| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Instad of referring to an old FSF address, point the reader to the FSF
website where the latest licenses and addresses are published.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| |
|
|
|
|
|
| |
parameters
This structure is used to pass around the signature algorithm
and the signature key.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit complements the support for multiple signing certificate
support in the metadata files. The use-case is still key roll-over.
The structure LassoServerPrivateData was changed to accomodate multiple
decryption keys, and so:
xmlSecKey *encryption_private_key
became:
GList *encryption_private_keys
All uses of this key were replaced by a loop over this list, terminating
with the first key to be able to decrypt the content.
The private key passed to lasso_server_new() or
lasso_server_new_from_buffers() is first added to the list of decryption
keys. Any other call to
lasso_server_set_encryption_private_key_with_password() or
lasso_server_set_encryption_private_key() will add a new key to the
list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
authorities metadata
* server.c,serverprivate.h: add new private method
lasso_server_get_firs_providerID_by_role(server, role)w
* defederation.c: use new private method
lasso_server_get_first_providerID_by_role for find providerID
when the argument remote_providerID is null in
lasso_defederation_init_notification.
* lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
method lasso_server_get_first_providerID_by_role.
* provider.h: add thre new provider role (authn,pdp,attribute) and
four new services (authn,assertionid,attribute,authz) and also
a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
array sizing.
* provider.h: add a LAST member to LassoMdProtocolType enum.
* providerprivate.h,provider.c:
- removes separate hashtable for descriptors depending on provider role,
use only one table named Descriptors.
- use the LAST members of enumerations to dimention static string arrays.
* provider.h: add a LAST member to the e
|
| |
|
|
|
|
|
| |
private keys
* lasso/id-ff/server.c lasso/id-ff/serverprivate.h:
add methods lasso_server_get_private_key and lasso_server_get_encryption_private_key.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lasso/saml-2.0/name_id_management.c:
use new generic methods in lasso_name_id_management_init_request,
lasso_name_id_management_build_request_msg,
lasso_name_id_management_process_request_msg,
lasso_name_id_management_validate_request,
lasso_name_id_management_build_response_msg,
lasso_name_id_management_process_response_msg.
Remove useless boilerplate code.
* lasso/id-ff/server.c:
* lasso/id-ff/serverprivate.h:
last user of lasso_server_nameid_decrypt removed, so remove the code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lasso/id-dff/serverprivate.h:
* lasso/id-ff/server.c:
lasso_server_decrypt_nameid handle error case of NameID decryption,
and update passed field pointers.
* lasso/errors.h:
add new error codes:
LASSO_DS_ERROR_DECRYPTION_FAILED -118
- Decryption of an encrypted node failed
LASSO_PROFILE_ERROR_MISSING_SERVER -438
- No server object set in the profile
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
