summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Change am_first_idp() to retrieve the entityID from the LassoServer object.olavmrk2011-05-181-10/+10
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@123 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Move am_get_idp() and am_first_idp() to after am_get_lasso_server().olavmrk2011-05-181-84/+86
| | | | | | This is in preparation of using am_get_lasso_server from those functions. git-svn-id: https://modmellon.googlecode.com/svn/trunk@122 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Unbreak logout for lasso version >= 2.3.0benjamin.dauvergne2011-05-041-28/+31
| | | | | | | | | | | Lasso initializes the SessionIndex attribute of LogoutRequest message itself since release 2.3.4 and directly remove the related assertions since 2.3.0, so the old way to initialize the SessionIndex cannot work anymore. Between version 2.3.0 and 2.3.4 it just cannot work at all but it is better to send a broken logout request missing the SessionIndex attribute than to raise a segmentation fault. git-svn-id: https://modmellon.googlecode.com/svn/trunk@121 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonCookieDomain and MellonCookiePath directivesbenjamin.dauvergne2011-04-074-4/+53
| | | | | | | | | | These allows respectively to set the domain and the path of the domain of the mellon cookie. Without these the domain defaults to the domain return by ap_get_server_name() (see http://httpd.apache.org/dev/apidoc/apidoc_ap_get_server_name.html) and the path to "/". git-svn-id: https://modmellon.googlecode.com/svn/trunk@120 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Makefile: Fix invocation of apxs.olavmrk2011-03-301-1/+1
| | | | | | | New versions of apxs requires the use of -Wc and -Wl for passing flags to the compiler and linker. git-svn-id: https://modmellon.googlecode.com/svn/trunk@119 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix leak of lasso_server objects.olavmrk2011-03-301-0/+27
| | | | | | | Unfortunately, the lasso_server objects were never destroyed, which led to a memory leak when using request-specific configuration. git-svn-id: https://modmellon.googlecode.com/svn/trunk@118 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonIdPMetadataGlob directive to load mulitple IdP metadatamanu@netbsd.org2011-03-235-0/+90
| | | | | | | using a glob(3) pattern. git-svn-id: https://modmellon.googlecode.com/svn/trunk@117 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Regexp backreference substitution in MellonCond manu@netbsd.org2011-03-224-54/+313
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@116 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Properly terminate parameter list for apr_pstrcat.olavmrk2011-03-181-1/+1
| | | | | | | | On 64-bit, "0" is an 32-bit integer while the parameter list should be terminated by a 64-bit NULL pointer. Change the parameter to NULL to avoid possible misbehaviour due to this. git-svn-id: https://modmellon.googlecode.com/svn/trunk@115 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonCond directive to enable attribute filtering beyond MellonRequire manu@netbsd.org2011-03-175-57/+335
| | | | | | | | | functionalities. Supports regexp, negations, and attribute name remapping though MellonSetEnv git-svn-id: https://modmellon.googlecode.com/svn/trunk@114 a716ebb1-153a-0410-b759-cfb97c6a1b53
* A /mellon/probeDisco endpoint replaces the builtin:get-metadata IdP manu@netbsd.org2011-03-095-86/+282
| | | | | | | | dicovery URL scheme. It is configured using the MellonProbeDiscoveryTimeout and MellonProbeDiscoveryIdP directives. git-svn-id: https://modmellon.googlecode.com/svn/trunk@113 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Allow MellonUser variable to be translated through MellonSetEnvmanu@netbsd.org2011-03-022-13/+24
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@112 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix references to MellonPostDirectory in README and in a comment.olavmrk2011-02-182-7/+8
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@111 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change implementation of am_get_endpoint_url to use ap_construct_urlbenjamin.dauvergne2010-10-211-24/+1
| | | | | | | | | | | ap_construct_url() use the ServerName directive to reconstruct an absolute URL. It allows to force the use of an https:// URL (when you are behind an SSL proxy it is needed) by configuring your VirtualHost like that: ServerName https://example.com git-svn-id: https://modmellon.googlecode.com/svn/trunk@110 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Report the received Recipient for error on SubjectConfirmationDatabenjamin.dauvergne2010-09-281-2/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@109 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix error for query string starting characterbenjamin.dauvergne2010-09-281-1/+5
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@108 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix segfault when no assertion is foundbenjamin.dauvergne2010-09-281-3/+5
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@107 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Remove compiler warningbenjamin.dauvergne2010-09-281-4/+3
| | | | | | | Those unused variable are only used by one branch of the preprocessor conditional. git-svn-id: https://modmellon.googlecode.com/svn/trunk@106 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Improve formatting of metadatas, fix endpointsbenjamin.dauvergne2010-09-281-29/+28
| | | | | | | | | - NameIdManagement endpoint is incorrectly listed (and useless if only transient federation are expected). - an HTTP-Artifact endpoint for the AssertionConsumerService was added, letting HTTP-Post as the default binding. git-svn-id: https://modmellon.googlecode.com/svn/trunk@105 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Version 0.3.0.olavmrk2010-08-123-2/+19
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@104 a716ebb1-153a-0410-b759-cfb97c6a1b53
* configure: Fix test for apxs.olavmrk2010-07-021-9/+5
