[shibboleth-sp2] annotated tag 1.3 created (now 6acc8bc)
Ferenc Wágner
wferi-guest at moszumanska.debian.org
Tue Jan 26 21:29:39 UTC 2016
This is an automated email from the git hooks/post-receive script.
wferi-guest pushed a change to annotated tag 1.3
in repository shibboleth-sp2.
at 6acc8bc (tag)
tagging a1d766a11339e5a208483ef87fe84fa14ef902a8 (commit)
tagged by no-author
on Thu Jul 21 21:48:04 2005 +0000
- Log -----------------------------------------------------------------
Tagging 1.3 release.
Aaron Wohl (12):
get rid of timespec in portable ccache. it doesnt exist on the pc.
windows implementation needs more testing
oops the public static functions wherent in that versin i checked in
1) add virtual destructors to all base classes
vc_register
map the names:
test harness for windows shib-threads.cpp, could work on unix without too much trouble but
ifdef pthreads, it doesnt exist on the pc
cant return a void in microsoft vc 6 sp5, need to do return or fall off the end
make a less pthreads specific way to mask signals
mask signals in a way that can work on a pc
implementation of shib-sock.c for win32
Derek Atkins (216):
Code drop of new target..
Don't need this file -- added by accident
Add the apache config (mods) that I'm using
mod_shire.cpp: fix all the errors to include APLOG_NOERROR
- Update to Xerces-2.1 support
Fix a character "shift" config bug
Don't crash if apache does not pass a content type
Change the RPC API to pass a list of SAMLAssertion objects. Push the
change the log-level of a few messages from INFO -> DEBUG
Add shireSSLOnly config optopn and check it in mod_shire
refresh the INI file whenever it changes on disk (stat the file
add the shireSSLOnly tag to the INI file
Updated sample apache config
update sample apache config with a few more comments
Updated example configuration files to match new config module
Stupid SUN compiler .. implicit -Dsun=1... Can't use a variable "sun"
We don't need unistd.h (and it causes problems on Solaris)
Add the XMLOriginSiteMapper to tyhe build
use the new XMLOriginMapper
Move shib-target.h into shib-target subdir
Remove Makefile
autoconfiscate the building of the shar
install eduPerson.h into ${includedir}/eduPerson
register the shib schema
It helps to actually RETURN the object....
Check for apreq headers to make sure apreq path is correct
Add --enable-apxs-install configure option (default is OFF). When it is
Break the POST processor into a "handler"
Rebuilt the RPC stubs. Add NEED_XDR_LONGLONG for scott
Change the rpc service APIs to abstract out RPC SVC creation.
Move shibrpc_svc_run() into the shar. Implement our own svc_run(),
remove the socket "file" at shar shutdown
Add '-f' option
fix bugID 24.. Use stringstream instead of strstream
report the saml exception in the error logs.
Fix error message for SHIRE POST (bug 27)
Try connecting to the SHAR multiple times (with a short sleep between).
I should try compiling simple fixes..
I should compile before committing..
configure.ac: add --with-dmalloc= option to compile with (some) dmalloc support
Include code to work on Solaris, but it is #ifdef'd out for now
move scott's shibrpc.h fix to shibrpc.x so it doesn't get lost.
add test-client to .cvsignore
It helps if I type "clnt" and not "cnlt"
updated bootstrap to deal with RH7.3
Check-in of original version of ONCRPC library (and headers) from
Re-port RPC library to Solaris
A better hook for our oncrpc
Ignore built-files
the RPCTEST needs to be run earlier (because LIBS gets "too big" ;)
add xdr_free prototype
No longer need to test for xdr_uint64_t -- we've got it ourselves
add some #defines to rpc/rpc.h to not shadow system-library symbols
Don't need clnt_destroy or svc_destroy -- those are already
#include <rpc/rpc.h> to get our overriding #defines
Add #include <rpc/rpc.h> to the rest of the sources
slightly different fix to link ONCRPC
Add more documentation about the apache options
rename "wayfError" to "shireError"
add sitesCertFile INI-file parameter
Added thread api and pthread impl
shib-ini.cpp:
shib-ccache.cpp:
Add locking to the cache. This is mostly MT-Safe now, although
shib-ccache.cpp:
add Thread::kill() API
Refactor the SHAR code a bit.
