Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | [wsf] fix wsf preprocessor conditionals | Benjamin Dauvergne | 2011-01-04 | 6 | -2/+9 |
| | |||||
* | [saml2] when parsing short numbers reinitialize errno | Benjamin Dauvergne | 2011-01-04 | 1 | -1/+3 |
| | |||||
* | [xml] fix null pointer access in lasso_node_get_encryption | Benjamin Dauvergne | 2010-12-22 | 1 | -1/+1 |
| | |||||
* | [saml2] fix errors in lasso)provider_get_first_http_method when a binding is ↵ | Benjamin Dauvergne | 2010-12-21 | 1 | -3/+3 |
| | | | | unknown | ||||
* | [saml2 provider] change critical messages to debug messages | Benjamin Dauvergne | 2010-12-21 | 1 | -2/+2 |
| | |||||
* | [saml2 profile] fix bug in binding_uri_to_http_method with the POST binding | Benjamin Dauvergne | 2010-12-21 | 1 | -1/+1 |
| | |||||
* | [saml login] suppress unused argument warning | Benjamin Dauvergne | 2010-12-21 | 1 | -1/+1 |
| | |||||
* | [samlv2 logout] check that the assertion is well formed before accessing the ↵ | Benjamin Dauvergne | 2010-12-17 | 1 | -0/+4 |
| | | | | subject nameid | ||||
* | [profile] prefer to lookup the session before the identity for looking up a ↵ | Benjamin Dauvergne | 2010-12-17 | 1 | -14/+14 |
| | | | | name identifier; | ||||
* | [samlv2 logout] setup the NameID from the assertion | Benjamin Dauvergne | 2010-12-17 | 1 | -2/+2 |
| | |||||
* | [samlv2 login] do not setup conditions->notBefore/notOnOrAfter only ↵ | Benjamin Dauvergne | 2010-12-17 | 1 | -5/+0 |
| | | | | notOnOrAfter on SubjectConfirmationData | ||||
* | [saml2] make LASSO_SIGNATURE_VERIFY_HINT_FORCE as least as stringent as ↵ | Benjamin Dauvergne | 2010-12-14 | 1 | -9/+23 |
| | | | | _MAYBE when checking signature on messages | ||||
* | [xml] remove duplicate EncryptedKey around EncryptedData elements | Benjamin Dauvergne | 2010-12-14 | 1 | -1/+0 |
| | | | | | The key is already embedded in the EncryptedData, so there is no need to also fill the EncryptedKey field of the saml:EncryptedElement object. | ||||
* | [xml] add exportation of the encrypting public key in EncryptedData elements | Benjamin Dauvergne | 2010-12-14 | 1 | -0/+19 |
| | | | | | | This commit check if the given is a simple RSA key or a full certificate and choose the better serialization method between RSAKeyValue and X509Data. | ||||
* | [tools] fix xml decryption | Benjamin Dauvergne | 2010-12-14 | 1 | -9/+6 |
| | | | | | | This commit rewrite the extraction of the EncryptedKey when it is embedded inside the EncryptedData element, which seem to be the frequent case. | ||||
* | Merge with new field in custome element | Benjamin Dauvergne | 2010-12-14 | 1 | -1/+2 |
| | |||||
* | [saml2] use new encryption structure instead for internal field in ↵ | Benjamin Dauvergne | 2010-12-14 | 2 | -9/+8 |
| | | | | LassoSaml2Assertion | ||||
* | [xml] add field to contains encryption parameters inside CustomElement structure | Benjamin Dauvergne | 2010-12-14 | 2 | -0/+70 |
| | |||||
* | [utils] fix typo in lasso_assign_sec_key | Benjamin Dauvergne | 2010-12-14 | 1 | -1/+2 |
| | |||||
* | [saml2] do not set SPNameQualifier it should be reserved for SP member of an ↵ | Benjamin Dauvergne | 2010-12-13 | 1 | -3/+0 |
| | | | | affiliation | ||||
* | [SAMLv2] fix segfault in has_signature by initializing local variables | Benjamin Dauvergne | 2010-10-20 | 1 | -2/+2 |
| | |||||
* | [SAMLv2] delete an unused local variable | Benjamin Dauvergne | 2010-10-11 | 1 | -1/+0 |
| | |||||
* | [SAMLv2] user server->signature_method when signing request and response | Benjamin Dauvergne | 2010-10-09 | 1 | -2/+3 |
| | |||||
* | [core] check type of first argument of lasso_provider_get_assertion_consumer_url | Benjamin Dauvergne | 2010-10-09 | 1 | -1/+3 |
| | |||||
* | [xml] fix waring on use of strndup on pardus | Benjamin Dauvergne | 2010-10-08 | 1 | -0/+3 |
| | |||||
* | Add missing include <errno.h> | Jérôme Schneider | 2010-10-08 | 2 | -1/+3 |
| | |||||
* | [SAMLv2] handle unknown provider in artifact resolve, and also alow to ↵ | Benjamin Dauvergne | 2010-10-07 | 1 | -5/+12 |
| | | | | | | | | | ignore signature validation In lasso_saml20_profile_process_artifact_resolve, we know take a short path with an error when the remote provider is unknown and we also respect the lasso_profile_get_signature_verify_hint() when checking the signature on the artifact resolve message. | ||||
* | [SAMLv2] fix bad double free bug in ↵ | Benjamin Dauvergne | 2010-10-07 | 1 | -1/+1 |
| | | | | lasso_saml20_provider_get_assertion_consumer_service_url_by_binding | ||||
* | [core] adapt lasso_provider_get_assertion_consumer_service_url for SAMLv2 | Benjamin Dauvergne | 2010-10-07 | 1 | -0/+12 |
| | |||||
* | [ID-FFv1.2] in lasso_login_process_authn_request_msg() adopt simpler ↵ | Benjamin Dauvergne | 2010-10-06 | 1 | -16/+26 |
| | | | | | | | | | | | | | | | | behaviour for checking signatures There is two sources of advice for signature checking: AuthnRequestsSigned attribute in service provider metadata files and value of lasso_profile_get_signature_verify_hint(). If lasso_profile_get_signature_verify_hint() forbid to check signature, we do not check. If the SP advise to check signature, we check. If lasso_profile_get_signature_verify_hint() forces to check signature, we do not check. In all other cases we only check if a signature is present, i.e. we ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND. | ||||
* | [ID-FFv1.2] make lasso_login_process_authn_request_msg() return ↵ | Benjamin Dauvergne | 2010-10-06 | 1 | -1/+5 |
| | | | | LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest | ||||
* | [SAMLv2] adopt same behaviour as ID-FFv1.2 for invalid AuthnRequest | Benjamin Dauvergne | 2010-10-06 | 1 | -1/+1 |
| | |||||
* | [SAMLv2&ID-FFv1.2] improve documentation of ↵ | Benjamin Dauvergne | 2010-10-06 | 1 | -12/+108 |
| | | | | lasso_login_process_authn_request_msg | ||||
* | [SAMLv2] fix ordering of endpoints | Benjamin Dauvergne | 2010-10-06 | 1 | -7/+22 |
| | | | | | Ordering by binding is wrong, first order by isDefault (as stated in saml-metadata-2.0.pdf) then by index. | ||||
* | [Core] change isdefault type in EndpointType structure | Benjamin Dauvergne | 2010-10-06 | 1 | -1/+1 |
| | | | | | | | As integer we can represent the three value of isdefault: - true - false - attribute absent | ||||
* | [SAMLv2] restore setting of SubjectConfirmationData->NotOnOrAfter | Benjamin Dauvergne | 2010-10-01 | 1 | -0/+6 |
| | | | | | | | | This was wrongly removed by me in commit 9d22f29e55524034dfda34c15b76f1b0b78c4413. This is the responsability of the caller to adjust value on the Conditions and SubjectConfirmationData independently after. | ||||
* | [Core] replace all use of g_strcmp0 by lasso_strisequal and lasso_strisnotequal | Benjamin Dauvergne | 2010-10-01 | 23 | -152/+153 |
| | | | | | Too much human errors with strcmp kind of functions. Also change name os lasso_is_empty_string to lasso_strisempty. | ||||
* | [Core] add helper API for string comparaison | Benjamin Dauvergne | 2010-10-01 | 1 | -5/+18 |
| | | | | It should remove most errors when comparing strings. | ||||
* | [SAMLv2] add missing compare to 0 introduced in 7386dc8189 | Benjamin Dauvergne | 2010-10-01 | 1 | -1/+1 |
| | | | | I hate strcmp. | ||||
* | [SAMLv2] also initialize Destination for response messages | Benjamin Dauvergne | 2010-09-30 | 1 | -0/+5 |
| | | | | | asynchronous bindings needs Destination attribute even for response messages. | ||||
* | [SAMLv2] when NidPolicy->Format is NULL or unspecified, return transient | Benjamin Dauvergne | 2010-09-30 | 1 | -1/+4 |
| | | | | Add more default cases. | ||||
* | [Core] fix break of lasso_profile_get_request_type_from_soap_msg from commit ↵ | Benjamin Dauvergne | 2010-09-29 | 1 | -2/+2 |
| | | | | | | b9d535625 ManageNameIDRequest is not an ID-WSF kind of request. | ||||
* | [Core] add missing annotation to lasso_*_dump functions | Benjamin Dauvergne | 2010-09-27 | 7 | -8/+8 |
| | | | | | The string returned by these functions is newly allocated and must be freed by the caller. | ||||
* | [ID-WSFv1] fix other misuses of the macro lasso_foreach | Benjamin Dauvergne | 2010-09-27 | 2 | -5/+6 |
| | |||||
* | [SAMLv2] fix wrong order in use of macro lasso_foreach | Benjamin Dauvergne | 2010-09-27 | 1 | -1/+1 |
| | | | | | | The first argument must be the iterator, the second is the iterable. Also add a non-regression test with Googleapps metadata and and a typical authn request. | ||||
* | [SAMLv2] fix early release of the request when using idp_initiaed login | Benjamin Dauvergne | 2010-09-17 | 1 | -1/+1 |
| | |||||
* | [SAMLv2] fix memleak of request in lasso_name_id_management_process_request_msg | Benjamin Dauvergne | 2010-09-17 | 1 | -1/+2 |
| | |||||
* | [SAMLv2] fix memleak of request in lasso_saml20_login_process_authn_request_msg | Benjamin Dauvergne | 2010-09-17 | 1 | -0/+1 |
| | |||||
* | [Core] fix leak of provider->private_data->endpoints | Benjamin Dauvergne | 2010-09-17 | 1 | -9/+10 |
| | |||||
* | [Core] fix leak of provider->private_data->endpoints | Benjamin Dauvergne | 2010-09-17 | 1 | -1/+1 |
| |