summaryrefslogtreecommitdiffstats
path: root/lasso
Commit message (Collapse)AuthorAgeFilesLines
* [wsf] fix wsf preprocessor conditionalsBenjamin Dauvergne2011-01-046-2/+9
|
* [saml2] when parsing short numbers reinitialize errnoBenjamin Dauvergne2011-01-041-1/+3
|
* [xml] fix null pointer access in lasso_node_get_encryptionBenjamin Dauvergne2010-12-221-1/+1
|
* [saml2] fix errors in lasso)provider_get_first_http_method when a binding is ↵Benjamin Dauvergne2010-12-211-3/+3
| | | | unknown
* [saml2 provider] change critical messages to debug messagesBenjamin Dauvergne2010-12-211-2/+2
|
* [saml2 profile] fix bug in binding_uri_to_http_method with the POST bindingBenjamin Dauvergne2010-12-211-1/+1
|
* [saml login] suppress unused argument warningBenjamin Dauvergne2010-12-211-1/+1
|
* [samlv2 logout] check that the assertion is well formed before accessing the ↵Benjamin Dauvergne2010-12-171-0/+4
| | | | subject nameid
* [profile] prefer to lookup the session before the identity for looking up a ↵Benjamin Dauvergne2010-12-171-14/+14
| | | | name identifier;
* [samlv2 logout] setup the NameID from the assertionBenjamin Dauvergne2010-12-171-2/+2
|
* [samlv2 login] do not setup conditions->notBefore/notOnOrAfter only ↵Benjamin Dauvergne2010-12-171-5/+0
| | | | notOnOrAfter on SubjectConfirmationData
* [saml2] make LASSO_SIGNATURE_VERIFY_HINT_FORCE as least as stringent as ↵Benjamin Dauvergne2010-12-141-9/+23
| | | | _MAYBE when checking signature on messages
* [xml] remove duplicate EncryptedKey around EncryptedData elementsBenjamin Dauvergne2010-12-141-1/+0
| | | | | The key is already embedded in the EncryptedData, so there is no need to also fill the EncryptedKey field of the saml:EncryptedElement object.
* [xml] add exportation of the encrypting public key in EncryptedData elementsBenjamin Dauvergne2010-12-141-0/+19
| | | | | | This commit check if the given is a simple RSA key or a full certificate and choose the better serialization method between RSAKeyValue and X509Data.
* [tools] fix xml decryptionBenjamin Dauvergne2010-12-141-9/+6
| | | | | | This commit rewrite the extraction of the EncryptedKey when it is embedded inside the EncryptedData element, which seem to be the frequent case.
* Merge with new field in custome elementBenjamin Dauvergne2010-12-141-1/+2
|
* [saml2] use new encryption structure instead for internal field in ↵Benjamin Dauvergne2010-12-142-9/+8
| | | | LassoSaml2Assertion
* [xml] add field to contains encryption parameters inside CustomElement structureBenjamin Dauvergne2010-12-142-0/+70
|
* [utils] fix typo in lasso_assign_sec_keyBenjamin Dauvergne2010-12-141-1/+2
|
* [saml2] do not set SPNameQualifier it should be reserved for SP member of an ↵Benjamin Dauvergne2010-12-131-3/+0
| | | | affiliation
* [SAMLv2] fix segfault in has_signature by initializing local variablesBenjamin Dauvergne2010-10-201-2/+2
|
* [SAMLv2] delete an unused local variableBenjamin Dauvergne2010-10-111-1/+0
|
* [SAMLv2] user server->signature_method when signing request and responseBenjamin Dauvergne2010-10-091-2/+3
|
* [core] check type of first argument of lasso_provider_get_assertion_consumer_urlBenjamin Dauvergne2010-10-091-1/+3
|
* [xml] fix waring on use of strndup on pardusBenjamin Dauvergne2010-10-081-0/+3
|
* Add missing include <errno.h>Jérôme Schneider2010-10-082-1/+3
|
* [SAMLv2] handle unknown provider in artifact resolve, and also alow to ↵Benjamin Dauvergne2010-10-071-5/+12
| | | | | | | | | ignore signature validation In lasso_saml20_profile_process_artifact_resolve, we know take a short path with an error when the remote provider is unknown and we also respect the lasso_profile_get_signature_verify_hint() when checking the signature on the artifact resolve message.
