query_item.c,
- lasso/xml/id-wsf-2.0/dstref_query_response.c,
- lasso/xml/id-wsf-2.0/dstref_result_query.c,
- lasso/xml/id-wsf-2.0/dstref_test_item.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c,
- lasso/xml/id-wsf-2.0/ims_mapping_input.c,
- lasso/xml/id-wsf-2.0/ims_mapping_output.c,
- lasso/xml/id-wsf-2.0/is_help.c,
- lasso/xml/id-wsf-2.0/is_inquiry.c,
- lasso/xml/id-wsf-2.0/is_inquiry_element.c,
- lasso/xml/id-wsf-2.0/is_interaction_request.c,
- lasso/xml/id-wsf-2.0/is_interaction_response.c,
- lasso/xml/id-wsf-2.0/is_interaction_statement.c,
- lasso/xml/id-wsf-2.0/is_item.c,
- lasso/xml/id-wsf-2.0/is_parameter.c,
- lasso/xml/id-wsf-2.0/is_select.c, lasso/xml/id-wsf-2.0/is_text.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.c,
- lasso/xml/id-wsf-2.0/ps_item_data.c,
- lasso/xml/id-wsf-2.0/ps_list_members_request.c,
- lasso/xml/id-wsf-2.0/ps_list_members_response.c,
- lasso/xml/id-wsf-2.0/ps_notification.c,
- lasso/xml/id-wsf-2.0/ps_notify.c,
- lasso/xml/id-wsf-2.0/ps_object.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.c,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_request_abstract.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.c,
- lasso/xml/id-wsf-2.0/ps_resolve_input.c,
- lasso/xml/id-wsf-2.0/ps_response_abstract.c,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.c,
- lasso/xml/id-wsf-2.0/sb2_consent.c,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.c,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.c,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.c,
- lasso/xml/id-wsf-2.0/sb2_sender.c,
- lasso/xml/id-wsf-2.0/sb2_target_identity.c,
- lasso/xml/id-wsf-2.0/sb2_timeout.c,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/sbf_framework.c,
- lasso/xml/id-wsf-2.0/sec_token.c,
- lasso/xml/id-wsf-2.0/sec_token_policy.c,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.c,
- lasso/xml/id-wsf-2.0/subs_notification.c,
- lasso/xml/id-wsf-2.0/subs_notify_response.c,
- lasso/xml/id-wsf-2.0/subs_ref_item.c,
- lasso/xml/id-wsf-2.0/subs_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.c,
- lasso/xml/id-wsf-2.0/subsref_create.c,
- lasso/xml/id-wsf-2.0/subsref_create_item.c,
- lasso/xml/id-wsf-2.0/subsref_create_response.c,
- lasso/xml/id-wsf-2.0/subsref_data.c,
- lasso/xml/id-wsf-2.0/subsref_data_response.c,
- lasso/xml/id-wsf-2.0/subsref_delete.c,
- lasso/xml/id-wsf-2.0/subsref_delete_item.c,
- lasso/xml/id-wsf-2.0/subsref_delete_response.c,
- lasso/xml/id-wsf-2.0/subsref_item_data.c,
- lasso/xml/id-wsf-2.0/subsref_modify.c,
- lasso/xml/id-wsf-2.0/subsref_modify_item.c,
- lasso/xml/id-wsf-2.0/subsref_modify_response.c,
- lasso/xml/id-wsf-2.0/subsref_notification.c,
- lasso/xml/id-wsf-2.0/subsref_notify.c,
- lasso/xml/id-wsf-2.0/subsref_notify_response.c,
- lasso/xml/id-wsf-2.0/subsref_query.c,
- lasso/xml/id-wsf-2.0/subsref_query_item.c,
- lasso/xml/id-wsf-2.0/subsref_query_response.c,
- lasso/xml/id-wsf-2.0/subsref_result_query.c,
- lasso/xml/id-wsf-2.0/subsref_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_test_item.c,
- lasso/xml/id-wsf-2.0/util_empty.c,
- lasso/xml/id-wsf-2.0/util_extension.c,
- lasso/xml/id-wsf-2.0/util_response.c,
- lasso/xml/id-wsf-2.0/util_status.c, lasso/xml/is_help.c,
- lasso/xml/is_inquiry.c, lasso/xml/is_inquiry_element.c,
- lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_statement.c, lasso/xml/is_item.c,
- lasso/xml/is_parameter.c, lasso/xml/is_redirect_request.c,
- lasso/xml/is_select.c, lasso/xml/is_text.c,
- lasso/xml/is_user_interaction.c, lasso/xml/lib_assertion.c,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_authn_context.c, lasso/xml/lib_authn_request.c,
- lasso/xml/lib_authn_request_envelope.c,
- lasso/xml/lib_authn_response.c,
- lasso/xml/lib_authn_response_envelope.c,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_idp_entries.c, lasso/xml/lib_idp_entry.c,
- lasso/xml/lib_idp_list.c, lasso/xml/lib_logout_request.c,
- lasso/xml/lib_logout_response.c,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_register_name_identifier_response.c,
- lasso/xml/lib_request_authn_context.c, lasso/xml/lib_scoping.c,
- lasso/xml/lib_status_response.c, lasso/xml/lib_subject.c,
- lasso/xml/misc_text_node.c, lasso/xml/private.h,
- lasso/xml/sa_credentials.c, lasso/xml/sa_parameter.c,
- lasso/xml/sa_password_transforms.c, lasso/xml/sa_sasl_request.c,
- lasso/xml/sa_sasl_response.c, lasso/xml/sa_transform.c,
- lasso/xml/saml-2.0/saml2_action.c,
- lasso/xml/saml-2.0/saml2_advice.c,
- lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/saml2_attribute.c,
- lasso/xml/saml-2.0/saml2_attribute_statement.c,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_audience_restriction.c,
- lasso/xml/saml-2.0/saml2_authn_context.c,
- lasso/xml/saml-2.0/saml2_authn_statement.c,
- lasso/xml/saml-2.0/saml2_authz_decision_statement.c,
- lasso/xml/saml-2.0/saml2_base_idabstract.c,
- lasso/xml/saml-2.0/saml2_condition_abstract.c,
- lasso/xml/saml-2.0/saml2_conditions.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.c,
- lasso/xml/saml-2.0/saml2_evidence.c,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/saml2_one_time_use.c,
- lasso/xml/saml-2.0/saml2_proxy_restriction.c,
- lasso/xml/saml-2.0/saml2_statement_abstract.c,
- lasso/xml/saml-2.0/saml2_subject.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_subject_locality.c,
- lasso/xml/saml-2.0/samlp2_artifact_resolve.c,
- lasso/xml/saml-2.0/samlp2_artifact_response.c,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_attribute_query.c,
- lasso/xml/saml-2.0/samlp2_authn_query.c,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_authz_decision_query.c,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml-2.0/samlp2_idp_entry.c,
- lasso/xml/saml-2.0/samlp2_idp_list.c,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_policy.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.c,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_scoping.c,
- lasso/xml/saml-2.0/samlp2_status.c,
- lasso/xml/saml-2.0/samlp2_status_code.c,
- lasso/xml/saml-2.0/samlp2_status_detail.c,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c,
- lasso/xml/saml-2.0/samlp2_terminate.c, lasso/xml/saml_advice.c,
- lasso/xml/saml_assertion.c, lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_attribute_value.c,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_authentication_statement.c,
- lasso/xml/saml_authority_binding.c,
- lasso/xml/saml_condition_abstract.c, lasso/xml/saml_conditions.c,
- lasso/xml/saml_name_identifier.c,
- lasso/xml/saml_statement_abstract.c, lasso/xml/saml_subject.c,
- lasso/xml/saml_subject_confirmation.c,
- lasso/xml/saml_subject_locality.c,
- lasso/xml/saml_subject_statement.c,
- lasso/xml/saml_subject_statement_abstract.c,
- lasso/xml/samlp_request.c, lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_response.c, lasso/xml/samlp_response_abstract.c,
- lasso/xml/samlp_status.c, lasso/xml/samlp_status_code.c,
- lasso/xml/sec_resource_access_statement.c,
- lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_usage_directive.c, lasso/xml/soap_body.c,
- lasso/xml/soap_detail.c, lasso/xml/soap_envelope.c,
- lasso/xml/soap_fault.c, lasso/xml/soap_header.c,
- lasso/xml/utility_status.c, lasso/xml/ws/wsa_attributed_any.c,
- lasso/xml/ws/wsa_attributed_qname.c,
- lasso/xml/ws/wsa_attributed_unsigned_long.c,
- lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_endpoint_reference.c,
- lasso/xml/ws/wsa_metadata.c, lasso/xml/ws/wsa_problem_action.c,
- lasso/xml/ws/wsa_reference_parameters.c,
- lasso/xml/ws/wsa_relates_to.c, lasso/xml/ws/wsse_embedded.c,
- lasso/xml/ws/wsse_reference.c,
- lasso/xml/ws/wsse_security_header.c,
- lasso/xml/ws/wsse_security_token_reference.c,
- lasso/xml/ws/wsse_transformation_parameters.c,
- lasso/xml/ws/wsse_username_token.c, lasso/xml/ws/wsu_timestamp.c,
- lasso/xml/wsse_security.c, lasso/xml/xml.c, tests/basic_tests.c:
- All: Fix missing field initializer problems
-
- * lots of files: Explicitely set all field of initialized
- structures,
- in order to remove -Wno-missing-field-initilizers from needed
- compiler options when using -Wall -Wextra.
+2010-04-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2009-01-24 09:33 bdauvergne
+ SAML 2.0: lasso_logout_build_response_msg, just verify there is saved data from a previous request before switching them
+ * lasso/saml-2.0/logout.c:
+ There is no need to check what the previous remote provider ID was,
+ just that initial_remote_providerID is not NULL in order to switch
+ request, response and remote_providerID.
- * lasso/utils.h: Core: add macros to assign list of things, rename
- xmlNode related macros
-
- * lasso/utils.h: added new macros, renamed others:
- - macros handling xmlNode are renamed from _node to _xml_node,
- - new macros for assign GList* of specific objects:
- - lasso_assign_list_of_gobjects,
- - lasso_assign_list_of_strings,
- - lasso_assign_new_list_of_gobjects,
- - macros for assigning xmlChar string (we need a specific macros
- because, we must use xmlFree to release the destination string),
- - macros to add string without duping: lasso_list_add_xml_string,
- - macros to add anything non-null (no type cast):
- lasso_list_add_non_null.
+ Fix wrong change g_free -> lasso_release inside example code
-2009-01-24 09:33 bdauvergne
+ Provider: fix problem when reusing the same lists nodes in Descriptors
- * lasso/utils.h: Core: add references handling macros
-
- * lasso/utils.h:
- - add macro lasso_transfer_string and lasso_transfer_gobject,
- to transfer ownership of such objects without copying or
- their changing reference count. The old containing variable is
- NULLed.
- - lasso_list_add_gobject,lasso_list_add_new_gobject: test if the
- added
- object is a GObject, if not do not add it and print a warning.
- - lasso_check_type_equality: this macro use special builtin
- functions
- only with GCC (typeof and __builtin_types_compatible_p) and do
- metaprogramming using anonymous enumeration type to make compile
- time assertions. It is used
- - add macros to release XPathObject XPathContext, macro
- constructor to
- make reference transfert macros (free dest, nullify dest, copy
- src
- to dest without increasing refcount, nullify src), add a macro to
- transfert xpath objects.
-
-2009-01-24 09:33 bdauvergne
-
- * lasso/utils.h: Core: new goto_exit macro which produces warnings
-
- * lasso/utils.h:
- similar macro to goto_exit_if_fail but also produce a printed
- warning.
+ Improve safety by replacing all g_hash_table_destroy use by lasso_release_ghashtable
-2009-01-24 09:33 bdauvergne
+ Improve safety by replacing all g_list_free use by lasso_release_list
- * lasso/utils.h: Core: new macros for adding string to GList
-
- * lasso/utils.h:
- - lasso_list_add_string, add a copy of a string to a GList
+ Improve safety by replacing all g_string_free use by lasso_release_gstring
-2009-01-24 09:33 bdauvergne
+ Improve safety by replacing all g_free use by lasso_release
- * lasso/utils.h: Core: Remove unused macro lasso_warn_deprecated
-
- * lasso/utils.h: remove macros lasso_warn_deprecated, use GCC
- attributes and gtkdoc markers instead.
+ Start an example listing for an IdP SingleSignOn endpoint
-2009-01-22 17:18 dlaniel
+ Free xmlSecKey
- * docs/reference/lasso-sections.txt, docs/reference/lasso.sgml:
- added documentation sections for ID-WSF 2.0 Discovery and
- DataService
+ Fix potential SEGFAULT in _lasso_node_free_custom_element
-2009-01-22 14:46 dlaniel
+ Utils: add lasso_assign_list
- * lasso/id-wsf-2.0/discovery.c, lasso/id-wsf/discovery.h: removed
- unused destroy functions (only defined in .c or .h files)
+ Add lasso_release_gstring
-2009-01-13 13:56 jmliger
+ Utils: add lasso_release_ghashtable
- * fedora, fedora/lasso.spec: Fedora/Redhat spec file
+ SAML 2.0 Profile: remove unused must_sign variable
-2008-12-18 16:05 fpeters
+ First try to check that objects are fully functionals before proceeding
- * lasso/xml/tools.c: correctly check for successful return of
- DSA_verify
+ Fix potential SEGFAULT of an unknown provider
-2008-12-16 16:40 dlaniel
+2010-04-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/saml-2.0/name_id_management.c: check in
- lasso_name_id_management_init_request if HTTP method is supported
+ SAML 2.0: in lasso_saml20_process_federation, only handle the case of PERSISTENT format
+ * lasso/saml-2.0/login.c:
+ in lasso_saml20_process_federation:
+ - if no name id format can be found by the request, use the default from
+ the metadata file (first declared NameIDFormat)
+ - instead of checking if format is TRANSIENT, check if it is PERSISTENT,
+ and proceed with the federation, if not just return 0.
+ - return LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER instead of
+ LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
+ - in any case, check for consent.
-2008-12-12 16:48 dlaniel
+ SAML 2.0: in lasso_saml20_login_validate_request, do not check signature if not necessary
- * lasso/id-wsf/discovery.c, lasso/xml/strings.h: fixed fault code
- and use a more precise fault string
+ SAML 2.0: find binding when only AssertionConsumerServiceURL is set, do not check signature on request if asked
-2008-12-12 16:29 dlaniel
+ SAML 2.0: add internal method to retrieve the binding for an URL
- * lasso/id-wsf/discovery.c: if no identity is found while building
- disco response, create a soap fault response
+ Login: add internal function _lasso_login_must_verify_*signature
-2008-12-01 17:30 bdauvergne
+2010-04-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c: Use assignment macros in id-wsf 2.0
- module
-
- * lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c: use assignment macros to maintain
- proper
- reference counting and ownership of object field values.
+ Login: remove symbol markers in example code
-2008-11-28 15:58 bdauvergne
+ Fix documentation problems
- * lasso.pc.in: Fix lasso.pc.in Cflags field
-
- * lasso.pc.in: cflags must contain include directory
+2010-04-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-11-26 12:26 bdauvergne
+ Ameliorate support for lasso_profile_set_signature_verify_hint
+ * lasso/id-ff/profile.h:
+ - add end symbol for enum LassoProfileSignatureVerifyHint
+ * lasso/id-ff/profile.c:
+ - fix documentation of lasso_profile_set_signature_verify_hint
+ - do not allow to set or return invalid value for the
+ signature_verify_hint attribute.
+ * lasso/saml-2.0/login.c:
+ - handle new enum value
+ * lasso/saml-2.0/profile.c:
+ - handle new enum value
+ - fix missing catch of signature error reporting when
+ signature_verify_hint is IGNORE.
+ * docs/reference/lasso/lasso-sections.txt:
+ - export enums LassoProfileSignatureHint and
+ LassoProfileSignatureVerifyHint
+ * tests/metadata_tests.c:
+ - fix test of all Role enumerations
- * lasso/Makefile.am: Add errors.h.in to EXTRA_DIST
-
- * lasso/Makefile.am: errors.h.in must be distributed.
+2010-04-06 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-11-20 10:44 bdauvergne
+ Revert "Core: add XML schemas for SAML 2.0"
+ This reverts commit 5250c2c89e3983189a3c52cd85ad221ff7b6f64b.
- * AUTHORS: Add me.
+ SAML 2.0: add Destination attribute to requests
+ * lasso/saml-2.0/profile.c:
+ this change make Lasso respect paragraphs 3.4.5.2 (HTTP-Redirect
+ binding securit considerations ) and 3.5.5.2 (the same for HTTP-Post)
+ of the saml-bindings-2.0-os.pdf document, and should allow our Authn
+ Requests to be accepted by shiboleth IdP.
-2008-11-19 16:00 bdauvergne
+ Tools: add usage statement to check-lasso-sections.py
- * lasso/xml/soap_envelope.c: Fix refcounting error in SoapEnvelope
- class
-
- - lasso/xml/soap_envelope.c (lasso_soap_envelope_new): fix
- forgotten
- reference count increase when assigning the body.
+ Docs: add/remove symbols from lasso-sections.txt
-2008-11-14 10:52 bdauvergne
+ ID-WSF 2.0 DST: make lasso_idwsf2_data_service_set_status_code works event if no response is initialized
- * bindings/java/wrapper_top.c: Fix uninitialized local variable
-
- - bindings/java/wrapper_top.c: (gobject_to_jobject_and_ref)
- initialize
- local variable.
+ Tests: add tests for custom namespace functions
-2008-11-10 16:57 bdauvergne
+ ID-FF 1.2 & SAML 2.0: factorize access to role prefix
- * lasso/xml/tools.c: Add support to in memory private key to
- lasso_query_sign
-
- - lasso/xml/tools.c: use BIO_new_mem_buf instead of BIO_new_file
- if private_key is not an existing file.
+ Tests: make role descriptor loading test less verbose
+ * tests/metadata_tests.c:
+ remove printf, add checks
-2008-11-05 23:38 bdauvergne
+ Tests: show actual value in check_equals test macro
- * lasso/id-ff/provider.c, lasso/id-ff/server.c: Add missing
- intialization
-
- - lasso/id-ff/provider.c,lasso/id-ff/server.c: add missing
- initialization
- of return code variable.
+ XML: add custom namespace definition handling
-2008-11-05 14:38 bdauvergne
+ SAML 2.0: fix default assertion consumer handling when isDefault is missing
+ * if no default_assertion_consumer value is set after traversing the
+ list of endpoint, try to find the first one without isDefault="false"
+ and finally take the first one.
- * lasso/utils.h: Fix missing include
+ SAML 2.0: fix default assertion consumer handling
+ * the default one is the first with the attribute isDefault not the
+ last.
-2008-11-05 11:23 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/saml-2.0/provider.c: Add log
- message in the metadata loading process
-
- - lasso/id-ff/provider.c, lasso/saml-2.0/provider.c: add critical
- log
- message in each failed loading of metadatas branch cases.
-
-2008-11-05 11:23 bdauvergne
-
- * lasso/Makefile.am, lasso/utils.c, lasso/utils.h: Add new internal
- function to show safe extracts
-
- - lasso/utils.c, lasso/utils.h:
- New internal api lasso_safe_prefix_string that can show any
- string
- taking care of escaping newlines,tabs and non-graphical ou
- non-ASCII
- characters.
-
-2008-11-05 11:23 bdauvergne
-
- * lasso/id-ff/provider.c: Fix uninitialized return code
-
- Thanks Emmanuel Dreyfus
-
-2008-11-04 01:58 bdauvergne
-
- * lasso/xml/xml.c: Fix overwriting of attributes ht by node lists
-
- - lasso/xml/xml.c:
- - In lasso_node_impl_init_from_xml fix really old bug seen when
- running ID-WSF 2 python tests, when looking for snippet_any
- field in the GObject we should not take the any attribute field,
- otherwise the field value is gonna be overwritten with new GList
- nodes. The problem ca be seen only with classes using the two
- kind
- of snippets (ANY nodes and ANY attributs).
-
-2008-11-04 01:58 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-wsf/wsf_profile.c: Change style of error and dellocation
- handling
-
- - lasso/id-ff/provider.c:
- - in lasso_provider_verify_signature use standardised memory and
- error handling macros, and also standard return code variable
- name
- and exit label.
- - in lasso_providerl_load_metadata_from_buffer and
- lasso_provider_load_metadata use the standardised macros, exit
- labels and return code variable.
- - lasso/id-ff/server.c:
- - in lasso_server_load_affiliation use standardised allocation
- and
- error handling macros.
- - lasso/id-wsf/wsf_profile.c:
- - use standardised memory and error handling macros in
- lasso_wsf_profile_build_soap_request_msg.
-
-2008-11-04 01:58 bdauvergne
-
- * lasso/xml/xml.c: Move xmlDoc release after xmlFreeXPath*
-
- - lasso/xml/xml.c:
- - in lasso_node_new_from_soap release xmlDoc (and the contained
- nodes) after the XPath objects that can reference them.
-
-2008-11-04 01:58 bdauvergne
-
- * bindings/java/wrapper_top.c, bindings/php4/lasso_php4_helper.c,
- bindings/php5/wrapper_source_top.c,
- bindings/python/wrapper_top.c, lasso/id-ff/identity.c,
- lasso/id-ff/lecp.c, lasso/id-ff/login.c, lasso/id-ff/logout.c,
- lasso/id-ff/name_registration.c, lasso/id-ff/profile.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/wsf_profile.c, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/name_id_management.c,
- lasso/xml/tools.c, lasso/xml/xml.c, swig/Lasso.i: Remove use of
- xmlFreeDoc for lasso_release_doc
-
- - bindings/java/wrapper_top.c, bindings/php4/lasso_php4_helper.c,
- bindings/php5/wrapper_source_top.c,
- bindings/python/wrapper_top.c,
- lasso/id-ff/identity.c, lasso/id-ff/lecp.c, lasso/id-ff/login.c,
- lasso/id-ff/logout.c, lasso/id-ff/name_registration.c,
- lasso/id-ff/profile.c, lasso/id-ff/provider.c,
- lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/wsf_profile.c, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/name_id_management.c,
- lasso/utils.h, lasso/xml/tools.c, lasso/xml/xml.c, swig/Lasso.i:
- Remove use of xmlFreeDoc. Use lasso_release_doc instead.
-
-2008-11-04 01:58 bdauvergne
-
- * bindings/java/Makefile.am, bindings/php5/Makefile.am,
- bindings/python/Makefile.am: Clean generated files in bindings
-
- * bindings/java/Makefile.am:
- * bindings/php5/Makefile.am:
- * bindings/python/Makefile.am:
- - reformat value and add generated files to the MOSTLYCLEANFILES
- variable
+ Binding python tests: update idwsf1 to explicitely register PP10 HREF
-2008-11-04 01:58 bdauvergne
+ Binding python: update idwsf2 test for method change dst.initResponse -> validateRequest
- * lasso/utils.h: Add new utils macros
-
- - lasso/utils.h:
- - add goto_exit_with_rc a standardized macro that suppose having
- an
- 'int rc' variable and an exit label in the current function.
- - add lasso_release_output_buffer macro
+ XML: do not register any DST namespace by default
-2008-11-04 01:58 bdauvergne
+ XML: add a SNIPPET_COLLECT_NAMESPACES snippet to DstRefResultQuery
- * lasso/utils.h: Fix lasso_assign_node: wrong xmlFreeNodeList
-
- * lasso/utils.h:
- - (lasso_assign_node) This macro wrongly assumes that the destroy
- function for xmlNode is xmlFreeNodeList but it's xmlFreeNode.
- xmlFreeNodeList is for xmlNode list of children.
+ ID-WSF 2.0 Data Service: new accessor, fix use of build_unique_id, change init_response to validate_request
-2008-11-03 15:01 bdauvergne
+ Core: add a SNIPPET_COLLECT_NAMESPACE snippet type
+ * lasso/xml/private.h lasso/xml/xml.c:
+ add a new primary XmlSnippet type for collecting all namespace
+ declaration, following parent relation on current node or one of the
+ child nodes.
- * lasso/xml/xml.c, lasso/xml/xml.h: Restore ABI compatibility wrt
- original_xmlNode
-
- * lasso/xml/xml.c:
- - use set/get_qdata to store the original xmlnode, modify
- init_from_xml and dispose function to cope with this new storage
- place.
- * lasso/xml/xml.h:
- - remove field original_xmlNode from structure LassoNode to keep
- ABI
- compatibility with previous versions.
- - declare new API lasso_node_get_original_xmlnode
+ Binding python: fix use of raise_on_rc, simplift Node.__setstate__
-2008-11-03 14:15 bdauvergne
+ Revert "Make lasso_node_get_xmlNode return original_xmlnode if there is one"
+ This reverts commit dfd8f21ab27d2b25a67a52aadd9d4cdce20ebda5.
- * lasso/xml/xml.c, lasso/xml/xml.h: API to cleanup LassoNode tree
- of keeped xmlNode
-
- * lasso/xml/xml.c:
- - add a new function lasso_node_cleanup_original_xmlnodes to
- disallocate all keeped xmlNode inside a tree of LassoNodes.
- - add internal function lasso_node_traversal to iterate across a
- LassoNode tree (could be used to reimplement lasso_node_destroy)
- It is a preorder traversal.
-
-2008-11-03 14:15 bdauvergne
-
- * lasso/xml/xml.c: Add support for keep_xmlnode flag
-
- * lasso/xml/xml.c:
- - (lasso_node_impl_init_from_xml) When the keep_xmlnode flag is
- true
- for the currently parsed Node class, we copy the parsed xmlNode
- and keep inside the LassoNode.
- - (lasso_node_dispose) if an original_xmlNode is present, we
- disallocate
- it.
-
-2008-11-03 14:15 bdauvergne
-
- * lasso/xml/xml.h: Add original_xmlNode pointer to LassoNode
-
- * lasso/xml/xml.h: add an xmlNode field to base class LassoNode,
- to permit retrieving the xmlNode originally parsed when the
- structure
- is the result of parsing. Will be used by signature checking
- code.
-
-2008-11-03 14:15 bdauvergne
-
- * lasso/xml/private.h: Add keep_xmlnode field to LassoNodeClassData
-
- * lasso/xml/private.h: add a boolean flag named keep_xmlnode to
- base class structure LassoNodeClassData.
-
-2008-11-02 11:49 bdauvergne
-
- * tests/login_tests.c: Add test case for loading server completely
- from memory
-
- * tests/login_test.c:
- - add generateIdentityProviderContextDumpMemory that first load
- metadata, private_key and certificate file using
- g_file_get_contents
- then use the created buffers to initialize a LassoServer object.
- - add test03_serviceProviderLogin that use the new function.
+ Binding python: for empty GList return empty tuples, not None
-2008-11-02 11:49 bdauvergne
+ Docs: remove from documentation comments characters outside ASCII for python bindings
- * lasso/id-ff/provider.c: LassoServer init_from_xml/new_from_buffer
- handling
-
- * lasso/id-ff/server.c: (init_from_xml) if load_metadata fail
- try load_metadata_from_buffer instead using the content of the
- dumped
- nodes.
+ Fix return path in lasso_saml20_process_any_response for signatures checking
-2008-11-02 11:49 bdauvergne
+ fix documentation of lasso_node_debug
- * lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-ff/server.h: Add new constructor
- lasso_server_new_from_buffers
-
- * lasso/id-ff/server.c, lasso/id-ff/server.h: add new function to
- build
- a LassoServer object holding content of certificate and private
- key
- files intead of loading them everytime signing is needed. You
- must
- instead load them yourself the first time.
+ Make lasso_node_get_xmlNode return original_xmlnode if there is one
+ * lasso/xml/xml.c:
+ this change allow session to contain exact copy of received assertion
+ (and not the one lacking signatures) and also to put those assertions
+ directly into message, for example as ID-WSF credentials.
+ But it could have side effect, so for now I will no merge it.
