* lasso/Makefile.am:
source dependencies must refer to $(srcdir) in order to pass
distcheck, I forgot to do it in types.c and symbols.sym target
changes.
* lasso/saml-2.0/profile.c:
in lasso_saml20_profile_build_redirect_request_msg and
lasso_saml20_profile_build_redirect_response, use new function
lasso_saml20_profile_build_http_redirect.
* lasso/debug.h:
* lasso/lasso.c:
add a lasso_flag_add_signature flag variable (default to TRUE),
and parsing code to change it from LASSO_FLAG environment variable.
("env LASSO_FLAG=no-add-signature test").
* lasso/id-ff/login.c:
add condition upon checking of the InResponseTo field: checks only if
strict checking is activated as it could stop old code using Lasso
from working.
* lasso/xml/xml.c: use standardized assignment macros (it takes care of
releasing previous valuesm and other peculiarities associated with
safe pointer usage).
* lasso/id-ff/profile.c: add tracing code activaged by
LASSO_FLAG=memory-debug to print release of field values.
Complement the existing code in generic deallocation procedure in
LassoNode.
* lasso/id-ff/provider.c:
* lasso/id-ff/server.c:
* lasso/id-ff/session.c:
use macros to release previous value when necessary,
release object used as parameters to constructors,
free the encryption key associated with a provider,
release the key manager created for a saml signature
verification.
* lasso/id-ff/logout.c:
- (lasso_logout_build_response_msg, lasso_logout_init_request,
lasso_logout_process_request_msg, lasso_logout_process_response_msg,
lasso_logout_validate_request) use lasso_assign_new_object,
lasso_assign_string, lasso_release and lasso_assign_new_string when
possible.
- (lasso_logout_process_response_msg) move the tranfer of the relaystate
from XML object to profile object.
* lasso/id-ff/defederation.c:
- (lasso_defederation_build_notification_msg,
lasso_defederation_init_notification,
lasso_defederation_process_notification_msg,
lasso_defederation_validate_notification): idem
* lasso/id-ff/lecp.c:
- (lasso_lecp_build_authn_request_envelope_msg,
lasso_lecp_build_authn_request_msg,lasso_lecp_build_authn_response_msg,
lasso_lecp_build_authn_response_envelope_msg) idem
* lasso/id-ff/login.c: (lasso_login_init_authn_request) again a passing by
correction, use lasso_assign_string for copying information from
the request to the profile object.
* lasso/id-ff/login.c:
- (lasso_login_init_request) catch RelayState in the query_fields and
copy it to msg_relayState
- (lasso_login_process_authn_request_msg) copy RelayState from the
request object to the profile object.
* lasso/xml/saml_assertion.c:
* lasso/xml/samlp_response_abstract.c:
* lasso/xml/samlp_request_abstract.c:
* lasso/xml/saml-2.0/samlp2_request_abstract.c:
* lasso/xml/saml-2.0/saml2_assertion.c:
* lasso/xml/saml-2.0/samlp2_status_response.c:
if a failure occur in the signing process, free the xmlnode, return
NULL and print a warning.
* lasso/xml/saml-2.0/samlp2_authn_request.c,
lasso/xml/saml-2.0/samlp2_logout_request.c,
- (instance_init) remove initialization of relayState field
* lasso/xml/saml-2.0/samlp2_logout_response.c:
- (instance_init) remove empty function, since it
only initialized relayState.
- (lasso_samlp2_logout_reponse_get_type) remove instance_init
from the type initialization structure.
* lasso/xml/saml-2.0/samlp2_authn_request.h,
lasso/xml/saml-2.0/samlp2_logout_request.h,
lasso/xml/saml-2.0/samlp2_logout_response.h:
- (struct _LassoSamlp2*) mark relaystate field as deprecated.
* lasso/xml/xml.c: (lasso_node_init_from_saml2_query_fields) Since parsing
of the relayState is now done inside each "_process_*msg" method of
each SAML2 profile, it is not needed anymore in this function.
* lasso/xml/lib_authn_request.c, lasso/xml/lib_logout_request.c,
lasso/xml/lib_register_name_identifier_request.c,
lasso/xml/lib_status_resposne.c:
- build_query: remove build_query overloaded virtual method, use
LassoNode new generic implementation.
- init_from_query:
- change direct call to lasso_node_init_from_query_fields to use of
base implementation from LassoNode.
- make use of utils.h memory handling macros like
lasso_release_gobject and lasso_assign_string.
* lasso/xml/lib_federation_termination_notification.c:
- init_from_query: remove parsing of RelayState parameter
* lasso/saml-2.0/login.c: In
lasso_saml20_login_process_authn_request_msg change handling of
relayState do not rely upon parsing by the node object, but extract
directly from the query string. Use new function
lasso_get_relaystate_from_query.
* lasso/saml-2.0/logout.c: In lasso_saml20_logout_process_request_msg
change handling of relayState do not rely upon parsing by the node
object, but extract directly from the query string.
* lasso/saml-2.0/profile.c: In
lasso_saml20_profile_init_artifact_resolve, add handling of the
relayState transmitted to the assertion consumer URL.
* lasso/saml-2.0/name_id_management.c: In
lasso_name_id_management_process_request_msg change handling of
relayState do not rely upon parsing by the node
object, but extract directly from the query string.
* lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c,
lasso/saml-2.0/name_id_management.c: simplify code path associated
with generation of the url for the HTTP-Redirect binding using the
rencently introduced function
lasso_saml20_profile_build_http_redirect.
* lasso/xml/saml-2.0/samlp2_request_abstract.c: add a build query
overloaded function to LassoSamlp2RequestAbstract class, the base
class of all saml 2.0 request nodes.
* lasso/saml-2.0/profile.c, lasso/saml-2.0/profileprivate.h:
- remove_all_signature traverse a tree of LassoNode objects to unset
all signature_type field in on nodes supporting signature
generation.
- lasso_saml20_profile_export_to_query does the job of generateing
the url containing the message content and the relaystate, then
sign it using lasso_query_sign.
- lasso_saml20_profile_build_http_redirect use those two functions
and the metadatas to build the signed redirect url.
* lasso/utils.h:
- (lasso_assign_new_string,lasso_assign_gobject) if source parameter
is a function call it could be called two times and have unexpected
side effects. Copy the returned value to a temp variable and use it
instead.
* lasso/utils.h: When setting strings using lasso_assing_string or
lasso_assign_new_string, verify that new string is different than the
target value string before deallocating the target.
* lasso/xml/xml.c:
In lasso_node_init_from_message_with_format remove direct use of
xmlSecSoap* functions because they emit too much warning by lasso
reimplementations.
Benjamin Dauvergne