* [SAMLv2] fix bad double free bug in ↵Benjamin Dauvergne2010-10-071-1/+1
| | | | lasso_saml20_provider_get_assertion_consumer_service_url_by_binding
* [core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2Benjamin Dauvergne2010-10-071-0/+12
|
* [ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler ↵Benjamin Dauvergne2010-10-061-16/+26
| | | | | | | | | | | | | | | | behaviour for checking signatures There is two sources of advice for signature checking: AuthnRequestsSigned attribute in service provider metadata files and value of lasso_profile_get_signature_verify_hint(). If lasso_profile_get_signature_verify_hint() forbid to check signature, we do not check. If the SP advise to check signature, we check. If lasso_profile_get_signature_verify_hint() forces to check signature, we do not check. In all other cases we only check if a signature is present, i.e. we ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
* [ID-FFv1.2] make lasso_login_process_authn_request_msg() return ↵Benjamin Dauvergne2010-10-061-1/+5
| | | | LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest
* [SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequestBenjamin Dauvergne2010-10-061-1/+1
|
* [SAMLv2&ID-FFv1.2] improve documentation of ↵Benjamin Dauvergne2010-10-061-12/+108
| | | | lasso_login_process_authn_request_msg
* [SAMLv2] fix ordering of endpointsBenjamin Dauvergne2010-10-061-7/+22
| | | | | Ordering by binding is wrong, first order by isDefault (as stated in saml-metadata-2.0.pdf) then by index.
* [Core] change isdefault type in EndpointType structureBenjamin Dauvergne2010-10-061-1/+1
| | | | | | | As integer we can represent the three value of isdefault: - true - false - attribute absent
* [SAMLv2] restore setting of SubjectConfirmationData->NotOnOrAfterBenjamin Dauvergne2010-10-011-0/+6
| | | | | | | | This was wrongly removed by me in commit 9d22f29e55524034dfda34c15b76f1b0b78c4413. This is the responsability of the caller to adjust value on the Conditions and SubjectConfirmationData independently after.
* [Core] replace all use of g_strcmp0 by lasso_strisequal and lasso_strisnotequalBenjamin Dauvergne2010-10-0123-152/+153
| | | | | Too much human errors with strcmp kind of functions. Also change name os lasso_is_empty_string to lasso_strisempty.
* [Core] add helper API for string comparaisonBenjamin Dauvergne2010-10-011-5/+18
| | | | It should remove most errors when comparing strings.
* [SAMLv2] add missing compare to 0 introduced in 7386dc8189Benjamin Dauvergne2010-10-011-1/+1
| | | | I hate strcmp.
* [SAMLv2] also initialize Destination for response messagesBenjamin Dauvergne2010-09-301-0/+5
| | | | | asynchronous bindings needs Destination attribute even for response messages.
* [SAMLv2] when NidPolicy->Format is NULL or unspecified, return transientBenjamin Dauvergne2010-09-301-1/+4
| | | | Add more default cases.
* [Core] fix break of lasso_profile_get_request_type_from_soap_msg from commit ↵Benjamin Dauvergne2010-09-291-2/+2
| | | | | | b9d535625 ManageNameIDRequest is not an ID-WSF kind of request.
* [Core] add missing annotation to lasso_*_dump functionsBenjamin Dauvergne2010-09-277-8/+8
| | | | | The string returned by these functions is newly allocated and must be freed by the caller.
* [ID-WSFv1] fix other misuses of the macro lasso_foreachBenjamin Dauvergne2010-09-272-5/+6
|
* [SAMLv2] fix wrong order in use of macro lasso_foreachBenjamin Dauvergne2010-09-271-1/+1
| | | | | | The first argument must be the iterator, the second is the iterable. Also add a non-regression test with Googleapps metadata and and a typical authn request.
* [SAMLv2] fix early release of the request when using idp_initiaed loginBenjamin Dauvergne2010-09-171-1/+1
|
* [SAMLv2] fix memleak of request in lasso_name_id_management_process_request_msgBenjamin Dauvergne2010-09-171-1/+2
|
* [SAMLv2] fix memleak of request in lasso_saml20_login_process_authn_request_msgBenjamin Dauvergne2010-09-171-0/+1
|
* [Core] fix leak of provider->private_data->endpointsBenjamin Dauvergne2010-09-171-9/+10
|
* [Core] fix leak of provider->private_data->endpointsBenjamin Dauvergne2010-09-171-1/+1
|
generated by cgit (git 2.34.1) at 2024-06-12 00:59:18 +0000