-2008-11-02 11:49 bdauvergne
+2010-03-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-ff/providerprivate.h: Export
- lasso_provider_load_metadata_from_buffer
-
- * lasso/id-ff/providerprivate.h: add declaration for private
- function
- lasso_provider_load_metadata_from_buffer
+ update documentation of lasso_login_build_authn_response_msg
-2008-11-02 11:49 bdauvergne
+ update documentation of lasso_login_build_authn_request_msg
- * lasso/id-ff/provider.c: Add verification of access before calling
- libxml loading function
-
- * lasso/id-ff/provider.c: (lasso_provider_load_metadata) libxml
- emit warning
- when trying to parse non-existing or non-accessible file, so
- verify
- that the file is accessible before calling libxml. (the corner
- case of having warning when the file become inaccessible between
- the two calls is non-interesting)
+ improve documentation of lasso_login_build_artifact_msg
-2008-11-02 11:49 bdauvergne
+ use lasso_release_gobject in lasso_login_destroy
- * lasso/xml/tools.c: First try accessing the file before calling
- key loading functions
-
- * lasso/xml/tools.c: (lasso_sign_node) instead of waiting
- for the xmlsec key loading function to fail before trying to load
- the key directly from the private_key buffer, test it using
- POSIX function.
+ update lasso_login_accept_sso documentation
-2008-11-02 11:49 bdauvergne
-
- * lasso/xml/tools.c: Add possibility to sign using preloaded keys
-
- * lasso/xml/tools.c:
- - (lasso_sign_node) if loading of the private_key or the
- certificate
- file we try to use the filename directly as a key in the PEM
- format.
-
-2008-10-22 03:28 bdauvergne
-
- * lasso/id-wsf/authentication.c, lasso/id-wsf/data_service.c: Add
- missing initializations.
-
-2008-10-16 21:33 bdauvergne
-
- * lasso/lasso.c: Add substitute code for g_strcmp0
-
-2008-10-13 11:44 bdauvergne
-
- * lasso/xml/saml-2.0/samlp2_logout_response.c: Integrate
- modification from Olav Morken <olavmo@stud.ntnu.no>
-
- It fixes bad url encoding of relaystates for logout
- profile. A better fix for all profiles is coming.
-
-2008-10-13 11:44 bdauvergne
-
- * lasso/Makefile.am: add files to nodist_HEADERS to pass distcheck
-
-2008-10-01 10:31 bdauvergne
-
- * bindings/java/Makefile.am, bindings/php5/Makefile.am,
- bindings/python/wrapper_top.c, configure.ac, lasso/debug.h,
- lasso/extract_symbols.py, lasso/id-ff/provider.c, lasso/lasso.c,
- lasso/lasso.h, lasso/xml/tools.c, lasso/xml/xml.c,
- perl/Makefile.am: add functionality to enable debugging flags at
- runtime
-
- This code permit to set flags, separated by commas, space,
- tabulations, or colons. This flags activates debug functions
- like,
- suppressing validations of signatures or print debugging message
- about
- deallocations.
-
- The new flags are defined in /lasso/debug.h they can be set using
- an
- environment variable named LASSO_FLAG or a function named
- lasso_set_flag.
-
- There are two flags currently:
- - verify-signature:
- To deactivate it, pass 'no-verify-signature' inside LASSO_DEBUG.
- It desactivate signature verification, inside two functions:
- lasso_query_verify_signature and lasso_provider_verify_signature.
- - memory-debug:
- It enabled reporting of memory deallocation inside generic memory
- dellaocator for LassoNode objects and also in bindings.
-
- - lasso/xml/xml.c: do not free a null hash table pointer.
+ ID-FF&SAML2: complete documentation of lasso_login_build_assertion
-2008-10-01 10:25 dlaniel
+ Make multiple include loading work in lasso/backward_comp.h
+ * lasso/backward_comp.h
+ add missing BACKWARD_COMP_H define.
- * lasso/id-wsf/wsf_profile.c: cleaned up some code
+ Binding python: fix test file
-2008-10-01 10:08 dlaniel
+ SAML 2.0&ID-FF 1.2: simplify and complete metadata loading for multi-role support
- * lasso/id-wsf/utils.c, lasso/id-wsf/utils.h: fixed docstrings ;
- added an exported function ; reorganised functions in file
+ Core: add XML schemas for SAML 2.0
-2008-10-01 09:55 dlaniel
+ Doc: add all missing methods to documentation section file
+ * add missing LASSO_EXPORT too for functions already present in the
+ documentation, but not exported previously.
- * lasso/id-wsf/utils.c, lasso/id-wsf/wsf_profile.c: fixed segfaults
+ Tools: add script to check for missing functions in lasso-sections.txt
-2008-10-01 09:24 dlaniel
+ XML: in lasso_node_build_xmlNode_from_snippets only set child name if SNIPPET is not of ANY type
- * bindings/java, docs/reference, docs/reference/tmpl, lasso: added
- some svn:ignore to clean up svn status
+ Core: add lasso_set_string_from_prop(char**,xmlNode*,..) function
-2008-10-01 09:11 dlaniel
+ Core: add method to check whether we are IdP or SP of another provider
+ * lasso/id-ff/profile.{c,h}:
+ the method lasso_profile_sso_role_with, evaluate using the current
+ LassoIdentity content if we are in a relation of IdP or SP toward
+ another provider. This is based on the existence of a federation with
+ this provider.
- * tests/data/sp5-saml2/metadata.xml: fixed xml indentation
+ SAML 2.0: add attribute profiles strings
-2008-09-23 15:15 dlaniel
+ SAML 2.0: add support for attribute, authentication and authorization authorities metadata
+ * server.c,serverprivate.h: add new private method
+ lasso_server_get_firs_providerID_by_role(server, role)w
+ * defederation.c: use new private method
+ lasso_server_get_first_providerID_by_role for find providerID
+ when the argument remote_providerID is null in
+ lasso_defederation_init_notification.
+ * lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
+ method lasso_server_get_first_providerID_by_role.
+ * provider.h: add thre new provider role (authn,pdp,attribute) and
+ four new services (authn,assertionid,attribute,authz) and also
+ a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
+ array sizing.
+ * provider.h: add a LAST member to LassoMdProtocolType enum.
+ * providerprivate.h,provider.c:
+ - removes separate hashtable for descriptors depending on provider role,
+ use only one table named Descriptors.
+ - use the LAST members of enumerations to dimention static string arrays.
+ * provider.h: add a LAST member to the e
- * lasso/id-ff/login.c: If ProviderID isn't found in an
- AuthnResponse, immediately return a critical error
+ XML: add support for setting attribute in any namespace using element tree syntax
-2008-09-23 12:05 dlaniel
-
- * tests/data/idp5-saml2, tests/data/sp5-saml2,
- tests/data/sp6-saml2, tools: added some svn:ignore to clean up
- svn status
-
-2008-09-23 10:30 dlaniel
-
- * bindings, bindings/java, bindings/java/com/entrouvert/lasso,
- bindings/php5, bindings/php5/examples, bindings/python, java,
- php, win32: added some svn:ignore to clean up svn status
-
-2008-09-23 09:13 bdauvergne
-
- * bindings/java/wrapper_top.c, bindings/overrides.xml,
- lasso/id-ff/provider.c, lasso/utils.h, lasso/xml/xml.c: Many fix
- to compile with --enable-wsf and --enable-debugging and also to
- remove valgrind errors through python tests.
-
- 1. Rename lasso_wsf_profile_new_full for java bindings (cannot
- subclass
- in overrides of static methods).
- 2. Add const modifiers to many functon signatures in
- bindings/python/wrapper_top.c.
- 3. add initialisation of private_data->encryption_sym_key_type
- (to
- please valgrind) in instance_init of LassoProvider.
- 4. Add new macro to assign xmlNode, we consider xmlNode to be an
- immutable value, and always use xmlCopyNode for assignment. The
- macros is called named lasso_assign_node.
- 5. Fix segfault, when using xmlSec to encrypt the newly created
- encrypted node replace the original node inside the xmlDoc
- structure,
- and the original node is freed automatically. So you cannot
- borrow
- the encrypted if you do not remove it from xmlDoc first.
-
-2008-09-17 13:14 dlaniel
-
- * lasso/id-ff/provider.c: free xmlDoc only once
-
-2008-09-17 12:40 dlaniel
-
- * lasso/id-ff/provider.c: fixed docstring
-
-2008-09-17 09:05 dlaniel
-
- * bindings/php5/php_code.py: php: added a root class to define
- generic getter and setter
-
-2008-09-17 08:32 dlaniel
-
- * lasso/id-ff/server.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/wsf_profile.c: fixed docstrings which fucked php5
- binding
-
-2008-09-16 16:31 dlaniel
-
- * lasso/id-ff/identity.c, lasso/id-ff/login.c,
- lasso/id-ff/server.c, lasso/id-ff/session.c,
- lasso/id-wsf/authentication.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/personal_profile_service.c,
- lasso/id-wsf/wsf_profile.c, lasso/xml/is_select.c,
- lasso/xml/is_select.h, lasso/xml/sec_resource_access_statement.c,
- perl/Makefile.am, swig/Lasso-wsf-is.i: fixed various bugs with
- new compilation flags
-
-2008-09-16 13:02 dlaniel
-
- * configure.ac: enable optimisation flag when not debugging
-
-2008-09-12 15:06 bdauvergne
-
- * bindings/bindings.py, bindings/ghashtable.h,
- bindings/java/lang.py, bindings/java/wrapper_top.c,
- bindings/php4/lang.py, bindings/php4/lasso_php4_helper.c,
- bindings/php5/lang.py, bindings/php5/php_code.py,
- bindings/php5/wrapper_header.py, bindings/php5/wrapper_source.py,
- bindings/php5/wrapper_source_top.c, bindings/python/lang.py,
- bindings/python/tests/XmlTestRunner.py,
- bindings/python/tests/binding_tests.py,
- bindings/python/tests/idwsf1_tests.py,
- bindings/python/tests/idwsf2_tests.py,
- bindings/python/tests/profiles_tests.py,
- bindings/python/tests/tests.py, bindings/python/wrapper_top.c,
- bindings/utils.py, lasso/errors.h, lasso/export.h,
- lasso/id-ff/defederation.c, lasso/id-ff/defederation.h,
- lasso/id-ff/federation.c, lasso/id-ff/federation.h,
- lasso/id-ff/identity.c, lasso/id-ff/identity.h,
- lasso/id-ff/identityprivate.h, lasso/id-ff/lecp.c,
- lasso/id-ff/lecp.h, lasso/id-ff/login.c, lasso/id-ff/login.h,
- lasso/id-ff/loginprivate.h, lasso/id-ff/logout.c,
- lasso/id-ff/logout.h, lasso/id-ff/logoutprivate.h,
- lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/name_identifier_mapping.h,
- lasso/id-ff/name_registration.c, lasso/id-ff/name_registration.h,
- lasso/id-ff/profile.c, lasso/id-ff/profile.h,
- lasso/id-ff/profileprivate.h, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/id-ff/providerprivate.h,
- lasso/id-ff/server.c, lasso/id-ff/server.h,
- lasso/id-ff/serverprivate.h, lasso/id-ff/session.c,
- lasso/id-ff/session.h, lasso/id-ff/sessionprivate.h,
- lasso/id-wsf-2.0/data_service.c, lasso/id-wsf-2.0/data_service.h,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/discovery.h,
- lasso/id-wsf-2.0/identity.h, lasso/id-wsf-2.0/profile.c,
- lasso/id-wsf-2.0/profile.h, lasso/id-wsf-2.0/server.h,
- lasso/id-wsf-2.0/session.h, lasso/id-wsf/authentication.c,
- lasso/id-wsf/authentication.h, lasso/id-wsf/data_service.c,
- lasso/id-wsf/data_service.h, lasso/id-wsf/data_service_private.h,
- lasso/id-wsf/discovery.c, lasso/id-wsf/discovery.h,
- lasso/id-wsf/identity.h,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/interaction_profile_service.h,
- lasso/id-wsf/personal_profile_service.c,
- lasso/id-wsf/personal_profile_service.h, lasso/id-wsf/utils.c,
- lasso/id-wsf/utils.h, lasso/id-wsf/wsf_profile.c,
- lasso/id-wsf/wsf_profile.h, lasso/id-wsf/wsf_profile_private.h,
- lasso/lasso.c, lasso/lasso.h, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/assertion_query.h, lasso/saml-2.0/ecp.c,
- lasso/saml-2.0/ecp.h, lasso/saml-2.0/ecpprivate.h,
- lasso/saml-2.0/federation.c, lasso/saml-2.0/federationprivate.h,
- lasso/saml-2.0/login.c, lasso/saml-2.0/loginprivate.h,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/logoutprivate.h,
- lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/name_id_management.h, lasso/saml-2.0/profile.c,
- lasso/saml-2.0/profile.h, lasso/saml-2.0/profileprivate.h,
- lasso/saml-2.0/provider.c, lasso/saml-2.0/providerprivate.h,
- lasso/saml-2.0/server.c, lasso/saml-2.0/serverprivate.h,
- lasso/utils.h, lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_requester.h,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authenticate_session_context.h,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_authorize_requester.h,
- lasso/xml/disco_credentials.c, lasso/xml/disco_credentials.h,
- lasso/xml/disco_description.c, lasso/xml/disco_description.h,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypt_resource_id.h,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.h,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_generate_bearer_token.h,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_insert_entry.h,
- lasso/xml/disco_modify.c, lasso/xml/disco_modify.h,
- lasso/xml/disco_modify_response.c,
- lasso/xml/disco_modify_response.h, lasso/xml/disco_options.c,
- lasso/xml/disco_options.h, lasso/xml/disco_query.c,
- lasso/xml/disco_query.h, lasso/xml/disco_query_response.c,
- lasso/xml/disco_query_response.h, lasso/xml/disco_remove_entry.c,
- lasso/xml/disco_remove_entry.h,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_requested_service_type.h,
- lasso/xml/disco_resource_id.c, lasso/xml/disco_resource_id.h,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_resource_offering.h,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_send_single_logout.h,
- lasso/xml/disco_service_instance.c,
- lasso/xml/disco_service_instance.h, lasso/xml/ds_key_info.c,
- lasso/xml/ds_key_info.h, lasso/xml/ds_key_value.c,
- lasso/xml/ds_key_value.h, lasso/xml/ds_rsa_key_value.c,
- lasso/xml/ds_rsa_key_value.h, lasso/xml/dst_data.c,
- lasso/xml/dst_data.h, lasso/xml/dst_modification.c,
- lasso/xml/dst_modification.h, lasso/xml/dst_modify.c,
- lasso/xml/dst_modify.h, lasso/xml/dst_modify_response.c,
- lasso/xml/dst_modify_response.h, lasso/xml/dst_new_data.c,
- lasso/xml/dst_new_data.h, lasso/xml/dst_query.c,
- lasso/xml/dst_query.h, lasso/xml/dst_query_item.c,
- lasso/xml/dst_query_item.h, lasso/xml/dst_query_response.c,
- lasso/xml/dst_query_response.h,
- lasso/xml/id-wsf-2.0/disco_abstract.c,
- lasso/xml/id-wsf-2.0/disco_abstract.h,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.c,
- lasso/xml/id-wsf-2.0/disco_endpoint_context.h,
- lasso/xml/id-wsf-2.0/disco_keys.c,
- lasso/xml/id-wsf-2.0/disco_keys.h,
- lasso/xml/id-wsf-2.0/disco_options.c,
- lasso/xml/id-wsf-2.0/disco_options.h,
- lasso/xml/id-wsf-2.0/disco_provider_id.c,
- lasso/xml/id-wsf-2.0/disco_provider_id.h,
- lasso/xml/id-wsf-2.0/disco_query.c,
- lasso/xml/id-wsf-2.0/disco_query.h,
- lasso/xml/id-wsf-2.0/disco_query_response.c,
- lasso/xml/id-wsf-2.0/disco_query_response.h,
- lasso/xml/id-wsf-2.0/disco_requested_service.c,
- lasso/xml/id-wsf-2.0/disco_requested_service.h,
- lasso/xml/id-wsf-2.0/disco_security_context.c,
- lasso/xml/id-wsf-2.0/disco_security_context.h,
- lasso/xml/id-wsf-2.0/disco_service_context.c,
- lasso/xml/id-wsf-2.0/disco_service_context.h,
- lasso/xml/id-wsf-2.0/disco_service_type.c,
- lasso/xml/id-wsf-2.0/disco_service_type.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_add_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_delete_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_association_query_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_delete_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_register_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace.h,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_replace_response.h,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.c,
- lasso/xml/id-wsf-2.0/disco_svc_metadata.h,
- lasso/xml/id-wsf-2.0/dst_data_response_base.c,
- lasso/xml/id-wsf-2.0/dst_data_response_base.h,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.c,
- lasso/xml/id-wsf-2.0/dst_delete_item_base.h,
- lasso/xml/id-wsf-2.0/dst_delete_response.c,
- lasso/xml/id-wsf-2.0/dst_delete_response.h,
- lasso/xml/id-wsf-2.0/dst_request.c,
- lasso/xml/id-wsf-2.0/dst_request.h,
- lasso/xml/id-wsf-2.0/dst_result_query_base.c,
- lasso/xml/id-wsf-2.0/dst_result_query_base.h,
- lasso/xml/id-wsf-2.0/dst_test_item_base.c,
- lasso/xml/id-wsf-2.0/dst_test_item_base.h,
- lasso/xml/id-wsf-2.0/dstref_app_data.c,
- lasso/xml/id-wsf-2.0/dstref_app_data.h,
- lasso/xml/id-wsf-2.0/dstref_create.c,
- lasso/xml/id-wsf-2.0/dstref_create.h,
- lasso/xml/id-wsf-2.0/dstref_create_item.c,
- lasso/xml/id-wsf-2.0/dstref_create_item.h,
- lasso/xml/id-wsf-2.0/dstref_create_response.c,
- lasso/xml/id-wsf-2.0/dstref_create_response.h,
- lasso/xml/id-wsf-2.0/dstref_data.c,
- lasso/xml/id-wsf-2.0/dstref_data.h,
- lasso/xml/id-wsf-2.0/dstref_data_response.c,
- lasso/xml/id-wsf-2.0/dstref_data_response.h,
- lasso/xml/id-wsf-2.0/dstref_delete.c,
- lasso/xml/id-wsf-2.0/dstref_delete.h,
- lasso/xml/id-wsf-2.0/dstref_delete_item.c,
- lasso/xml/id-wsf-2.0/dstref_delete_item.h,
- lasso/xml/id-wsf-2.0/dstref_delete_response.c,
- lasso/xml/id-wsf-2.0/dstref_delete_response.h,
- lasso/xml/id-wsf-2.0/dstref_item_data.c,
- lasso/xml/id-wsf-2.0/dstref_item_data.h,
- lasso/xml/id-wsf-2.0/dstref_modify.c,
- lasso/xml/id-wsf-2.0/dstref_modify.h,
- lasso/xml/id-wsf-2.0/dstref_modify_item.c,
- lasso/xml/id-wsf-2.0/dstref_modify_item.h,
- lasso/xml/id-wsf-2.0/dstref_modify_response.c,
- lasso/xml/id-wsf-2.0/dstref_modify_response.h,
- lasso/xml/id-wsf-2.0/dstref_query.c,
- lasso/xml/id-wsf-2.0/dstref_query.h,
- lasso/xml/id-wsf-2.0/dstref_query_item.c,
- lasso/xml/id-wsf-2.0/dstref_query_item.h,
- lasso/xml/id-wsf-2.0/dstref_query_response.c,
- lasso/xml/id-wsf-2.0/dstref_query_response.h,
- lasso/xml/id-wsf-2.0/dstref_result_query.c,
- lasso/xml/id-wsf-2.0/dstref_result_query.h,
- lasso/xml/id-wsf-2.0/dstref_test_item.c,
- lasso/xml/id-wsf-2.0/dstref_test_item.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_request.h,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.c,
- lasso/xml/id-wsf-2.0/ims_identity_mapping_response.h,
- lasso/xml/id-wsf-2.0/ims_mapping_input.c,
- lasso/xml/id-wsf-2.0/ims_mapping_input.h,
- lasso/xml/id-wsf-2.0/ims_mapping_output.c,
- lasso/xml/id-wsf-2.0/ims_mapping_output.h,
- lasso/xml/id-wsf-2.0/is_help.c, lasso/xml/id-wsf-2.0/is_help.h,
- lasso/xml/id-wsf-2.0/is_inquiry.c,
- lasso/xml/id-wsf-2.0/is_inquiry.h,
- lasso/xml/id-wsf-2.0/is_inquiry_element.c,
- lasso/xml/id-wsf-2.0/is_inquiry_element.h,
- lasso/xml/id-wsf-2.0/is_interaction_request.c,
- lasso/xml/id-wsf-2.0/is_interaction_request.h,
- lasso/xml/id-wsf-2.0/is_interaction_response.c,
- lasso/xml/id-wsf-2.0/is_interaction_response.h,
- lasso/xml/id-wsf-2.0/is_interaction_statement.c,
- lasso/xml/id-wsf-2.0/is_interaction_statement.h,
- lasso/xml/id-wsf-2.0/is_item.c, lasso/xml/id-wsf-2.0/is_item.h,
- lasso/xml/id-wsf-2.0/is_parameter.c,
- lasso/xml/id-wsf-2.0/is_parameter.h,
- lasso/xml/id-wsf-2.0/is_select.c,
- lasso/xml/id-wsf-2.0/is_select.h, lasso/xml/id-wsf-2.0/is_text.c,
- lasso/xml/id-wsf-2.0/is_text.h,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.c,
- lasso/xml/id-wsf-2.0/ps_add_collection_response.h,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_entity_response.h,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.c,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_response.h,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_add_to_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_request.h,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.c,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.h,
- lasso/xml/id-wsf-2.0/ps_item_data.c,
- lasso/xml/id-wsf-2.0/ps_item_data.h,
- lasso/xml/id-wsf-2.0/ps_list_members_request.c,
- lasso/xml/id-wsf-2.0/ps_list_members_request.h,
- lasso/xml/id-wsf-2.0/ps_list_members_response.c,
- lasso/xml/id-wsf-2.0/ps_list_members_response.h,
- lasso/xml/id-wsf-2.0/ps_notification.c,
- lasso/xml/id-wsf-2.0/ps_notification.h,
- lasso/xml/id-wsf-2.0/ps_notify.c,
- lasso/xml/id-wsf-2.0/ps_notify.h,
- lasso/xml/id-wsf-2.0/ps_object.c,
- lasso/xml/id-wsf-2.0/ps_object.h,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_request.h,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.c,
- lasso/xml/id-wsf-2.0/ps_query_objects_response.h,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.c,
- lasso/xml/id-wsf-2.0/ps_remove_from_collection_request.h,
- lasso/xml/id-wsf-2.0/ps_request_abstract.c,
- lasso/xml/id-wsf-2.0/ps_request_abstract.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_request.h,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.c,
- lasso/xml/id-wsf-2.0/ps_resolve_identifier_response.h,
- lasso/xml/id-wsf-2.0/ps_resolve_input.c,
- lasso/xml/id-wsf-2.0/ps_resolve_input.h,
- lasso/xml/id-wsf-2.0/ps_response_abstract.c,
- lasso/xml/id-wsf-2.0/ps_response_abstract.h,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.c,
- lasso/xml/id-wsf-2.0/ps_set_object_info_request.h,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_request.h,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.c,
- lasso/xml/id-wsf-2.0/ps_test_membership_response.h,
- lasso/xml/id-wsf-2.0/sb2_consent.c,
- lasso/xml/id-wsf-2.0/sb2_consent.h,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.c,
- lasso/xml/id-wsf-2.0/sb2_credentials_context.h,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.c,
- lasso/xml/id-wsf-2.0/sb2_endpoint_update.h,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.c,
- lasso/xml/id-wsf-2.0/sb2_redirect_request.h,
- lasso/xml/id-wsf-2.0/sb2_sender.c,
- lasso/xml/id-wsf-2.0/sb2_sender.h,
- lasso/xml/id-wsf-2.0/sb2_target_identity.c,
- lasso/xml/id-wsf-2.0/sb2_target_identity.h,
- lasso/xml/id-wsf-2.0/sb2_timeout.c,
- lasso/xml/id-wsf-2.0/sb2_timeout.h,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.c,
- lasso/xml/id-wsf-2.0/sb2_usage_directive.h,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c,
- lasso/xml/id-wsf-2.0/sb2_user_interaction_header.h,
- lasso/xml/id-wsf-2.0/sbf_framework.c,
- lasso/xml/id-wsf-2.0/sbf_framework.h,
- lasso/xml/id-wsf-2.0/sec_token.c,
- lasso/xml/id-wsf-2.0/sec_token.h,
- lasso/xml/id-wsf-2.0/sec_token_policy.c,
- lasso/xml/id-wsf-2.0/sec_token_policy.h,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.c,
- lasso/xml/id-wsf-2.0/sec_transited_provider_path.h,
- lasso/xml/id-wsf-2.0/subs_notification.c,
- lasso/xml/id-wsf-2.0/subs_notification.h,
- lasso/xml/id-wsf-2.0/subs_notify_response.c,
- lasso/xml/id-wsf-2.0/subs_notify_response.h,
- lasso/xml/id-wsf-2.0/subs_ref_item.c,
- lasso/xml/id-wsf-2.0/subs_ref_item.h,
- lasso/xml/id-wsf-2.0/subs_subscription.c,
- lasso/xml/id-wsf-2.0/subs_subscription.h,
- lasso/xml/id-wsf-2.0/subsref_app_data.c,
- lasso/xml/id-wsf-2.0/subsref_app_data.h,
- lasso/xml/id-wsf-2.0/subsref_create.c,
- lasso/xml/id-wsf-2.0/subsref_create.h,
- lasso/xml/id-wsf-2.0/subsref_create_item.c,
- lasso/xml/id-wsf-2.0/subsref_create_item.h,
- lasso/xml/id-wsf-2.0/subsref_create_response.c,
- lasso/xml/id-wsf-2.0/subsref_create_response.h,
- lasso/xml/id-wsf-2.0/subsref_data.c,
- lasso/xml/id-wsf-2.0/subsref_data.h,
- lasso/xml/id-wsf-2.0/subsref_data_response.c,
- lasso/xml/id-wsf-2.0/subsref_data_response.h,
- lasso/xml/id-wsf-2.0/subsref_delete.c,
- lasso/xml/id-wsf-2.0/subsref_delete.h,
- lasso/xml/id-wsf-2.0/subsref_delete_item.c,
- lasso/xml/id-wsf-2.0/subsref_delete_item.h,
- lasso/xml/id-wsf-2.0/subsref_delete_response.c,
- lasso/xml/id-wsf-2.0/subsref_delete_response.h,
- lasso/xml/id-wsf-2.0/subsref_item_data.c,
- lasso/xml/id-wsf-2.0/subsref_item_data.h,
- lasso/xml/id-wsf-2.0/subsref_modify.c,
- lasso/xml/id-wsf-2.0/subsref_modify.h,
- lasso/xml/id-wsf-2.0/subsref_modify_item.c,
- lasso/xml/id-wsf-2.0/subsref_modify_item.h,
- lasso/xml/id-wsf-2.0/subsref_modify_response.c,
- lasso/xml/id-wsf-2.0/subsref_modify_response.h,
- lasso/xml/id-wsf-2.0/subsref_notification.c,
- lasso/xml/id-wsf-2.0/subsref_notification.h,
- lasso/xml/id-wsf-2.0/subsref_notify.c,
- lasso/xml/id-wsf-2.0/subsref_notify.h,
- lasso/xml/id-wsf-2.0/subsref_notify_response.c,
- lasso/xml/id-wsf-2.0/subsref_notify_response.h,
- lasso/xml/id-wsf-2.0/subsref_query.c,
- lasso/xml/id-wsf-2.0/subsref_query.h,
- lasso/xml/id-wsf-2.0/subsref_query_item.c,
- lasso/xml/id-wsf-2.0/subsref_query_item.h,
- lasso/xml/id-wsf-2.0/subsref_query_response.c,
- lasso/xml/id-wsf-2.0/subsref_query_response.h,
- lasso/xml/id-wsf-2.0/subsref_result_query.c,
- lasso/xml/id-wsf-2.0/subsref_result_query.h,
- lasso/xml/id-wsf-2.0/subsref_subscription.c,
- lasso/xml/id-wsf-2.0/subsref_subscription.h,
- lasso/xml/id-wsf-2.0/subsref_test_item.c,
- lasso/xml/id-wsf-2.0/subsref_test_item.h,
- lasso/xml/id-wsf-2.0/util_empty.c,
- lasso/xml/id-wsf-2.0/util_empty.h,
- lasso/xml/id-wsf-2.0/util_extension.c,
- lasso/xml/id-wsf-2.0/util_extension.h,
- lasso/xml/id-wsf-2.0/util_response.c,
- lasso/xml/id-wsf-2.0/util_response.h,
- lasso/xml/id-wsf-2.0/util_status.c,
- lasso/xml/id-wsf-2.0/util_status.h, lasso/xml/is_help.c,
- lasso/xml/is_help.h, lasso/xml/is_inquiry.c,
- lasso/xml/is_inquiry.h, lasso/xml/is_inquiry_element.c,
- lasso/xml/is_inquiry_element.h,
- lasso/xml/is_interaction_request.c,
- lasso/xml/is_interaction_request.h,
