summaryrefslogtreecommitdiffstats
path: root/lasso
Commit message (Collapse)AuthorAgeFilesLines
...
* | fix compilation error with xmlsec 1.2.18 / freebsd (#1365)Thomas NOEL2012-04-261-0/+1
| | | | | | | | see http://dev.entrouvert.org/issues/1365
* | build: do not include multiple glib headersFrédéric Péters2012-04-023-3/+2
|/
* Incompatibility with clang: local functions with closure does not workBenjamin Dauvergne2011-12-291-4/+6
|
* [id-ff 1.2] change websso with artifact binding to work as SAML 2.0Benjamin Dauvergne2011-12-231-21/+48
| | | | | | | | | | | | | | | | | The old way of transmiting the assertion to return via the session is kept, but a new way more semblable to the one used in the SAML 2.0 code is added. After lasso_login_build_artifact_msg() you must save the return of lasso_profile_get_artifact_message() linked to the value of the artifact obtained via lasso_profile_get_artifact(). In the artifact-resolve endpoint you must find the artifact message corresponding to the return value of lasso_profile_get_artifact() reinstall the artifact message using lasso_profile_set_artifact_message() just before calling lasso_login_build_response_msg(). This change is necessary for ID-FF 1.2 SSO profile to work with the thin-sessions.
* [id-ff 1.2] in lasso_login_build_assertion() always add the assertion to the ↵Benjamin Dauvergne2011-12-221-7/+4
| | | | response
* [doc] do some documentation fixingBenjamin Dauvergne2011-12-223-4/+7
|
* [id-ff 1.2] provision the SessionIndex into the assertionsBenjamin Dauvergne2011-12-221-0/+6
| | | | Without it SLO session management is broken.
* [id-ff 1.1] add support for multiple SessionIndex to lib:LogoutRequestBenjamin Dauvergne2011-12-223-80/+103
| | | | | Combined with the new LassoSession storage for SessionIndex, it should fix many bugs when doing SLO.
* [saml 2.0] use the new SessionIndex storage for SLO managementBenjamin Dauvergne2011-12-222-115/+89
| | | | | It shoulf fix any missing functionnalities regarding missing session indexes in logout requests sent by identity providers or service providers.
* [core] add support for thin-sessions environment flag, to reduce size of ↵Benjamin Dauvergne2011-12-223-0/+9
| | | | LassoSession dumps
* [core] add simpler storage for SessionIndexes in the LassoSessionBenjamin Dauvergne2011-12-223-30/+400
|
* [id-ff 1.2] add lasso_saml_name_identifier_equals() to compare NameIDsBenjamin Dauvergne2011-12-192-0/+17
|
* [saml2] fix lasso_saml20_logout_validate_request when more than one ↵Benjamin Dauvergne2011-12-161-7/+20
| | | | SessionIndex is sent
* [Makefile] add strings.h to the dsig module includesBenjamin Dauvergne2011-12-161-1/+2
|
* [xml/saml2] replace magic string by a defineBenjamin Dauvergne2011-12-161-4/+4
|
* Simplify useless complexity in include pathsBenjamin Dauvergne2011-12-16254-634/+634
|
* [xml] in is_interaction_request.h move new field to the end of the structure ↵Benjamin Dauvergne2011-12-161-2/+1
| | | | fto limit ABI impact
* [xml] rewrite schema directed serialization/deserialization methodsBenjamin Dauvergne2011-12-1620-557/+661
| | | | | | | | | | | | | | | | | | | | | | | | The new implementations of lasso_node_impl_init_from_xml now validate namespace of all child nodes befores parsing. It stops on any error. For node which implement their own parsing of an attribute or a node, it must declare an XmlSnippet with an offset field set to 0. The 0 value is invalid for public GObject structure (it's the place of the GObject machinery like the reference count). The 0 offset can be used for XmlSnippet in a private structure, so never set the offset to 0 with the flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode virtual method. Other ameliorations in this commit is the possibility to set attributes with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The syntax for an attribute is inspired by the element tree API from Python: {namespace}attribute_name an example: {http://www.w3.org/2001/XMLSchema-instance}type for the classic xsi:type attribute.
* [xml] add LASSO_XMLENC_PREFIX and LASSO_XMLENC_HREF definesBenjamin Dauvergne2011-12-161-0/+14
|
* [xml] add missing nodes to LassoIsInteractionRequestBenjamin Dauvergne2011-12-162-3/+6
|
* [xml] change saml_advice.h to declarer the real node typeBenjamin Dauvergne2011-12-161-2/+1
| | | | | It also needed a change to bindings.py to parse struct as well as typedef node classes.
* [xml] complete missing namespace declarations for child nodesBenjamin Dauvergne2011-12-1663-114/+168
| | | | | | | To allow lasso_node_impl_init_from_xmlnode to do proper namespace checking, child node which are not of the same namespace as their parent in their XSD schema must have an explicit namespace declared in the XmlSnippet.