Add interface for thread-specific data (ThreadKey)
shib-target.h:
shib-threads.{h,cpp}:
shib-ccache.cpp:
Add some more error output. In particular, start looking for
Add some debug/info logging for the shar cache cleanup thread
set the connection auth_type. Fixes bug #41
mod_shire/mod_shibrm: catch all exceptions, not just runtimes. The
Move some headers around so we can #undef _XOPEN_SOURCE
ignore xmlsectest
shib-ccache.cpp:
mod_shibrm:
fix a potential SEGV in the rpc code
need to convert the XMLString to char* to output..
Change the "extensions" header to "extensions:saml", in preparation
Add configuration options for the cacheType, cacheClean, cacheTimeout,
Implement the request attributes
Be sure to delete the ShibINI::Iterator objects when we're done with them
Improve the logging information
Fix the ShibINI::iterator destructors.
Handle errors slightly better.
Change the RPCError API; supply a 'type', 'text', 'desc', and 'code'
Fix a spelling snafu
put the shar into the background by default
revert out the daemon() call -- it's not portable
Make sure we distribute a complete source tree
Apply XDR fix for SunRPC, even though our code is not affected
Make sure to always include mod_shibrm and mod_shire Makefiles..
Properly find Xerces-C 2.2 (it needs a namespace)
User -> for pointer dereference
xmlsec requires xml2 -- required to get "make distcheck" to work. Make distcheck
Begin a restructuring to allow the most re-use of code for
Plug-in support for Credential Cache -- allows for Caches to be
Change cacheTimeout configuration from minutes to seconds
Change RPC timeout to 10 minutes. We're using "TCP",
Require a valid "member@" attribute. Hopefully this is correct.
Add #define for "defaultLife", the default attribute lifetime
Deal with assertions without ending times by limiting them to
Solaris requires a re-order of libraries (at least on MY solaris box)
* ccache-utils.h shib-ccache.cpp:
Add support for the originErrorURL, originContactName, and originContactEmail
hook in the OriginSiteMapper; now just waiting on the originSite
Re-architect the way errors are handled across the RPC.
It helps if the method is declared as part of the class ;)
Return the origin from the POST during new_session()
Hook in the origin obtained via the RPC.
Export the raw AuthenticationStatement from the CCache
Pass the origin back across the RPC in the other two RPC methods
Check for non NULL and non-empty URL string
Add configuration options for AATimeout, AAConnectTimeout, and SAML Compat.
Catch parsing errors and pass them up to the user
Update the example 'require' to be correct
Remove 'valid-user'
Put the style sheet into the HTML root directory
An ExpiredAssertionException is fatal, not retryable
shireError.html: update the error template to show origin contact
Add a timestamp to the RM error message
Don't die on a certificate parse (or keystore) failure. Ignore the failure,
Add a bunch more debugging to the RPC sections
Make sure to ignore generated files
The MySQL Credential Cache
Add a --disable-apache-13 configure option
Get the --enable-mysql configure argument to work properly
First pass at an apache-2 module. It compiles on Linux
Add stdio.h to mysql link test
Fix Scott's test to make it work on Linux again
Get the Apache-2.0 module working.
Add an apache2 configuration sample
Check for pkg-config and use that for openssl libraries, if it's available
Don't forget to add -lssl -lcrypto
Need to set -lssl -lcrypto and do so outside the --with-openssl code
Refactor some code:
First pass at an API for a higher-level target API
Remove (old) mod_shib code
Remove the non-used eduperson module code
Improved SHIREURL support:
Add some additional shutdown logging
Handle the case where a session is destroyed in the database.
