summaryrefslogtreecommitdiffstats
path: root/lasso
Commit message (Collapse)AuthorAgeFilesLines
...
* Core XML: in xml.c, keep original node names, handle xsi:type attribute betterBenjamin Dauvergne2010-01-042-77/+203
| | | | | | | | | | | | | | | | | | | | | | | | | | | * lasso/xml/xml.c lasso/xml/xml.h: - fix signature of lasso_node_set_original_xmlnode, fix signature in documentation of lasso_node_set_original_xmlnode; - add a new API lasso_node_set_custom_nodename to specify the exact element name to use when serializing a LassoNode to XML. - rename internal structure _CustomNamespace to _CustomElement, add a nodename field to it. - rework internal functions around _CustomElement to be aware of an existing attached _CustomElement and re-use if needed. - move application of _CustomElement hints after the serialization of the node, so that the normal behaviour of the serialization is kept -- i.e. do not play with the list of parent classes. - use the full xsi:type content to find a LassoNode subclass when de-serializaing XML content, factorize QName->GObject class mapping for the three executions paths inside _type_name_from_href_and_nodename: - element QName, - xsi:type QName, - element name with xsi:type namespace - add a long comment expliciting the way the mapping is done. - remove direct mapping of EncryptedAssertion element, the registry declaration on the class LassoSaml2EncryptedElement shoud be enough.
* Core XML: in xml.c, parse attributes with namespace checkingBenjamin Dauvergne2010-01-041-1/+8
| | | | | | * lasso/xml/xml.c: - use snippet->ns_uri and snippet->ns_name to parse attributes outside of the parent node namespace.
* Core XML: in xml/tools.c, improve lasso_eval_xpath_expression, do not fail ↵Benjamin Dauvergne2010-01-041-1/+1
| | | | | | | | when nodeset is empty * lasso/xml/tools.c: only check that the query returned a nodeset object, do not check its content size.
* Core: in utils.h, add a macros, fix existingBenjamin Dauvergne2010-01-042-3/+76
| | | | | | | | | | | | | | | | | | | | | | | | * lasso/utils.h: - add macro lasso_ref(object), if object is not null, call g_object_ref on it, and return the value, otherwise do nothing and return NULL. - make a better reporting of bad object release - change format type for __LINE__ and dest arguments in lasso_release_gobject warning display. - add a lasso_check_non_empty_string macro - add new macro to extract a specific node type from a list of GObject objects. - use xmlStrdup not g_strdup for lasso_assign_xml_string - add lasso_list_add_gstrv and lasso_check_good_rc - add macro lasso_list_get_first_child - add inline function to test empty string - change macro lasso_check_non_empty_string to use the new inline function and go to cleanup - fix lasso_check_non_empty_string macro * lasso/utils.c: - add lasso_gobject_is_of_type returns 0 if first parameters is a gobject whose GType is equal to the second parameter, and 1 otherwise.
* Core: add new errors LASSO_PROFILE_ERROR_INVALID_RESPONSE, ↵Benjamin Dauvergne2010-01-042-5/+23
| | | | LASSO_PROFILE_ERROR_INVALID_REQUEST.
* Core: in registry.c, change type cast to compile on amd64 platformBenjamin Dauvergne2010-01-041-4/+5
| | | | | | | * registry.c: use ptrdiff_t to cast to integer big enough to receive a pointer, then apply integer operations, then cast to the pointer type expected by g_direct_hash.
* Core: in utils.h, change __STRING(x) for #xBenjamin Dauvergne2009-12-161-1/+2
| | | | | | * lasso/utils.h: __STRING(x) does not seem more portable than #x so change, problem with AIX.
* Add missing headers to makefile, to pass make distcheckBenjamin Dauvergne2009-12-082-2/+4
| | | | | | | * lasso/xml/id-wsf-2.0/Makefile.am: make xml_idwsf2.h appear in the distribution file * lasso/xml/ws/Makefile.am: make xml_ws.h appear in the distribution file
* in lasso_saml20_profile_export_to_query, checks return valuesBenjamin Dauvergne2009-12-041-0/+3
| | | | | | * lasso/saml-2.0/profile.c: in lasso_saml20_profile_export_to_query, check return value of of lasso_node_build_query and lasso_query_sign.
* Restore ancient semantic of lasso_profile_is_session_dirtyBenjamin Dauvergne2009-11-301-1/+1
| | | | | * lasso/id-ff/profile.c: lasso_is_session_dirty must return FALSE if session is NULL.
* Fix double g_object_unrefBenjamin Dauvergne2009-11-301-2/+0
| | | | | | * lasso/id-ff/login.c: status is already freed by lasso_assign_gobject, do not free it first with lasso_node_destroy.
* Remove message level signature on redirect messagesBenjamin Dauvergne2009-11-301-18/+52
| | | | | * lasso/saml-2.0/profile.c: remove message level signatures before building query strings.
* Add more check to remove_signatureBenjamin Dauvergne2009-11-301-1/+1
| | | | | * lasso/saml-2.0/profile.c: check for NULL when accessing klass datas.
* Augment query string limit for relaystate extraction to 8192 bytesBenjamin Dauvergne2009-11-021-2/+5
| | | | | | * lasso/xml/tools.c: some application transfer relaystate longer thant the specification advised 80 bytes, try to cater for their needs.
* Add documentation for lasso_get_relaystate_from_queryBenjamin Dauvergne2009-11-021-0/+9
| | | | | | * lasso/xml/tools.c: add documentation on the internal function lasso_get_relaystate_from_query
* Add C defines for SAML 2 'unspecified' authncontext classBenjamin Dauvergne2009-10-301-0/+3
| | | | | | * lasso/xml/strings.h: add C defines for AuhtnContextClassRef, urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified.
* Fix bad macro choice, precise error for bad formatted NIDM requestBenjamin Dauvergne2009-10-301-3/+3
| | | | | | | * saml-2.0/name_id_management.c: use specialized lasso_saml20_profile_set_response_status set 'MissingNameID' second level error with requester first level error code when request is missing a name id.
* Fix reporting of error in message parsingBenjamin Dauvergne2009-10-301-2/+3
| | | | | | | | * lasso/xml/xml.c: do not mix the return code from xmlSecBase64Decode and the return code for lasso_node_init_from_message_with_format. It fixes a segmentation fault in lasso_login_process_authn_request_msg.
* Core: factorize code to obtain a SPNameQualifierBenjamin Dauvergne2009-10-304-22/+55
| | | | | | | | | | * lasso/id-ff/provider.c lasso/id-ff/provider.h: add a method giving the SPNameQualifier for a provider (its entity id or its affiliation id). * lasso/id-ff/profile.c: * lasso/saml-2.0/login.c: update use sites.
* SAML2 Logout: initialize SessionIndex from the assertionBenjamin Dauvergne2009-10-301-0/+15
| | | | | | | * lasso/saml-2.0/logout.c: when creating a logout request message initialize the SessionIndex element with the correponding content in the stored assertion for this session.
* SAML2: change lasso_saml20_profile_set_response_status signatureBenjamin Dauvergne2009-10-306-118/+82
| | | | | | | | | | | | | | * lasso/saml-2.0/profile.c: * lasso/saml-2.0/profileprivate.h: make lasso_saml20_profile_set_response_status2 the new implementation of lasso_saml20_profile_set_response_status. add helper macros to set success, responder and requester first level status code. * saml-2.0/assertion_query.c: * saml-2.0/login.c: * saml-2.0/logout.c: * saml-2.0/name_id_management.c: adapt consumers to the new signature.
* ID-FF: add a partial_logout flag to LassoLogout private_dataBenjamin Dauvergne2009-10-302-1/+23
| | | | | | * lasso/id-ff/logout.c: * lasso/id-ff/logout.h: add a flag to store the status of a partial logout
* SAML2: add an equals operator to the NameID classBenjamin Dauvergne2009-10-302-0/+34
| | | | | | | * lasso/xml/saml-2.0/saml2_name_id.c: * lasso/xml/saml-2.0/saml2_name_id.h: add a lasso_saml2_name_id_equals method which return TRUE if two NameId are equal.
* SAML2: use the static get_provider helper method in generic profile methodsBenjamin Dauvergne2009-10-301-16/+4
| | | | | | * lasso/saml-2.0/profile.c: instead of accessing directly profile->server use the helper method get_provider.
* SAML2: in logout_build_response_msg do not fail on missing remote_providerIDBenjamin Dauvergne2009-10-301-7/+0
| | | | | | | | * lasso/saml-2.0/logout.c: remote_providerId is verified in build_redirect_simple and is not necessary for SOAP response with a failure and profile->response cannot be null (we just created a response if it was missing). So this error case is now unnecessary.
* ID-FF1.2 and SAML2: remove direct access to profile->server->providersBenjamin Dauvergne2009-10-3013-112/+74
| | | | | | * client of LassoServer should use lasso_server_get_provider. * LASSO_PROFILE_ERRROR_UNKNOWN_PROVIDER was a mistake, it is superfluous, use LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
* Core: in profile, use lasso_server_get_providerBenjamin Dauvergne2009-10-301-2/+4
| | | | | | - lasso/id-ff/profile.c: replace direct access to server->provider by lasso_server_get_provider.
* Core: add const modifier to return value of lasso_provider_get_metadata_listBenjamin Dauvergne2009-09-295-10/+10
| | | | | | | | | - lasso/id-ff/provider.c lasso/id-ff/provider.h: change return type of lasso_provider_get_metadata_list from GList* to const GList*. - lasso/id-ff/logout.c lasso/saml-2.0/logout.c lasso/saml-2.0/provider.c: change consumers of the API
* Core: Add const modifiers to LassoProvider methodsBenjamin Dauvergne2009-09-294-30/+30
| | | | | | * lasso/id-ff/provider.c lasso/id-ff/provider.h lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h: add const modifier where they could be added.
* Do not use g_new, use g_new0Benjamin Dauvergne2009-09-299-9/+9
| | | | | | | | | | | | | * lasso/id-ff/federation.c: * lasso/id-ff/logout.c: * lasso/id-ff/profile.c: * lasso/id-ff/provider.c: * lasso/id-ff/server.c: * lasso/id-ff/session.c: * lasso/id-wsf/authentication.c: * lasso/saml-2.0/ecp.c: * lasso/xml/xml.c: even for private datas, use g_new0, it is safer.
* Change setting of default NameIDFormat for SAML 2.0 loginBenjamin Dauvergne2009-09-292-16/+59
| | | | | | | | | | * saml-2.0/login.c: in lasso_saml20_login_init_authn_request, lasso_saml20_login_init_idp_initiated_authn_request, if the service provider provided a list of supported name id formats, use the first one as default for new AuthnRequest. * id-ff/login.c: modify documentation to report the new way of choosing a default.
* Add method to Provider to retrieve default NameIDFormatBenjamin Dauvergne2009-09-292-0/+15
| | | | | | * lasso/id-ff/provider.c lasso/id-ff/provider.h: add lasso_provider_get_default_name_id_format, which returns the firs listed NameIDFormat from the SAML 2.0 metadatas of the provider.
* Complete documentation of lasso_login_init_authn_request concerning the ↵Benjamin Dauvergne2009-09-291-10/+16
| | | | | | | | NameIDFormat * lasso/id-ff/login.c: in lasso_login_init_authn_request, add docbook formatting, add remarks about the different NameIDFormat for ID-FF 1.2 and SAML 2.0.
* Fix bugs found via coverity (thanks to Bhaskar Jain)Benjamin Dauvergne2009-09-177-59/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * lasso/id-wsf-2.0/data_service.c: fix uninitialized res variable in lasso_idwsf2_data_service_process_query_response_soap_fault_msg. * lasso/xml/saml-2.0/saml2_assertion.c: fix uninitialized rc variable in get_xmlNode. * lasso/saml-2.0/login.c: in lasso_saml20_login_accept_sso check for ni and ni->Format null-ness before dereferencing, remove idp_ni which is not used anymore. remote all use of federation->remote_nameIdentifier, SAML 2.0 only need one NameID, and it will be local_nameIdentifier. * lasso/xml/xml.c: in lasso_node_traversal, check null-ness of node before dereferencing it, add check for class null-ness also. * lasso/id-ff/provider.c: in lasso_provider_get_first_http_method, remove useless check for t2 null-ness -- if found is TRUE, t1 and t2 cannot be null. * lasso/xml/tools.c: in lasso_sign_node, add documentation, check for private_key_file and xmlnode null-ness. in lasso_get_public_key_from_private_key_file, add a cleanup phase, check for cert variabl null-ness befor appending, count the number of certificates added. in lasso_query_verify_signature, check that URL unescaping and base64 decoding are succesfull before using the decoded strings. * lasso/saml-2.0/name_id_management.c: in lasso_name_id_management_validate_request, fix mis-handling of federation, if federation does not match request name_id, return UNKNOWN_PRINCIPAL.
* ID-WSF: finish unsealing field « is_dirty » of LassoSessionBenjamin Dauvergne2009-09-171-1/+1
| | | | | * lasso/id-wsf-2.0/session.c: remove direct acces to LassoSession private field.
* Core: unseal LassoSession public fieldBenjamin Dauvergne2009-09-113-29/+26
| | | | | | | | | | | | * lasso/id-ff/session.c: * lasso/id-ff/session.h: * lasso/id-ff/sessionprivate.h: unseal session->is_dirty and session->assertions, remove the mirror version in the private data structure, and restore direct acces by methods. move the "private" comment before those two fields to hide them in the gtk-doc reference manual, normal access should be done by get_assertion and is_dirty methods.