* [core] mark private_data field of the LassoKey structure as privateBenjamin Dauvergne2011-12-161-0/+1
|
* [Makefile] fix missing soap11 nodes when compiling for MingwBenjamin Dauvergne2011-12-161-0/+1
|
* [core] fix uninitialized pointer to a GError structureBenjamin Dauvergne2011-12-161-1/+1
|
* [core] move XMLDsig related nodes in their own sub-library, add X509Data ↵Benjamin Dauvergne2011-12-1618-42/+432
| | | | | | node implementation The goal is to use the KeyInfo structure as a transport format for our cryptographic keys
* [provider] fix doc commentBenjamin Dauvergne2011-12-081-4/+3
|
* [id-ff] move LassoLogout to use LassoSignatureContextBenjamin Dauvergne2011-12-081-135/+98
|
* [logging] add an error() macroBenjamin Dauvergne2011-12-081-0/+17
|
* [id-ff] move LassoLogin to use LassoSignatureContextBenjamin Dauvergne2011-12-081-92/+49
|
* [core] rename lasso_provider_set_specific_signing_key to ↵Benjamin Dauvergne2011-12-052-3/+3
| | | | lasso_provider_set_server_signing_key
* [core] add the HMAC-SHA1 shared secret signature methodBenjamin Dauvergne2011-12-055-1/+105
|
* [core] refactor lasso_query_verify_signature and ↵Benjamin Dauvergne2011-12-051-149/+108
| | | | | | | lasso_saml2_query_verify_signature This commit introduces lasso_query_verify_helper which factorize cryptographic operations.
* [core] add lasso_provider_add_key to add other key for signature validationBenjamin Dauvergne2011-12-052-0/+43
| | | | | | The added key can be appended or prepended, depending on the need for the key: - rollover - improving performances (using simpler cryptographic algorithmss using shared secret keys)
* [core] add method lasso_provider_set_specific_signing_keyBenjamin Dauvergne2011-12-052-0/+32
| | | | | | | Using this method you can specify a signing which will be used for communication with the specified provider instead of the one configured on the LassoServer object. The main objective is to allow shared secret cryptography instead of public key cryptography.
* [core] add a new class LassoKeyBenjamin Dauvergne2011-12-054-3/+359
| | | | | | LassoKey currenly store a LassoSignatureContext inside a reference-counted and bindable object. It will be used to export API around key management to bindings.
* [core] set the xmlSec log handler globallyBenjamin Dauvergne2011-12-052-14/+11
| | | | The log handler is not set in lasso_init().
* [saml2] introduce a lasso_saml2_assertion_get_audirence_restrictions to ↵Benjamin Dauvergne2011-12-052-20/+33
| | | | factorize some code
* [core] introduce the LassoSignatureContext context, to pass around signature ↵Benjamin Dauvergne2011-12-0510-494/+604
| | | | | | | parameters This structure is used to pass around the signature algorithm and the signature key.
* [core] add a lasso_base64_decode functionBenjamin Dauvergne2011-12-052-0/+34
|
* [core] replace explicit allocation of LassoProviderPrivate by use of ↵Benjamin Dauvergne2011-12-051-13/+3
| | | | | | g_type_class_add_private The private part is allocated contiguously to the public structure data.
* [xml] use lasso_node_export_to_query_with_password to implement ↵Benjamin Dauvergne2011-12-051-18/+3
| | | | lasso_node_export_to_query
* [tools] fix lasso_sha1 to return a glib allocated stringBenjamin Dauvergne2011-12-051-1/+1
|
* [id-ff/saml2] add a lasso_server_add_provider2Benjamin Dauvergne2011-12-052-0/+24
| | | | | It allows to add LassoProvider objects directly to a LassoServer object, without using the metadata loading methods.
* [utils] add lasso_crypto_memequal functionBenjamin Dauvergne2011-12-051-0/+20
| | | | This method compare byte strings in constant time.
* [tools] add a LassoSignatureContext structure to pass signature parameters ↵Benjamin Dauvergne2011-12-051-0/+35
| | | | | | around Signature parameters are mainly a LassoSignatureMethod and a xmlSecKey.
* [xml] add an inline function to validate LassoSignatureMethod valuesBenjamin Dauvergne2011-12-052-1/+10
| | | | - add also a LASSO_SIGNATURE_METHOD_NONE value
* [utils] add lasso_transfer_xml_node macrosBenjamin Dauvergne2011-12-051-0/+3
|
* [core] simplify lasso_provider_load_public_keyBenjamin Dauvergne2011-12-051-9/+10
|
* Merge branch 'multi-certificates'Benjamin Dauvergne2011-11-2914-67/+118
|\
generated by cgit (git 2.34.1) at 2025-09-25 18:35:51 +0000