If name_id s unconditonally dereferenced in the cleanup code.
If it is not initialized it may cause segfaults or other misbehaviors.
License: MIT
Signed-off-by: Simo Sorce <simo@redhat.com>
Instad of referring to an old FSF address, point the reader to the FSF
website where the latest licenses and addresses are published.
Signed-off-by: Simo Sorce <simo@redhat.com>
Libxml stopped exposing the internal of the xmlOutputBuffer structure;
it was replace by proper use of the API and of the xmlBuffer structure.
There could be regression for older version of libxml as some functions
appeared in recent version of libxml; but the reference API document
does not give any introduction date for functions so it's hard to be
sure.
Identity, Lecp, Login, Logout, NameIdentifierMapping, NameRegistration,
Session, AssertionQuery, Ecp and NameIdManagement objects were missing a
namespace association to their GObject class. It broke when you try to
dump a node created by lasso_node_new_from_dump.
* lasso/id-ff/provider.c:
fix lasso_provider_get_base64_succinct_id, it returned a libxml
string, copy it with g_strdup before releasing it to stay with GLib
allocated string in return values.
* provider.c:
add annotation for nullable arguments (necessary for bindings of
new_from_buffer).
* server.c: add annotations, allow to set encryption_private_key from
buffers
* lasso/xml/saml_advice.c lasso/xml/saml_advice.h:
restore fields AssertionIDReference and Assertion, remove field any
to restore state from 2.2.1
* lasso/id-ff/session.c:
use xmlNode stored inside LassoSamlAssertion objects instead of
accessing the 'any' list of xmlNode that was inserted in
LassoSamlAdvice.
* lasso/id-ff/session.c:
* lasso/id-ff/session.h:
* lasso/id-ff/sessionprivate.h:
unseal session->is_dirty and session->assertions, remove the mirror
version in the private data structure, and restore direct acces by
methods.
move the "private" comment before those two fields to hide them in
the gtk-doc reference manual, normal access should be done by
get_assertion and is_dirty methods.
* lasso/Makefile.am:
distribute extract_sections.py
* docs/references/lasso/lasso.types.in: add missing class (mainly SAML2
and ID-WSF 1.0/2.0) from docs/references/lasso.types.in
* lasso/xml/strings.h:
add lots of documentation, or at least documentation template to
strings constants.
* id-ff/login.h:
* saml-2.0/assertion_query.h:
* xml/xml.h:
document undocumented enumerations.
* lasso/errors.h:
add proper documentation about error codes.
* lasso/errors.c:
new version of the lasso_strerror function
* lasso/build_strerror.py:
update the script that generater lasso_strerror from the
documentation comments.
Remove usage of OFTYPE
* lasso/id-ff/session.c:
* lasso/id-ff/session.h:
remove usage of oftype, prefer gtk-introspection annotations instead.
* lasso/id-wsf/data_service.h:
* lasso/id-wsf/data_service.c:
do the same.
Add a script to build lasso-sections.txt
* lasso/extract_sections.py:
this script parses header files and generated lasso-sections.txt
content for GObject class descriptions.
Add a template file for the lasso-section.txt file
* docs/references/lasso-sections.txt.in:
this file serves as a base for the generation of lasso-sections.txt
Update docs/references/Makefile.am for generating lasso-sections.txt
* docs/references/Makefile.am:
always rebuild template, using out of source build directory is too
weird without it.
call new script extract_sections.py to regenerate lasso-sections.txt
if header files changed.
Update lasso.sgml file with all missing sections
* docs/reference/lasso.sgml:
add all missing sections, mainly objects from XML schemas.
* docs/reference/lasso-sections.txt: update it
* *.c: add section documentation to some files.
* lasso/xml/strings.h: fix bad usage or docbook markup
* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
* id-ff/session.h: seal public fields.
* id-ff/session.c, id-ff/sessionprivate.h: add accessors for reading
the is_dirty flag and counting store assertions.
* id-ff/logout.c, id-ff/login.c, saml-2.0/login.c, saml-2.0/logout.c,
saml-2.0/profile.c: use the new accessors.
* id-ff/profile.c: include the private header file, use the new
accessors, and remove unnecessary setting of is_dirty to FALSE (it
should be false at instanciation).
* utils.h: add a macro to access private content, prepare for using
G_TYPE_INSTANCE_GET_PRIVATE and the GObject infrastructure for
private structures eventually.
* lasso/utils.h:
change 'goto exit' for 'goto cleanup'. rename all goto_exit macros to
goto_cleanup_. rename goto_cleanup_if_fail to
goto_cleanup_if_fail_with_rc and add a
goto_cleanup_if_fail for function which do not return an integer
value. add documentation for goto_cleanup macro family.
* lasso/id-ff/login.c:
* lasso/id-ff/provider.c:
* lasso/id-ff/server.c:
* lasso/id-ff/session.c:
* lasso/id-wsf/discovery.c:
* lasso/id-wsf/wsf_profile.c:
* lasso/saml-2.0/profile.c:
* lasso/utils.h:
* lasso/xml/lib_logout_request.c:
* lasso/xml/tools.c:
* lasso/xml/xml.c:
update name of goto_exit_if_fail macros. rename 'exit' labels to
'cleanup'.
* lasso/id-ff/provider.c:
* lasso/id-ff/server.c:
* lasso/id-ff/session.c:
use macros to release previous value when necessary,
release object used as parameters to constructors,
free the encryption key associated with a provider,
release the key manager created for a saml signature
verification.
* lots of files: Explicitely set all field of initialized structures,
in order to remove -Wno-missing-field-initilizers from needed
compiler options when using -Wall -Wextra.
- remove unused parameter from private function signatures
- remove unused variable
- initialize variable potentially accessed uninitialized
- add G_GNUC_UNUSED if function is public or adhering to an interface, and a
parameter is unused.
- if ID-WSF is not compiled in, define stubs with G_GNUC_UNUSED on parameters.
The goal is to compile with -Werror.
the DiscoService support a security mechanism needing one. Anyway the
generation of Credentials is broken.
* lasso/id-ff/session.c: add treatment of saml:Advice on newly added
Assertions, keep the transmitted assertions inside the session indexed by their
AssertionID.
* lasso/xml/saml_advice.{c,h}: change content to SNIPPET_LIST_XMLNODES.
lasso_session_add_assertion_with_id(session, id, assertion)
and
lasso_session_get_assertion_by_id(session, id)
Add to lasso_session_add_assertion a call to add_assertion_with_id,
to index all assertions into the index by id.
Benjamin Dauvergne
Simo Sorce
Damien Laniel