* XML ID-WSF: Fix parsing of most ID-WSF elementsBenjamin Dauvergne2009-09-114-8/+28
| | | | | | | | | | | | | | | | | | * lasso/xml/disco_send_single_logout.c: * lasso/xml/id-wsf-2.0/sb2_user_interaction_header.c: * lasso/xml/id-wsf-2.0/subsref_app_data.c: * lasso/xml/xml.c: lots of ID-WSF 1.0/2.0 classes were not passing the new non-regression test on serialization/deserialization. The main reason was the absence of mapping for their namespace in the prefix_from_href_and_nodename function. The other reason is that some class name does not correspond 1-to-1 to the element name (SendSingleLogOut vs. SendSingleLogout, notice the capitalised 'O'). The last problem was that mapping from nodes to GObject classes was done after default mapping ("Lasso<prefix><node_name>"), now it's done before, to reflect the fact that it is a more specialized mapping.
* Core: remove warning when lasso_registry_get_direct_mapping failsBenjamin Dauvergne2009-09-111-1/+2
| | | | | | * lasso/registry.c (lasso_registry_get_direct_mapping): g_return_val_if_fail output a warning when condition fails, use a simple if instead.
* XML: Fix seg-fault bug introduced in commit 4108Benjamin Dauvergne2009-09-111-6/+14
| | | | | | | | | * lasso/xml/xml.c: lasso_node_get_xmlnode_for_any_type is broken, if no original_xmlnode is present, return just cur. Also add all missing cases for the state of the pair (cur, orignal_xmlnode). * tests/basic_tests.c: add a non-regression test, testing all dump/restore functions.
* Core: add new macros to traverse listsBenjamin Dauvergne2009-09-111-0/+20
| | | | | | | * lasso/utils.h: lasso_foreach_full_begin(_type, _data, _iter, _list) traverse GList* _list, using _iter as iteration variable extract data field to variable _data of type _type.
* Core: fix extract_symbols regular expressionBenjamin Dauvergne2009-09-111-1/+1
| | | | | | * lasso/extract_symbols.py: the regular expression was not matching declaration over multiple lines, and would catch argument starting with lasso_. Fixed.
* XML: add all inclusive header files for id-wsf2, ws, id-wsf XML elementsBenjamin Dauvergne2009-09-113-1/+230
| | | | | | | * lasso/xml/wsf/xml_ws.h: * lasso/xml/id-wsf-2.0/xml_idwsf2.h: * lasso/xml/xml_idwsf.h: new files.
* ID-WSF 2.0: add set_request/set_response method to Profile objectBenjamin Dauvergne2009-09-112-0/+43
| | | | | | | * lasso/id-wsf-2.0/profile.c: * lasso/id-wsf-2.0/profile.h: add two methods that set the response object and replace the content of the SOAP message with this object.
* XML SOAP: add new soap fault constructorBenjamin Dauvergne2009-09-112-2/+20
| | | | | | | * lasso/xml/soap_fault.c: * lasso/xml/soap_fault.h: add a full constructor allowing to set faultcode and faultstring in one call.
* XML ID-WSF 2.0: make non simple constructor of MiscTextNode return real typeBenjamin Dauvergne2009-09-111-3/+3
| | | | | | * lasso/xml/misc_text_node.c: non simple constructor must return the real object type because Java binding does not work without it.
* XML SAML 1.1: fix schema figure for samlp:RequestBenjamin Dauvergne2009-09-111-2/+1
|
* ID-WSF 2.0: add accessor for field of LassoIdWsf2ProfileBenjamin Dauvergne2009-09-112-0/+37
| | | | | | * lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.c: add two accessor to get to soap_response and soap_request object, next step is to make those two fields really private.
* ID-WSF: fix duplication of namespace string declaration, add fault codes for ↵Benjamin Dauvergne2009-09-111-19/+73
| | | | | | | | WS-Security * lasso/xml/strings.h: namespace of WS-Security 1.0 was duplicated, add specified fault code linked to WS-Security.
* ID-WSF: remove LassoWsseSecurity in favor of LasoWsSec1SecurityHeaderBenjamin Dauvergne2009-09-114-175/+3
| | | | | | | | | | * xml/Makefile.am: remove the file from the source list * xml/wsse_security.c: * xml/wsse_security.h: remove the files * xml/xml.c: use LassoWsSec1SecurityHeader for LASSO_WSSE_HREF namespace also.
* ID-WSF 1.0: use the common wsse:Security objectBenjamin Dauvergne2009-09-111-7/+13
| | | | | | | | * lasso/id-wsf/wsf_profile.c: use the common LassoWsSec1SecurityHeader object instead of the specific LassoWsseSecurity, and set the needed namespace using lasso_node_set_custom_namespace. add implementation comments.
generated by cgit (git 2.34.1) at 2025-09-27 21:13:14 +0000