add a pem-public-key runtime flag
We want to deprecate support for loading PEM formatted key from ds:KeyValue nodes, before final removal it will have to be activated through a runtime flag (using LASSO_FLAG environment variable).
This commit is contained in:
parent
760eb947ab
commit
81a628202d
|
@ -37,6 +37,7 @@ LASSO_EXPORT extern gboolean lasso_flag_strict_checking;
|
|||
LASSO_EXPORT extern gboolean lasso_flag_add_signature;
|
||||
LASSO_EXPORT extern gboolean lasso_flag_sign_messages;
|
||||
LASSO_EXPORT extern gboolean lasso_flag_thin_sessions;
|
||||
LASSO_EXPORT extern gboolean lasso_flag_pem_public_key;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
* <entry><literal>no-sign-messages</literal></entry>
|
||||
* <entry><para>Disable signatures on messages.</para></entry>
|
||||
* </rows>
|
||||
* <rows>
|
||||
* <entry><literal>pem-public-key</literal></entry>
|
||||
* <entry><para>Allow PEM key in ds:KeyValue nodes, it's outside the XMLSig specification.</para></entry>
|
||||
* </rows>
|
||||
* </tbody>
|
||||
* </tgroup>
|
||||
* </informaltable>
|
||||
|
@ -97,6 +101,8 @@ static void lasso_flag_parse_environment_variable();
|
|||
gboolean lasso_flag_sign_messages = TRUE;
|
||||
/* thin sessions */
|
||||
gboolean lasso_flag_thin_sessions = FALSE;
|
||||
/* PEM public key */
|
||||
gboolean lasso_flag_pem_public_key = FALSE;
|
||||
|
||||
#ifndef LASSO_FLAG_ENV_VAR
|
||||
#define LASSO_FLAG_ENV_VAR "LASSO_FLAG"
|
||||
|
@ -329,6 +335,9 @@ void lasso_set_flag(char *flag) {
|
|||
if (lasso_strisequal(flag,"thin-sessions")) {
|
||||
lasso_flag_thin_sessions = value;
|
||||
}
|
||||
if (lasso_strisequal(flag,"pem-public-key")) {
|
||||
lasso_flag_pem_public_key = value;
|
||||
}
|
||||
} while (FALSE);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue