Benjamin Dauvergne
076a37d7f0
Release 2.7.0
2021-06-01 11:56:05 +02:00
Benjamin Dauvergne
ea7e5efe97
Fix signature checking on unsigned response with multiple assertions
...
CVE-2021-28091 : when AuthnResponse messages are not signed (which is
permitted by the specifiation), all assertion's signatures should be
checked, but currently after the first signed assertion is checked all
following assertions are accepted without checking their signature, and
the last one is considered the main assertion.
This patch :
* check signatures from all assertions if the message is not signed,
* refuse messages with assertion from different issuers than the one on
the message, to prevent assertion bundling event if they are signed.
2021-06-01 11:50:53 +02:00
Benjamin Dauvergne
d9db91ec9f
Jenkinsfile: update name of main branch
2021-04-07 18:06:11 +02:00
Benjamin Dauvergne
bd7acfd2f3
Python: improve display of warnings in the binding generator
2021-03-09 10:36:40 +01:00
Benjamin Dauvergne
f912e8d1ef
replace deprecated index() by strchr() ( #51385 )
2021-02-26 16:31:53 +01:00
Benjamin Dauvergne
cbbea83e3f
Fix: new provider reference count is incremented one time too many ( #51420 )
2021-02-25 10:10:03 +01:00
Benjamin Dauvergne
3d6bc26021
docs: update gtk-doc-tools integration ( #50441 )
...
Using reference documentation on https://developer.gnome.org/gtk-doc-manual/stable/index.html.en
2021-02-24 23:13:49 +01:00
Benjamin Dauvergne
9b1e68f683
bindings: disable java tests when java is disabled
2021-02-24 23:01:08 +01:00
Benjamin Dauvergne
2dbca5edf3
Fix: python3 bindings ( #51249 )
...
The __str__ method called itself, resulting in an RecursionError.
======================================================================
ERROR: test14 (__main__.BindingTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File "./binding_tests.py", line 336, in test14
assert isinstance(str(cm.exception), str)
File "../lasso.py", line 69, in __str__
return '<lasso.%s: %s>' % (self.__class__.__name__, self)
File "../lasso.py", line 69, in __str__
return '<lasso.%s: %s>' % (self.__class__.__name__, self)
File "../lasso.py", line 69, in __str__
return '<lasso.%s: %s>' % (self.__class__.__name__, self)
[Previous line repeated 489 more times]
File "../lasso.py", line 68, in __str__
if sys.version_info >= (3,):
RecursionError: maximum recursion depth exceeded in comparison
----------------------------------------------------------------------
2021-02-24 22:59:30 +01:00
Benjamin Dauvergne
86aa6a602f
configure.ac: disable java bindings
2021-02-23 21:10:11 +01:00
Frédéric Péters
34ad2ce2dc
build: update to use origin/main
2020-12-26 15:22:15 +01:00
Benjamin Dauvergne
f465304319
debian: add packaging for debian-buster
2020-10-12 15:26:14 +02:00
Benjamin Dauvergne
0d0e5286a7
jenkins.sh: build against all available python versions ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
6c166563b2
python: do not leak out_pyvalue if method call protocol is not respected ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
4696e2709b
python: do not raise in valid_seq() ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
77bed35c42
python: return NULL if get_list_of_strings() fails ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
5f5bc888b1
python: return NULL if get_list_of_pygobject fails ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
6ed8e04ff1
python: return NULL if get_list_of_xml_nodes fails ( #44287 )
2020-10-12 15:25:01 +02:00
Benjamin Dauvergne
4cf6bd4ff7
python: return NULL if set_list_of_pygobject fails ( #44287 )
2020-10-12 15:25:00 +02:00
Benjamin Dauvergne
c844abd8e4
python: return NULL if set_list_of_xml_nodes fails ( #44287 )
2020-10-12 15:24:46 +02:00
Benjamin Dauvergne
c53b6b5a73
python: return NULL if set_list_of_strings fails ( #44287 )
2020-10-12 15:24:45 +02:00
Benjamin Dauvergne
ed528ce26a
python: return NULL if set_hashtable_of_strings fails ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
57ee8d2f2a
python: return NULL if set_hashtable_of_pygobject fails ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
8591451270
python: free internal string buffer if needed in set_list_of_strings ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
f80b2bb50e
python: check if hashtable is NULL before deallocatio ( #44287 )n
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
0289da907f
python: add a failure label to method wrappers ( #44287 )
...
To separate wrapping code from unwinding and error handling code.
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
35682272ec
python: add macro for early return ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
05dea2eab5
python: remove newline before method call ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
9db28c0c32
python: simplify get_logger_object ( #44287 )
2020-10-12 15:24:11 +02:00
Benjamin Dauvergne
a8f82e67ef
python: fix warning about discarded const modifier ( #44287 )
2020-10-12 15:24:10 +02:00
Benjamin Dauvergne
637514a874
python: replace exception by warning on logging path ( #44287 )
2020-10-12 15:24:10 +02:00
Benjamin Dauvergne
8ae9d3a09b
python: use simpler call format to prevent warning about PY_SSIZE_T_CLEAN ( #44287 )
2020-10-12 15:24:10 +02:00
Benjamin Dauvergne
11bc68bbbc
python: remove deprecated PyErr_Warn ( #44287 )
2020-10-12 15:24:10 +02:00
Benjamin Dauvergne
a1dbd489fc
python: remove unused PyString_Size ( #44287 )
2020-10-12 15:24:10 +02:00
Benjamin Dauvergne
04ded420c8
python: Exception.message was removed in python3 ( #45995 )
2020-08-21 11:48:19 +02:00
Benjamin Dauvergne
0b742b1f6d
tools: reimplement xmlURIEscapeStr to respect RFC3986 ( #45581 )
...
Bugfix by Emmanuel Dreyfus.
License: MIT
2020-08-14 10:58:06 +02:00
Benjamin Dauvergne
15b8cd7ab1
configure.ac: support php7 interpreter on CentOS 8 ( #42299 )
2020-08-11 15:37:54 +02:00
Benjamin Dauvergne
4bae1c8b7c
Release 2.6.1
2020-04-22 15:04:46 +02:00
Benjamin Dauvergne
92d12b9954
Keep order of SessionIndexes
2020-04-22 04:45:52 +02:00
Benjamin Dauvergne
55feba5762
Clear SessionIndex when private SessionIndexes is empty ( #41950 )
2020-04-22 04:30:27 +02:00
Benjamin Dauvergne
e5ad4b1702
misc: clear warnings about class_init signature using coccinelle
...
$ spatch --in-place --sp-file add-second-arg-to-class-init.cocci `git grep -l -C1 ^class_init \*.c`
$ sed -i 's/\*unused\>/*unused G_GNUC_UNUSED/' `git grep -l 'void \*unused'`
2020-03-26 22:52:49 +01:00
Benjamin Dauvergne
6a0708ed5c
tests: fix compilation with check>0.12 ( #39101 )
2020-03-26 22:52:27 +01:00
Bernhard M. Wiedemann
1b51873ccf
Sort input file lists ( #40454 )
...
so that lasso.py, lasso/types.c and liblasso.so.3.13.0
build reproducibly
in spite of indeterministic filesystem readdir order.
For some reason, lasso/extract_sections.py lasso/extract_symbols.py
do not need such patches to get a reproducible openSUSE package.
See https://reproducible-builds.org/ for why this is good.
This patch was done while working on reproducible builds for openSUSE.
License: MIT
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
2020-03-05 12:51:17 +01:00
Benjamin Dauvergne
af8f88cec5
debian: disable php7 ( #28608 )
2019-09-09 15:10:06 +02:00
Tomohiro "Tomo-p" KATO
e2ec5a7349
Modify .gitignore for PHP 7 binding ( #28608 )
...
License: MIT
2019-09-09 15:10:06 +02:00
Tomohiro "Tomo-p" KATO
9c8c4b9937
Add PHP 7 binding ( #28608 )
...
License: MIT
2019-09-09 15:10:06 +02:00
Benjamin Dauvergne
37a0fa6f8b
Fix tests broken by new DEBUG logs ( #12829 )
2019-09-09 13:31:49 +02:00
Benjamin Dauvergne
db7e25287a
Improve error logging during node parsing ( #12829 )
2019-09-06 15:32:51 +02:00
Benjamin Dauvergne
caecf46be4
Improve configure compatibility ( #32425 )
2019-09-06 14:43:31 +02:00
Benjamin Dauvergne
84bc5b48d3
Improve compatibility with Solaris ( #32425 )
2019-09-06 14:42:44 +02:00