entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity
5,236 Commits 7 Branches 40 Tags 14 MiB
Commit Graph

5236 Commits

Author SHA1 Message Date
Benjamin Dauvergne 11434956dd Merge branch 'hotfixes-2.3.4' into release 2010-10-13 14:18:06 +02:00
Benjamin Dauvergne 48a7639e58 Update doap and news file 2010-10-13 12:23:21 +02:00
Benjamin Dauvergne 6003310f40 Update NEWS file 2010-10-13 12:06:02 +02:00
Benjamin Dauvergne ee9b5fbe59 [tests data request] add googleapps sample AuthnRequest 2010-10-11 18:54:32 +02:00
Benjamin Dauvergne fcad112b43 [tests] move metadata directory into data 2010-10-11 18:53:11 +02:00
Benjamin Dauvergne f2c9c44119 [tests data] add idp and sp example with 1024 bits RSA keys, for performance testing purpose 2010-10-11 18:48:17 +02:00
Benjamin Dauvergne a6d33dd5fe [tools] add a repository for semantic patches as reference 2010-10-11 18:46:39 +02:00
Benjamin Dauvergne 4320d8eda2 [tests metadata] add more examples of metadata files 2010-10-11 18:43:23 +02:00
Benjamin Dauvergne 3ba1b2b9ba [tests integration] adapt to string change in lcs/qommon/saml2.ptl 2010-10-11 18:30:53 +02:00
Benjamin Dauvergne 7d90d5e26a [SAMLv2] delete an unused local variable 2010-10-11 09:58:16 +02:00
Benjamin Dauvergne f6d5a8fe40 Merge branch 'hotfixes-2.3.4' 2010-10-11 09:54:26 +02:00
Benjamin Dauvergne c36d6a90dd [SAMLv2] user server->signature_method when signing request and response 2010-10-09 17:55:31 +02:00
Benjamin Dauvergne 6a8552a04d [tests] add non regression test on assertion consumer endpoints ordering 2010-10-09 17:53:00 +02:00
Benjamin Dauvergne 4ebb7067a0 [core] check type of first argument of lasso_provider_get_assertion_consumer_url 2010-10-09 15:51:23 +02:00
Benjamin Dauvergne 15781d1960 fix pardus capitalisation in NEWS file 2010-10-08 19:18:30 +02:00
Benjamin Dauvergne 36b7baf9e8 Merge branch 'hotfixes-2.3.4' 
Conflicts:
	lasso/xml/xml.c
	website/web/download/index.xml
	website/web/index.xml
 2010-10-08 19:17:39 +02:00
Benjamin Dauvergne 0325ce0867 Update release notes and website for release 2.3.4 2010-10-08 18:34:19 +02:00
Benjamin Dauvergne 758fe88dad [xml] fix waring on use of strndup on pardus 2010-10-08 14:10:26 +02:00
Jérôme Schneider 270f1743f0 Add missing include <errno.h> 2010-10-08 14:10:02 +02:00
Benjamin Dauvergne 3872f17fcd [SAMLv2] handle unknown provider in artifact resolve, and also alow to ignore signature validation 
In lasso_saml20_profile_process_artifact_resolve, we know take a short
path with an error when the remote provider is unknown and we also
respect the lasso_profile_get_signature_verify_hint() when checking the
signature on the artifact resolve message.
 2010-10-07 18:48:28 +02:00
Benjamin Dauvergne 4bf2a6c0c0 [SAMLv2] fix bad double free bug in lasso_saml20_provider_get_assertion_consumer_service_url_by_binding 2010-10-07 18:39:06 +02:00
Benjamin Dauvergne 6b2a21d116 [core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2 2010-10-07 18:38:21 +02:00
Benjamin Dauvergne 3e87282db3 [docs lasso-book] add figures to the tarball 2010-10-06 18:43:57 +02:00
Jérôme Schneider a73d193d9f Add missing include <errno.h> 2010-10-06 17:37:37 +02:00
Benjamin Dauvergne f5b88c854a Merge branch 'hotfixes-2.3.4' 2010-10-06 17:02:31 +02:00
Benjamin Dauvergne 21d61b5ba6 [configure.ac] increment version and libtool version info 2010-10-06 17:02:18 +02:00
Benjamin Dauvergne 5d56e4558e [ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler behaviour for checking signatures 
There is two sources of advice for signature checking:
AuthnRequestsSigned attribute in service provider metadata files and
value of lasso_profile_get_signature_verify_hint().