Better exiting without an ini-file
Add support for ShibRequireAll per-directory directive
Move the configs EXTRA_DIST from main Makefile into configs Makefile
Build the config files at compile-time; this will let us stop hard-coding
Config files point to $prefix
Don't hard-code /opt/shibboleth in the sources. Use a #define
scott missed a closing brace. Now this compiles
Port scott's changes from apache-1.3 to apache-2.
port scott's cgiparse code into a C++ class.
Makefile's dont work properly with embedded ^M chars
Get cgi parsing code to work. Note: it helps a lot if
Need to properly zero-ize buffers before passing them to apache
fencepost error readying from apache. works now with
Use '0' instead of 'NULL' in initializers
add shibboleth.xml to the ignore list
handle non-srcdir builds
Add a shib-paths header file, auto-generated at build time.
be sure to parameterize the new config file properly
Remove some code which isn't implemented (and probably never will be)
Build apache modules from a common source.
Reduce code duplication -- move the headers into the common file
test -f requires a full path, so use AC_PATH_PROG to find the -config app
Add a comment to revisit a difference between this module and the
Fix the names of the (new) apache modules
Rename "syslog" to something that doesn't confuse people.
Change the logdir to ${localstatedir}/log/shibboleth, which means
Remove old apache-1.3 and apache-2.0 code, as we now use the combined module
Be careful of empty vars
Fix the getopt() string
remove apxs as an install-method. Fixes #89
add an init test that shows how init();shutdown();init();shutdown(); fails
Some extra debugging to show it's dying on shutdown 2
Add some debugging info in mod_apache to see where we're called.
Make sure we don't provide bogus data in the rpc return value.
Make sure both the 1.3 and 2.0 sources are in the DIST even if
Initial revision of Shib RPM Spec File.
Working SPEC file for Shibboleth.
Don't overwrite config-files on install.
Move the SHIRE and RM code into ShibTarget.
Checkpoint the new ShibTarget code.
Move the 'SHIRE' d'tor into the class definition.
Checkpoint shibtarget.
Checkpoint: Implement doHandlePOST()
Checkpoint: Apache Module using new ShibTarget class.
Abstract out getAssertions and implement part of doCheckAuthZ
Implement generic HTAccess and doCheckAuthZ()
Implement the ISAPI Filter callbacks.
Remove sleep() debugging.
Implement the ISAPI Extension callbacks.
Implement filter and extension modules using new APIs.
Not all modules can call doHandlePOST() from doCheckAuthN().
Install non-generated config files from srcdir (#184).
return "DECLINE_CMD" when we process the AuthGroupFile directive.
Handle apache-1.3 ap_set_file_slot() api.
Move some file locations around.
Fix /var/run path.
First pass at some SELinux policies for the Shibboleth SP.
Build and install selinux policy files.
Create SELinux policy package
Added a spec changelog.
Pull nsapi_shib up to HEAD.
First pass at porting the NSAPI module to the new ShibTarget API.
ShibTargetException -> FatalProfileException
Plug the SP into Apache automatically (if the config dir exists).
rename the 'shar' process, "shibd"
Fix a variable scoping bug.
ignore the new 'shibd' program.
Build the selinux files.
Set SO_REUSEADDR on the tcp listener.
move the setsockopt() before the bind()
install and load the fixed policy.
Nate Klingenstein (5):
Updates to 1.1; simplifies section 4, moving most info to section 5; documents resolvertest.
Softens language in 2.1 for Ken.
Added information about ca-bundle.crt for origins.
Changed shib-support to inqueue-support.
Small changes & fixes reported by users.
Noah Levitt (3):
Add *.loT to .cvsignore.
Actually we don't want to ignore *.loT.
Try to be smart about removing .la files.
Ryan Campbell (1):
Initial checkin for .htaccess support via registry.
Scott Cantor (1314):
Initial Win32 project
no message
Corrected scope operator.
Fixed null -d bug.
Add XML schemas
Add Sun makefile
Add GCC makefile
Corrected exception declaration.
Had to add Scope attribute to derived types (Xerces bug?)
Initial versions
General cleanup, adding mappable attributes, split out attribute classes.
Initial versions
Added single byte value access to attributes.
Added eduPerson source files
Added constants and support classes.
Per-attribute support classes with stricter type checking.
Added a constant for InvalidHandle.
Hopefully near alpha2
Add Sun makefiles
Add debug switch
Factor out constants
Cleaned up a minor Solaris issue and some warnings.
Solaris only extern decl.
Took out old line of code.
Error handling fixes, added assertion export, directory config merging.
Fixed bug in default timeout setting.
Corrected default setting behavior.
Set SAML verbosity based on log level.
Added option to dynamically derive SHIRE scheme/hostname/port from target URL
Fixed const problem
Path changes
Added option to normalize request URL to server name.
Fixed log statements
Renamed server config routine to avoid collision with other modules.
Fixed debug logging.
Fixed up tester to use AAP like mod_shib
Added verbose config setting.
Beginning of work for Shibboleth beta.
Solaris fix
Changed Iterator arguments to const references
Update makefile sources
Changed Iterator::next() to return const&
Update to newer SAML API
Changed serialization to a const operation.
Reworked SAMLException as a SAMLObject subclass.
Win32 corrections
Win32 corrections
no message
Fixed bugs in cache entry validation, cleared all mapped headers before looking at attributes.
Turned library into a formalized "extension" using special entry points.
Revised to use (lib)eduPerson as extension library.
Initial version, based on a hybrid of alpha 2.5 and some new work.
isapi_shib added
Added ctime header.
Reworked config class.
Added extensive logging, mapper now uses an internal lock, misc. bug fixes.
Added log4cpp settings.
Added ShibLogConfig and ShibLoadModule commands to sync up with post-alpha libraries.
Added log4cpp to build.
Config changes.
no message
Added notation elements to schema, not sure if this is correct.
Converted Filter attribute to a simple string enum, to bypass some bugs we're looking into.
Wrapped g_config in an anon. namespace
Add posttest program
Small tweaks to prepare() signature
VC6 doesn't like std::time_t
Added SAX exception handler.
Added additional checking calls, a better mapper.
no message
Updated to Xerces 2.1
Added XML mapper and some constants.
Added constants.
Initial port from Java
Removed mapper from APIs.
Added destructor.
Hardcoded a base of file:/// so relative URIs can be used.
Add m4 and libtool files
Moved to shib/
Moved to eduPerson/
Check in initial autoconf files and headers
Changed header inclusion
Moved test programs into new location
Moved to new test/ location
Moved to test/
Remove old Sun makefile
Added registration of schema, to insure it's been installed.
Removed extra registration of shib schema.
Changed layout for autoconf
Pulled out extra registration of shib schema, no longer needed.
changed header locations
Add automake file to shire module
added prelim support for Apache 1.3 modules
have to "install" shared libs
fixed headers
Add automake file to shibrm module
Change CVS properties
Change CVS properties
Remove old GCC makefile
per-target CFLAGS seems to fail on Linux
added apxs conditional to bypass install
wrapped globals in namespace
added a check for uint64 support in xdr.h
Partial implementation of signature verification with libxmlsec.
Corrected dummy mapper interface
Changed to test signed response on stdin.
removed inline assembler breakpoint
Added xmlsec and friends to the build.
Made calist mapper paramater optional (don't need CAs if not verifying)
Removed explicit call to accept() and added warning when values are filtered.
Got test-client working again
Added log4cpp to build.
tests for TLI RPC fix
Corrected and added RPC-related tests, fix to library inclusion for libxml
Added config.h
Fix to missing datatype fix for Sol2.6
Added TLI fix to CXXFLAGS
Changed example paths and added attribute mappings
example file-based logs
changed default settings
Add automake file to configs directory
added configs/Makefile
configs/ca-bundle.crt
added CA bundle
fixed xdr_free return type
added oncrpc to shar build
Added test for libapreq on Sun, needs a -U switch
log->debug() crash workaround
new test program for xmlsec
extra comma causing warning
Sun's compiler wants extra cast
Extraneous malloc declaration
Added text files to distro, updated version of package.