- lasso/xml/is_interaction_response.c,
- lasso/xml/is_interaction_response.h,
- lasso/xml/is_interaction_statement.c,
- lasso/xml/is_interaction_statement.h, lasso/xml/is_item.c,
- lasso/xml/is_item.h, lasso/xml/is_parameter.c,
- lasso/xml/is_parameter.h, lasso/xml/is_redirect_request.c,
- lasso/xml/is_redirect_request.h, lasso/xml/is_select.c,
- lasso/xml/is_select.h, lasso/xml/is_text.c, lasso/xml/is_text.h,
- lasso/xml/is_user_interaction.c, lasso/xml/is_user_interaction.h,
- lasso/xml/lib_assertion.c, lasso/xml/lib_assertion.h,
- lasso/xml/lib_authentication_statement.c,
- lasso/xml/lib_authentication_statement.h,
- lasso/xml/lib_authn_context.c, lasso/xml/lib_authn_context.h,
- lasso/xml/lib_authn_request.c, lasso/xml/lib_authn_request.h,
- lasso/xml/lib_authn_request_envelope.c,
- lasso/xml/lib_authn_request_envelope.h,
- lasso/xml/lib_authn_response.c, lasso/xml/lib_authn_response.h,
- lasso/xml/lib_authn_response_envelope.c,
- lasso/xml/lib_authn_response_envelope.h,
- lasso/xml/lib_federation_termination_notification.c,
- lasso/xml/lib_federation_termination_notification.h,
- lasso/xml/lib_idp_entries.c, lasso/xml/lib_idp_entries.h,
- lasso/xml/lib_idp_entry.c, lasso/xml/lib_idp_entry.h,
- lasso/xml/lib_idp_list.c, lasso/xml/lib_idp_list.h,
- lasso/xml/lib_logout_request.c, lasso/xml/lib_logout_request.h,
- lasso/xml/lib_logout_response.c, lasso/xml/lib_logout_response.h,
- lasso/xml/lib_name_identifier_mapping_request.c,
- lasso/xml/lib_name_identifier_mapping_request.h,
- lasso/xml/lib_name_identifier_mapping_response.c,
- lasso/xml/lib_name_identifier_mapping_response.h,
- lasso/xml/lib_register_name_identifier_request.c,
- lasso/xml/lib_register_name_identifier_request.h,
- lasso/xml/lib_register_name_identifier_response.c,
- lasso/xml/lib_register_name_identifier_response.h,
- lasso/xml/lib_request_authn_context.c,
- lasso/xml/lib_request_authn_context.h, lasso/xml/lib_scoping.c,
- lasso/xml/lib_scoping.h, lasso/xml/lib_status_response.c,
- lasso/xml/lib_status_response.h, lasso/xml/lib_subject.c,
- lasso/xml/lib_subject.h, lasso/xml/misc_text_node.c,
- lasso/xml/misc_text_node.h, lasso/xml/private.h,
- lasso/xml/sa_credentials.c, lasso/xml/sa_credentials.h,
- lasso/xml/sa_parameter.c, lasso/xml/sa_parameter.h,
- lasso/xml/sa_password_transforms.c,
- lasso/xml/sa_password_transforms.h, lasso/xml/sa_sasl_request.c,
- lasso/xml/sa_sasl_request.h, lasso/xml/sa_sasl_response.c,
- lasso/xml/sa_sasl_response.h, lasso/xml/sa_transform.c,
- lasso/xml/sa_transform.h, lasso/xml/saml-2.0/saml2_action.c,
- lasso/xml/saml-2.0/saml2_action.h,
- lasso/xml/saml-2.0/saml2_advice.c,
- lasso/xml/saml-2.0/saml2_advice.h,
- lasso/xml/saml-2.0/saml2_assertion.c,
- lasso/xml/saml-2.0/saml2_assertion.h,
- lasso/xml/saml-2.0/saml2_attribute.c,
- lasso/xml/saml-2.0/saml2_attribute.h,
- lasso/xml/saml-2.0/saml2_attribute_statement.c,
- lasso/xml/saml-2.0/saml2_attribute_statement.h,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml-2.0/saml2_attribute_value.h,
- lasso/xml/saml-2.0/saml2_audience_restriction.c,
- lasso/xml/saml-2.0/saml2_audience_restriction.h,
- lasso/xml/saml-2.0/saml2_authn_context.c,
- lasso/xml/saml-2.0/saml2_authn_context.h,
- lasso/xml/saml-2.0/saml2_authn_statement.c,
- lasso/xml/saml-2.0/saml2_authn_statement.h,
- lasso/xml/saml-2.0/saml2_authz_decision_statement.c,
- lasso/xml/saml-2.0/saml2_authz_decision_statement.h,
- lasso/xml/saml-2.0/saml2_base_idabstract.c,
- lasso/xml/saml-2.0/saml2_base_idabstract.h,
- lasso/xml/saml-2.0/saml2_condition_abstract.c,
- lasso/xml/saml-2.0/saml2_condition_abstract.h,
- lasso/xml/saml-2.0/saml2_conditions.c,
- lasso/xml/saml-2.0/saml2_conditions.h,
- lasso/xml/saml-2.0/saml2_encrypted_element.c,
- lasso/xml/saml-2.0/saml2_encrypted_element.h,
- lasso/xml/saml-2.0/saml2_evidence.c,
- lasso/xml/saml-2.0/saml2_evidence.h,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_key_info_confirmation_data.h,
- lasso/xml/saml-2.0/saml2_name_id.c,
- lasso/xml/saml-2.0/saml2_name_id.h,
- lasso/xml/saml-2.0/saml2_one_time_use.c,
- lasso/xml/saml-2.0/saml2_one_time_use.h,
- lasso/xml/saml-2.0/saml2_proxy_restriction.c,
- lasso/xml/saml-2.0/saml2_proxy_restriction.h,
- lasso/xml/saml-2.0/saml2_statement_abstract.c,
- lasso/xml/saml-2.0/saml2_statement_abstract.h,
- lasso/xml/saml-2.0/saml2_subject.c,
- lasso/xml/saml-2.0/saml2_subject.h,
- lasso/xml/saml-2.0/saml2_subject_confirmation.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation.h,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.c,
- lasso/xml/saml-2.0/saml2_subject_confirmation_data.h,
- lasso/xml/saml-2.0/saml2_subject_locality.c,
- lasso/xml/saml-2.0/saml2_subject_locality.h,
- lasso/xml/saml-2.0/samlp2_artifact_resolve.c,
- lasso/xml/saml-2.0/samlp2_artifact_resolve.h,
- lasso/xml/saml-2.0/samlp2_artifact_response.c,
- lasso/xml/saml-2.0/samlp2_artifact_response.h,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.c,
- lasso/xml/saml-2.0/samlp2_assertion_id_request.h,
- lasso/xml/saml-2.0/samlp2_attribute_query.c,
- lasso/xml/saml-2.0/samlp2_attribute_query.h,
- lasso/xml/saml-2.0/samlp2_authn_query.c,
- lasso/xml/saml-2.0/samlp2_authn_query.h,
- lasso/xml/saml-2.0/samlp2_authn_request.c,
- lasso/xml/saml-2.0/samlp2_authn_request.h,
- lasso/xml/saml-2.0/samlp2_authz_decision_query.c,
- lasso/xml/saml-2.0/samlp2_authz_decision_query.h,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml-2.0/samlp2_extensions.h,
- lasso/xml/saml-2.0/samlp2_idp_entry.c,
- lasso/xml/saml-2.0/samlp2_idp_entry.h,
- lasso/xml/saml-2.0/samlp2_idp_list.c,
- lasso/xml/saml-2.0/samlp2_idp_list.h,
- lasso/xml/saml-2.0/samlp2_logout_request.c,
- lasso/xml/saml-2.0/samlp2_logout_request.h,
- lasso/xml/saml-2.0/samlp2_logout_response.c,
- lasso/xml/saml-2.0/samlp2_logout_response.h,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_request.h,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.h,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_request.h,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c,
- lasso/xml/saml-2.0/samlp2_name_id_mapping_response.h,
- lasso/xml/saml-2.0/samlp2_name_id_policy.c,
- lasso/xml/saml-2.0/samlp2_name_id_policy.h,
- lasso/xml/saml-2.0/samlp2_request_abstract.c,
- lasso/xml/saml-2.0/samlp2_request_abstract.h,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.c,
- lasso/xml/saml-2.0/samlp2_requested_authn_context.h,
- lasso/xml/saml-2.0/samlp2_response.c,
- lasso/xml/saml-2.0/samlp2_response.h,
- lasso/xml/saml-2.0/samlp2_scoping.c,
- lasso/xml/saml-2.0/samlp2_scoping.h,
- lasso/xml/saml-2.0/samlp2_status.c,
- lasso/xml/saml-2.0/samlp2_status.h,
- lasso/xml/saml-2.0/samlp2_status_code.c,
- lasso/xml/saml-2.0/samlp2_status_code.h,
- lasso/xml/saml-2.0/samlp2_status_detail.c,
- lasso/xml/saml-2.0/samlp2_status_detail.h,
- lasso/xml/saml-2.0/samlp2_status_response.c,
- lasso/xml/saml-2.0/samlp2_status_response.h,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.c,
- lasso/xml/saml-2.0/samlp2_subject_query_abstract.h,
- lasso/xml/saml-2.0/samlp2_terminate.c,
- lasso/xml/saml-2.0/samlp2_terminate.h, lasso/xml/saml_advice.c,
- lasso/xml/saml_advice.h, lasso/xml/saml_assertion.c,
- lasso/xml/saml_assertion.h, lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute.h,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_designator.h,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_attribute_statement.h,
- lasso/xml/saml_attribute_value.c,
- lasso/xml/saml_attribute_value.h,
- lasso/xml/saml_audience_restriction_condition.c,
- lasso/xml/saml_audience_restriction_condition.h,
- lasso/xml/saml_authentication_statement.c,
- lasso/xml/saml_authentication_statement.h,
- lasso/xml/saml_authority_binding.c,
- lasso/xml/saml_authority_binding.h,
- lasso/xml/saml_condition_abstract.c,
- lasso/xml/saml_condition_abstract.h, lasso/xml/saml_conditions.c,
- lasso/xml/saml_conditions.h, lasso/xml/saml_name_identifier.c,
- lasso/xml/saml_name_identifier.h,
- lasso/xml/saml_statement_abstract.c,
- lasso/xml/saml_statement_abstract.h, lasso/xml/saml_subject.c,
- lasso/xml/saml_subject.h, lasso/xml/saml_subject_confirmation.c,
- lasso/xml/saml_subject_confirmation.h,
- lasso/xml/saml_subject_locality.c,
- lasso/xml/saml_subject_locality.h,
- lasso/xml/saml_subject_statement.c,
- lasso/xml/saml_subject_statement.h,
- lasso/xml/saml_subject_statement_abstract.c,
- lasso/xml/saml_subject_statement_abstract.h,
- lasso/xml/samlp_request.c, lasso/xml/samlp_request.h,
- lasso/xml/samlp_request_abstract.c,
- lasso/xml/samlp_request_abstract.h, lasso/xml/samlp_response.c,
- lasso/xml/samlp_response.h, lasso/xml/samlp_response_abstract.c,
- lasso/xml/samlp_response_abstract.h, lasso/xml/samlp_status.c,
- lasso/xml/samlp_status.h, lasso/xml/samlp_status_code.c,
- lasso/xml/samlp_status_code.h,
- lasso/xml/sec_resource_access_statement.c,
- lasso/xml/sec_resource_access_statement.h,
- lasso/xml/soap_binding.c, lasso/xml/soap_binding.h,
- lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_consent.h,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_correlation.h,
- lasso/xml/soap_binding_ext_credential.c,
- lasso/xml/soap_binding_ext_credential.h,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_credentials_context.h,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_service_instance_update.h,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_ext_timeout.h,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_processing_context.h,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_provider.h,
- lasso/xml/soap_binding_usage_directive.c,
- lasso/xml/soap_binding_usage_directive.h, lasso/xml/soap_body.c,
- lasso/xml/soap_body.h, lasso/xml/soap_detail.c,
- lasso/xml/soap_detail.h, lasso/xml/soap_envelope.c,
- lasso/xml/soap_envelope.h, lasso/xml/soap_fault.c,
- lasso/xml/soap_fault.h, lasso/xml/soap_header.c,
- lasso/xml/soap_header.h, lasso/xml/strings.h, lasso/xml/tools.c,
- lasso/xml/utility_status.c, lasso/xml/utility_status.h,
- lasso/xml/ws/wsa_attributed_any.c,
- lasso/xml/ws/wsa_attributed_any.h,
- lasso/xml/ws/wsa_attributed_qname.c,
- lasso/xml/ws/wsa_attributed_qname.h,
- lasso/xml/ws/wsa_attributed_unsigned_long.c,
- lasso/xml/ws/wsa_attributed_unsigned_long.h,
- lasso/xml/ws/wsa_attributed_uri.c,
- lasso/xml/ws/wsa_attributed_uri.h,
- lasso/xml/ws/wsa_endpoint_reference.c,
- lasso/xml/ws/wsa_endpoint_reference.h,
- lasso/xml/ws/wsa_metadata.c, lasso/xml/ws/wsa_metadata.h,
- lasso/xml/ws/wsa_problem_action.c,
- lasso/xml/ws/wsa_problem_action.h,
- lasso/xml/ws/wsa_reference_parameters.c,
- lasso/xml/ws/wsa_reference_parameters.h,
- lasso/xml/ws/wsa_relates_to.c, lasso/xml/ws/wsa_relates_to.h,
- lasso/xml/ws/wsse_embedded.c, lasso/xml/ws/wsse_embedded.h,
- lasso/xml/ws/wsse_reference.c, lasso/xml/ws/wsse_reference.h,
- lasso/xml/ws/wsse_security_header.c,
- lasso/xml/ws/wsse_security_header.h,
- lasso/xml/ws/wsse_security_token_reference.c,
- lasso/xml/ws/wsse_security_token_reference.h,
- lasso/xml/ws/wsse_transformation_parameters.c,
- lasso/xml/ws/wsse_transformation_parameters.h,
- lasso/xml/ws/wsse_username_token.c,
- lasso/xml/ws/wsse_username_token.h, lasso/xml/ws/wsu_timestamp.c,
- lasso/xml/ws/wsu_timestamp.h, lasso/xml/wsse_security.c,
- lasso/xml/wsse_security.h, lasso/xml/xml.c, lasso/xml/xml.h,
- lasso/xml/xml_enc.h, php/patch_swig_output.py,
- tests/login_tests.c, tests/perfs.c, tests/random_tests.c,
- tests/tests.c, tools/generate_idwsf2_classes.py,
- website/convert-to-static.py, website/ezt.py: * Remove ending
- blanks
-
-2008-09-12 13:57 bdauvergne
-
- * configure.ac: * Reset CFLAGS when --enable-debugging is used
- (remove -g -O2 value setted by AC_PROG_CC).
- * Show AM_CFLAGS + CFLAGS in resume when configure finish.
-
-2008-09-12 13:57 bdauvergne
-
- * bindings/java/Makefile.am, bindings/php5/Makefile.am,
- bindings/python/Makefile.am: * When --enable-debugging is used,
- add -Wno-xxx options to AM_CFLAGS so that
- bindings compile with -Werror (-Werror is activated by
- --enable-debugging now)
-
-2008-09-12 13:57 bdauvergne
-
- * bindings/python/lang.py, bindings/python/wrapper_top.c: * Add
- G_GNUC_UNUSED for unused parameter we can't remove (python
- wrappers).
-
-2008-09-12 13:57 bdauvergne
-
- * perl/Makefile.am: * Add options when DEBUGGING is activated, i.e.
- to permit compiling when -Werror is used. It removes
- some of the warning for code we do not control.
-
-2008-09-12 13:57 bdauvergne
-
- * bindings/Makefile.am: * Select bindings in bindings/Makefile not
- in bindings/*/Makefile.
-
-2008-09-12 13:57 bdauvergne
-
- * lasso/id-ff/identity.c, lasso/id-ff/login.c,
- lasso/id-ff/logout.c, lasso/id-ff/name_identifier_mapping.c,
- lasso/id-ff/provider.c, lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/discovery.c, lasso/id-wsf-2.0/profile.c,
- lasso/saml-2.0/login.c, lasso/saml-2.0/loginprivate.h,
- lasso/saml-2.0/logout.c, lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/profile.c, lasso/saml-2.0/provider.c,
- lasso/saml-2.0/server.c, lasso/saml-2.0/serverprivate.h,
- lasso/xml/id-wsf-2.0/dst_delete_response.c,
- lasso/xml/id-wsf-2.0/dstref_create_response.c,
- lasso/xml/id-wsf-2.0/dstref_delete_response.c,
- lasso/xml/id-wsf-2.0/subs_notify_response.c,
- lasso/xml/id-wsf-2.0/subsref_create_response.c,
- lasso/xml/id-wsf-2.0/subsref_delete_response.c,
- lasso/xml/id-wsf-2.0/subsref_modify_response.c,
- lasso/xml/id-wsf-2.0/subsref_notify_response.c,
- lasso/xml/id-wsf-2.0/util_empty.c,
- lasso/xml/id-wsf-2.0/util_extension.c,
- lasso/xml/lib_logout_response.c,
- lasso/xml/lib_register_name_identifier_response.c,
- lasso/xml/saml-2.0/saml2_condition_abstract.c,
- lasso/xml/saml-2.0/saml2_one_time_use.c,
- lasso/xml/saml-2.0/saml2_statement_abstract.c,
- lasso/xml/saml-2.0/samlp2_extensions.c,
- lasso/xml/saml-2.0/samlp2_manage_name_id_response.c,
- lasso/xml/saml-2.0/samlp2_status_detail.c,
- lasso/xml/saml-2.0/samlp2_terminate.c,
- lasso/xml/saml_assertion.c, lasso/xml/saml_condition_abstract.c,
- lasso/xml/saml_statement_abstract.c,
- lasso/xml/saml_subject_statement.c,
- lasso/xml/samlp_status_code.c, lasso/xml/tools.c,
- lasso/xml/xml.c: * Remove warnings:
- - remove unused parameter from private function signatures
- - remove unused variable
- - initialize variable potentially accessed uninitialized
- - add G_GNUC_UNUSED if function is public or adhering to an
- interface, and a
- parameter is unused.
- - if ID-WSF is not compiled in, define stubs with G_GNUC_UNUSED
- on parameters.
- The goal is to compile with -Werror.
+ Support SignatureVerifyHint in SAML 2.0 SSO profile and common message handling
-2008-09-12 13:57 bdauvergne
+ Add signature_verify_hint accessor methods to LassoProfile
+ * lasso/id-ff/profile.{c,h}:
+ add a LassoProfileSignatureVerifyHint enumeration and two accessor
+ methods:
+ - lasso_profile_get_signature_verify_hint
+ - lasso_profile_set_signature_verify_hint
+ * lasso/id-ff/profileprivate.h:
+ add private field signature_verify_hint.
- * configure.ac: * Add setting of AM_CFLAGS when --enable-debugging
- is used
- * Export the AM_CFLAGS variable
- * Create a conditionnal for automake named DEBUGGING
- * Show CFLAGS in resume of configuration option
+ Bindings: fix parsing of camelcased ident (Samlp2IDPList -> samlp2,idp,list)
-2008-09-12 10:17 bdauvergne
+ Binding python: fix problem of classes without an initializer
- * lasso/xml/xml.c, tests/basic_tests.c: * Add support of
- lasso_registry to lasso_node_new_from_xmlNode.
- * Add full support for xsi:type, with lookup of the QName
- namespace, will only
- work if lib: namespace is correctly declared in the dumped XML
- fragment.
- * Add a test for the new functionnality in
- lasso_node_new_from_xmlNode.
+ Tests: add macros to test for string equality
-2008-09-04 11:41 bdauvergne
+ Tests: in SAML 2.0 tests, use more check_ macros
- * lasso/errors.c, lasso/errors.h, lasso/registry.c,
- tests/basic_tests.c: Add a new error code, with the REGISTRY
- prefix and use it in registry function
- returning an error code.
- Fix a typo when retrieving a quark string in the registry
- modulke.
- Improve tests for functional mapping.
+ Tests: add macros check_equals and check_not_equals
-2008-09-04 09:44 bdauvergne
+ Core: change GObjectAnnotation of lasso_node_export_to_query to state that private_key_file is optional
- * lasso/id-ff/provider.c, tests/Makefile.am: Fix regression when
- loading a LassoServer from dump.
- Fix an error with -rpath setting in last commit, -rpath must
- always be absolute
- paths.
+ SAML 2.0 XML: add header listing strings from XML schema
-2008-09-03 16:30 dlaniel
-
- * bindings/overrides.xml: don't put registry functions in the
- bindings
-
-2008-08-26 12:51 bdauvergne
-
- * tests/Makefile.am: Add -rpath to LDFLAGS variable to use the
- builded lasso and not the local one.
-
-2008-08-26 12:49 bdauvergne
-
- * lasso/registry-private.h, lasso/registry.c, lasso/registry.h,
- lasso/xml/strings.h, tests/basic_tests.c: Add functional mappings
- and test code that goest with it.
-
-2008-08-26 12:49 bdauvergne
-
- * lasso/id-ff/federation.c: Add namespace for federation XML object
-
-2008-08-26 12:49 bdauvergne
-
- * tests/basic_tests.c: Add test of the two public registry
- functions,
- lasso_registry_default_add_mapping,
- lasso_registry_default_get_mapping.
-
-2008-08-26 12:49 bdauvergne
-
- * lasso/Makefile.am, lasso/registry-private.h, lasso/registry.c,
- lasso/registry.h: Add new module lasso_registry, to handle
- mapping from XML tag to GObject
- classes.
-
-2008-08-26 12:49 bdauvergne
-
- * lasso/id-wsf/wsf_profile.c: Fix changed name of g_assign_string
- in wsf_profile.c
-
-2008-08-26 12:48 bdauvergne
-
- * lasso/id-ff/provider.c, lasso/id-ff/provider.h,
- lasso/id-ff/server.c, lasso/id-ff/server.h: Add public function
- lasso_server_add_provider_from_buffer, to add a provider
- from an XML string of the metadatas (changed semantic of the
- second argument
- compared to lasso_server_add_provider). To support this a new
- public
- LassoProvider constructor was added:
- lasso_provider_new_from_buffer, where the
- second argument is an XML string. It uses a new private function,
- lasso_provider_load_metadata_from_buffer.
-
-2008-08-26 12:48 bdauvergne
-
- * lasso/id-ff/server.c: Add documentation to
- lasso_server_add_service_from_dump.
-
-2008-08-26 12:48 bdauvergne
-
- * lasso/id-ff/server.c: Complete documentation of
- lasso_server_add_service.
-
-2008-08-07 14:54 bdauvergne
-
- * lasso/id-wsf/Makefile.am, lasso/id-wsf/soap_binding.c,
- lasso/id-wsf/soap_binding.h, lasso/soap_binding.c,
- lasso/soap_binding.h, lasso/xml/Makefile.am,
- lasso/xml/soap_binding.c, lasso/xml/soap_binding.h: Move
- soap_binding files from lasso/id-wsf to lasso/xml.
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/java/Makefile.am: Add bindings/javaj/__init__.py to
- EXTRA_DIST
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/bindings.py, bindings/python/lang.py: Lookup
- wrapper_{top,bottom}.c files in the src_dir, useful for VPATH
- build
- (i.e. distcheck). Add top_srcdir/binings to python syspath.
-
-2008-08-05 14:53 bdauvergne
-
- * docs/lasso-book/figures/Makefile.am: $< is already translated to
- the VPATH in pattern rules, no need to prefix with
- $(srcdir). Reflect this in the rule that creates variations of
- svg files for
- the documentation.
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/bindings.py, bindings/java/lang.py,
- bindings/php5/wrapper_source.py,
- bindings/python/tests/Makefile.am,
- bindings/python/tests/idwsf1_tests.py, lasso/build_strerror.py,
- lasso/id-ff/defederation.h, lasso/id-ff/federation.c,
- lasso/id-ff/identity.c, lasso/id-ff/login.c,
- lasso/id-ff/name_registration.h, lasso/id-ff/provider.c,
- lasso/id-ff/provider.h, lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-wsf-2.0/data_service.c,
- lasso/id-wsf-2.0/data_service.h, lasso/id-wsf-2.0/discovery.c,
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h,
- lasso/id-wsf-2.0/server.h, lasso/id-wsf-2.0/session.h,
- lasso/id-wsf/authentication.c, lasso/id-wsf/data_service.c,
- lasso/id-wsf/data_service.h, lasso/id-wsf/discovery.c,
- lasso/id-wsf/interaction_profile_service.c,
- lasso/id-wsf/interaction_profile_service.h,
- lasso/id-wsf/personal_profile_service.c,
- lasso/id-wsf/personal_profile_service.h,
- lasso/id-wsf/soap_binding.c, lasso/id-wsf/wsf_profile.c,
- lasso/id-wsf/wsf_profile.h, lasso/id-wsf/wsf_profile_private.h,
- lasso/saml-2.0/assertion_query.c, lasso/saml-2.0/login.c,
- lasso/saml-2.0/name_id_management.c,
- lasso/saml-2.0/name_id_management.h, lasso/soap_binding.c,
- lasso/soap_binding.h, lasso/xml/disco_authenticate_requester.c,
- lasso/xml/disco_authenticate_session_context.c,
- lasso/xml/disco_authenticate_session_context.h,
- lasso/xml/disco_authorize_requester.c,
- lasso/xml/disco_description.c,
- lasso/xml/disco_encrypt_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.h,
- lasso/xml/disco_generate_bearer_token.c,
- lasso/xml/disco_insert_entry.c, lasso/xml/disco_modify.c,
- lasso/xml/disco_modify_response.c, lasso/xml/disco_options.c,
- lasso/xml/disco_query.c, lasso/xml/disco_query_response.c,
- lasso/xml/disco_requested_service_type.c,
- lasso/xml/disco_resource_offering.c,
- lasso/xml/disco_send_single_logout.c,
- lasso/xml/disco_service_instance.c, lasso/xml/dst_modification.h,
- lasso/xml/dst_modify.h, lasso/xml/dst_modify_response.h,
- lasso/xml/dst_new_data.h, lasso/xml/dst_query.c,
- lasso/xml/dst_query.h, lasso/xml/dst_query_item.c,
- lasso/xml/id-wsf-2.0/disco_svc_md_query_response.h,
- lasso/xml/id-wsf-2.0/ps_add_known_entity_request.h,
- lasso/xml/id-wsf-2.0/ps_get_object_info_response.h,
- lasso/xml/is_interaction_response.c, lasso/xml/is_select.c,
- lasso/xml/is_user_interaction.c, lasso/xml/private.h,
- lasso/xml/sa_credentials.c, lasso/xml/sa_sasl_request.c,
- lasso/xml/sa_sasl_response.c,
- lasso/xml/saml-2.0/saml2_attribute_value.c,
- lasso/xml/saml_advice.c, lasso/xml/saml_advice.h,
- lasso/xml/saml_attribute.c,
- lasso/xml/saml_attribute_designator.c,
- lasso/xml/saml_attribute_statement.c,
- lasso/xml/saml_attribute_value.c,
- lasso/xml/soap_binding_consent.c,
- lasso/xml/soap_binding_correlation.c,
- lasso/xml/soap_binding_ext_credentials_context.c,
- lasso/xml/soap_binding_ext_service_instance_update.c,
- lasso/xml/soap_binding_ext_timeout.c,
- lasso/xml/soap_binding_processing_context.c,
- lasso/xml/soap_binding_provider.c,
- lasso/xml/soap_binding_usage_directive.c, lasso/xml/soap_body.c,
- lasso/xml/tools.c, lasso/xml/xml.c, php/patch_swig_output.py,
- website/convert-to-static.py: * Fix blanks mismatch (space in *.c
- and *h files or tabs in *.py files) and formatting
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/java/wrapper_top.c: * fix typo with
- g_hash_table_remove_all
- * remove unused variable
- * add GNUC_UNUSED to static functions to pass -Werror
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/java/__init__.py: add an __init__.py to make the java
- subdirectory a python module
-
-2008-08-05 14:53 bdauvergne
-
- * lasso/id-wsf-2.0/server.h: exemple of usage of the macro OFTYPE
-
-2008-08-05 14:53 bdauvergne
-
- * lasso/utils.h: new empty macro OFTYPE(x) to specify type of GList
- containers
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/python/Makefile.am: add moved files to EXTRA_DIST
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/php5/Makefile.am: change dependency with respect to
- moved files, add moved files to EXTRA_DIST
-
-2008-08-05 14:53 bdauvergne
-
- * bindings/java/lang.py, bindings/java/wrapper_top.c: use new util
- function to throw exceptions
-
-2008-08-05 14:53 bdauvergne
+2010-03-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/java/Makefile.am: add moved files to EXTRA_DIST
+ SAML 2.0: fix uninitialized variable
-2008-08-05 14:53 bdauvergne
+ ID-WSF 1.0: fix bad header name in all inclusive header lasso/id-wsf/id_wsf.h
- * bindings/bindings.py: add TODOs for parsing OFTYPE in other
- positions
+2010-03-02 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-05 14:53 bdauvergne
+ Binding PHP5 tests: fix assertion dump test
- * bindings/Makefile.am: Remove moved files from EXTRA_DIST
+ XML: move registry mapping into the *_get_type() functions
+ * lassoxml/disco_send_single_logout.c:
+ * lassoxml/id-wsf-2.0/sb2_user_interaction_header.c:
+ * lassoxml/id-wsf-2.0/subsref_app_data.c:
+ * lassoxml/lib_assertion.c:
+ * lassoxml/saml-2.0/saml2_condition_abstract.c:
+ * lassoxml/saml-2.0/saml2_encrypted_element.c:
+ * lassoxml/ws/wsa_attributed_uri.c:
+ * lassoxml/ws/wsa_endpoint_reference.c:
+ class_init is only called the first time an object of the given type
+ is created, registry mappings must exist before this time, so I moved
+ the registration code to the _get_type() functions.
-2008-08-05 14:53 bdauvergne
+ Core: add a level argument to lasso_node_debug
- * bindings/java/Makefile.am, bindings/java/lang.py,
- bindings/java/wrapper_bottom.c, bindings/java/wrapper_top.c,
- bindings/lang_java.py, bindings/lang_java_wrapper_bottom.c,
- bindings/lang_java_wrapper_top.c: Move all files related to java
- into the java subdirectory
+ ID-WSF 2.0: add lasso_soap_envelope_set_relates_to method
-2008-08-05 14:52 bdauvergne
+ Core: add macro to remove gobject from lists
- * bindings/python/__init__.py: Add a module init file to python
- directory.
+2010-03-02 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-05 14:52 bdauvergne
+ Core: export lasso_build_unique_id into public API
+ * lasso/xml/tools.h:
+ add new header to export lasso_build_unique_id as a public API.
- * bindings/lang_php5.py, bindings/lang_php5_helpers/__init__.py,
- bindings/lang_php5_helpers/php_code.py,
- bindings/lang_php5_helpers/wrapper_header.py,
- bindings/lang_php5_helpers/wrapper_source.py,
- bindings/lang_php5_helpers/wrapper_source_top.c,
- bindings/php5/__init__.py, bindings/php5/lang.py,
- bindings/php5/php_code.py, bindings/php5/wrapper_header.py,
- bindings/php5/wrapper_source.py,
- bindings/php5/wrapper_source_top.c: Move all files related to the
- php5 binding inside
- the php5 subdirectory.
+ * lasso/xml/Makefile.am:
+ add tools.h to header list
-2008-08-05 14:52 bdauvergne
+ * lasso/xml/tools.c:
+ add GObjectIntrospection annotations to exported functions.
- * bindings/bindings.py, bindings/lang_python.py,
- bindings/lang_python_wrapper_bottom.c,
- bindings/lang_python_wrapper_top.c, bindings/python/Makefile.am,
- bindings/python/lang.py, bindings/python/wrapper_bottom.c,
- bindings/python/wrapper_top.c: Move all python binding related
- files inside the python subdirectory
+2010-03-02 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-05 14:52 bdauvergne
+ SAML 2.0: change error code for empty ArtifactResolve response to LASSO_PROFILE_ERROR_MISSING_RESPONSE
- * lasso/id-wsf/wsf_profile.c: * Fix typo
+ Bindings java: do not mask errors from the code generator
-2008-08-05 14:52 bdauvergne
+ Core: add an helper method to build a SOAP response in a LassoProfile object
+ * lasso/id-ff/profile.{c,h}:
+ add lasso_profile_add_soap_fault_response(char* code, char *string,
+ GList *details).
+ * lasso/id-wsf-2.0/profile.{c,h}:
+ change signature of lasso_idwsf2_profile_init_soap_fault_response.
+ * lasso/id-wsf-2.0/data_service.c:
+ use new function instead of manually intializing soap faults
+ * lasso/id-wsf-2.0/discovery.c:
+ init a soap fault when parsed request is of an unknown type, return
+ proper error.
- * lasso/utils.h: * add missing lasso_release_list, add
- lasso_release_list_of_full, reimplement lasso_release_list_of_*
- using _full
+ ID-WSF 2.0 python tests: finish tests for new ID-WSF 2.0 API
+ * bindings/python/tests/idwsf2_tests.py:
+ all Discovery service request types are tested, and Data Service
+ query is tested as well. Data Service testing and API should more
+ tested, especially failure cases.
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: add service type to response, parse response before using it
- * lasso/id-ff/login.c: * removed unused variables, and change FIXME
- comment.
+ Core: in xml_insure_namespace do not segfault if ns is NULL
-2008-08-05 14:52 bdauvergne
+ Binding python: accept a functio as setter, if it has only two arguments
- * lasso/xml/xml.c: * add include of utils.h
+ ID-WSF 2.0: in lasso_idwsf2_get_name_identifier, use lasso_saml2_assertion_decrypt_subject
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: in lasso_idwsf2_profile_check_security_mechanism, add common logic for SAML 2.0 secmech, check for presence of a server object,
- * lasso/id-ff/login.c: * remove code to add credentials, it is
- actually useless.
+ ID-WSF 2.0: fix MDAssociationQueryResponse handling
+ * lasso/id-wsf-2.0/discovery.c:
+ - in lasso_idwsf2_discovery_validate_request, use svcmdids to
+ intialize response to MSAssociationQuery requests.
+ - in lasso_idwsf2_discovery_process_response_msg, extract received
+ svcmdids; use lasso_check_good_rc when needed.
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: change signature of lasso_idwsf2_discovery_add_identity_to_epr
+ * lasso/id-wsf-2.0/discovery.c:
+ - in lasso_idwsf2_discovery_add_identity_to_epr, receive an Epr
+ instead of an EprMetadata node, and use
+ lasso_wsa_endpoint_reference_add_security_token to add the
+ assertion token instead of duplicating this logic.
+ - in lasso_idwsf2_discovery_build_epr change the call site.
- * lasso/id-wsf/discovery.c: * remove useless code
+ ID-WSF 2.0: fix documentation of lasso_idwsf2_data_service_build_request_msg
-2008-08-05 14:52 bdauvergne
+ SAML 2.0: in lasso_saml2_assertion_get_issuer_provider, check type of server argument
- * lasso/id-wsf/wsf_profile.c: * add Deprecated marker to
- documentation.
+ Core: add do/while(0) around block of goto_cleanup_with_rc
+
+ Core: add PROFILE errors around assertion validation
+ * lasso/errors.c lasso/errors.h:
+ - add errors concerning invalid assertion, assertion with invalid
+ conditions, unknown issuers, or when the issuer is not a provider
+ we marked as an IdP.
+ - add error for missing sender id in an ID-WSF message.
+
+ Core: add a level argument to lasso_xmlnode_to_string and _lasso_node_export_to_xml
+
+2010-02-22 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Binding perl: add support for out parameters
+ * bindings/perl/lang.py:
+ support GObject out parameters.
+
+ SAML 2.0: LassoSaml2ConditionAbstract does not match its element name anymore, add a registry mapping
+ * lasso/xml/saml-2.0/saml2_condition_abstract.c:
+ last commit to this file changed the element name from
+ ConditionAbstract to Condition so the XML parser cannot find the
+ corresponding GObject class anymore.
+
+ SAML 2.0: add more accessors for Conditions
+ * lasso/saml-2.0/saml2_helper.{c,h}:
+ distribute code from lasso_saml2_assertion_validate_conditions to
+ lasso_saml2_assertion_validate_time_checks and
+ lasso_saml2_assertion_validate_audience.
+ add lasso_saml2_assertion_allows_proxying and
+ lasso_saml2_assertion_allows_proxying_to, to respectively check for
+ proxying of the current assertion, and for proxying to a specific
+ provider (you must call both of them to test completely the proxying
+ status of an assertion).
+ * docs/reference/lasso/lasso-sections.txt:
+ reference new functions into documentation.
+
+ Bindings python: use more accessors from utils.py
+ * binings/python/lang.py: remove direct access to type tuples in favor
+ of using accesors from utils.py.
+
+ Bindings: make is_int more robust, and fix remove_modifiers
+
+ Bindings php5: use accessort from bindings/utils.py
+ * bindings/php5/wrapper_source.py:
+ do not handle 'type/variable' tuple directly, use accessors.
+
+ Binding python: add pickling support to LassoNode
+ * bindings/python/lang.py:
+ support pickling protocol methods __getstate__ and __setstate__
+ leveraging the lasso_node_dump and lasso_node_new_from_dump methods
+ from Lasso.
+
+ Add lasso_string_to_xsd_integer, to parse xsd:integer values
+
+ SAML 2.0: fix bad name of Condition element, keep xmlNode as it is abstract
+ * lasso/xml/saml-2.0/saml2_condition_abstract.c:
+ saml2:Condition is an element whose type is abstract, it must be used
+ as an extension point helped by the xsi:type field. As the content is
+ unknown before hand we must keep the original xmlNode for later
+ analysis.
+
+ Bindings python tests: update idwsf2_tests.py
+
+ Bindings: in utils.py, make clean_type handle None value
+
+ ID-WSF 2.0: reorganize EPR minting, add a process_request method to disco service
+ * data_service.c:
+ remove dependency on discovery.h
+ * discovery.{c,h}:
+ - add a lasso_idwsf2_discovery_process_request_msg to extract request
+ data before validate request (SvcMDID, SvcMD or RequestService).
+ - store SvcMDID in a private field, add a setter for it.
+ - SvcMDID is now used for building response to MDAssociationQuery and
+ parsing request for MDQuery, MDDelete, MDAssociationAdd and
+ MDAssociationDelete.
+ * idwsf2_helper.{c,h}:
+ - change security mechanism argument of
+ lasso_wsa_endpoint_reference_add_security_token from a NULL
+ terminated string array to a GList.
+ * saml2_login.{c,h}:
+ - add a lasso_server_create_assertion_as_idwsf2_security_token for
+ minting assertion for ID-WSF 2.0 security, to be used in Discovery
+ bootstap EPR creation and EPR minting for Discovery service Query
+ responses.
+ - add a lasso_saml2_assertion_get_discovery_bootstrap_epr, and
+ rewirte lasso_login_idwsf2_get_discovery_bootstrap_epr to use it.
+ - make lasso_login_idwsf2_add_discovery_bootstrap_epr accept a list
+ of security mechanisms, not just one.
+ * tests/idwsf2_tests.c:
+ - adapt to new argument type of
+ lasso_login_idwsf2_add_discovery_bootstrap_epr.
+
+ Core: add new example to LassoLogout for asynchronous response handling
+
+ Support multiline error messages in build_strerror.py
+
+ SAML 2.0: add lasso_saml2_encrypted_element_server_decrypt and lasso_saml2_assertion_decrypt_subject
+
+ Fix idp5-saml2 metadatas
+ * tests/data/idp5-saml2/metadata.xml:
+ we do not have the private key for the encryption public key, so I
+ copied the signing public key.
+
+ Fix lasso_extract_gobject_from_list
+
+2010-02-21 Mikael Ates <mates@entrouvert.com>
+
+2010-02-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Documentation: add example to LassoLogout, fix bad markup in id-wsf-2.0/profile.c
+
+ ID-WSF 2.0: also check sender match assertion in lasso_idwsf2_profile_check_security_mechanism
+ * lasso/id-wsf-2.0/profile.c:
+ for BEARER mechanism, also check that the SPNameQualifier of the
+ Subject match the Sender of the request.
+
+ ID-WSF 2.0: add lasso_idwsf2_discovery_get_svcmdids to public API
+
+ Tests integration: force C locale
+ * tests/integration/saml2/__init__.py:
+ authentic now use 'system locale' by default, so force C locale to
+ get english IHM string to make twill happy.
+
+ SAML 2.0: if assertion possess a signed original_xmlnode return it instead of using get_xmlNode
+ * lasso/xml/saml-2.0/saml2_assertion.c:
+ assertion in lasso when read are not usable anymore because the
+ signature is lost, this commit allows to keep assertion unaltered
+ after reading them if they contained a top level signature (a
+ signature contained in the Assertion node).
+ This is useful for reusing assertion kept in a LassoSession object
+ and for using assertion as security token for ID-WSF.
+
+ Core: use lasso_xmlnode_to_string in LassoNode export functions
+ * lasso/xml/xml.c:
+ remove duplicate codes and use lasso_xmlnode_to_string instead.
+
+ Current state of ID-WSF 2.0 python test
+
+ Binding php5: fix generation of list freeing
+ * bindings/php5/wrapper_source.py:
+ free_glist wants a GList** as first argument.
+
+ Core: add a lasso_xmlnode_to_string function
+ * lasso/xml/tools.c lasso/xml/private.h:
+ lots of functions duplicate this code, so we factorized it there.
+ It has two parameters, the xmlnode and boolean deciding whether to
+ format the resulting content (good for reading but bad for
+ signatures).
+
+ SAML 2.0: in lasso_saml20_profile_set_session_from_dump_decrypt, really decrypt
+ * lasso/saml-2.0/profile.c:
+ dump for already signed assertion containing an EncryptedID as
+ Subject does not work as before, the decrypted NameID is no more
+ included in it, so instead of trying to plug it in the NameID field
+ we resort to really deciphering the EncryptedID.
+ That could be a performance problem if the session object is stuffed
+ with a lot of assertions.
+
+ Current state of idwsf2 tests
+
+ ID-WSF 2.0: fix loading of LassoIdWsf2Discovery dumps
+
+ Core: add error exit to lasso_node_new_from_xmlNode
+ * lasso/xml/xml.c:
+ if building of the node fails, we must keep the initialization of
+ custom nodename and namespace.
+
+ Binding python: simplify special constructor, use cptrToPy
+
+ ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction add the transactionID to the URL
+ * lasso/id-wsf-2.0/profile.c:
+ simplify use of lasso_idwsf2_profile_redirect_user_for_interaction by
+ directly adding the ID of the SOAP response message to the URL.
+ Report an error if no MessageID can be found.
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: rewrite and document lasso_soap_envelope_sb2_get_redirect_request_url
+ * lasso/id-wsf-2.0/soap_binding.{c,h}:
+ fix error in conception of
+ lasso_soap_envelope_sb2_get_redirect_request_url, RedirectRequest is
+ part of a SOAP fault not the headers.
+ Explain in the documentation how to use the RedirectRequest URL.
+ Change the return type to a const string.
- * lasso/id-wsf/wsf_profile.c, lasso/xml/xml.c: * Fix potential
- memory leaks
- * id-wsf/wsf_profile.c: add error code path in
- lasso_wsf_profile_build_soap_request_msg for unsupported
- security mechanisms.
+ ID-WSF 2.0: add a method to retrieve/create a SOAP Fault to SOAP binding module
+ * lasso/id-wsf-2.0/soap_binding.{c,h}:
+ add method lasso_soap_envelope_get_soap_fault which returns/create
+ the first SOAP fault inside the body of the SOAP envelope.
-2008-08-05 14:52 bdauvergne
+ Binding python tests: adapt test to use TOP_SRCDIR env var
- * lasso/utils.h: add macros to release xmlSec context objects
+ Binding python: factorize value freeing generation code
+ * lasso/python/lang.py:
+ extract value freeing generation code to method free_value,
+ add proper liberation of values at exit of wrapper functions, remove
+ g_free call from return_value generated code.
-2008-08-05 14:52 bdauvergne
+ Core: add missing return value owner semantic annotations to getters
+ * lasso/id-ff/provider.c:
+ fix lasso_provider_get_base64_succinct_id, it returned a libxml
+ string, copy it with g_strdup before releasing it to stay with GLib
+ allocated string in return values.
- * lasso/utils.h: add lasso_release_full to construct other
- lasso_release_ functions, use it in old definitions
+ Core: add annotation to getter function about return value owner semantic
+ * lasso/id-ff/identity.c lasso/id-ff/profile.c:
+ precise owner semantic of lasso_profile_get_identity,
+ lasso_profile_get_session, lasso_profile_get_server
+ * lasso/id-wsf-2.0/saml2_login.c tests/login_tests_saml2.c:
+ in the same vein add missing release of assertion returned by
+ lasso_login_get_assertion which return a caller owned object.
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction choke on missing redirect property on UserInteraction header
+ * lasso/id-wsf-2.0/profile.c:
+ if redirect boolean property is false, refuse to return a redirect
+ request.
+ automatically create a SOAP fault to signal to the requester that it
+ needs to support interaction via redirect.
- * lasso/utils.h: rename g_unlink_and_release_node to
- lasso_unlink_and_release_node
+ ID-WSF 2.0: add error code signaling that the requester does not support redirect request
+ * lasso/errors.c lasso/errors.h:
+ add
+ LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST_UNSUPPORTED_BY_REQUESTER.
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: add a create arg to lasso_soap_envelope_get_sb2_user_interaction_header, add it to public API
+
+ ID-WSF 2.0: fix lots of bad usage of g_strcmp0
+ * lasso/id-wsf-2.0/idwsf2_helper.c lasso/id-wsf-2.0/soap_binding.c
+ lasso/id-wsf/data_service.:
+ add missing check for the return value of strcmp, maybe we need a
+ macro like lasso_strequal.
- * lasso/utils.h: Add a macro to emit a «Function is deprecated»
- warning
+ Tests: in login_tests_saml2.c, add test for lasso_saml2_assertion_validate_conditions
-2008-08-05 14:52 bdauvergne
+ in idwsf2_tests.py, merge test case for metadata registering, add test case for failure
- * lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c,
- lasso/utils.h, lasso/xml/disco_description.c: change last g_*
- macros to lasso_ prefix
+ Bindings: parse defines refering to other defines
+ * bindings/bindings.py:
+ Allow to build constants using other constants (prefix string), the
+ constant type is retrieved from the prefix existing record.
-2008-08-05 14:52 bdauvergne
+ in tools.c, add defines to permit import of timegm
- * lasso/id-ff/identity.c, lasso/id-wsf/data_service.c,
- lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c,
- lasso/utils.h: * change g_list_add* to lasso_list_add*
+ SAML 2.0: make lasso_saml2_assertion_validate_conditions really work
-2008-08-05 14:52 bdauvergne
+ Core: fix lasso_iso_8601_gmt_to_time_t, use timegm instead of mktime
+ * lasso/xml/tools.c:
+ mktime convert works on local time, we need timegm to work with GMT
+ time.
- * lasso/id-ff/identity.c, lasso/id-ff/session.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/wsf_profile.c, lasso/utils.h: change g_assign_* to
- lasso_assgin_* and g_release_* to lasso_release_*
+ ID-WSF 2.0: add strings for Discovery service Actions
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0: add serialization code for private properties of LassoIdWsf2Profile
- * lasso/id-wsf/wsf_profile.c: * remove blanks (review by F. Peters)
+ ID-WSF 2.0: fix missing initialization of request field in lasso_idwsf2_discovery_validate_md_register
-2008-08-05 14:52 bdauvergne
+ ID-WSF 2.0 Documentation: update lasso-sections.txt with LassoIdWsf2Profile methods
- * lasso/id-wsf/soap_binding.c: * fix documentation (review by F.
- Peters)
+ ID-WSF 2.0: fix lasso_idwsf2_discovery_add_simple_service_metadata
+ * lasso/id-wsf-2.0/discovery.c:
+ options is a string list, and security_mech_ids too, so employ the
+ corresponding macros.
-2008-08-05 14:52 bdauvergne
+ Core: in utils.h, use a temporary to store reference to freed list
- * bindings/python/tests/Makefile.am: *
- bindings/python/tests/Makefile.am: make running of
- iwsf{1,2}_tests.py conditioned upon --enable-wsf flag of
- ./configure script
+ ID-WSF 2.0: in lasso_idwsf2_discovery_status2rc, check second level status code too
-2008-08-05 14:52 bdauvergne
+ Website: add a link to the developement version documentation
- * swig/Lasso.i: * fix change in SamlAdvice ABI
+2010-02-15 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-05 14:52 bdauvergne
+ Binding python: fix leak in string getters
- * lasso/id-wsf/data_service.c: * lasso/id-wsf/data_service.c: fix
- my own memleak inside build_modify_response_msg
+ SAML 2.0: fix documentation of lasso_saml2_assertion_validate_conditions
-2008-08-01 14:12 bdauvergne
+ Add signature on EPR secur token
- * lasso/id-wsf/discovery.c: polish code in
- lasso_discovery_build_credential
+ Bindings python: udpate id-wsf 2.0 test file
+ * bindings/python/tests/idwsf2_tests.py:
+ Disco Service registering is working, it now needs a bootstrap epr in
+ all case (before registering could be done without signatures).
-2008-08-01 14:12 bdauvergne
+ ID-WSF 2.0: add signature to Disco produced EPR SAML 2.0 security tokens
- * lasso/utils.h: add macro to assign gobject field, first a simple
- version
+ ID-WSF 2.0: in lasso_idwsf2_profile_build_request_msg, properly handle the security token
+ * lasso/id-wsf-2.0/profile.c:
+ security token is a signed assertion by an IdP or a discovery
+ service, we must keep as is, that is with the signature, in order to
+ do that we extract the original xmlNode from the assertion and embed
+ it in the new message using a LassoMiscTextNode.
-2008-08-01 14:12 bdauvergne
+ ID-WSF 2.0: in lasso_login_idwsf2_get_discovery_bootstrap_epr, better handle attribute content
+ * lasso/id-wsf-2.0/saml2_login.c:
+ LassoSaml2AttributeValue can contain many children, so traverse them
+ all to find the firs LassoWsAddrEndpointReference among them.
- * lasso/utils.h: beginning of a pool of macros for mem handling,
- affectation to fields, etc..
+ ID-WSF 2.0: in lasso_login_idwsf2_add_discovery_bootstrap_epr, initialize ID and Issuer property on bootstrap assertion.
+ * lasso/id-wsf-2.0/saml2_login.c:
+ initialization of ID and Issuer properties was missing.
-2008-08-01 14:11 bdauvergne
+ Core: in lasso_verify_signature, fix conditional about single reference
+ * lasso/xml/toosl.c:
+ verify that reference is unique if NO_SINGLE_REFERENCE is disabled.
- * lasso/id-wsf/wsf_profile.c: * remove body->id and correlation->id
- setup, no need to set id on everything.
+ SAML 2.0: in saml2_helper.c, better check issuer element and also test the LassoServer object for issuance, lasso_saml2_assertion_get_issuer_provider
-2008-08-01 14:11 bdauvergne
+ ID-WSF 2.0: in lasso_wsa_endpoint_reference_new_for_idwsf2_service, do not forget to add metadata to epr, fill usage property of token
+ * lasso/id-wsf-2.0/idwsf2_helper.c:
+ add missing initialization code.
- * lasso/xml/xml.c: * add detail node to node with specialised
- detection in lass_node_new_from_xmlNode
+ ID-WSF 2.0: fix bad type checking in lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism
+ * lasso/id-wsf-2.0/idwsf2_helper.c:
+ SecurityMechID is a list of strings not LassoMiscTextNode.
-2008-08-01 14:11 bdauvergne
+ ID-WSF 2.0: fix bad conditionnal in lasso_idwsf2_discovery_process_metadata_register_response_msg
+ * lasso/id-wsf-2.0/discovery.c:
+ fix check in
+ lasso_idwsf2_discovery_process_metadata_register_response_msg
+ fix duplication of service metadatas inside private list of service
+ metadatas.
- * lasso/xml/xml.c: * specialise lasso_node_new_from_xmlNode for
- soap:detail node
+ in server.c, fix missing loading of public keys in constructors
+ * lasso/id-ff/server.c:
+ constructor for LassoProvider load public keys but they are not
+ called by LassoServer constructors, so we have to explicitely
+ duplicate calls to lasso_provider_load_public_keys.
-2008-08-01 14:11 bdauvergne
+ ID-WSF 2.0: moved strings to their own header
- * bindings/overrides.xml: remove useless overriding
+2010-02-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:11 bdauvergne
+ Add saml2_strings.h to dist
- * lasso/id-wsf/wsf_profile.c: Match is:RedirectRequest and set
- msg_url to the url to redirect to
+ Bindings python: remove default argument if there is parameters without default argument following
-2008-08-01 14:11 bdauvergne
+ Use defined symbols instead of magic constants
- * lasso/id-ff/session.c: do not use normal add_assertion method
- when reconstructing a session, no need to add Advice to
- assertion_by_id container
+ Add LASSO_SAML2_FIELD_ENCODING
+ * lasso/xml/saml-2.0/saml2_strings.h:
+ add another field name from SAML 2.0 specifications.
-2008-08-01 14:11 bdauvergne
+ Fix lasso_get_relaystate_from_query, support semi-colon and parameter at beginning
+ * lasso/xml/tools.c:
+ getting first parameter was broken (query_string does not contain '?'
+ at the beginning) and semi-colon support was missing.
- * lasso/xml/soap_detail.c, lasso/xml/soap_fault.c: Fix wrong node
- name in SOAP fault
+2010-02-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:11 bdauvergne
+ Documentation: fix typos in saml2_strings.h documentation, add new string symbols to lasso-sections.txt
- * lasso/xml/is_user_interaction.c: Fix bad SNIPPET_TYPE for
- attribute maxInteractionTime, it was treated as a string,
- and provoked a SEGFAULT.
+ SAML 2.0: move SAML 2.0 strings to their own header, add documentation
+ * lasso/xml/strings.h:
+ remove SAML 2.0 strings
+ * lasso/xml/saml-2.0/saml2_strings.h:
+ move them here, document useful ones.
-2008-08-01 14:11 bdauvergne
+ Documentation: document LsasoSamlp2NameIDPolicy
- * lasso/xml/xml.c: * lasso/xml/xml.c: add support for dgme:Status
- node.
+ Documentation: complete non finished documentation comments
+ * too much warnings when generating doc, now we can concentrate on
+ undocumented symbols (in
+ lasso/docs/reference/lasso/lasso-undocumented.txt).
-2008-08-01 14:11 bdauvergne
+ Bindings perl: prevent unused functio warning for array_to_glist_gobject
- * lasso/xml/xml.c: * lasso/xml/xml.c: in samlNs, compare prefix
- *AND* href fields of the namespace object
+ Tests perl: raise number of tests
-2008-08-01 14:11 bdauvergne
+ Docs: reorder sections in chapter "Lasso Architecture"
- * lasso/id-ff/session.c: copy node instead of stealing it to xmlDoc
- object, when parsing session dump if
- no children is present try to get a base64 encoded assertion.
+ SAML 2.0: separate lasso_saml20_login_process_response_status_and_assertion into multiple functions
+ * lasso/saml-2.0/login.c:
+ in lasso_saml20_login_process_response_status_and_assertion, extract assertion
+ decryption, and issuer checking into their own function.
-2008-08-01 14:11 bdauvergne
+ SAML 2.0: when verifying query signature, do not presume order of field and separator
+ * lasso/xml/tools.c:
+ in lasso_saml2_verify_query_signature, extract needed field and order
+ them appropriately before computing digest, expect ';' as well as '&'
+ as separator.
+ * tests/random_test.c:
+ add non-regression tests for query signature validation.
+ * tests/Makefile.am:
+ make tests link agains static version of liblasso, to get access to
+ private functions.
- * lasso/id-wsf/wsf_profile.c: add assertion_id to
- TokenSecurityReference
+ SAML 2.0: complete list of field names for SAML 2.0
-2008-08-01 14:11 bdauvergne
+ Core: in tools.c, enhance urlencoded_to_string to support semu-colon separator
- * lasso/id-ff/session.c: * lasso/id-ff/session.c: fix compilation
- errors.
+ SAML 2.0: add helper method lasso_saml2_assertion_get_in_response_to
+ * lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
+ add a method to access easily the InResponseTo attribute.
-2008-08-01 14:11 bdauvergne
+ SAML 2.0: in lasso_saml20_login_process_authn_response_msg always report signatures errors
+ * lasso/saml-2.0/login.c:
+ - in lasso_saml20_login_process_authn_response_msg keep around all error
+ codes returned by intermediary steps. At the end report the first one.
- * lasso/id-ff/session.c: * lasso/id-ff/session.c: store ID-WSF
- assertion in base64 to fix problem of
- formatting of session dumps.
+ SAML 2.0: in lasso_saml20_profile_process_any_response do not stop on missing issuer
+ * lasso/saml-2.0/profile.c:
+ Issuer is not a mandatory element of SAML 2.0 response,
+ but if we do not remember which issuer we sent the request (of if
+ the response is spontaneous) then we will receive a provider not found
+ error when trying to check the message signature.
+
+ Use new SAML2 strings instead of hardcoding query string field names
+
+ Add documentation about runtime flags
+ * lasso/lasso.c:
+ add a table to Initialization documentation section about
+ general runtime flags.
+
+ Remove follow-idwsf-stupid-semantic flag
+ * lasso/lasso.c:
+ this flag is useless, that's me that is stupid.
+
+ Add internal methods to LassoServer to get the signature and encryption private keys
+ * lasso/id-ff/server.c lasso/id-ff/serverprivate.h:
+ add methods lasso_server_get_private_key and lasso_server_get_encryption_private_key.
+
+ Add complete error code listing for lasso_login_process_response_msg
+ * lasso/id-ff/login.c:
+ list all error codes and their semantic with respect to this call.
+
+ Update code example for LassoLogin
+ * lasso/id-ff/login.c:
+ add code for intializaing request for SAML 2.0, shows how to handler errors codes.
+
+2010-02-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Add error codes, update error codes documentation, reduce changes in errors.c by ordering error codes
+ * lasso/errors.h lasso/errors.c
+ - add to report non schema conforming XML trees, decyrption
+ failure due to missing private keys and invalid signatures on assertions.
+ - update documentation of LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND,
+ LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH,
+
+ * lasso/build_strerror.py:
+ before outputting switch cases, order error codes
+ name lexically in order to reduce change lines
+ when adding new error codes.
+
+2010-02-10 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Add strings for SAML2 field names for POST, Redirect and Artifact bindings
+
+ Update documentation of the registry module
+
+ Adapt LassoProvider methods to care for protocol profile version when verifying signature
+ * lasso/id-ff/provider.c:
+ there is now 2 methods to verify signatures, methods calling the old
+ one must now choose whether to call the liberty one of the SAML 2.0
+ one.
+
+ Add a function to validate query signatures using SAML 2.0 semantic
+ * lasso/xml/tools.c:
+ this new function is a placeholder for the new SAML 2.0 semantic
+ following query signature validation function. It will start with the
+ old code of lasso_query_verify_signature.
+
+ Propagate change of name for LASSO_PP_ defines
+
+2010-02-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: in LassoServer constructors, test if private_key is loadable
+ * lasso/id-ff/server.c:
+ mark private_key as not mandatory as regression tests expect it to
+ not be mandatory.
+ test if loading of private key to encryption_private_key private
+ field worked, if not abort the constructor and return NULL.
+ * lasso/id-ff/server.h:
+ fix name of constructors argument to corresponds with comments
+ (binding generator use this correspondance to apply annotation from
+ comments to the model obtained by parsing the headers).
+
+ in lasso_xmlsec_load_private_key_from_buffer, do not let xmlSecBase64Decode show warnings
+
+2010-02-05 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ fix bad operation in bindings.py
+
+2010-02-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: restore ID-WSF constants, improve python getters,
+ * bindings/bindings.py:
+ parse idwsf_strings.h to get ID-WSF constants.
+ * bindings/utils.py:
+ add an is_rc check function, to check for 'error code' return type.
+ * bindings/perl/lang.py:
+ only raise errors for 'int' or 'gint' return type
+ * bindings/python/lang.py:
+ - always create a normal function binding.
+ - for functions starting with 'get' try to create a corresponding
+ property, but if a corresponding member already exists, fails, and
+ print a warning about getter function/member field clash.
+ - make type dispatching on return_type more explicite.
+
+ Core: Finish support for all XMLDsig key formats
+ * lasso/xml/tools.c:
+ xmlsec is not able to load a certificate public key without checking
+ it against trusted root certificate, so we must work around and load
+ the key by hand.
+ lasso_xmlsec_load_private_key_from_buffer is made more robust in the
+ same (loading of the key was extracted inside
+ _lasso_xmlsec_load_key_from_buffer) and now can load certificates and
+ keys directly embedded inside KeyValue nodes (in total opposition to
+ the XMLDsig specification but...), with or without PEM headers.
+ * tests/metadata/Makefile.am tests/metadata/metadata_06.xml
+ tests/metadata_tests.c:
+ add test case for RSAKeyValue public keys.
+
+ Binding python: fix getter for non-object fields
+ * bindings/python/lang.py:
+ transition to bindings/utils.py methods broke getters.
+
+ Core: in lasso_xmlsec_load_key_info add flag to let xmlSec load certificates
+ * lasso/xml/tools.c:
+ adding the flag XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS make
+ xmlSec able to load certificate, the 'hand made' code to load
+ certificate is then useless.
+
+ Tests: add more checking to dump generation code in login_tests.c
+
+ Tests: adapt server constructor settings to recent changes
+
+ Core: in lasso_profile_get_request_type_from_soap_msg use lasso_xml_parse_memory_with_error
+ * lasso/id-ff/profile.c: (lasso_profile_get_request_type_from_soap_msg)
+ use lasso_xml_parse_memory_with_error instead of xmlParseMemory, use
+ error code output argument to log error reports.
+
+ Core: in provider.c, make lasso_provider_load_metadata_from_buffer the main metadata loading function
+ * (init_from_xml) fail initialization if we cannot load the metadatas,
+ and log a warning.
+ * extract _lasso_provider_load_metadata_from_buffer from
+ lasso_provider_load_metadata_from_buffer, which accept a length
+ parameter. use it inside lasso_provider_load_metadata, instead of
+ xmlParseFile.
+ * (lasso_provider_load_public_key) use lasso_xmlsec_load_key_info and
+ lasso_xmlsec_load_private_key to load the public keys.
+
+ Core: use lasso_xml_parse_file to load affiliation file
+
+ Binding java: Makefile.am has multiple target rules, it cannot support parallel builds
+
+ Core: in tools.c, add function to load XML files and KeyInfo nodes
+ * tools.c:
+ add lasso_xml_parse_file, based on g_file_get_contents and
+ lasso_xml_parse_memory.
+ add lasso_xml_parse_memory_with_error which instead of logging
+ errors, can return the xmlError structure.
+ add lasso_xmlsec_load_key_info, which allows to load keys from
+ ds:KeyInfo XML nodes. It also support the "Lasso" bug of using
+ ds:KeyValue directly to store base64 encoded keys and certificates.
+
+ SAML 2.0: in name_id_management.c, rework lasso_name_id_management_new_from_dump
+
+ Core: add more memory tracing, add a tracing macro
+ * lasso/utils.h: add lasso_trace, which as a printf signature.
+ * xml/xml.c: add more trace to node initialization code.
+
+ Tests: in valgrind suppressions file add more GLib suppressions
+
+ Tests: in basic_tests.c, re-enable parsing of LassoWsuTimestamp objects
+
+ Core: use lasso_node_new_from_dump to implement _new_from_dump methods
+ * provider.c:
+ add annotation for nullable arguments (necessary for bindings of
+ new_from_buffer).
+ * server.c: add annotations, allow to set encryption_private_key from
+ buffers
+
+ Binding perl: add cleanup for temporary data of trampoline code
+ * bindings/perl/lang.py:
+ data type not common to Perl and C must be allocated for the duration
+ of the call (mainly GList and xmlNode), but after the call they must
+ be deallocated.
+
+ SAML 2.0: in samlp2_response.c, simplify code path for assertion encryption
+
+ Fix leaks
+ * lasso/id-wsf-2.0/profile.c: release private data object.
+ * lasso/saml-2.0/login.c: free NameID content after construction.
+ * lasso/xml/tools.c: free algorithm attribute content in
+ lasso_node_decrypt_xmlnode.
+ * lasso/xml/xml.c: release cutom_element->nodename in destructor.
+ remove useless finalize method.
+ * tests/basic_tests.c: release xmldoc after use.
+ * tests/random_tests.c: free resut of lasso_node_dump.
+
+ Fix leaks, change signature of lasso_provider_get_sp_name_qualifier, make it return a const char*
+
+ in lasso/xml/tools.c, remove leaks of xmlSecKey and xmlNode
+
+ in lasso_xmlsec_load_private_key, do not leak the file buffer, in lasso_node_encrypt do not leak the keys manager
+
+2010-02-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Binding perl: many improvements
+ * lang.py: use lasso_unref instead of g_object_unref.
+ * lang.py: handle 'optional' annotation for more types, needed by
+ ID-WSF bindings.
+ * lang.py, gobject_handling.c: check object type before making the C
+ call
+ * Makefile.am: improve silent rules, hide all normal output, show
+ errors, and with V=1 shows everything
+ * glist_handling.c, gobject_handling.c: make local functions static
+ * t/Lasso.t: add non regression test for method receiver type checking.
+ * glist_handlind.c; remove unused convertion functions.
+ * lang.py: clear the semi-assigned list and croak if all list elements
+ do not convert to non-NULL values.
-2008-08-01 14:11 bdauvergne
+ Bindings: re-add binding for lasso_session_get_assertions for perl, special case formatting function for WsAddressing namespace
+ * bindings/utils.py:
+ type have LassoWsAddr prefix but function have the lasso_wsa_ prefix,
+ so we have to adjust generated prefix.
- * lasso/id-wsf/wsf_profile.c: * lasso/id-wsf/wsf_profile.c:
- - change return code variable from 'ret' to 'rc' to permit use of
- standardised macros like goto_exit_if_fail.
- - add initialization to NULL of lot of variables, to enable error
- return
- paths.
- - adapt to change bo soap:Body id field to its new name 'Id'
- - fix numerous mem leaks by using assignment macros
- (g_assign_gobject,
- g_list_add_gobject) and release macros (g_release_gobject).
+ Bindings: use lasso_return_xxx macros instead of GLib ones
-2008-08-01 14:11 bdauvergne
+ ID-WSF: remove useless new_from_message methods
- * lasso/id-ff/login.c, lasso/id-ff/session.c,
- lasso/xml/saml_advice.c, lasso/xml/saml_advice.h: *
- lasso/id-ff/login.c: comment the generation of Advice when
- ResourceOffering for
- the DiscoService support a security mechanism needing one. Anyway
- the
- generation of Credentials is broken.
- * lasso/id-ff/session.c: add treatment of saml:Advice on newly
- added
- Assertions, keep the transmitted assertions inside the session
- indexed by their
- AssertionID.
-
- * lasso/xml/saml_advice.{c,h}: change content to
- SNIPPET_LIST_XMLNODES.
+ Core: in utils.h, add macros to replace verbose g_return_val_if_fail
-2008-08-01 14:11 bdauvergne
+ Core: document return values of lasso_login_validate_request_msg
- * lasso/id-wsf/discovery.c: * lasso/id-wsf/discovery.c: fix macros
- assign_resource_id to adapt to standard return code name: rc
+ Utils: lasso_unref, a safe g_object_unref, and add some document about existing family of macros
-2008-08-01 14:11 bdauvergne
+ Core: do not emit messages inside lasso_check_version
- * lasso/id-wsf-2.0/profile.c, lasso/id-wsf/authentication.c: *
- lasso/id-wsf-2.0/profile.c, lasso/id-wsf/authentication.c: adapt
- to change of
- name of id attribute in LassoSoapBody
+ Bindings: os.path.relpath is only present since python 2.6, add a local implementation for older python versions
-2008-08-01 14:11 bdauvergne
+ Add a dist-hook to remove .svn directories before taring the dist
- * lasso/xml/disco_encrypted_resource_id.c,
- lasso/xml/disco_encrypted_resource_id.h: *
- lasso/xml/disco_encrypted_resource_id.{c,h}: add support for any
- kind of
- content through a SNIPPET_LIST_XMLNODES marked field.
+ Bindings: make binding generation more silent
+ * bindings/java/Makefile.am bindings/perl/Makefile.am
+ bindings/php5/Makefile.am bindings/python/Makefile.am:
+ use AM_V_GEN, or similar variable for all steps of binding
+ generation, normal output can be activated with the V=1 argument to
+ the 'make' command.
-2008-08-01 14:11 bdauvergne
+ Binding java: use eager evalutation to get list of sources files
+ * bindings/java/Makefile.am:
+ use := to provoke eager evaluation so that java-list mode is not
+ called many times.
- * lasso/xml/soap_body.c, lasso/xml/soap_body.h: *
- lasso/xml/soap_body.h: change name of variable id to Id
- * lasso/xml/soap_body.c: change attribute id to Id and fix its
- namespace (wssu) in overloaded get_xmlNode
+2010-01-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:11 bdauvergne
+ Bindings: use 'absolute' header paths to produces bindings
+ * bindings/bindings.py:
+ if files from bindings are using absolute instead of relatives header
+ paths they can be independant of the lasso source.
- * lasso/xml/wsse_security.c: * lasso/xml/wsse_security.c: fix wrong
- namespace
+ Bindings perl: simplify Makefile.PL
+ * bindings/perl/Makefile.PL:
+ remove as much special casing as possible so that it could eventually
+ become a CPAN module.
+ use pkg-config to find lasso libs if no explicit LIBS command line
+ argument is used.
+ * bindings/perl/Makefile.am:
+ pass parameters using command line argument instead of environment
+ variable, which needed a special Makefile.PL.
-2008-08-01 14:11 bdauvergne
+ Binding perl: special case for lasso_check_version
+ * bindings/perl/lang.py:
+ special case lasso_check_version for not raising an error when it
+ returns 1.
+ * bindings/perl/t/Lasso.t:
+ add a non regression test.
- * lasso/xml/xml.c: * lasso/xml/xml.c: make xmlClean change
- namespace of properties not just of nodes
+ Binding perl: remove warning when passing Null to croak
+ * bindings/perl/gobject_handling.c:
+ croak is aliased to Perl_croak_nocontext which has a gcc attribute
+ 'notnull'. We use Perl_croak and an explicit perl context object, to
+ work around this warning.
-2008-08-01 14:11 bdauvergne
+ in bindings.py, change header paths
- * lasso/xml/xml.c: * lasso/xml/xml.c: adapt to new prefix of Dgme
- library
+ Update files for a 2.2.91 release
-2008-08-01 14:10 bdauvergne
+ update changelog
- * lasso/errors.c, lasso/errors.h: * lasso/errors.h: new error for
- LassoWsfProfile signal missing Credentials
+ Binding python: make a better use of default value annotation for creating method declarations
-2008-08-01 14:10 bdauvergne
+ Binding perl: many improvements
+ * handle GHashTable of strings and objects.
+ * report errors with 'croak' as a Lasso::Error object.
+ * add more basic tests.
+ * for string arguments, convert undef to NULL, and croak if function
+ does not accept NULL.
+ * fix library paths in Makefile.PL.
- * bindings/lang_python_wrapper_top.c: *
- bindings/lang_python_wrapper_top.c: add cast to suppress warning
- about
- g_list_length argument non-constness. add support for LassoDgme*
- objects, must
- find a better way to do this in the future.
+ Bindings: in bindings.py, fix regexp and annotation parsing for optional arguments and their default values
-2008-08-01 14:10 bdauvergne
+ SAML 2.0: fix annotations, documentation and signatures
- * lasso/id-wsf/discovery.c: * lasso/id-wsf/discovery.c:
- (lasso_discovery_build_credential,
- lasso_discovery_add_remove_entry,
- lasso_discovery_add_requested_service_type) use macro g_list_add,
- to reduce
- code size.
+2010-01-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:10 bdauvergne
+ Bindings python ID-WSF 1.0 tests: update PP HREF symbol
- * lasso/id-wsf/wsf_profile.c: * lasso/id-wsf/wsf_profile.c: In
- lasso_wsf_profile_set_security_mech_id if
- security_mech_id is NULL, default to LASSO_SECURITY_MECH_NULL.
- In lasso_wsf_profile_init_soap_request increment ref count of the
- argument
- when new reference are created.
+ Bindings php5: string hashtable methods are only used by ID-WSF bindings, mark them unused by default
+ * bindings/php5/wrapper_source_top.c:
+ only id-wsf has field of type GHashtTable<char*,char*> so when
+ compiling without --enable-wsf, it give 'unused symbols' errors.
+ Lets mark de the concerned functions as unused.
-2008-08-01 14:10 bdauvergne
+ ID-WSF 1.0: make LassoServer.services private with respect to the bindings
- * bindings/bindings.py, bindings/python/tests/Makefile.am,
- bindings/python/tests/idwsf1_tests.py: * bindings/bindings.py:
- support const modifier on this argument
+ Bindings java: use utils.py methods, make set_hash_of_objects more robust
-2008-08-01 14:10 bdauvergne
+ Tests: export sp2-la do dist file for dist with id-wsf enabled
- * lasso/lasso_config.h.in: * add lasso/lasso_config.h.in because it
- is not generated anymore since
- config.h become the normal configuration file.
+ Bindings: add time_t to integer types, add unpointerize method
-2008-08-01 14:10 bdauvergne
+ Binding python ID-WSF 2.0 tests: update some tests
- * lasso/id-wsf/discovery.c: fix wrong const modifier
+ Binding Python ID-WSF 2.0: comment out test
-2008-08-01 14:10 bdauvergne
+ ID-WSF: change name of Personal Profile namespace symbols, add symbols for ID-SIS PP 1.1
- * lasso/id-wsf/wsf_profile.c: * lasso/id-wsf/wsf_profile.c: fix
- wrong namespace in a call to xmlSecFindNode
+ Bindings: java, php5, python simplify logic in binding generator
+ * use utils.h macros to manipulate fields.
+ * use utils.py function to filter variables, argument and return types.
+ * finish support of hashtables of strings for php5 and python.
-2008-08-01 14:10 bdauvergne
+ Bindings: better parse oftype annotation for hashtable, allow to skip structures
+ * bindings/bindings.py:
+ add possibility to skip generating bindings for structures to
+ overrides.xml.
+ parse element-type annotation /* of XXX */ for hashtable objects.
+ output to stderr warning about skipped objects.
+ parse idwsf_strings.h
+ * bindings/overrides.xml:
+ skip more ID-WSF 1.0 functions in java and perl.
+ skip structure LassoAuthentication.
- * lasso/id-wsf/wsf_profile.c: * lasso/id-wsf/wsf_profile.c:
- implement creation of the signature for ID-WSF
- SAML security mechanism. Implemented many utility function that
- could be shared
- with other part of the library.
+ Core: fix gtk-doc annotations
-2008-08-01 14:10 bdauvergne
+ Core: add new macros to lasso/utils.h, fix lasso_assign_new_list_of_gobjects
+ * lasso/utils.h:
+ add:
+ - lasso_assign_new_xml_node
+ - lasso_assign_new_list_of_strings
+ - lasso_assign_new_list_of_xml_node
+ fix lasso_assign_new_list_of_gobjects, bad naming of release macro.
- * lasso/xml/tools.c: * lasso/xml/tools.c: In lasso_sign_node
- suppress useless code to lookup the Signature node.
+ XML: add missing element-type annotations
-2008-08-01 14:10 bdauvergne
+ Bindings: in bindings/utils.py, augment robustness of matching functions to work with type alone or triples
- * lasso/utils.h: * lasso/utils.h: add utility macros to releases
- libxml objects, to check null
- parameters or badly typed parameters. add a macro that go to an
- "exit" label
- and set the return code variable named "rc".
+ Binding perl: update to binding
+ * change extension of typemap files because if conflicts with existing
+ * support constant list of strings and gobjects, add input rule for
+ list of gobjects
+ * fix setter for GList fields
-2008-08-01 14:10 bdauvergne
+2010-01-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/wsf_profile.c: * lasso/id-wsf/wsf_profile.c: add
- documentation to the function
- lasso_wsf_profile_set_resource_offering:
+ ID-WSF 1.0 & 2.0: complete lasso-sections.txt, add internal API to access SOAP headers, complete WS-Addressing support
+ * docs/reference/lasso/lasso-sections.txt: complete documentation of
+ LassoSoapEnvelope and LassoSoapFault with ID-WSF additions.
-2008-08-01 14:10 bdauvergne
+ * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/soap_binding.c
+ lasso/id-wsf-2.0/soap_binding.h:
+ add internal function _get_node and _get_header to simplify
+ implementation of accessors for headers.
+ change signature of lasso_soap_envelope_get_message_id and add new
+ function lasso_soap_envelope_get_relates_to.
+ update call points.
+ add a message id when building a SOAP message.
- * lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h,
- lasso/id-wsf/wsf_profile_private.h: *
- lasso/id-wsf/wsf_profile.c,wsf_profile.h,wsf_profile_private.h:
- add const modifier to signature when possible
+ * lasso/xml/idwsf_strings.h:
+ add element name for MessageID and RelatesTo WS-Addressing elements.
-2008-08-01 14:10 bdauvergne
+ * lasso/id-wsf/authentication.c lasso/id-wsf/data_service.c
+ lasso/id-wsf/discovery.c lasso/id-wsf/wsf_profile.c
+ lasso/id-wsf-2.0/saml2_login.c lasso/xml/disco_description.c:
+ fix path name of header lasso/id-wsf/wsf_utils.h. make all internal
+ include path relatives.
- * lasso/id-wsf/discovery.h: add a const modifier on the argument
- offering of lasso_discovery_get_description_auto
+2010-01-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:10 bdauvergne
+ Core XML: make lasso_node_set_custom_namespace/nodename take const string
+ * lasso/xml/xml.c lasso/xml/xml.h:
+ mark argument of lasso_node_set_custom_namespace and
+ lasso_node_set_custom_nodename as const char* strings.
- * lasso/id-wsf/discovery.c: * lasso/id-wsf/discovery.c: In
- lasso_discovery_get_resource_offering_auto, do
- not increment reference count of the returned value, it is not
- how it is done
- in the rest of the library. Returned gobject are always not-owned
- reference,
- you reference them only to keep them around.
+ Core XML: add function to get the namespace of a LassoNode
+ * lasso/xml/xml.c lasso/xml/xml.h:
+ if a custome namespace is set, return it, otherwise return the class
+ namespace (klass->node_data->ns->href).
-2008-08-01 14:10 bdauvergne
+ Binding perl: fix include paths in the makefile, again
- * lasso/errors.c: * Update errors.c to last state of errors.h
+ in bindings/perl/Makefile.PL, add include path for normal builds
-2008-08-01 14:10 bdauvergne
+ in configure.ac, activate the Perl binding in normal builds
- * lasso/errors.h: add an new error for a missing ResourceID inside
- a ResourceOffering
+ Core: in configure.ac, activate warning when debugging, not in normal build
+ * configure.ac:
+ remove -Wxxx flag from AM_CFLAGS, add them if --enable-debugging
+ is used.
-2008-08-01 14:10 bdauvergne
+ in lasso/saml-2.0/logout.c, fix missing declaration
- * bindings/lang_python_wrapper_top.c: add const modifier to
- conversion function on GList*, a problem still remains that
- g_list_length do not take a const GList*
+ Core: update errors.c file
-2008-08-01 14:10 bdauvergne
+ in bindings/perl/Makefile.am, change permission to make distcheck works
- * lasso/id-wsf/discovery.h: mark init_modify as deprecated, use
- init_insert
+ in bindings/perl/Makefile.am, add files to EXTRA_DIST
-2008-08-01 14:10 bdauvergne
+2010-01-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: fix forgottent arg to g_list_foreach
+ Bindings: add a new perl binding using the new binding infrastructure
+ * XS files is autogenerated using bindings/binding.py model of the
+ Lasso API. All constants are in the Lasso::Constants package, the
+ LASSO_ prefix is removed.
+ All classes are now Lasso::ClassName, field accessor also serves as
+ setters, i.e you can do this:
+ $name_id = Lasso::Saml2NameID::new();
+ $name_id->content('coin');
+ print $name_id->content;
+
+ Is still missing:
+ - a lot of test files,
+ - support for hashtables,
+ - and throwing exceptions when return code is non-zero.
+
+2010-01-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: in utils.py, fix is_glist and is_hashtable, make arg_type accept simple string as input instead of triples
+
+ in lasso/xml/saml_attribute_value.h, fix typo in content type annotation
+
+ in lasso/xml/sa_sasl_response.h, add GList content type annotation to field 'any'
+
+ Bindings PHP5: use is_cstring to match string types
+
+ Bindings: remove all SWIG bindings and SWIG related files
+
+ Add new macro lasso_list_add_new_xml_node
+ * lasso/utils.h:
+ fix lasso_list_add_xml_node, it must copy the node before assigning
+ it.
+ add lasso_list_add_new_xml_node for keeping the old behaviour.
+ * lasso/xml/xml.c:
+ fix use of lasso_list_add_xml_node, because copying the node before
+ assigning it is a leak now.
-2008-08-01 14:10 bdauvergne
+2010-01-25 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/discovery.c: start rework of
- lasso_discovery_init_request, my intention is to base toher init_
- function on this one
+ in bindings/ghashtable.h, Add missing unused argument hints
-2008-08-01 14:10 bdauvergne
+ SAML 2.0 Logout: when in an SP initiated logout, lasso_logout_build_response_msg is the finishing call
+ * lasso/saml-2.0/logout.c:
+ when calling lasso_logout_build_response_msg(), if we known that we
+ are in the middle of an SP initiated logout, i.e. if
+ initial_remote_providerID is not NULL, then we can restore the intial
+ response.
- * lasso/id-wsf/discovery.c: fix a reference counting error when
- building response message
+ Fix name of LASSO_WSSEC_BAD_PASSWORD
+ * lasso/errors.c lasso/errors.h:
+ LASSO_WSSE_BAD_PASSWORD -> LASSO_WSSEC_ERROR_BAD_PASSWORD
+ * lasso/xml/ws/wsse_username_token.c:
+ update client code.
-2008-08-01 14:10 bdauvergne
+ Bindings java: cast return value of special constructors
+ * bindings/java/lang.py:
+ in the JAVA API special constructors are made to return their real
+ type, but usual GObject constructors return their base type (here
+ LassoNode) so we have to cast it.