If lasso_profile_get_signature_verify_hint() forbid to check signature,
we do not check.
If the SP advise to check signature, we check.
If lasso_profile_get_signature_verify_hint() forces to check signature,
we do not check.
In all other cases we only check if a signature is present, i.e. we
ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 58a3868361 [ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 7a27400a87 [SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequest 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 6be8d9cfa8 [SAMLv2&ID-FFv1.2] improve documentation of lasso_login_process_authn_request_msg 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 06c2ec9d61 [SAMLv2] fix ordering of endpoints 
Ordering by binding is wrong, first order by isDefault (as stated in
saml-metadata-2.0.pdf) then by index.
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne 3d1d90ee31 [Core] change isdefault type in EndpointType structure 
As integer we can represent the three value of isdefault:
- true
- false
- attribute absent
 2010-10-06 17:00:52 +02:00
Benjamin Dauvergne e2611e16d6 [docs] update copyright years 2010-10-06 17:00:18 +02:00
Frédéric Péters ece66aa477 [website] "Subversion Status" -> "Git Status" 2010-10-05 09:53:34 +02:00
Frédéric Péters d46f8caccb [website] Only keep two latest news items 2010-10-05 08:31:57 +02:00
Frédéric Péters 2f1e68eeb3 [website] Fixed 2.3.3 release date 2010-10-05 08:31:27 +02:00
Frédéric Péters fb76faab79 [website] Update right download box for 2.3.3 2010-10-05 08:31:20 +02:00
Frédéric Péters ff409f8d7e [website] Don't duplicate link to git repository in link text 2010-10-05 08:31:13 +02:00
Frédéric Péters 4e18990cd6 [website] Refer to Git in buildbox title 2010-10-05 08:31:06 +02:00
Frédéric Péters b3ad9a5eca [website] Updated copyright years 2010-10-05 08:30:53 +02:00
Benjamin Dauvergne fa5eed7c81 [Website] Fix bad date 2010-10-04 16:15:18 +02:00
Benjamin Dauvergne 644f15640b [Web] chmod +x on convert-to-static.py 2010-10-04 14:53:21 +02:00
Benjamin Dauvergne 33df188d32 [Web] update links for download v2.3.3, add lines to feature matrix 2010-10-04 14:50:30 +02:00
Benjamin Dauvergne f1c5db026b [Web] add news file about 2.3.3 2010-10-04 14:30:15 +02:00
Benjamin Dauvergne 3aaf0ca959 Merge commit 'v2.3.3' 2010-10-04 14:28:18 +02:00
Benjamin Dauvergne 0bd4c25a24 Merge branch 'hotfixes-2.3.3' into release 2010-10-01 19:13:31 +02:00
Benjamin Dauvergne 19cb0bf52b [Website] add news about 2.3.3 and update doap and main page 2010-10-01 19:11:32 +02:00
Benjamin Dauvergne a33c76aaf1 [Release] add release notes 2010-10-01 19:06:33 +02:00
Benjamin Dauvergne 86f0f6b6f2 [SAMLv2] restore setting of SubjectConfirmationData->NotOnOrAfter 
This was wrongly removed by me in commit
9d22f29e55.

This is the responsability of the caller to adjust value on the
Conditions and SubjectConfirmationData independently after.
 2010-10-01 17:44:40 +02:00
Benjamin Dauvergne d9bc35e01a [Binding java] replace use of strcmp by g_strcmp0 2010-10-01 15:29:42 +02:00