Added APLOG_NOERRNO to error logging.
Added distribution files
Extraneous ifdef removed
Revised exception modeling.
POST profile more exception-based when errors occur.
Revised exception modeling.
Reverted POST profile API to return pointers.
Removed unneeded pointer checks from POST profile calls.
Reverted POST API
Pass ShibINI object to extension libraries
Added "1" for boolean tag values.
Reworked routines to support attribute section in ini file, must now link to libshib-target
Reworked library to support manual content validation,
converted a reference member to a string to avoid temp object bugs
Various WIN32 fixes.
Remove Windows config header
Common copy of autoconf settings for Win32 build.
Added strcasecmp check
Various WIN32 fixes.
Various WIN32 fixes.
Customize signature verify step based on type of signed object.
switch extra install to dist-hook
Wrapped mapper c'tor in exc handler, elevated error logging.
Verbose failure of shib-target startup
Added regexp attribute to Domain elements.
Revised OriginSiteMapper so that domain iterator includes a regxp flag.
First attempt at regexp AAP support for scoped attributes.
Switch to Xerces regexp class.
Fixed dummy mapper
catch XML regex exceptions
Added missing files to distribution.
Added AAP elements to schema.
AAP implementation, refactoring of simple attribute classes.
Change to SAMLRequest signature.
Correction to request c'tor
Added RTTI and factory interface for exceptions.
Windows makefile changes
Added Java-style pkg prefix to exceptions.
Fixed exception constructor.
Migrated thread API from shib-target.
extra backslash
migrated thread classes to libshib
Modified default policy URI.
Added SAML policies
Added runtime policy via config file, added global access to target config.
Added filter on assertions for condition checking.
Converted policy vector to XMLCh from xstring
Various fixes to runtime policy changes
Bypass policy URI for now.
Made SHAR socket name/port configurable.
Remove old GCC makefiles
Worked around C language of shar.
Return NULL sock name if config not loaded.
Wasn't calling function to get socket name.
Changed policy URI to pilot version.
Added new OriginSiteMapper design to support refresh.
fixed extra template instantiation
Use built in mapper implementation.
Change policy URI
wrong ini section in policy loading
Fixed policy loading again
changed constant
fixed typename in exception classes
Added refresh setting.
Added refresh setting.
Revise affiliation URI
Added regexp feature to require rule processing.
Fixed a race condition during ST init, moving most of the work to an init() method
corrected log label
fixes to regexp code
added CA support
revised mapper interface
Multiply minutes for cleanup by 60.
Change to attribute name.
Added default AAP.
Use InCommon key for sites file.
Default policy
Comments fixed.
Updated default.
Fixed bug in EPPN parsing.
Debug logging.
More debugging.
Screwed up DOM element reference.
Forgot a cast.
Screwed up another cut and paste.
Allow empty policy.
updated pkg and lib version
added AAP to build
Use a fixed message for AA content type errors for now
Fixed calls to exception macros
Added format URI
added back old audience value for easier migration to new release
Added format URI
removed unneeded schema
Remove old schema
Moved AAP stuff in, added new attr value type.
Switched to pattern layout.
Migration of eduPerson code.
Moved AAP and attribute config from eduPerson lib.
Removal of eduPerson
Removed attribute factories.
Added attribute factories.
Added logging.
Code shifted to shib library.
Added contact info to site metadata.
A few compatibility fixes.
Reordered headers and removed some constants.
Fixed config defs.
Reordered header (Windows issue with Apache lib)
Changes to config options.
Prelim port to Apache xml-security lib
Header case correction
Updated version
Some Win32 fixes.
