head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.8 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.6 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.4 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.2 pkgsrc-2011Q2-base:1.4 pkgsrc-2010Q1:1.3.0.4 pkgsrc-2010Q1-base:1.3 pkgsrc-2009Q4:1.3.0.2 pkgsrc-2009Q4-base:1.3; locks; strict; comment @# @; 1.4 date 2010.05.31.16.44.28; author manu; state dead; branches; next 1.3; 1.3 date 2009.12.01.08.49.46; author manu; state Exp; branches; next 1.2; 1.2 date 2009.07.06.22.01.35; author joerg; state dead; branches; next 1.1; 1.1 date 2009.05.26.05.26.00; author manu; state Exp; branches; next ; desc @@ 1.4 log @Update to lasso 2.2.91. From the NEWS file: 2.2.91 - January 26th 2010 -------------------------- A new Perl binding, fix for backward compatibility with old versions of glib, LassoLogout API is more robust since it does not need anymore for all SP logout to finish to work, new macro lasso_list_add_new_xml_node, add support for WS-Security UsernameToken (equivalent of poor man HTTP Digest Authentication), make public internal APIs: lasso_session_add_assertion, lasso_session_get_assertion and lasso_session_remove_assertion. 2.2.90 - January 18th 2010 -------------------------- Lots of internal changes and some external one too. There is a new api to force, forbid or let Lasso sign messages, it is called lasso_profile_set_signature_hint. Big overhaul of the ID-WSF 1 and 2 codes, and of the SAML 2.0 profiles. Now all SAML 2.0 profile use common internal functions from the lasso_saml20_profile_ namespace to handle bindings (SOAP,Redirect,POST,Artifact,PAOS). New internal API to load SSL keys from many more formats from the public API. In ID-WSF 2.0, Data Service Template has been simplified, we no more try to apply queries, it is the responsability of the using code to handle them. In bindings land, the file bindings/utils.py has been stuffed with utility function to manipulate 'type' tuple, with are now used to transfer argument and type description, their schema is (name, C-type, { dictionary of options } ), they are now used everywhere in the different bindings. We support output argument in PHP5, Python and Java, i.e. pointer of pointer arguments with are written to in order to return multiple values. For language where the binding convert error codes to exceptions (all of them now), the ouput value is returned as the normal return value of the method, so only one output argument is handled for now. We now use GObject-introspection annotations in the documentation to transfer to the binding generator the necessary metadata about the API (content of lists, hashtables, wheter pointer are caller/callee owned, can be NULL or if argument have a default value). The file bindings/override.xml is now deprecated. In documentation land, the main reference documentation was reorganizaed and more symbols have been added to it. Many more functions are documented. There is now tools to control the evolution of the ABI/API of Lasso. @ text @$NetBSD: patch-cb,v 1.3 2009/12/01 08:49:46 manu Exp $ --- lasso/xml/tools.c.orig 2009-11-30 18:38:05.000000000 +0100 +++ lasso/xml/tools.c 2009-11-30 18:39:45.000000000 +0100 @@@@ -1492,2 +1492,70 @@@@ return result; } + + +/** + * lasso_url_add_parameters: + * @@url: the original URL + * @@free: whether to free the URL parameter + * @@...: pairs of strings, key, value, followed by NULL + * + * Iterate over all pairs of key,value, and concatenate them to @@url encoded as "&key=value", where + * key and value are url-encoded. + * If free is true and at least one pair was given, url is freed. If url is NULL, the first + * ampersand is omitted. + * + * Return value: a newly allocated string, or url. + */ +char* +lasso_url_add_parameters(char *url, + gboolean free, ...) +{ + char *old_url = url, *new_url; + xmlChar *encoded_key, *encoded_value; + int rc = 0; + va_list ap; + + va_start(ap, free); + + while (1) { + char *key; + char *value; + + key = va_arg(ap, char*); + if (! key) { + break; + } + encoded_key = xmlURIEscapeStr((xmlChar*)key, NULL); + goto_cleanup_if_fail_with_rc(encoded_key, 0); + + value = va_arg(ap, char*); + if (! value) { + message(G_LOG_LEVEL_CRITICAL, "lasso_url_add_parameter: key without a value !!"); + break; + } + encoded_value = xmlURIEscapeStr((xmlChar*)value, NULL); + goto_cleanup_if_fail_with_rc(encoded_value, 0); + + if (old_url) { + new_url = g_strdup_printf("%s&%s=%s", old_url, (char*)encoded_key, (char*)encoded_value); + } else { + new_url = g_strdup_printf("%s=%s", (char*)encoded_key, (char*)encoded_value); + } + if (old_url != url) { + lasso_release_string(old_url); + } + old_url = new_url; + + lasso_release_xml_string(encoded_key); + lasso_release_xml_string(encoded_value); + } +cleanup: + va_end(ap); + if (free && new_url != url) { + lasso_release(url); + } + lasso_release_xml_string(encoded_key); + + return new_url; +} + @ 1.3 log @Pullup single logout related bugfixes from lasso -current. On SP initiated logout, the SP x509 certificate was included in the HTTP redirect URL. First this was an SAML standard violation, and second it inflated the URL beyond 2038 bytes, which is the maximum length for IE7 and prior. As a result, SP initated single logout was broken with IE7 and prior versions. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Add some necessary casts for LP64 platforms in the hash functions. Merge patch-cb into patch-bd. Fix ctype casts. @ text @d1 63 a63 12 Index: lasso/xml/xml.c =================================================================== --- lasso/xml/xml.c (revision 4193) +++ lasso/xml/xml.c (revision 4194) @@@@ -1554,8 +1554,9 @@@@ } } } - - node = lasso_node_new_from_xmlNode_with_type(xmlnode, typename); + if (typename) { + node = lasso_node_new_from_xmlNode_with_type(xmlnode, typename); d65 10 a74 3 lasso_release(typename); return node; @ 1.1 log @Two bugfixes pulled from upstream: - make sure assertions are signed - don't crash when parsing saml:AttributeValue with xsi:type set @ text @@