- * lasso/id-wsf/discovery.c: add documentation to
- lasso/id-wsf/discovery.c
+ Export more assertion access API for LassoSession
+ * lasso/id-ff/session.c lasso/id-ff/session.h
+ lasso/id-ff/sessionprivate.h:
+ export lasso_session_get_assertion(), lasso_session_add_assertion()
+ and lasso_session_remove_assertion().
+ remove them from private header.
+ * docs/reference/lasso/lasso-sections.txt:
+ update documentation
-2008-08-01 14:10 bdauvergne
+2010-01-21 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * bindings/python/tests/idwsf1_tests.py: reflects change inside
- lasso/id-ff/identity.c in assertions
+ Bindings: remove useless overrides
+ * bindings/overrides.xml:
+ It is no more needed to force return type of constructors to their
+ real types, the bindings check the type dynamically anyway.
-2008-08-01 14:09 bdauvergne
+ Fix GHashTable backward compatibility header
+ * lasso/ghashtable.h:
+ g_hash_table_remove_all_nodes is not a public function, use
+ g_hash_table_foreach_remove instead.
- * lasso/id-ff/identity.c: - surrounded declaration of containers
- for ID-WSF object with ifdef/endif, did
- the same in initialization/finalization code.
- - changed storage of resource offering from a list to a hash
- table
- - added a counter to create entryIDs for newly added resource
- offerings
- - simplify the code around resource offerings management
+2010-01-20 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:09 bdauvergne
+ in saml2_name_id.c, include utils.h to benefit from replacement for g_strcmp0
- * lasso/id-wsf/data_service.c: fix issue #15
- "In lasso_data_service_build_modify_response_msg we free a shared
- xmlNode"
+ Fix LASSO_WSSEC_BAD_PASSWORD error, reformat wsse_username_token.c
+ * lasso/errors.h:
+ change error id and error name for LASSO_WSSEC_BAD_PASSWORD
+ * lasso/xml/ws/wsse_username_token.c:
+ update reference to LASSO_WSSEC_BAD_PASSWORD.
+ reformat line longer than 100 characters.
-2008-08-01 14:09 bdauvergne
+2010-01-19 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/discovery.c: instead of moving assertion from
- session to new sessions, reference the old session in newly
- created ID-WSF services proxy
+ ID-WSF 2.0: add some annotations
-2008-08-01 14:09 bdauvergne
+ Core: in backward_comp.h, include string.h if g_strcmp0 is used
+ * lasso/backward_comp.h:
+ implementation of g_strcmp0 depends upon string.h.
- * lasso/id-ff/session.c, lasso/id-ff/sessionprivate.h,
- lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c: move
- session storage of assertion for SAML ID-WSF authentication of
- request to xmlNode instead of LassoNode; add error handling when
- no description has been found in comply_with_saml_authentication
+ WS-Security: fix typo in name of string symbols
+ * lasso/xml/idwsf_strings.h:
+ uppercase define for WS-Securities SOAP faults.
-2008-08-01 14:09 bdauvergne
+ WS: complete support for wsse:UsernameToken
+ * docs/reference/lasso/lasso-sections.txt:
+ add new functions and change type name in documentation.
+ * lasso/errors.h lasso/errors.c:
+ add an error to report password verification failure
+ * lasso/xml/ws/wsse_username_token.h
+ lasso/xml/ws/wsse_username_token.c:
+ update support for wsse:UsernameToken up to version 1.1, implement
+ digest and derived keys computations.
+ * lasso/xml/idwsf_strings.h:
+ add strings for Username WS-Security Token profile
- * lasso/id-wsf/wsf_profile.c: beginning of signature implementation
- for SAML authentication
+ XML SAML-2.0: AuthnContext content is a xdf:choice so make content optional
+ - lasso/xml/saml-2.0/saml2_authn_context.c:
+ <AuthnContext/> can contain at least one node among:
+ - <AuthnContextClassRef/>
+ - <AuthnContextDeclRef/>
+ - <AuthnContextDecl/>
+ to approximate this possibility, we need to make any of them
+ optional.
+ <AuthenticatingAuthority/> should be a list but we cannot change it
+ without breaking the ABI, so we will wait for this.
-2008-08-01 14:09 bdauvergne
+ make an explicit copy of lasso.doap to website/web/doap.rdf
- * lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile_private.h:
- fix naming in documentation of
- lasso_wsf_profile_set_description_from_offering, add new private
- function lasso_wsf_profile_set_resource_offering
+ Reduce news message to fit the news column
-2008-08-01 14:09 bdauvergne
+2010-01-18 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/errors.c: integrate new errors messages
+ updat download link
-2008-08-01 14:09 bdauvergne
+ ID-WSF 2.0: Add saml2_login.h to list of headers
- * lasso/id-wsf/discovery.c: add a lasso_discovery_new_full function
+ Documentation: wsse_security.xml is now wsse_security_header.xml
-2008-08-01 14:09 bdauvergne
+ By default make autogen.sh to enable gtk doc
- * lasso/id-wsf/discovery.c, lasso/id-wsf/discovery.h: deprecated
- lasso_discovery_init_modify
+ Bindings PHP5: rewire php5 tests to the makefiles, make them pass distcheck
-2008-08-01 14:09 bdauvergne
+ in autogen.sh, move libtoolize and gtkdocize before aclocal
- * lasso/errors.h: add somme error messages, add new error
- LASSO_WSF_PROFILE_ERROR_MISSING_DESCRIPTION, when no description
- can be found for the chosen security mechanism
+ fix typo
-2008-08-01 14:09 bdauvergne
+ Merge EXTRA_DIST declarations in tests/Makefile.am
- * lasso/id-wsf/utils.c: add matching of Bearer authentication,
- support ID-WSF 1.1 security mechanisms URNs
+ fix bad commit
-2008-08-01 14:09 bdauvergne
+ tag release 2.2.90
- * lasso/xml/sec_resource_access_statement.c: fix error of namespace
+ Update changelog
-2008-08-01 14:09 bdauvergne
+ Change again date of release 2.2.90
- * lasso/xml/disco_credentials.c, lasso/xml/disco_credentials.h:
- change content from list of LassoNode to list of xmlNode
+ Add tests/valgrind to dist tarballs
-2008-08-01 14:09 bdauvergne
+ Add autogen.sh and tools to EXTRA_DIST in top Makefile.am
- * lasso/xml/wsse_security.c, lasso/xml/wsse_security.h: changed
- contents to list of xmlNodes instead of LassoNode
+ Documentation: distribute stylesheet, fix documentation comments, compelte lasso-sections.txt
-2008-08-01 14:09 bdauvergne
+ Documentation: add empty lasso-overrides.txt, it seems to be necessary
- * lasso/xml/strings.h: add strings for security mechanism defined
- in ID-WSF 1.1
+ ID-WSF: mark API as Private not Internal
-2008-08-01 14:09 bdauvergne
+ Core: complete documentation on LassoSession
- * lasso/Makefile.am: forked lasso branch for adeline
+ Core: complete documentation on LassoProfile
-2008-08-01 14:09 bdauvergne
+ Core: complete documentation on LassoLogin
- * lasso/errors.c: add a general error for a badly initialized
- object and two error for idwsf relating to a missing assertion id
- and a missing endpoint declaration
+ fix typo (transfer-none) -> (transfer none)
-2008-08-01 14:09 bdauvergne
+ ID-WSF 1.0: change name of utils.{c,h} file for documentation parsing
+ * utils.h:
+ this header has the same name as an other header which is not parsed
+ by the documentation (lasso/utils.h) and the documentation process
+ just match by filename, so we rename it.
- * lasso/id-wsf/wsf_profile.c: Revert " * remove body->id and
- correlation->id setup, no need to set id on everything."
-
- This reverts commit 832f127760dc074336400531a99f3a03574ffe13.
+ Website: add news about 2.2.90
-2008-08-01 14:09 bdauvergne
+2010-01-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: added functions to release
- [list]string/gobject/any
+ Add bindings/python/examples to dist file
-2008-08-01 14:09 bdauvergne
+ remove empty directory
- * lasso/utils.h: add methods to manipulate list of gobjects, and
- dissociate affectation of fresh object from older objects
+ remove empty directory
-2008-08-01 14:09 bdauvergne
+2010-01-15 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/utils.h: add macro to assign gobject field, first a simple
- version
+ Documentation: update lasso-sections.txt
-2008-08-01 14:09 bdauvergne
+ Update doap file
- * lasso/soap_binding.c: fix typo in last commit
+ FIX ABI breakage between 2.2.1 and 2.2.2 in LassoSamlAdvice
+ * lasso/xml/saml_advice.c lasso/xml/saml_advice.h:
+ restore fields AssertionIDReference and Assertion, remove field any
+ to restore state from 2.2.1
+ * lasso/id-ff/session.c:
+ use xmlNode stored inside LassoSamlAssertion objects instead of
+ accessing the 'any' list of xmlNode that was inserted in
+ LassoSamlAdvice.
-2008-08-01 14:09 bdauvergne
+2010-01-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/Makefile.am, lasso/soap_binding.c, lasso/soap_binding.h:
- add soap binding util function to lookup specific SOAP header for
- ID-WSF SOAP encapsulation
+ FIX ABI breakage when addning new field to struct LassoSaml2AttributeValue
-2008-08-01 14:09 bdauvergne
+ Fix ABI breakage due to change of constant name from LASSO_SOAP_FAULT_REDIRECT_REQUEST to LASSO_SOAP_ERROR_REDIRECT_REQUEST_FAULT
- * lasso/utils.h: beginning of a pool of macros for mem handling,
- affectation to fields, etc..
+ Fix ABI breakage with respect to 2.2.1
-2008-08-01 14:09 bdauvergne
+ Documentation: add lasso_profile_set/get_signature_hint to lasso-sections.txt
- * lasso/id-wsf/wsf_profile.c: * remove body->id and correlation->id
- setup, no need to set id on everything.
+ Add files listings the ABI of Lasso
-2008-08-01 14:08 bdauvergne
+ Tools: add script to generate a listing of Lasso ABI
+ * tools/api.py:
+ use parser from the binding generator to output a list of symbols
+ * bindings/bindings.py;
+ add private flags to not clobber 'private' fields of structures or
+ methods not exported in bindings like _get_type.
- * perl/Makefile.am: forked lasso branch for adeline
+ ID-WSF: separate ID-WSF strings into their own header
-2008-08-01 14:08 bdauvergne
+ start NEWS file for 2.2.90
- * bindings/lang_java_wrapper_top.c,
- bindings/lang_python_wrapper_top.c, bindings/overrides.xml,
- configure.ac, lasso/Makefile.am, lasso/build_strerror.py,
- lasso/id-ff/identity.c, lasso/id-ff/login.c,
- lasso/id-ff/loginprivate.h, lasso/id-ff/server.c,
- lasso/id-ff/session.c, lasso/id-ff/sessionprivate.h,
- lasso/id-wsf/Makefile.am, lasso/id-wsf/authentication.c,
- lasso/id-wsf/data_service.c, lasso/id-wsf/discovery.c,
- lasso/id-wsf/discovery.h, lasso/id-wsf/soap_binding.c,
- lasso/id-wsf/soap_binding.h, lasso/id-wsf/utils.c,
- lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h,
- lasso/lasso.c, lasso/saml-2.0/assertion_query.c,
- lasso/saml-2.0/ecpprivate.h, lasso/xml/disco_description.c,
- lasso/xml/strings.h, lasso/xml/tools.c, lasso/xml/xml.c,
- swig/Lasso-wsf-disco.i, tests/tests.c: forked lasso branch for
- adeline
-
-2008-08-01 14:08 bdauvergne
-
- * lasso/id-wsf/soap_binding.c, lasso/id-wsf/soap_binding.h,
- lasso/soap_binding.c, lasso/soap_binding.h: forked lasso branch
- for adeline
-
-2008-08-01 14:08 bdauvergne
-
- * lasso/errors.h: keep head version
-
-2008-08-01 14:08 bdauvergne
-
- * lasso/id-wsf/discovery.c, lasso/id-wsf/utils.c,
- lasso/id-wsf/utils.h, lasso/id-wsf/wsf_profile.c,
- lasso/id-wsf/wsf_profile.h, lasso/id-wsf/wsf_profile_private.h: *
- lasso/id-wsf/discovery.c:
- - include utils.h
- - move lasso_wsf_profile_build_key_info_node here
- - add a comment for future review of
- lasso_discovery_build_credential
- - remove direct use of lasso_wsf_profile_build_soap_envelope, use
- lasso_wsf_profile_init_soap_request instead.
-
- * lasso/id-wsf/utils.{c,h}:
- - new file with security mech id matching functions
-
- * lasso/id-wsf/wsf_profile.c:
- - remove all credentials related static functions
- - empty all credentials related public functions
- - move function related to matching security mechanism into
- utils.{c,h} and
- xml/disco_description.h
- - add static function
- lasso_wsf_profile_comply_with_saml_authentication that
- tries to add credential to the request to a web service using the
- SAML
- WS-Security mechanism
- - add static function
- lasso_wsf_profile_comply_with_security_mechanism to
- dispatch upon the current chosen securirt mechanism.
- - extract build_soap_envelope to the static function
- build_soap_envelope_internal to remove warning of usage of a
- deprecated
- function.
- - remove lasso_wsf_profile_set_public_key
- - remove lasso_wsf_profile_set_security_mech_id
- - add lasso_wsf_profile_get_security_mechanism
- - add lasso_wsf_profile_set_description
- - empty function about online status of the principal
- - remove all (non-working) handling of the x509 security
- mechanism
- - add a new constructor function
- LassoWsfProfile* lasso_wsf_profile_new_full(LassoServer *server,
- LassoDiscoResourceOffering *offering)
- - and a new init function (for subclass):
- gint lasso_wsf_profile_init(LassoWsfProfile *profile, LassoServer
- *server, LassoDiscoResourceOffering *offering)
-
- * lasso/id-wsf/wsf_profile.h:
- - mark as deprecated:
- lasso_wsf_profile_move_credentials
- lasso_wsf_profile_build_soap_envelope
- lasso_wsf_profile_set_provider_soap_request
- lasso_wsf_profile_principal_is_online
- lasso_wsf_profile_add_credential
- lasso_wsf_profile_set_principal_status
- lasso_wsf_profile_set_principal_online
- lasso_wsf_profile_set_principal_offline
-
- * lasso/id-wsf/wsf_profile_private.h:
- - remove fields from LassoWsfProfilePrivate structure:
- - GList *credentials;
- - gchar *public_key;
- - add fields:
- - char *security_mech_id;
- - LassoDiscoResourceOffering *offering;
+ Tests integration: remove save_html hooks, after fed termination logout button should still be there
-2008-08-01 14:08 bdauvergne
+ Bindings python: use is_cstring for matching GList element type
- * lasso/xml/disco_description.c: include utils.h
+2010-01-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:08 bdauvergne
+ SAML 2.0 Logout: undo some change to when the assertion is removed
+ * lasso/saml-2.0/logout.c:
+ - do not remove the assertion in init_request, as before only if all
+ fails (event REDIRECT is unsupported).
+ - in process_response_msg remove the assertion if we are the IdP or
+ if there is no error.
+ - in validate_request, remove the assertion if there is no error.
- * lasso/xml/tools.c: fix typo on name of an xmlsec function
+ I think that there will be more updates to this in the future.
-2008-08-01 14:08 bdauvergne
+2010-01-14 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/xml/strings.h: change strings for security mechanisms to
- comply with the spec
+ Bindings: make is_cstring usable with tuple and with direct type
-2008-08-01 14:08 bdauvergne
+ Core: remove warning emiting macros from lasso_session_remove_assertion
+ * lasso/id-ff/session.c:
+ we already return error code, no need to log more warnings.
- * lasso/build-strerror.pl, lasso/errors.c, lasso/errors.h: * Move
- error message inside comments in lasso/errors.h
- * Add a script to autogenerate lasso/errors.c from errors.h
- * Update errors.c
- * Add a target to Makefile.am to create errors.c
+ SAML 2.0: report missing request when creating artifact resolve response, fix typo in lasso_saml20_profile_build_post_response_msg
-2008-08-01 14:08 bdauvergne
+ SAML 2.0: Fix typo in lasso_saml20_login_build_authn_response_msg
- * lasso/xml/disco_description.c, lasso/xml/disco_description.h:
- move and export matching function for disco description into
- lasso/xml/disco_description.c
+ ID-FF&SAML2: if use is not defined on a key descriptor use the key for any use
+ * lasso/id-ff/provider.c lasso/saml-2.0/provider.c: if the "use"
+ attribute is not set on a KeyDescriptor, use the key for signing and
+ encryption.
-2008-08-01 14:08 bdauvergne
+2010-01-12 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/utils.h: fix bad copy/paste
+ Tests SAML2: use & test encryption
-2008-08-01 14:08 bdauvergne
+ SAML 2.0: add saml2_helper.h to include files to install
- * lasso/id-wsf/Makefile.am: add utils.c and utils.h to file list
+ Tests: fix inclusion of id-wsf 2.0 tests
-2008-08-01 14:08 bdauvergne
+ Core: add new SAML 2.0 public header to top level header lasso.h
- * lasso/id-wsf/utils.c, lasso/id-wsf/utils.h: move some utility
- functions out of wsf_profile.c
+ ID-WSF 2.0: remote saml2_login_private.h from Makefile.am
-2008-08-01 14:08 bdauvergne
+ Bindings: add support for time_t to bindings, add support for 'string' type for list in java binding
- * lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile_private.h: -
- lasso/id-wsf/wsf_profile.c lasso/id-wsf/wsf_profile_private.h:
- extract LassoWsfProfilePrivate structure.
+ in saml2_helper.{c,h}, remote const modifier from time_t type
-2008-08-01 14:08 bdauvergne
+ in saml-2.0/name_id_management.c: handle NewEncryptedID, only encrypt if needed
- * lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c: *
- lasso/id-wsf/discovery.c: repurpose
- lasso_discovery_process_query_response_msg
- in order to extract credentials informations and store them into
- the current session.
- * lasso/id-wsf/wsf_profile.c: Remove any high-level processing
- from
- lasso_wsf_profile_process_soap_response_msg, just parse and setup
- the corresponding fields into the structure. Eventually signal a
- SOAP using a return code.
+ in saml-2.0/logout.c: remove commented code, only encrypt if needed, intialize local variables
-2008-08-01 14:08 bdauvergne
+ in lasso_saml20_login_init_idp_initiated_auhtn_request, do not use init_authn_request, manually create the request.
- * lasso/id-ff/session.c, lasso/id-ff/session.h,
- lasso/id-ff/sessionprivate.h: Add an index of assertions by ID
- and two new function
- lasso_session_add_assertion_with_id(session, id, assertion)
- and
- lasso_session_get_assertion_by_id(session, id)
- Add to lasso_session_add_assertion a call to
- add_assertion_with_id,
- to index all assertions into the index by id.
+ in lasso_saml20_login_init_authn_request, use saml-2.0/profile.c functions to reduce code size
-2008-08-01 14:08 bdauvergne
+ in saml-2.0/profile.c, in lasso_saml20_build_response_msg, when no url is given, only stop for bindings needing one
- * lasso/id-wsf/discovery.c, lasso/id-wsf/wsf_profile.c: rebase to
- trunk
+ in saml-2.0/profile.c, in lasso_saml20_profile_init_response make direct access
-2008-08-01 14:08 bdauvergne
+ in saml-2.0/profile.c, in lasso_saml20_init_request better check for supported bindings, do not check for identity or session, report SESSION_NOT_FOUND only if first_in_session is used, do not stop on missing name_id.
- * lasso/id-wsf/wsf_profile.h: Add disco_description in includes
+ in saml2_helper.c, remove dead code
-2008-08-01 14:08 bdauvergne
+ SAML 2.0: in lasso_saml20_provider_accept_http_method, add HTTP-Artifact-POST case, better check for bad inputs, and handle special SingleSignOn case
- * lasso/xml/wsse_security.h: * add type decl to field GList* any
+ Core Profile: remove need for identity in lasso_profile_get_nameIdentifier
-2008-08-01 14:08 bdauvergne
+ Core Server: make default to load signing private key also as encryption private key
- * lasso/id-wsf/wsf_profile.c:
- lasso_wsf_profile_build_soap_request_msg:
- - add a TODO comment
+ Commit to delete
-2008-08-01 14:08 bdauvergne
+ Core: rewrite lasso_assertion_encrypt using lasso_xmlsect_load_key and add recipient argument
- * lasso/id-wsf/wsf_profile.c: -
- lasso_wsf_profile_add_soap_signature:
- * add documentation
- * user xmlSec functions for findings nodes
- * add comments on the work flow
- * fix memleak
- * remove enveloped signature transform,
- it is a detached signature.
+ Core: add simple function to load key from any format
-2008-08-01 14:07 bdauvergne
+ Core Node: add args to lasso_node_encrypt to set recipient of an encrypted element
- * lasso/id-wsf/wsf_profile.c: -
- lasso_wsf_profile_verify_saml_authentication:
- - add comments on the work flow
- - simplify and centralize cleanup code
- - loop over all assertion lookup for signature to verif
+ Binding python: provide old binding name for set_encryptionMode
-2008-08-01 14:07 bdauvergne
+ SAML 2.0: overhaul for ubuquitous binding support, still need work for HTTP-Artefact
- * lasso/id-wsf/wsf_profile.c: -
- lasso_wsf_profile_add_credential_signature:
- * add documentation
- * reformat
- * add comments on the work flow
- * fix memleak
- - suppress lasso_wsf_profile_get_public_key_from_credential
+ Core: in profile.c, profile.h, profileprivate.h, add a new attribute to express signature needs
-2008-08-01 14:07 bdauvergne
+ Core: in identity.c, do not emit trace when lasso_identity_get_federation fails
- * lasso/id-wsf/wsf_profile.c: -
- lasso_wsf_profile_verify_credential_signature:
- * centralize and simplify cleanup code
- * add comments describing the flow
+ XML Core: in xml.c, private.h, add a lasso_node_remove_signature function
-2008-08-01 14:07 bdauvergne
+ XML: fill node_data->{certificate,private_key}_file_offset for nodes with signatures
- * lasso/id-wsf/wsf_profile.c: - Add a
- const LassoDiscoDescription
- *lasso_wsf_profile_get_description(LassoWsfProfile *profile)
- - Add documentation to
- lasso_wsf_profile_verify_credential_signature
+ Core: in xml/private.h, add new field to LassoNodeClassData for private_key and certificate handling
-2008-08-01 14:07 bdauvergne
+ Core: in provider.h, add LASSO_PROVIDER_ROLE_BOTH
- * lasso/id-wsf/wsf_profile.c: Change formatting
+ Core: in profile.c, make lasso_profile_get_nameIdentifier work for transient federations
+ * lasso/id-ff/profile.c:
+ if no LassoIdentity is accessible try to get a name identifier
+ through the assertion in the LassoSession object. This allows the
+ logout profile to work without an identity object (which is normal
+ since logout does not modify the federation status).
-2008-08-01 14:07 bdauvergne
+ Core: in provider.h, add new SAML 2.0 HTTP-Method, PAOS
- * lasso/id-wsf/wsf_profile.c: -Use
- lasso_wsf_profile_is_saml_authentication in
- lasso_wsf_profile_has_saml_authentication
- -Add documentation for lasso_wsf_profile_is_x509_authentication
- ,lasso_wsf_profile_is_saml_authentication and
- lasso_security_mech_has_x509_authentication.
+ SAML 2.0: add new function to factorize adding signature to a message
-2008-08-01 14:07 bdauvergne
+ Fix mitm attack using the AssertionConsumerURL property on requests
+ * lasso/saml-2.0/login.c: check that the URL is know before using it
+ * lasso/saml-2.0/provider.c lasso/saml-2.0/providerprivate.h:
+ add a function to check that an URL corresponds to a know
+ AssertionConsumer of the given provider.
- * lasso/id-wsf/wsf_profile.c: Use macros instead of custom code,
- add parameter value verifications
+ ID-WSF 2.0: fix in documentation
-2008-08-01 14:07 bdauvergne
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/wsf_profile.c: In lasso_wsf_move_credentials use new
- lasso utils macros
+ Bindings: simplify GList handling
-2008-08-01 14:07 bdauvergne
+ XML: add element type annotation to all GList fields
- * lasso/id-wsf/wsf_profile.c: Documentation for
- lasso_wsf_profile_has_saml_authentication
+ Bindings: in bindings/python/Makefile.am, precise generated files dependencies
-2008-08-01 14:07 bdauvergne
+ XML: move SOAP API to its own sub directory
- * lasso/id-wsf/wsf_profile.c: Documentation for
- lasso_wsf_profile_get_fault
+ Bindings: in overrides.xml, remove noew useless directives
-2008-08-01 14:07 bdauvergne
+ Python binding: update test scripts to new ID-WSF API
- * lasso/id-wsf/wsf_profile.c: Documentation for
- lasso_wsf_profile_get_description_autos
+ Binding ID-WSF 2.0: do not bind lasso_wsa_endpoint_reference_get_*_token methods
-2008-08-01 14:07 bdauvergne
+ Tests: add idwsf2_tests.c, call from tests.c, update Makefile.am
- * lasso/id-wsf/wsf_profile.c: Documentation for
- lasso_wsf_profile_set_public_key
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:07 bdauvergne
+ ID-WSF 2.0: in profile.{c,h}, discovery.{c,h}, data_service.{c,h}, overhaul all profiles.
+ * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.h:
+ - lasso_idwsf2_profile_get_name_identifier returns the NameID found
+ in an assertion used as a WS-Security token when security mechanism
+ Bearer or SAML are used.
+ - complete the function lasso_id_wsf2_profile_build_soap_envelope
+ with construction of the Sender element which is used to transmit
+ the providerID of the message sender by the SOAP binding ID-WSF 2.0
+ specification.
+ - remove useless instance_init function in profile object
+ - reset some profile fields in process_soap_request_msg (response,
+ body, nameIdentifier). use
+ lasso_saml20_profile_name_identifier_decryption for handling NameID
+ from WS-Security mechanism assertion.
+ - add private_data
+ - change signature of lasso_idwsf2_profile_init_soap_request to use
+ and EPR and a security mechanism specifier when building the SOAP
+ request.
+ - change signature of lasso_idwsf2_profile_process_soap_request to
+ verify security_mech_id of received messages.
+ * docs/reference/lasso/lasso-sections.txt:
+ add the function to the documentation.
- * lasso/id-wsf/wsf_profile.c: Documentation for
- lasso_wsf_profile_add_credential
+ * lasso/id-wsf-2.0/discovery.{c,h}:
+ - use utils.h macros instead of g_return_val_if_fail because it
+ removes useless warning, since it returns an error code. release
+ acquired resources.
+ - in lasso_idwsf2_discovery_metadata_register_self, return error code
+ instead of identifier string for the new service, use an out
+ parmeter to return the identifier, use utils.h macros.
+ - in lasso_idwsf2_discovery_init_metadata_register, use utils.h
+ macros, check return code of lasso_idwsf2_profile_init_soap_request.
+ - change signature of lasso_idwsf2_discovery_init_metadata_register
+ to support security_mech_id, try to get URL from an existing
+ Discovery service EPR (from Session object).
+ - change signature of
+ lasso_idwsf2_discovery_process_metadata_register_msg,
+ lasso_idwsf2_discovery_init_metadata_association_add,
+ lasso_idwsf2_discovery_process_metadata_association_add_msg,
+ lasso_idwsf2_discovery_init_query,
+ lasso_idwsf2_discovery_process_query_msg, to support security
+ mechanism.
+ - improve lasso_idwsf2_discovery_build_query_response_eprs.
+ - add lasso_idwsf2_discovery_get_nth_data_service to acces returned
+ services.