Can't inline virtuals
Removed eduPerson
Remove test program
removed old test
updated for new release
Removed the includes and some lib folders.
Add eduPerson module to Windows solution
Added APIs for origin site access.
Updated to 1.5 final release
Renewed OSU CA
Fix to SAML config params.
fix samples
Draft 1.1 schemas
Added new schemas.
Added contact list.
Support multiple contacts.
Change to contact info interface.
Added null destructors
Some win32 fixes.
Exported auth method and origin site.
Switch to NCName for IDRefs
Avoid pushing unconverted values on to the list.
Stat the pathname directly, removed stale code.
Add siterefresh utility
Added siterefresh
Change CVS properties
Add siterefresh to build
Bug fixes
Fixed cert parsing.
Missed a semicolon
Corrected cert parsing
Updated drafts
First cut at trust metadata
Switch to UTF-8 for values.
Reactivated valid-user rule.
Added AnyValue rule.
Added AnyValue support in AAP
Some changes for 1.0
Add AnyValue rules for default attrs
Was returning nulls from mapper calls
Clone the attribute designators when building query.
Added memory leak traps in constructor.
needless assignment of iterator removed
Removed RespondWith from query (deprecated in SAML 1.1)
Revised metadata entries
Revised metadata interface for multiple sources/providers
Revised metadata interface for multiple sources/providers
Tweak to provider type
Change metadata provider types.
Add various MSVC extensions
Refactoring of metadata interface
variable scoping error
Temporary noops for cert validation.
Fill in missing methods.
Merge trust and metadata config.
Revised trust schema
Add various MSVC extensions
First cut of new trust interfaces
Changed exception type
Schema fixes.
Missing complexType
Forgot to check result of validation.
Fail if any metadata provider fails.
Shifted getCert call from IAuthority to Trust
Forgot to initialize member
Parse regexp rules as UTF8->UTF-16 values.
Basic sites file with pilot testing sites.
First example of a trust file, pretty minimal now.
Added metadata.
Remove test program
Tweak default policy.
Updated sample file.
Removed InCommon constant.
Removed policy constant
Allow zero assertions.
Updated case of InCommon URIs and added CAs to trust file.
Removed duplicate CA.
Update timestamp when reloading file.
Wrong variable name.
Clone statement before deleting response, append null to serialized object
Tweak to cleanup
Removed extra clone
Bypass spurious warning
Removed.
Updated attribute URIs.
Log metadata failure, but don't abort.
Abort shar on metadata failure.
Added some comments.
Added some comments.
Change level to WARN.
Don't need metadata in tester.
Update some of the paths and strings for the 1.0 rollout.
Added consts.
Added consts.
Better warnings when rejecting values.
Update some of the paths and strings for the 1.0 rollout.
Tweaked path to example HS
Changed WAYF path
Switched to InQueue federation name.
Moved docs to doc folder.
Add doc folder.
Moved docs to doc folder.
Moved to doc folders
Added deploy guides.
Syncing with java copies
Bad path
Merged doc changes
Merged doc changes
Changed name of policy.
Missing schemas from distribution.
Function needed to return value.
Switch to mask_all
Removed obsoleted "attributes" section.
Reimplemented AAP consistent with Metadata/Trust APIs
Changes to attribute handling.
Added schema to support attribute config via AAP files.
Moved attribute configuration into AAP.
Removed aap-uri
Upped revision
Check for optional attributes before assignment.
Put back the fix for using transcode before Xerces is started.
Added check for strtok_r
Added strtok define.
strtok fix for Windows
Updated to fix hidden symbols
Fixed for VC6
Add ONCRPC project to Windows project
Added export specifiers.
Unused variable removed.
Update Windows project files
Added export specifiers.
Reordered headers.
Update Windows project files
Added export specifiers.
Added license.
Prelim Win32 changes.
Add shar project to Windows project
Added most of the remaining projects.
