Merge branch 'hotfixes-2.3.4'
Conflicts: lasso/xml/xml.c website/web/download/index.xml website/web/index.xml
This commit is contained in:
commit
36b7baf9e8
22
NEWS
22
NEWS
|
@ -1,6 +1,28 @@
|
|||
NEWS
|
||||
====
|
||||
|
||||
2.3.4 - Otober 8th 2010
|
||||
-----------------------
|
||||
|
||||
14 commits, 10 files changed, 199 insertions, 49 deletions
|
||||
|
||||
Generic
|
||||
* fix warning for compiling on pardus and EL5
|
||||
* the release tarball now contains the figures for the documentation
|
||||
* lasso_login_process_authn_request documentation gained details on returned errors
|
||||
|
||||
SAMLv2:
|
||||
* report unknown provider instead an error on parameter value when resolving
|
||||
and artifact in an assertionConsumer endpoint and the provider is not
|
||||
registered into the server object.
|
||||
* lasso_provider_get_assertion_consumer_url now use specific SAMLv2 methods
|
||||
* fixed a bug in the ordering of indexed endpoints which produced error when
|
||||
looking up the defualt assertion consumer. It also improved ordering in
|
||||
presence of the attribute isDefault="false".
|
||||
|
||||
ID-FFv1.2:
|
||||
* respect the signature verify hint when handling authn requests
|
||||
|
||||
2.3.3 - October 1st 2010
|
||||
------------------------
|
||||
|
||||
|
|
|
@ -49,4 +49,5 @@ slo-sp-soap-4.svg: slo-sp-soap.svg step.xsl
|
|||
slo-sp-soap-5.svg: slo-sp-soap.svg step.xsl
|
||||
slo-sp-soap-6.svg: slo-sp-soap.svg step.xsl
|
||||
|
||||
EXTRA_DIST = step.xsl sso-brws-art.svg sso-brws-post.svg slo-sp-soap.svg
|
||||
EXTRA_DIST = step.xsl sso-brws-art.svg sso-brws-post.svg slo-sp-soap.svg \
|
||||
$(FIGURES_PNG_FILES) $(GENERATED_FIGURES_SVG_FILES)
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
</SVNRepository>
|
||||
</repository>
|
||||
<release>
|
||||
<Version>
|
||||
<created>2010-10-08</created>
|
||||
<revision>2.3.4</revision>
|
||||
</Version>
|
||||
<Version>
|
||||
<created>2010-10-01</created>
|
||||
<revision>2.3.3</revision>
|
||||
|
|
|
@ -145,6 +145,18 @@ lasso_provider_get_assertion_consumer_service_url(LassoProvider *provider, const
|
|||
char *name = NULL;
|
||||
char *assertion_consumer_service_url = NULL;
|
||||
|
||||
if (provider->private_data->conformance == LASSO_PROTOCOL_SAML_2_0) {
|
||||
int sid = -1;
|
||||
if (service_id != NULL) {
|
||||
if (lasso_string_to_xsd_integer(service_id, &sid)) {
|
||||
if (sid < 0) {
|
||||
sid = -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
return lasso_saml20_provider_get_assertion_consumer_service_url(provider, sid);
|
||||
}
|
||||
|
||||
if (service_id == NULL)
|
||||
service_id = provider->private_data->default_assertion_consumer;
|
||||
name = g_strdup_printf("AssertionConsumerServiceURL %s", service_id);
|
||||
|
|
|
@ -345,6 +345,7 @@ lasso_saml20_profile_process_artifact_resolve(LassoProfile *profile, const char
|
|||
{
|
||||
LassoProvider *remote_provider;
|
||||
int rc = 0;
|
||||
LassoProfileSignatureVerifyHint sig_verify_hint;
|
||||
|
||||
/* FIXME: parse only one time the message, reuse the parsed document for signature
|
||||
* validation */
|
||||
|
@ -355,13 +356,21 @@ lasso_saml20_profile_process_artifact_resolve(LassoProfile *profile, const char
|
|||
if (! LASSO_IS_SAMLP2_ARTIFACT_RESOLVE(profile->request)) {
|
||||
return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
|
||||
}
|
||||
lasso_assign_string(profile->private_data->artifact,
|
||||
LASSO_SAMLP2_ARTIFACT_RESOLVE(profile->request)->Artifact);
|
||||
|
||||
sig_verify_hint = lasso_profile_get_signature_verify_hint(profile);
|
||||
|
||||
lasso_assign_string(profile->remote_providerID, LASSO_SAMLP2_REQUEST_ABSTRACT(
|
||||
profile->request)->Issuer->content);
|
||||
remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
|
||||
|
||||
profile->signature_status = lasso_provider_verify_signature(remote_provider, msg, "ID",
|
||||
LASSO_MESSAGE_FORMAT_SOAP);
|
||||
goto_cleanup_if_fail_with_rc(remote_provider, LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER);
|
||||
|
||||
if (sig_verify_hint != LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE) {
|
||||
profile->signature_status = lasso_provider_verify_signature(remote_provider, msg, "ID",
|
||||
LASSO_MESSAGE_FORMAT_SOAP);
|
||||
}
|
||||
|
||||
switch (lasso_profile_get_signature_verify_hint(profile)) {
|
||||
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||||
|
@ -374,9 +383,7 @@ lasso_saml20_profile_process_artifact_resolve(LassoProfile *profile, const char
|
|||
break;
|
||||
}
|
||||
|
||||
lasso_assign_string(profile->private_data->artifact,
|
||||
LASSO_SAMLP2_ARTIFACT_RESOLVE(profile->request)->Artifact);
|
||||
|
||||
cleanup:
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
|
|
@ -692,7 +692,7 @@ lasso_saml20_provider_get_assertion_consumer_service_url_by_binding(LassoProvide
|
|||
lasso_strisequal(endpoint_type->kind,kind) &&
|
||||
lasso_strisequal(endpoint_type->binding,binding))
|
||||
{
|
||||
return endpoint_type->url;
|
||||
return g_strdup(endpoint_type->url);
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
|
|
|
@ -31,9 +31,12 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#define _GNU_SOURCE /* for use of strndup */
|
||||
|
||||
#include "private.h"
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <xmlsec/base64.h>
|
||||
#include <xmlsec/xmltree.h>
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
</SVNRepository>
|
||||
</repository>
|
||||
<release>
|
||||
<Version>
|
||||
<created>2010-10-08</created>
|
||||
<revision>2.3.4</revision>
|
||||
</Version>
|
||||
<Version>
|
||||
<created>2010-10-01</created>
|
||||
<revision>2.3.3</revision>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<p>
|
||||
Lasso is licensed under the GNU GPL and the latest release
|
||||
is available here as a gzipped tarball:
|
||||
<a href="https://dev.entrouvert.org/attachments/download/22/lasso-2.3.3.tar.gz">lasso-2.3.3.tar.gz</a>
|
||||
<a href="https://dev.entrouvert.org/lasso/lasso-2.3.4.tar.gz">lasso-2.3.4.tar.gz</a>
|
||||
</p>
|
||||
|
||||
<h2>Binary Downloads</h2>
|
||||
|
|
|
@ -46,10 +46,9 @@
|
|||
</p>
|
||||
|
||||
<p>
|
||||
The most recent version of Lasso is <strong>2.3.3</strong>. You can
|
||||
<a
|
||||
href="https://dev.entrouvert.org/attachments/download/22/lasso-2.3.3.tar.gz">download
|
||||
the 2.3.3 tarball here</a> or get more options on the general <a
|
||||
The most recent version of Lasso is <strong>2.3.4</strong>. You can
|
||||
<a href="https://dev.entrouvert.org/lasso/lasso-2.3.4.tar.gz">download
|
||||
the 2.3.4 tarball here</a> or get more options on the general <a
|
||||
href="/download/">download</a> page.
|
||||
</p>
|
||||
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0"?>
|
||||
<div xmlns="http://www.w3.org/1999/xhtml">
|
||||
<h3>2010-10-08: Released 2.3.4</h3>
|
||||
|
||||
<p>
|
||||
Lasso 2.3.4 have been released.
|
||||
<a href="/download/">Download 2.3.4 now</a>
|
||||
</p>
|
||||
|
||||
<p class="changes">
|
||||
<strong>What changed ?</strong>
|
||||
Fix bug on ordering of assertionConsumer endpoints, and problem of
|
||||
compilation on Pardus and EL5 distributions.
|
||||
</p>
|
||||
|
||||
</div>
|
Loading…
Reference in New Issue