+ * lasso/id-wsf-2.0/data_service.{c,h}:
+ - redo all the API
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-WSF 2.0: in session.c, fix memory handling errors
+
+ ID-WSF 2.0&ID-WSF: in profile.c, wsf_profile.c, errors.c, errors.h, and in lasso-sections.txt change LASSO_SOAP_FAULT_REDIRECT_REQUEST to LASSO_SOAP_ERROR_REDIRECT_REQUEST_FAULT
+
+ ID-WSF 2.0 Errors: in errors.{c,h}, add new errors code for ID-WSF 2.0
+ - add LASSO_DST_ERROR_EMPTY_REQUEST
+ - add LASSO_WSF_PROFILE_ERROR_SECURITY_MECHANISM_CHECK_FAILED
+ - add new errors codes for generic profiles and disco service
+
+ ID-WSF 2.0 XML: in strings.h, add identifiers from ID-WSF 2.0 standards
+ - add status code for ID-WSF 2.0 DST
+ - add token usage identifiers
+ - conform security mechanism identifiers to ID-WSF 2.0 Liberty Sech
+ Mech specification
+ - add Discovery Service status codes
+ - add Soap Binding status codes
+ - add disco result type and user interaction hint strings
+
+ ID-WSF 2.0 XML: in sec_token.c, remove extra SNIPPET_ANY
+
+ ID-WSF 2.0 XML: in util_response.{c,h}, add helper functions to idwsf2_util_status
+
+ ID-WSF 2.0: in server.c, change annotation of lasso_server_get_svc_metadatas_with_id_and_type.
+
+ ID-WSF 2.0: in saml2_login.c, change API
+ * lasso/id-wsf-2.0/saml2_login.c:
+ - change private lasso_saml20_login_assertion_add_discovery to public
+ lasso_login_idwsf2_add_discovery_bootstrap_epr.
+ - remove lasso_saml20_login_copy_assertion_epr, add
+ lasso_login_idwsf2_get_discovery_bootstrap_epr.
+ * docs/reference/lasso/lasso-docs.sgml:
+ - add sections id_wsf_2_0_login
+ * docs/reference/lasso/lasso-sections.txt:
+ - add new functions to section id_wsf_2_0_login
+
+ ID-WSF 2.0: in idwsf2_helper.c, add new functions, fix old things
+ - add lasso_wsa_endpoint_reference_get_service,
+ lasso_wsa_endpoint_reference_associate_service_type_uri,
+
+ ID-WSF 2.0: create idwsf2_helper.{c,h}, new module for manipulating EPR elements
+ * lasso/id-wsf-2.0/idwsf2_helper.c lasso/id-wsf-2.0/idwsf2_helper.h:
+ add new functions
+ lasso_wsa_endpoint_reference_get_idwsf2_service_type,
+ lasso_wsa_endpoint_reference_get_idwsf2_provider_id,
+ lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism,
+ lasso_wsa_endpoint_reference_get_token_by_usage,
+ lasso_wsa_endpoint_reference_get_security_token,lasso_wsa_endpoint_reference_get_target_identity_token,
+ lasso_wsa_endpoint_reference_new_for_idwsf2_service,
+ and lasso_wsa_endpoint_reference_add_security_token.
+ * lasso/id-wsf-2.0/idwsf2_helper.h:
+ declare new functions.
+ * lasso/id-wsf-2.0/Makefile.am:
+ add new files to source list
+
+ ID-WSF 2.0: in soap_binding.{c,h}, add new functions
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-WSF 2.0: add files soap_binding.c, soap_binding.h
+ * lasso/id-wsf-2.0/Makefile.am
+ - reference new source files in Makefile.am
+ * lasso/id-wsf-2.0/soap_binding.c
+ * lasso/id-wsf-2.0/soap_binding.h:
+ - add extraction functions lasso_soap_envelope_sb2_get_provider_id,
+ lasso_soap_envelope_sb2_get_redirect_request_url,
+ lasso_soap_envelope_sb2_get_target_identity_header,
+ lasso_soap_envelope_add_action and lasso_soap_envelope_get_action.
+ - add SOAP security headers accessors
+ - add lasso_soap_envelope_get_saml2_security_token which simplify
+ retrieving a SAML 2.0 assertion used as a WS-Security token.
+ complete documentation of other functions.
+ * docs/reference/lasso/lasso-sections.txt:
+ - reference the new functions in a new section soap_binding2
+ * docs/reference/lasso/lasso-docs.sgml:
+ - add new section soap_binding2
+
+ ID-WSF 2.0: in soap_binding.{c,h}: add function
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-WSF: in id_ff_extensions.c, add SECTION gtk-doc declaration
+
+ ID-WSF: in interaction_profile_service.{c,h}, make initialization of a redirect request, part of LassoWsfProfile methods.
+
+ ID-WSF: in discovery.c:lasso_discovery_init_resource_offering, add doc annotations, use assignment macros to set output argument
+
+ ID-WSF: in discovery.c, update documentation annotations
+ * lasso/id-wsf/discovery.c:
+ - add annotations to lasso_discovery_init_query,
+ lasso_discovery_init_modify, lasso_discovery_process_request_msg.
+ - initialize response in lasso_discovery_process_query_mesg and
+ lasso_discovery_process_modify_msg, so that modifications of the
+ response can be done between _process_ and _build_ calls.
+
+ ID-WSF: in data_service.c:lasso_data_service_init_query check absent resource offering, support security_mech_id argument
+ * lasso/id-wsf/data_service.c lasso/id-wsf/data_service.h:
+ - in lasso_data_service_apply_modifications, dst_modification
+ initialization is missing.
+ - remove lasso_data_service_get_redirect_request_url
+ - change LASSO_DATA_SERVICE_CANNOT_ADD_ITEM to
+ LASSO_DATA_SERVICE_ERROR_CANNOT_ADD_ITEM
+ - in lasso_data_service_init_query, complete documentation, fix mem
+ leak
+ - factorize code between lasso_data_service_build_modify_response_msg
+ and lasso_data_service_build_query_response_msg, create
+ lasso_data_service_build_response_msg
+ - in lasso_data_service_get_answer, add out annotation to output
+ parameter
+ - simplify API, simplify code path for query and modification
+ processing
+ - add lasso_data_service_process_request_msg,
+ lasso_data_service_build_modify_response_msg,
+ lasso_data_service_validate_request.
+ - remove lasso_data_service_process_query_msg and
+ lasso_data_service_process_modify_msg from public API.
+ - in lasso_data_service_process_query_msg and
+ lasso_data_service_process_modify_msg add arg checks, make them
+ static and move preprocessing of the request in
+ lasso_data_service_process_request_msg.
+ - in lasso_data_service_get_answer, fix request/response mismatch.
+ - add accessors lasso_data_service_set_resource_data and
+ lasso_data_service_get_resource_data.
+ - add securit_mech_id arg to data_service_init_modify, export
+ resource_data accessor methods
+ - remove lasso_data_service_get_redirect_request_url
+ - fix missing intializations and leaks
+
+ ID-WSF: in wsf_profile.c, fix mem leaks
+
+ ID-WSF XML: in dst_modification.c, add SNIPPET_BOOLEAN to overrideAllowed attribute snippet
+
+ ID-WSF XML: in dst_modify.{c,h}, remove extra argument to the constructor of LassoDstModify
+ * lasso/xml/dst_modify.c:
+ * lasso/xml/dst_modify.h:
+ remove parameters of the default constructor.
+
+ Tests: in tests/login_tests.c, change path of header utils.h
+
+ Tests: in basic_tests.c, fix, do not overwrite known elements mappings
+ * tests/basic_tests.c:
+ when testing functionality of lasso registries which map namespace
+ elements to lasso objects, do not use liberty namespace because it
+ interacts with other tests -- deserialization of lib:Assertion node
+ was broken by this test -- when running them in CK_FORK=no mode.
+ Changed namespace LASSO_LIB_HREF, for "coin" which is less dangerous.
+
+ WS XML: change signature of lasso_wsa_attributed_uri_new_with_string, add mappings
+ * wsa_attributed_uri.c:
+ - constify first argument of
+ lasso_wsa_attributed_uri_new_with_string.
+ - add add direct mappings from wsa:Action,wsa:To to
+ LassoWsAddrAttributedURI and from wsa:From,wsa:ReplyTo,wsa:FaultTo
+ to LassoWsAddrEndpointReference
+
+ SAML 2.0: in login.c, use lasso_server_saml2_assertion_setup_signature
+
+ XML: in private.h, remove duplicate declaration of lasso_xml_parse_memory
+
+ ID-FF XML: in lib_assertion.c, add registry mapping for lib:AssertionType
+ * xml/lib_assertion.c:
+ this object is really a container for lib:AssertionType, so register
+ it.
+
+ Core: in provider.c, add lasso_provider_verify_single_node_signature
+ * lasso/id-ff/provider.c lasso/id-ff/provider.h:
+ add a new function to check an enclosed single signature on a
+ LassoNode, given that the LassoNode retained its original xml node
+ content.
+
+ SAML 2.0: in login.c, fix memleaks
+ * lasso/saml-2.0/login.c:
+ return value from lasso_provider_get_sp_name_qualifier must be freed.
+
+ SAML 2.0: in login.c, remove discovery bootstrap handling
+
+ Core Login: in login.c, add assertion accessor
+ * docs/reference/lasso/lasso-sections.txt:
+ declare new function
+ * lasso/id-ff/login.c lasso/id-ff/login.h:
+ add new function lasso_login_get_assertion.
+ * lasso/saml-2.0/login.c:
+ store created assertions
+ * lasso/id-ff/login.h:
+ make assertion field private for bindings.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ SAML 2.0: in saml2_helper.c, add new methods to manipulate SAML2 assertions
+ * lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
+ - add lasso_server_saml2_assertion_setup_signature, to help in
+ defining signature upon saml2:Assertion nodes.
+ - add new symbols LASSO_DURATION_MINUTE, LASSO_DURATION_HOUR,
+ LASSO_DURATION_DAY, LASSO_DURATION_WEEK.
+ - add method lasso_saml2_assertion_add_attribute_with_node
+
+ * docs/reference/lasso/lasso-sections.txt:
+ declare new functions in saml2_helper section.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Tests: in basic_tests.c, check LassoSaml2EncryptedElement handling
+
+ SAML 2.0 XML: map EncryptedID, EncryptedAssertion, EncryptedAttribute and NewEncryptedID element to saml2:EncryptedElement
+ * lasso/xml/saml-2.0/saml2_encrypted_element.c:
+ add registry mapping from EncryptedID, EncryptedAssertion,
+ EncryptedAttribute and NewEncryptedID element to
+ saml2:EncryptedElement
+
+ SAML 2.0 XML: in strings.h, add the identifier for the holder of key subject confirmation method
+
+ SAML 2.0: in provider.c, add node encryption function and reference it in doc
+ * lasso/saml-2.0/Makefile.am:
+ add new header provider.h
+ * lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
+ add new function lasso_provider_saml2_node_encrypt to encrypt nodes
+ and encapslutate the XML Enc datas in a LassoSaml2EncryptedElement
+ node.
+ * docs/reference/lasso/lasso-sections.txt:
+ add function to saml2_utils section
+
+ WS XML: add forgotten include file to wsa_attributed_uri.c and wsa_endpoint_reference.c
+
+ WS Errors: in errors.h errors.c, add new error section for WS-Security handling
+
+ Core: in server.c, change signature of lasso_server_get_provider, add anottations on return value
+ * lasso/id-ff/server.h lasso/id-ff/server.c:
+ - constify first argument of lasso_server_get_provider
+ - add annotation about caller owned return value
+
+ Core: in tools.c, complete documentation of lasso_verify_signature
+
+ Core: in provider.c, add accessors for encryption informations
+ * lasso/id-ff/provider.c:
+ add getters for encryption_sym_key_type and encryption_public_key.
+ * lasso/id-ff/providerprivate.h:
+ declare new accessors.
+
+ Core XML: in xml.{c,h}, add new function lasso_node_get_name to get the element name for an object
+
+ Core XML: make first argument of lasso_misc_text_node_new_with_string const
+ * lasso/xml/misc_text_node.h lasso/xml/misc_text_node.c:
+ change signature of lasso_misc_text_node_new_with_string, string
+ argument is const.
+
+ Core XML: in xml/tools.c, add conversion method from iso8601 to time_t
+ * lasso/xml/tools.c:
+ add function lasso_iso_8601_gmt_to_time_t
+ * lasso/xml/private.h:
+ declare new function.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core XML: in xml.c, keep original node names, handle xsi:type attribute better
+ * lasso/xml/xml.c lasso/xml/xml.h:
+ - fix signature of lasso_node_set_original_xmlnode, fix signature in
+ documentation of lasso_node_set_original_xmlnode;
+ - add a new API lasso_node_set_custom_nodename to specify the exact
+ element name to use when serializing a LassoNode to XML.
+ - rename internal structure _CustomNamespace to _CustomElement, add a
+ nodename field to it.
+ - rework internal functions around _CustomElement to be aware of an
+ existing attached _CustomElement and re-use if needed.
+ - move application of _CustomElement hints after the serialization of
+ the node, so that the normal behaviour of the serialization is kept
+ -- i.e. do not play with the list of parent classes.
+
+ - use the full xsi:type content to find a LassoNode subclass when
+ de-serializaing XML content, factorize QName->GObject class mapping
+ for the three executions paths inside
+ _type_name_from_href_and_nodename:
+ - element QName,
+ - xsi:type QName,
+ - element name with xsi:type namespace
+ - add a long comment expliciting the way the mapping is done.
+ - remove direct mapping of EncryptedAssertion element, the registry
+ declaration on the class LassoSaml2EncryptedElement shoud be
+ enough.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core XML: in xml.c, parse attributes with namespace checking
+ * lasso/xml/xml.c:
+ - use snippet->ns_uri and snippet->ns_name to parse attributes
+ outside of the parent node namespace.
+
+ Core XML: in xml/tools.c, improve lasso_eval_xpath_expression, do not fail when nodeset is empty
+ * lasso/xml/tools.c:
+ only check that the query returned a nodeset object, do not check its
+ content size.
+
+ Core: in utils.h, add a macros, fix existing
+ * lasso/utils.h:
+ - add macro lasso_ref(object), if object is not null, call
+ g_object_ref on it, and return the value, otherwise do nothing and
+ return NULL.
+ - make a better reporting of bad object release
+ - change format type for __LINE__ and dest arguments in
+ lasso_release_gobject warning display.
+ - add a lasso_check_non_empty_string macro
+ - add new macro to extract a specific node type from a list of
+ GObject objects.
+ - use xmlStrdup not g_strdup for lasso_assign_xml_string
+ - add lasso_list_add_gstrv and lasso_check_good_rc
+ - add macro lasso_list_get_first_child
+ - add inline function to test empty string
+ - change macro lasso_check_non_empty_string to use the new inline
+ function and go to cleanup
+ - fix lasso_check_non_empty_string macro
+ * lasso/utils.c:
+ - add lasso_gobject_is_of_type returns 0 if first parameters is a
+ gobject whose GType is equal to the second parameter, and 1
+ otherwise.
+
+ Core: add new errors LASSO_PROFILE_ERROR_INVALID_RESPONSE, LASSO_PROFILE_ERROR_INVALID_REQUEST.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: in bindings.py, parse '(in)' gobject-introspection annotation, in utils.py, use it to reverse default annotation for pointer of pointers
+ Bindings: in bindings.py, improve regular expression for declarations
+
+ Bindings: parse gobject-introspection annotation in return value
+ documentation, add cast to C calls when parameter type is const in java
+ binding, problem arise with const char ** arrays
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: do not stop on failing to parse a declaration, but skip the function and print a warning
+
+ Python binding: add a pyobject->time_t conversion function
+
+ Bindings python: in wrapper_top.c, mark internal function as potentially unused
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: make the binding infrastructure understand GObject-introspections annotations
+ * bindings/bindings.py
+ * bindings/utils.py:
+ add convenience function to treat arguments tuple:
+ (type,name,{annotations}).
+ introduce new argument options, fix that arguments are 3-tuple of the
+ form (type,name,annotations), where annotations is a dictionary.
+ Key of this dictionnary can be:
+ - optional, wheter the argument is necessary, it means it has a
+ default value.
+ - out, means that the pointer is a pointer of pointer, for bindings
+ that can return exceptions, it will be returned instead of the
+ integer error code, the only way to access error codes will be
+ exceptions.
+ - element-type, contained type of a list or an array,
+ - key-type, value-type, type of respectively the key and value of a
+ GHashTable.
+ - transfer, wheter a the callee(for arguments)/caller(for return
+ values) owns the values passed, it can be none,container(if the
+ callee/caller only owns the container not the contained value) or
+ full.
+ doc.parameters is now a 3-tuple of (attribute-name,
+ attribute-description, attribute-annotations) where
+ attribute-annotations is a string of the form '(option1)(option2
+ option-arguments) etc.'.
+ - add predicates for xml, list and time_t values. improve predicates
+ for cstring and const modifier.
+
+ * bindings/overrides.xml:
+ 'out' arguments are not well supported for java, so skip functions
+ using them.
+
+ * bindings/java/lang.py bindings/php5/php_code.py
+ bindings/php5/wrapper_source.py bindings/python/lang.py:
+ - update language specifig binding generators for handling new
+ annotations.
+ - improve python method declaration, handle optional arguments with
+ default values, factorize this chode in two methods,
+ get_python_arg_decl and defval_to_python_value.
+
+ * bindings/python/tests/Makefile.am
+ bindings/python/tests/idwsf1_tests.py
+ bindings/python/tests/idwsf2_tests.py:
+ make test work with out of source build dir.
+
+2010-01-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Documentation: in lasso-docs.sgml, add glossary to the index, add book part delimitations
+ * docs/reference/lasso/lasso-docs.sgml:
+ add the glossary to the index.
+
+ Core: in registry.c, change type cast to compile on amd64 platform
+ * registry.c:
+ use ptrdiff_t to cast to integer big enough to receive a pointer,
+ then apply integer operations, then cast to the pointer type expected
+ by g_direct_hash.
+
+2009-12-16 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: in utils.h, change __STRING(x) for #x
+ * lasso/utils.h:
+ __STRING(x) does not seem more portable than #x so change, problem
+ with AIX.
+
+2009-12-09 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Downgrade version 2.2.90 to make a pre-release
+
+2009-12-08 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ in tests/tests.h, Add checks for true and false conditions
+
+ Remove beginning of a PHP4 binding
+
+ Upgrade version number
-2008-08-01 14:07 bdauvergne
+ Add missing headers to makefile, to pass make distcheck
+ * lasso/xml/id-wsf-2.0/Makefile.am:
+ make xml_idwsf2.h appear in the distribution file
+ * lasso/xml/ws/Makefile.am:
+ make xml_ws.h appear in the distribution file
+
+2009-12-04 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ in lasso_saml20_profile_export_to_query, checks return values
+ * lasso/saml-2.0/profile.c:
+ in lasso_saml20_profile_export_to_query, check return value of of
+ lasso_node_build_query and lasso_query_sign.
+
+2009-12-01 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Add SP initiated logout test to SAML 2.0 regression tests
+ * tests/login_tests_saml2.c:
+ add logout to first SAML 2.0 login regression test.
+ * tests/tests.h:
+ add macros to simplify checking of return value with check macros
+ (encapsulate fail_unless macro to check for NULL/non-NULL values and
+ good rc value (0) or expected bad value).
+
+2009-11-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Restore ancient semantic of lasso_profile_is_session_dirty
+ * lasso/id-ff/profile.c:
+ lasso_is_session_dirty must return FALSE if session is NULL.
+
+ Fix double g_object_unref
+ * lasso/id-ff/login.c:
+ status is already freed by lasso_assign_gobject, do not free it first
+ with lasso_node_destroy.
+
+ Restore call to autoheader in autogen.sh
+ * autogen.sh:
+ call to autoheader was removed during simplification of the
+ autogen.sh script.
+
+ Remove message level signature on redirect messages
+ * lasso/saml-2.0/profile.c:
+ remove message level signatures before building query strings.
- * lasso/id-wsf/wsf_profile.c: documentation for
- lasso_wsf_profile_move_credentials
+ Add more check to remove_signature
+ * lasso/saml-2.0/profile.c:
+ check for NULL when accessing klass datas.
-2008-08-01 14:07 bdauvergne
+2009-11-02 Benjamin Dauvergne <bdauvergne@entrouvert.com>
- * lasso/id-wsf/wsf_profile.c, lasso/id-wsf/wsf_profile.h: add new
- method lasso_wsf_profile_set_description_from_offering
+ Augment query string limit for relaystate extraction to 8192 bytes
+ * lasso/xml/tools.c:
+ some application transfer relaystate longer thant the specification
+ advised 80 bytes, try to cater for their needs.
-2008-08-01 14:07 bdauvergne
+ Add documentation for lasso_get_relaystate_from_query
+ * lasso/xml/tools.c:
+ add documentation on the internal function
+ lasso_get_relaystate_from_query
- * lasso/xml/private.h: fix typo
+2009-10-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
-2008-08-01 14:07 bdauvergne
+ Add C defines for SAML 2 'unspecified' authncontext class
+ * lasso/xml/strings.h:
+ add C defines for AuhtnContextClassRef,
+ urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified.
+
+ Fix bad macro choice, precise error for bad formatted NIDM request
+ * saml-2.0/name_id_management.c:
+ use specialized lasso_saml20_profile_set_response_status
+ set 'MissingNameID' second level error with requester first level
+ error code when request is missing a name id.
+
+ Fix reporting of error in message parsing
+ * lasso/xml/xml.c:
+ do not mix the return code from xmlSecBase64Decode and the return
+ code for lasso_node_init_from_message_with_format.
+ It fixes a segmentation fault in
+ lasso_login_process_authn_request_msg.
+
+2009-10-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: factorize code to obtain a SPNameQualifier
+ * lasso/id-ff/provider.c lasso/id-ff/provider.h:
+ add a method giving the SPNameQualifier for a provider (its entity id
+ or its affiliation id).
+
+ * lasso/id-ff/profile.c:
+ * lasso/saml-2.0/login.c:
+ update use sites.
+
+2009-10-30 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Make php4 and perl binding disabled by default
+ * configure.ac:
+ make default for --enable-perl and --enable-php4 to "no". Those
+ binding will not be maintained in the future.
+
+ SAML2 Logout: initialize SessionIndex from the assertion
+ * lasso/saml-2.0/logout.c:
+ when creating a logout request message initialize the SessionIndex
+ element with the correponding content in the stored assertion for
+ this session.
+
+ Tests: fix __FILE__ -> __file__
+ * tests/integration/saml2/__init__.py:
+ path to the current python file is __file__ not __FILE__.
+
+ SAML2: change lasso_saml20_profile_set_response_status signature
+ * lasso/saml-2.0/profile.c:
+ * lasso/saml-2.0/profileprivate.h:
+ make lasso_saml20_profile_set_response_status2 the new implementation
+ of lasso_saml20_profile_set_response_status.
+ add helper macros to set success, responder and requester first level
+ status code.
+ * saml-2.0/assertion_query.c:
+ * saml-2.0/login.c:
+ * saml-2.0/logout.c:
+ * saml-2.0/name_id_management.c:
+ adapt consumers to the new signature.
+
+ ID-FF: add a partial_logout flag to LassoLogout private_data
+ * lasso/id-ff/logout.c:
+ * lasso/id-ff/logout.h:
+ add a flag to store the status of a partial logout
+
+ SAML2: add an equals operator to the NameID class
+ * lasso/xml/saml-2.0/saml2_name_id.c:
+ * lasso/xml/saml-2.0/saml2_name_id.h:
+ add a lasso_saml2_name_id_equals method which return TRUE if two
+ NameId are equal.
+
+ SAML2: use the static get_provider helper method in generic profile methods
+ * lasso/saml-2.0/profile.c:
+ instead of accessing directly profile->server use the helper method
+ get_provider.
+
+ SAML2: in logout_build_response_msg do not fail on missing remote_providerID
+ * lasso/saml-2.0/logout.c:
+ remote_providerId is verified in build_redirect_simple and is not
+ necessary for SOAP response with a failure and profile->response
+ cannot be null (we just created a response if it was missing).
+ So this error case is now unnecessary.
+
+ ID-FF1.2 and SAML2: remove direct access to profile->server->providers
+ * client of LassoServer should use lasso_server_get_provider.
+ * LASSO_PROFILE_ERRROR_UNKNOWN_PROVIDER was a mistake, it is
+ superfluous, use LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
+
+ Core: in profile, use lasso_server_get_provider
+ - lasso/id-ff/profile.c:
+ replace direct access to server->provider by
+ lasso_server_get_provider.
+
+2009-09-29 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Tests: add a test of NameIDFormat extraction
+ - tests/basic_test.c:
+ add test11_get_default_name_id_format which parse a metadata file and
+ try to extract the default name id format.
+ - tests/data/sp5-saml2/metadata.xml:
+ add NameIDFormat node for testing.
+
+ Core: add const modifier to return value of lasso_provider_get_metadata_list
+ - lasso/id-ff/provider.c lasso/id-ff/provider.h:
+ change return type of lasso_provider_get_metadata_list from GList* to
+ const GList*.
+ - lasso/id-ff/logout.c lasso/saml-2.0/logout.c
+ lasso/saml-2.0/provider.c:
+ change consumers of the API
+
+ Core: Add const modifiers to LassoProvider methods
+ * lasso/id-ff/provider.c lasso/id-ff/provider.h
+ lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
+ add const modifier where they could be added.
+
+ Do not use g_new, use g_new0
+ * lasso/id-ff/federation.c:
+ * lasso/id-ff/logout.c:
+ * lasso/id-ff/profile.c:
+ * lasso/id-ff/provider.c:
+ * lasso/id-ff/server.c:
+ * lasso/id-ff/session.c:
+ * lasso/id-wsf/authentication.c:
+ * lasso/saml-2.0/ecp.c:
+ * lasso/xml/xml.c:
+ even for private datas, use g_new0, it is safer.
+
+ Change setting of default NameIDFormat for SAML 2.0 login
+ * saml-2.0/login.c:
+ in lasso_saml20_login_init_authn_request,
+ lasso_saml20_login_init_idp_initiated_authn_request, if the service
+ provider provided a list of supported name id formats, use the first
+ one as default for new AuthnRequest.
+ * id-ff/login.c:
+ modify documentation to report the new way of choosing a default.
+
+ Add method to Provider to retrieve default NameIDFormat
+ * lasso/id-ff/provider.c lasso/id-ff/provider.h:
+ add lasso_provider_get_default_name_id_format, which returns the firs
+ listed NameIDFormat from the SAML 2.0 metadatas of the provider.
+
+ Complete documentation of lasso_login_init_authn_request concerning the NameIDFormat
+ * lasso/id-ff/login.c:
+ in lasso_login_init_authn_request, add docbook formatting, add
+ remarks about the different NameIDFormat for ID-FF 1.2 and SAML 2.0.
+
+2009-09-17 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Fix bugs found via coverity (thanks to Bhaskar Jain)
+ * lasso/id-wsf-2.0/data_service.c: fix uninitialized res variable in
+ lasso_idwsf2_data_service_process_query_response_soap_fault_msg.
+ * lasso/xml/saml-2.0/saml2_assertion.c: fix uninitialized rc variable
+ in get_xmlNode.
+ * lasso/saml-2.0/login.c:
+ in lasso_saml20_login_accept_sso check for ni and ni->Format
+ null-ness before dereferencing, remove idp_ni which is not used
+ anymore.
+ remote all use of federation->remote_nameIdentifier, SAML 2.0 only
+ need one NameID, and it will be local_nameIdentifier.
+ * lasso/xml/xml.c:
+ in lasso_node_traversal, check null-ness of node before dereferencing
+ it, add check for class null-ness also.
+ * lasso/id-ff/provider.c:
+ in lasso_provider_get_first_http_method, remove useless check for t2
+ null-ness -- if found is TRUE, t1 and t2 cannot be null.
+ * lasso/xml/tools.c:
+ in lasso_sign_node, add documentation, check for private_key_file and
+ xmlnode null-ness.
+ in lasso_get_public_key_from_private_key_file, add a cleanup phase,
+ check for cert variabl null-ness befor appending, count the number of
+ certificates added.
+ in lasso_query_verify_signature, check that URL unescaping and base64
+ decoding are succesfull before using the decoded strings.
+ * lasso/saml-2.0/name_id_management.c:
+ in lasso_name_id_management_validate_request, fix mis-handling of
+ federation, if federation does not match request name_id, return
+ UNKNOWN_PRINCIPAL.
+
+ ID-WSF: finish unsealing field « is_dirty » of LassoSession
+ * lasso/id-wsf-2.0/session.c:
+ remove direct acces to LassoSession private field.
