entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'hotfixes-2.3.4'

This commit is contained in:
Benjamin Dauvergne 2010-10-11 09:54:26 +02:00
parent 36b7baf9e8 c36d6a90dd
commit f6d5a8fe40
4 changed files with 65 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -7,7 +7,7 @@ NEWS
14 commits, 10 files changed, 199 insertions, 49 deletions
Generic
* fix warning for compiling on pardus and EL5
* fix warning for compiling on Pardus and EL5
* the release tarball now contains the figures for the documentation
* lasso_login_process_authn_request documentation gained details on returned errors

4
lasso/id-ff/provider.c
View File

@ -145,8 +145,10 @@ lasso_provider_get_assertion_consumer_service_url(LassoProvider *provider, const
char *name = NULL;
char *assertion_consumer_service_url = NULL;
g_return_val_if_fail(LASSO_IS_PROVIDER(provider), NULL);
if (provider->private_data->conformance == LASSO_PROTOCOL_SAML_2_0) {
int sid = -1;
long sid = -1;
if (service_id != NULL) {
if (lasso_string_to_xsd_integer(service_id, &sid)) {
if (sid < 0) {

5
lasso/saml-2.0/profile.c
View File

@ -1513,6 +1513,7 @@ cleanup:
gint
lasso_profile_saml20_setup_message_signature(LassoProfile *profile, LassoNode *request_or_response)
{
LassoSignatureMethod sign_method;
lasso_bad_param(PROFILE, profile);
switch (lasso_profile_get_signature_hint(profile)) {
@ -1544,7 +1545,7 @@ lasso_profile_saml20_setup_message_signature(LassoProfile *profile, LassoNode *r
} else {
request->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE;
}
request->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
request->sign_method = profile->server->signature_method;
lasso_assign_string(request->private_key_file,
profile->server->private_key);
lasso_assign_string(request->certificate_file,
@ -1562,7 +1563,7 @@ lasso_profile_saml20_setup_message_signature(LassoProfile *profile, LassoNode *r
} else {
response->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE;
}
response->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
response->sign_method = profile->server->signature_method;
lasso_assign_string(response->private_key_file,
profile->server->private_key);
lasso_assign_string(response->certificate_file,

59
tests/non_regression_tests.c
View File

@ -32,6 +32,7 @@
#include <../lasso/xml/lib_authentication_statement.h>
#include <../lasso/xml/saml_name_identifier.h>
#include <../lasso/xml/samlp_response.h>
#include <../lasso/id-ff/provider.h>
#include "../lasso/utils.h"
@ -81,11 +82,67 @@ Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\"\n\
}
END_TEST
START_TEST(indexed_endpoints_20101008)
{
LassoProvider *provider = NULL;
char *meta01 = "<md:EntityDescriptor entityID=\"google.com\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\" Location=\"wrong\" index=\"1\" />\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"ok\" index=\"0\" />\n\
</SPSSODescriptor>\n\
</md:EntityDescriptor>\n";
char *meta02 = "<md:EntityDescriptor entityID=\"google.com\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"wrong\" index=\"0\" isDefault=\"false\" />\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\" Location=\"ok\" index=\"1\" />\n\
</SPSSODescriptor>\n\
</md:EntityDescriptor>\n";
char *meta03 = "<md:EntityDescriptor entityID=\"google.com\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\" Location=\"wrong\" index=\"0\" isDefault=\"false\" />\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"ok\" index=\"1\" />\n\
</SPSSODescriptor>\n\
</md:EntityDescriptor>\n";
char *meta04 = "<md:EntityDescriptor entityID=\"google.com\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\" Location=\"wrong\" index=\"0\" />\n\
<AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"ok\" index=\"1\" isDefault=\"true\" />\n\
</SPSSODescriptor>\n\
</md:EntityDescriptor>\n";
provider = lasso_provider_new_from_buffer(LASSO_PROVIDER_ROLE_SP, meta01, NULL, NULL);
check_not_null(provider);
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, NULL), "ok");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "0"), "ok");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "1"), "wrong");
lasso_release_gobject(provider);
provider = lasso_provider_new_from_buffer(LASSO_PROVIDER_ROLE_SP, meta02, NULL, NULL);
check_not_null(provider);
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, NULL), "ok");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "0"), "wrong");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "1"), "ok");
lasso_release_gobject(provider);
provider = lasso_provider_new_from_buffer(LASSO_PROVIDER_ROLE_SP, meta03, NULL, NULL);
check_not_null(provider);
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, NULL), "ok");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "0"), "wrong");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "1"), "ok");
lasso_release_gobject(provider);
provider = lasso_provider_new_from_buffer(LASSO_PROVIDER_ROLE_SP, meta04, NULL, NULL);
check_not_null(provider);
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, NULL), "ok");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "0"), "wrong");
check_str_equals(lasso_provider_get_assertion_consumer_service_url(provider, "1"), "ok");
lasso_release_gobject(provider);
}
END_TEST
struct {
char *name;
void *function;
} tests[] = {
{ "Googleapps error from coudot@ on 27-09-2010", test01_googleapps_27092010}
{ "Googleapps error from coudot@ on 27-09-2010", test01_googleapps_27092010},
{ "Wrong assertionConsumer ordering on 08-10-2010", indexed_endpoints_20101008}
};
Suite*