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@103 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Verify Address in SubjectConfirmationData.olavmrk2010-07-021-0/+10
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@102 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Type checking of all referenced XML elements.olavmrk2010-07-021-12/+57
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@101 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Support subsecond precision timestamps.olavmrk2010-07-011-6/+35
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@100 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Validate received response.olavmrk2010-06-302-0/+197
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@99 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Reject messages with more than one assertion.olavmrk2010-06-301-79/+77
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@98 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change return type of am_reconstruct_url to not be const.olavmrk2010-06-302-3/+3
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@97 a716ebb1-153a-0410-b759-cfb97c6a1b53
* debian: Add debug-symbol package.olavmrk2010-06-303-2/+7
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@96 a716ebb1-153a-0410-b759-cfb97c6a1b53
* debian: Fix path to README-file in description.olavmrk2010-06-301-2/+3
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@95 a716ebb1-153a-0410-b759-cfb97c6a1b53
* login endpointolavmrk2010-06-182-0/+83
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@94 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Refactor out am_send_authn_request from am_auth_new_ticket.olavmrk2010-06-181-62/+80
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@93 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Check whether the metadata files exists before passing them to Lasso.olavmrk2010-06-171-0/+12
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@92 a716ebb1-153a-0410-b759-cfb97c6a1b53
* mellon_create_metadata.sh: Use hostname as CN during metadata creation.olavmrk2010-06-171-1/+3
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@91 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix memory leak on no-cookie error during response processing.olavmrk2010-06-171-0/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@90 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Set the MellonIDP variable to the IdP that we got a response from.olavmrk2010-06-171-11/+16
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@89 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add missing session unlock in am_check_uid.olavmrk2010-06-171-0/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@88 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Display proper error when missing MellonSPMetadataFile.olavmrk2010-06-171-6/+11
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@87 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Version 0.2.7olavmrk2010-05-312-1/+7
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@86 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Shibboleth 2 interoperability. This is acchieved by increasing themanu@netbsd.org2010-05-314-2/+55
| | | | | | | | | | | | | storage for attributes, as OID-named attributes sent by the Shibboleth IdP consomes quite some space. There is also a required Destination attribute in AuthnRequest elements. It is done by trunk version of lasso, but not by any currently released version, hence we do if it is not done. git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Optionaly ave the remote IdP entityId in the environmentmanu@netbsd.org2010-05-315-2/+34
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@84 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add script: mellon_create_metadata.sholavmrk2010-02-051-0/+90
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@80 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Some README fixes.olavmrk2010-02-051-3/+3
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@79 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Version 0.2.6olavmrk2009-12-213-1/+12
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@78 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix warning about unused variable in am_handle_metadata.olavmrk2009-12-211-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@77 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Remove unnecessary code from session creation code.olavmrk2009-12-211-51/+42
| | | | | | | | This patch fixes a spurious warning about an uninitialized variable by removing the code path that the compiler assumed could lead to the variable being uninitialized. git-svn-id: https://modmellon.googlecode.com/svn/trunk@76 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix uninitialized variable in repost handler.olavmrk2009-12-211-1/+1
| | | | | | | | This bug could lead to XSS or remote DOS, depending on the compiler. Thanks to Benjamin Dauvergne for reporting this bug. git-svn-id: https://modmellon.googlecode.com/svn/trunk@75 a716ebb1-153a-0410-b759-cfb97c6a1b53
* MellonSPPrivateKeyFile is not optional.olavmrk2009-11-301-4/+3
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@74 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Version 0.2.5olavmrk2009-11-163-1/+9
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@73 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Require a session for accessing the repost endpointmanu@netbsd.org2009-11-131-0/+6
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@72 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Off-by one bug that caused malfunction when replaying a POST request manu@netbsd.org2009-11-131-1/+1
| | | | | | | | | | | | | | containing an empty filed such as <input type="hidden" name="foo" value=""/> It was reposted as <input type="hidden" name="foo" value=" "/> git-svn-id: https://modmellon.googlecode.com/svn/trunk@71 a716ebb1-153a-0410-b759-cfb97c6a1b53
generated by cgit (git 2.34.1) at 2024-05-03 07:31:45 +0000