+
+2009-09-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: unseal LassoSession public field
+ * lasso/id-ff/session.c:
+ * lasso/id-ff/session.h:
+ * lasso/id-ff/sessionprivate.h:
+ unseal session->is_dirty and session->assertions, remove the mirror
+ version in the private data structure, and restore direct acces by
+ methods.
+ move the "private" comment before those two fields to hide them in
+ the gtk-doc reference manual, normal access should be done by
+ get_assertion and is_dirty methods.
+
+2009-09-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ XML ID-WSF: Fix parsing of most ID-WSF elements
+ * lasso/xml/disco_send_single_logout.c:
+ * lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c:
+ * lasso/xml/id-wsf-2.0/subsref_app_data.c:
+ * lasso/xml/xml.c:
+ lots of ID-WSF 1.0/2.0 classes were not passing the new
+ non-regression test on serialization/deserialization.
+ The main reason was the absence of mapping for their namespace in the
+ prefix_from_href_and_nodename function. The other reason is that some
+ class name does not correspond 1-to-1 to the element name
+ (SendSingleLogOut vs. SendSingleLogout, notice the capitalised 'O').
+
+ The last problem was that mapping from nodes to GObject classes was
+ done after default mapping ("Lasso<prefix><node_name>"), now it's
+ done before, to reflect the fact that it is a more specialized
+ mapping.
+
+2009-09-11 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: remove warning when lasso_registry_get_direct_mapping fails
+ * lasso/registry.c (lasso_registry_get_direct_mapping):
+ g_return_val_if_fail output a warning when condition fails, use a
+ simple if instead.
- * lasso/errors.c: add a general error for a badly initialized
- object and two error for idwsf relating to a missing assertion id
- and a missing endpoint declaration
+ Tests: add more assertion to random test
+ * tests/random_tests.c:
+ add more assertion testing for various return values or field values.
+
+ XML: Fix seg-fault bug introduced in commit 4108
+ * lasso/xml/xml.c:
+ lasso_node_get_xmlnode_for_any_type is broken, if no original_xmlnode
+ is present, return just cur. Also add all missing cases for the state
+ of the pair (cur, orignal_xmlnode).
+ * tests/basic_tests.c:
+ add a non-regression test, testing all dump/restore functions.
+
+ Core: add new macros to traverse lists
+ * lasso/utils.h:
+ lasso_foreach_full_begin(_type, _data, _iter, _list)
+ traverse GList* _list, using _iter as iteration variable
+ extract data field to variable _data of type _type.
+
+ Test: fix Makefile.am to work with 'out of source' build directory
+ * tests/Makefile.am:
+ rpath must refer to the build directory, not the source directory.
+
+ Core: fix extract_symbols regular expression
+ * lasso/extract_symbols.py:
+ the regular expression was not matching declaration over multiple lines,
+ and would catch argument starting with lasso_. Fixed.
+
+ XML: add all inclusive header files for id-wsf2, ws, id-wsf XML elements
+ * lasso/xml/wsf/xml_ws.h:
+ * lasso/xml/id-wsf-2.0/xml_idwsf2.h:
+ * lasso/xml/xml_idwsf.h:
+ new files.
+
+ ID-WSF 2.0: add set_request/set_response method to Profile object
+ * lasso/id-wsf-2.0/profile.c:
+ * lasso/id-wsf-2.0/profile.h:
+ add two methods that set the response object and replace the content
+ of the SOAP message with this object.
+
+ XML SOAP: add new soap fault constructor
+ * lasso/xml/soap_fault.c:
+ * lasso/xml/soap_fault.h:
+ add a full constructor allowing to set faultcode and faultstring in
+ one call.
+
+ XML ID-WSF 2.0: make non simple constructor of MiscTextNode return real type
+ * lasso/xml/misc_text_node.c:
+ non simple constructor must return the real object type because Java
+ binding does not work without it.
+
+ XML SAML 1.1: fix schema figure for samlp:Request
+
+ Docs: remove old lasso-sections.txt file
+
+ ID-WSF 2.0: add accessor for field of LassoIdWsf2Profile
+ * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.c:
+ add two accessor to get to soap_response and soap_request object,
+ next step is to make those two fields really private.
+
+ ID-WSF: fix duplication of namespace string declaration, add fault codes for WS-Security
+ * lasso/xml/strings.h:
+ namespace of WS-Security 1.0 was duplicated,
+ add specified fault code linked to WS-Security.
+
+ ID-WSF: remove LassoWsseSecurity in favor of LasoWsSec1SecurityHeader
+ * xml/Makefile.am:
+ remove the file from the source list
+ * xml/wsse_security.c:
+ * xml/wsse_security.h:
+ remove the files
+ * xml/xml.c:
+ use LassoWsSec1SecurityHeader for LASSO_WSSE_HREF namespace also.
+
+ ID-WSF 1.0: use the common wsse:Security object
+ * lasso/id-wsf/wsf_profile.c:
+ use the common LassoWsSec1SecurityHeader object instead of the
+ specific LassoWsseSecurity, and set the needed namespace using
+ lasso_node_set_custom_namespace.
+ add implementation comments.
+
+ WS: register LassoWsSec1SecurityHeader for all namespace associated to WS-Security
+ * lasso/xml/ws/wsse_security_header.c:
+ register all namespace that contains a Security header object.
+
+ XML: add an API to set namespace on a single instance of a LassoNode
+ * lasso/xml/xml.h lasso/xml/xml.c:
+ add a new public API lasso_node_set_custom_namespace(node, prefix,
+ href). It allows to set the precise namespace of a single object, all
+ other instance of the same class continue to use the default
+ namespace for the class.
+ It should be used for difficult consumer of certain nodes (like
+ wsse:Security) which only know certain namespace or do not use the
+ namespace going with the specified version of a specification (like
+ MSP not following ID-WSF 1.0 specification and using
+ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
+ instead of
+ http://schemas.xmlsoap.org/ws/2003/06/secext.
+ It also allows to share implementation of schema objects common to
+ many version of the same specification (wsse:Security between ID-WSF
+ 1.0 and ID-WSF 2.0), without creating too many child classes.
+
+ ID-WSF 2.0: remove obsolete FIXME in discovery.h
+
+ Core: remove a use of lasso_node_destroy in LassoSession
+
+ Bindings: add support for guchar
+ * bindings/java/lang.py:
+ * bindings/python/lang.py:
+ add guchar to list of C types everywhere.
+
+ XML: add support for free xml content to LassoMiscTextNode
+ * lasso/xml/misc_text_node.c:
+ * lasso/xml/misc_text_node.h:
+ it is often necessary to be able to put completely determined content
+ inside lasso generated request (for example when copying an assertion
+ for a Bearer authentication method). In this case you can use
+ lasso_node_get_original_xml_node to get at the original content and
+ lasso_misc_text_node_new_with_xml_node to get a LassNode with the
+ same content.
+ There are two additional function to acces this xml payload:
+ lasso_misc_text_node_get_xml_content and
+ lasso_misc_text_node_set_xml_content.
+
+2009-08-28 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: fix commit 4313, restore support for --enable-wsf
+ * configure.ac:
+ I throwed the baby with the bathwater..
+
+ Core: fix make dist with --enable-wsf
+ * lasso/id-wsf-2.0/Makefile.am:
+ * lasso/xml/Makefile.am:
+ some files were missing from the dist files, add them.
+
+ Core: remove SWIG ID-WSF warning from configure.ac
+ * configure.ac:
+ as ID-WSF support in SWIG in not maintained anymore we can remove the
+ warning about using pre-generated SWIG files with a different setting
+ for the --enable-wsf flag.
+
+ Binding: skip lasso_data_service_get_query_item
+ * bindings/overrides.xml:
+ bindings do not support out arguments, so skip generating bindings
+ for lasso_data_service_get_query_item for the moment.
+
+ Core: set tar-pax as dist file format
+ * configure.ac:
+ we could have more than 99 characters long path in the dist files,
+ the pax format for tar archives support it.
+
+ ID-WSF 1.0: Fixed missing or deprecated functions in public headers
+ Some new functions were missing from the headers, others were deprecated
+ some time ago and as the API is not considered stable for ID-WSF, I
+ removed them definitely.
+
+2009-08-27 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Bindings: Skip lasso_data_service_get_answers
+ * bindings/overrides.xml: skip unsupported function.
+
+ Tests: add configuration file loading to integration test
+ * tests/integration/README:
+ * tests/integration/saml2/__init__.py:
+ If ~/.config/lasso_integration.conf exists, load it to find path to
+ authentic and lcs.
+ Add support for three environement variables:
+ - LASSO_BUILDDIR, to specify an out of source build directory to
+ test,
+ - NO_SILENT, to allow authentic and lcs outputs,
+ - VALGRIND, to check memory leaks using valgrind.
+
+2009-08-26 Frederic Peters <fpeters@entrouvert.com>
+
+ Call gtkdocize before automake
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: errors.c is a generated file, when generating it place it in $(srcdir) not build directory
+ * lasso/Makefile.am:
+ the place for errors.c is in the source directory, not the build
+ directory.
+
+ SAML 2.0: Fix bug introduced in commit 4235
+ * lasso/saml-2.0/login.c:
+ profile->msg_url is released before being used ;( Restore the code
+ copying the URL before passing it to
+ lasso_saml20_profile_build_http_redirect, to free it after.
+
+ Core: Fix errors.c generation
+
+ XML SAML2: remove typedef of LassoSaml2Assertion in saml2_advice.h and saml2_evidence.h
+ * xml/saml-2.0/saml2_advice.h xml/saml-2.0/saml2_evidence.h:
+ the declaration of LassoSaml2Assertion for supposedly preventing
+ recursive include is useless now.
+
+ Core: fix spurious semi-colon inserted in commit 4093
+ * lasso/errors.h:
+ remove useless semi-colon
+
+ Core: add assertion query to exported profiles
+ * lasso/lasso.h:
+ include lasso/saml-2.0/assertion_query.h
+
+ XML: Add all including header fil for saml2, id-ff and id-wsf
+ * lasso/xml/xml_idff.h:
+ this header file reference all id-ff 1.2 elements
+ * lasso/xml/xml_idwsf.h:
+ this header file reference all id-wsf 1.0 elements
+ * lasso/xml/saml-2.0/xml_saml2.h:
+ this header file reference all saml-2.0 elements
+
+ Core: Remove include of lasso.h in registry.h
+ * lasso/registry.h:
+ include of lasso.h is useless, replace by including directly export.h
+ * lasso/registry.c:
+ directly include errors.h
+
+ ID-WSF: remove OFTYPE usage from header
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Docs: change the doc production and lot of other fixes
+ * lasso/Makefile.am:
+ distribute extract_sections.py
+ * docs/references/lasso/lasso.types.in: add missing class (mainly SAML2
+ and ID-WSF 1.0/2.0) from docs/references/lasso.types.in
+
+ * lasso/xml/strings.h:
+ add lots of documentation, or at least documentation template to
+ strings constants.
+ * id-ff/login.h:
+ * saml-2.0/assertion_query.h:
+ * xml/xml.h:
+ document undocumented enumerations.
+ * lasso/errors.h:
+ add proper documentation about error codes.
+ * lasso/errors.c:
+ new version of the lasso_strerror function
+ * lasso/build_strerror.py:
+ update the script that generater lasso_strerror from the
+ documentation comments.
+
+ Remove usage of OFTYPE
+
+ * lasso/id-ff/session.c:
+ * lasso/id-ff/session.h:
+ remove usage of oftype, prefer gtk-introspection annotations instead.
+ * lasso/id-wsf/data_service.h:
+ * lasso/id-wsf/data_service.c:
+ do the same.
+
+ Add a script to build lasso-sections.txt
+
+ * lasso/extract_sections.py:
+ this script parses header files and generated lasso-sections.txt
+ content for GObject class descriptions.
+
+ Add a template file for the lasso-section.txt file
+
+ * docs/references/lasso-sections.txt.in:
+ this file serves as a base for the generation of lasso-sections.txt
+
+ Update docs/references/Makefile.am for generating lasso-sections.txt
+
+ * docs/references/Makefile.am:
+ always rebuild template, using out of source build directory is too
+ weird without it.
+ call new script extract_sections.py to regenerate lasso-sections.txt
+ if header files changed.
+
+ Update lasso.sgml file with all missing sections
+
+ * docs/reference/lasso.sgml:
+ add all missing sections, mainly objects from XML schemas.
+
+ * docs/reference/lasso-sections.txt: update it
+
+ * *.c: add section documentation to some files.
+ * lasso/xml/strings.h: fix bad usage or docbook markup
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: fix makefile for generating errors.h in out of source dir build
+ * lasso/Makefile.am:
+ errors.h is expected to be in srcdir not builddir.
+
+ Bindings: for functions that must be totally skiped do it during parsing
+ * bindings/bindings.py:
+ parsing of argument type is still not advanced enough, so in order to
+ remove spurious warnings, skip function directly during parsing just
+ before the treatment of function signature.
+
+ Tests: in integration test do not set the PYTHONPATH
+ * tests/integration/saml2/__init__.py:
+ to permit using build directory different from the src directory, do
+ not force the PYTHONPATH to be relative to src dir to find lasso
+ python module.
+
+ Tests: do not hardcode PYTHONPATH in the valgrind wrapper
+ * tests/integration/valgrind-wrapper.sh: remove PYTHONPATH setting.
+
+ Tests: distribute integration tests
+ * tests/Makefile.am:
+ add integration directory to the distdir.
+
+ Core: Use automake-1.11 when possible
+ * Makefile.am:
+ use new automake-1.11 silent rules if possible
+ move macros to m4 directory
+ * m4/gtk-doc.m4:
+ add gtk-doc macros.
+ * lasso/Makefile.am:
+ add missing -f flag to rm, to unbreak make distcheck
+ * docs/references/Makefile.am:
+ fix problem between libtool and gtk-doc
+ * autogen.sh:
+ update to autogen.sh from gtk-doc, add support for automake-1.11
+
+ Tests: Add data files to EXTRA_DIST
+ * tests/data/Makefile.am:
+ data file for tests2 were missing (to pass distcheck).
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ XML: remove all useless instance_init functions
+ * Use Coccinelle semantic patch tool (http://coccinelle.lip6.fr/) to
+ remove useless instance_init functions, the first patch applied was:
+ @@
+ type T,V;
+ identifier I, J;
+ parameter list P;
+ expression E1;
+ @@
+
+ V instance_init(T node)
+ {
+ <...
+ (
+ - E1 = 0;
+ |
+ - E1 = NULL;
+ |
+ - E1 = FALSE;
+ )
+ ...>
+ }
+ It removes useless initialization to 0 (GObject already zeroes
+ allocated objects).
+ The second one is:
+ @ rule1 @
+ type T;
+ identifier node,fn;
+ @@
+
+ - static void fn(T *node) { }
+
+ @ rule2 extends rule1 @
+ typedef GType, GInstanceInitFunc;
+ identifier type_constructor;
+ @@
+ GType type_constructor()
+ {
+ <...
+ - (GInstanceInitFunc)fn
+ + NULL
+ ...>
+ }
+ It removes empty instance_init functions.
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ sb2:TargetIdentity can have a content
+ * lasso/xml/id-wsf-2.0/sb2_target_identity.c:
+ * lasso/xml/id-wsf-2.0/sb2_target_identity.h:
+ add support for any content.
+
+ All: Rework include files handling, separated ID-WSF code from SAML2/ID-FF code
+ * nearly all C files: change includes for relative paths.
+ * lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
+ public include files for ID-WSF 1.0 and ID-WSF 2.0.
+ * lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
+ remove most of the code related to ID-WSF and push into
+ lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
+ lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
+ * lasso/id-wsf-2.0/saml2_login.c,
+ lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
+ 2.0 support in SAML2 SSO profile.
+
+ Bindings: skip ID-WSF methods with unsupported signatures
+ * bindings/overrides.xml:
+ some functions have output parameters (pointer on pointers) that are
+ currently not supported by our binding generator, so we skip them.
+
+ SWIG: unplug id-wsf support in SWIG
+ * swig/Lasso.i:
+ force LASSO_WSF_ENABLED to be undefined.
+
+ Tests: allow tests2 to pass distcheck
+ * tests/Makefile.am
+ add an SRCDIR symbol.
+ remove unused include paths.
+ * tests/tests2.c:
+ use SRCDIR to find data files.
+
+ Tests: remove internal content from data files
+ * tests/data/response-3:
+ this dump of a SAML message contains elements and attribute outside
+ the SAML schema, implementation detail from Lasso. They broke
+ execution of tests/tests2.
+
+ XML&SAML 2.0: add missing include files
+ * lasso/xml/saml-2.0/saml2_encrypted_element.h:
+ xmlSecKey is present in a function signature, so include
+ xmlsec/xmlsec.h.
+
+ SWIG: implement change to LassoSession in the SWIG interface file
+ * swig/Lasso.i:
+ remove LassoSession::is_dirty attribute and rewrite the
+ getProviderIds function.
+
+ XML: only recurse into xml/id-wsf subdirs if --enable-wsf is true
+ * lasso/xml/Makefile.am:
+ put id-wsf and id-wsf2 subdirs under a conditionnal.
+
+ ID-WSF 1.0: remove absent header file from the Makefile.am
+ * lasso/id-wsf/Makefile.am:
+ remove data_service_private.h from header file list.
+
+ Core: SOAP is also used by SAML bindings
+ * extract_symbols.py, extract_types.py:
+ export SOAP types whatever the value of the flag --enable-wsf.
+ It still worked because constructor for GObject calls get_type, but
+ there is a race condition: if you receive a SOAP message before
+ sending one, it fails. Only soap_binding types must be removed.
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-FF&Core: Seal public field of LassoSession
+ * id-ff/session.h: seal public fields.
+
+ * id-ff/session.c, id-ff/sessionprivate.h: add accessors for reading
+ the is_dirty flag and counting store assertions.
+
+ * id-ff/logout.c, id-ff/login.c, saml-2.0/login.c, saml-2.0/logout.c,
+ saml-2.0/profile.c: use the new accessors.
+
+ * id-ff/profile.c: include the private header file, use the new
+ accessors, and remove unnecessary setting of is_dirty to FALSE (it
+ should be false at instanciation).
+
+ * utils.h: add a macro to access private content, prepare for using
+ G_TYPE_INSTANCE_GET_PRIVATE and the GObject infrastructure for
+ private structures eventually.
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-WSF 2.0: remove unused variable
+ - lasso/id-wsf-2.0/discovery.c: remove unused variable in discovery.c
+
+ Core: fix bad name of lasso_unlink_and_release_node
+ * lasso/utils.h:
+ - rename lasso_unlink_and_release_node to
+ lasso_release_list_of_xml_node.
+ - add a GList iteration macro: lasso_foreach.
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ ID-WSF: Lots of modifications
+ Migrate lots of code to use new utility macros. Try to simplify most
+ code paths or to factorize with LassoWsfProfile.
+
+ * lasso/id-wsf/wsf_profile.c:
+ Add API:
+ - lasso_wsf_profile_build_soap_response_msg to build SOAP fault for
+ Lasso errors,
+ - lasso_wsf_profile_set_msg_url_from_description, to set the
+ destination URL using the chosen LassoDiscoDescription (with
+ respect to the security mechanism),
+ - lasso_wsf_profile_init_soap_response to initialize a response to
+ the current request, to use in sub classes,
+ - lasso_wsf_profile_get_remote_provider_id, retrieve the SOAP
+ binding corresponding information,
+ - lasso_wsf_profile_get_remote_provider, simplification of
+ lasso_wsf_profile_get_remote_provider_id,
+ - lasso_wsf_profile_get_soap_fault, retrieve the last setted SOAP
+ fault, used by sub classes,
+ - lasso_wsf_profile_set_soap_fault, set a SOAP fault, to be returned
+ by the next call by lasso_wsf_profile_build_soap_response_msg, to
+ use in sub classes,
+ - lasso_wsf_profile_set/get_status_code, set/get the stored status
+ code, to use in the next lasso_xxx_build_response_message, to use
+ in sub classes.
+ Change name lasso_wsf_profile_get_description_autos to
+ lasso_wsf_profile_get_description_auto.
+ Do not access directly the session is_dirty field (it has been
+ sealed).
+
+ * lasso/id-wsf/wsf_profile.h:
+ Add helper macro lasso_wsf_profile_helper_set_status to set status
+ code of an ID-WSF response message containing a Status element using
+ the stored status code.
+ * lasso/id-wsf/wsf_profile_private.h:
+ Add new fields (moved public fields).
+ Add lasso_wsf_profile_set_msg_url_from_description,
+ lasso_wsf_profile_build_soap_fault_response_msg.
+ * lasso/id-wsf/data_service_private.h:
+ Remove file.
+ * lasso/id-wsf/data_service.h: Remove all public fields.
+ * lasso/id-wsf/data_service.c:
+ Remove private structure. Use the equivalents LassoWsfProfile private
+ fields. Update documentation. Use LassoWsfProfile generic functions
+ for initializing requests. Add API lasso_data_service_get_query_item,
+ lasso_data_service_get_answers, lasso_data_service_get_answer,
+ lasso_data_service_get_answers_by_select,
+ lasso_data_service_get_answer_for_item_id,
+ lasso_data_service_add_modification.
+ Remove lasso_data_service_need_redirect_user use equivalent function
+ lasso_interaction_profile_service_build_redirect_response_msg. Remove
+ lasso_data_service_get_resource_offering,
+ lasso_data_service_set_offering.
+ * lasso/id-wsf/discovery.c:
+ Add documentation. Change some signatures. Remove
+ lasso_discovery_get_description_auto. Change name of
+ lasso_discovery_init_insert to lasso_discovery_init_modify. Add a
+ generic lasso_discovery_process_request_msg.
+ Add internal function lasso_discovery_init_offering, to get
+ automatically an offering if possible. Remove useless init_from_xml.
+ Rework lasso_discovery_build_credential implementation.
+ overloading. Remove lasso_discovery_destroy.
+ * lasso/id-wsf/discovery.h:
+ Remove lasso_discovery_destroy.
+ * lasso/id-wsf/interaction_profile_service.c:
+ Add lasso_interaction_profile_service_build_redirect_response_msg.
+ * lasso/id-wsf/personal_profile_service.c:
+ Update lasso_personal_profile_service_get_email to use
+ lasso_data_service_get_answers_by_select.
+ * lasso/xml/dst_modify.c:
+ make modification parameter optional to the constructor.
+
+2009-08-26 Benjamin Dauvergne <bdauvergne@entrouvert.com>
+
+ Core: Add new error types
+ * lasso/errors.h lasso/errors.c:
+ add error types: LASSO_ERROR_CAST_FAILED,
+ LASSO_DATA_SERVICE_CANNOT_ADD_ITEM,
+ LASSO_WSF_PROFILE_ERROR_INVALID_OR_MISSING_REFERENCE_TO_MESSAGE_ID,
+ LASSO_DST_ERROR_QUERY_NOT_FOUND, LASSO_DST_ERROR_NO_DATA,
+ LASSO_DST_ERROR_MALFORMED_QUERY.
+
+ XML: Add time formatting function for ISO 8601 format
+ * xml/private.h:
+ * xml/tools.c:
+ add util function to format time_t values in the ISO 8601 format.
+
+ XML: Add any attribute parsing to Saml2AttributeValue
+ * xml/saml-2.0/saml2_attribute_value.h:
+ add new public field GHashTable *attributes;
+ * xml/saml-2.0/saml2_attribute_value.c:
+ add parsing instructions to populate attributes field.
+
+ XML: add documentation for lasso_eval_xpath_expression
+ * lasso/xml/tools.c: add documentation for xpath helper evaluation
+ function lasso_eval_xpath_expression.
-2008-08-01 14:07 bdauvergne
+ XML: add string constant for client soap errors
+ * lasso/xml/strings.h: add new string constant
+ LASSO_SOAP_FAULT_CODE_CLIENT.
- * lasso/id-wsf/wsf_profile.c: Revert " * remove body->id and
- correlation->id setup, no need to set id on everything."
-
- This reverts commit 832f127760dc074336400531a99f3a03574ffe13.
+ XML: add documentation for lasso_idwsf2_disco_svc_md_register_new_full
+ * lasso/xml/id-wsf-2.0/disco_svc_md_register.c: add documentation
+ for constructor function lasso_idwsf2_disco_svc_md_register_new_full.
-2008-08-01 14:07 bdauvergne
+ ID-WSF 1.0: Add new error to signal unknown entry
+ * lasso/errors.{c,h}: add a new error for the ID-WSF 1.0 module, to
+ signal unknown entry in discovery responses.
- * lasso/xml/private.h, lasso/xml/tools.c: add function to load a
- public key from anything
+ SWIG Binding: reflect changes in the signature of struct LassoIdWsfDiscovery
+ * swig/Lasso-wsf2.i (LassoIdWsfDiscovery):
+ add new fields metadatas and svcMDIDS, remove old ones (metadata
+ and svcMDID).
+
+ ID-WSF 1.0: fix off-by one ref counting error in lasso_wsf_profile_init_soap_request
+ * lasso/id-wsf/wsf_profile.c (lasso_wsf_profile_init_soap_request):
+ envelope is an argument, increment its ref count
+ before storing it.
+
+ ID-WSF 1.0: improve error recovery in lasso_wsf_profile_comply_with_saml_authentication
+ * lasso/id-wsf/wsf_profile.c
+ (lasso_wsf_profile_comply_with_saml_authentication):
+ reuse existing wsse-security element if present,
+ remove useless comments, move core code after argument type checks,
+ return error if enveloppe or header is missing,
+ fail if any referenced assertion is missing,
+ correctly handle reference count of wsse_security depending on
+ the situation (new or reused).
+
+ ID-WSF 1.0: fix memory leak
+ * lasso/id-wsf/discovery.c (lasso_discovery_add_insert_entry):
+ the rule is that callee is responsible for becoming owner of a resource,
+ so no g_object_ref before a call on an argument.
+
+ ID-WSF 2.0: publicize lasso_idwsf2_profile_build_soap_envelope
+ * lasso/id-wsf-2.0/profile.c, lasso/id-wsf-2.0/profile.h
+ (lasso_idwsf2_profile_build_soap_envelope):
+ as for ID-WSF 1.0 export this function to allow easier implementation
+ of external ID-WSF 2.0 services. remove FIXME comment and fill
+ equivalent bugzilla reports.
+
+ ID-WSF 2.0: review lasso_idwsf2_discovery_process_metadata_register_response_msg
+ * lasso/id-wsf-2.0/discovery.c
+ (lasso_idwsf2_discovery_process_metadata_register_response_msg):
+ change return code variable to rc, move argument casting after argument
+ type check, copy all the service metadata ids,
+
+ ID-WSF 2.0: review lasso_idwsf2_discovery_process_metadata_register_msg
+ * lasso/id-wsf-2.0/discovery.c
+ (lasso_idwsf2_discovery_init_metadata_register):
+ add documentation comment, move argument casting after type checking,
+ change return code name to rc to comply with standardisation,
+ use lasso_build_unique_id instead of duplicating the code,
+ add iteration over all the registered service, add iteration
+ to return all the generated service metadata ids, use new assignment
+ macros.
+ * lasso/id-wsf-2.0/discovery.h (struct _LassoIdWsf2Discovery):
+ change field LassoIdWsf2DiscoSvcMetadata metadata to GList* metadatas
+ and gchar *svcMDID to GList *svcMDIDs in order to support multiple
+ services in requests.
+
+ ID-WSF 2.0: review lasso_idwsf2_discovery_metadata_register_self
+ * lasso/id-wsf-2.0/discovery.c
+ (lasso_idwsf2_discovery_metadata_register_self):
+ Add documentation, add code for getting the service URL.
+
+ ID-WSF 2.0: add documentation to lasso_idwsf2_discovery_register_self
+ * lasso/id-wsf-2.0/discovery.c (lasso_idwsf2_discovery_register_self)
+ move casting after argument type check, simplify code by using
+ lasso_build_unique_id, remove useless comments
+
+ ID-WSF 2.0: simplify gobject boilerplate
+ * lasso/id-wsf-2.0/discovery.c: (get_xmlNode, instance_init, class_init)
+ remove useless method get_xmlNode, remove use