Reworked arg array (error'd on Windows)
Add MYSQL plugin to Windows project
Added mySQL plugin project.
Wasn't assigning socket during creation.
Windows changes.
Added export specifier.
Wrong license in file.
Added license.
Reorganized preprocessor declarations for Windows.
Split debug/release library build dependencies
Added a catch_all handler.
Extra "new" in exception toss crashing on Windows.
Removed unneeded static vector.
Reworked filter to improve performance on unprotected content.
Plugged leak in deletion of statement.
Added listen call to sock bind.
Added svcfd_create.
Added EAPI.
Use fd_create on Windows.
Added winsock calls.
Change CVS properties
Added build directories.
Added sharacl for TCP shar
Access sock name through function.
Change CVS properties
Check for a slash before unlinking.
Rework sockname, and add sockacl.
Add ACL on socket, add optional TCP support to Unix.
Define TCP for Windows shar.
Add --enable-tcp option.
Remove old projects.
Add TCP define to C++ flags
Fixed TLS.
Implemented per-thread RPC handles.
Broke apart to account for Windows service differences.
Win32 service support.
Removed useless "normalizing" code.
Rewritten filter based on 1.0 APIs, still missing POST handler.
Added isapi section and per-site parameters for ISAPI.
Added POST handler as an ISAPI extension.
Add shibtarget project to Windows build
Working version.
Added catch(...) handler.
Change output filenames.
Added VC++ files to dist.
Added Win32 Install file.
Revised distribution inclusions.
Added Win32 threads source to dist.
Revised distribution inclusions.
Fixed unlink option
Add backward-compatibility hack for aap-uri setting.
Major rewrite for Windows and IIS, 1.0.1 changes, many corrections.
Added aap-uri warning.
Compile error.
Fixed nasty null pointer bug in Thread::join()
Tweaked some logging.
Added clarifying stderr msg once log is switched.
Point build at mysql sources.
Added finalize call.
Turn on SQL cache by default.
Added docs for MySQL cache.
Changed default schema path on Windows
Install to libexec
Added noinst header
Swapped order of deletes in cleanup
Switch from kernel call to FD_SETSIZE.
Hide svc_fdset symbol to override Solaris global.
Override svc_fdset global to hide Solaris global.
Added AC_DEFINE for ONC library.
Conditional redefine of svc_fdset to onc_svc_fdset.
Added ONC define.
Reordered includes.
Bad FAQ URL
Added a bit of logging.
Small changed, plus syncing up origin feature list.
Patch to Makefile.in
Tweak patch language.
Added MySQL section.
Added new attributes.
Added Headers.
Added scope rules to AAP schema.
Add permit/deny rules for Scope to AAP implementation.
Allow only scope rules in a site rule.
Fix accept/deny check in Scope rules.
Updated version to 1.1, added Scope rules in AAP section.
Updated package version.
Add sample Scope rules.
Reorganized attribute factory API for custom plugins.
Let complex values pass AnyValue rules.
Update to OpenSSL 0.9.7b
Add missing files.
Some final Windows additions.
Added default shireURL for IIS version to use.
Fixed problem with buffer reuse, set MIME type on errors.
Was overwriting session id with address.
Updated feature list.
Updated feature list.
Forgot to set C++ flags to use local RPC
Added new Verisign root.
Updated library version.
Code around STL problems.
Fixed commented out rules.
OpenSSL on Solaris returning NULL method ptrs for empty exts.
Syntax error in validation
Add format parameter.
Add a test for POSIX rwlock interface
Code around lack of POSIX rwlocks on 2.6
Added GlobalSign Root.
Fix for bug #74.
Added timestamps to top level elements, new stuff for trust fabric.
Corrected data type.
Fixed various schema errors.
Example credentials file.
Added comment at top.
Add XML-based client SSL config.
Revision for new binding API, won't work just yet...
Add XML-based client SSL config.
Removed old key/cert commands.
Upped lib version
Used wrong subject pointer in binding call.
Reference, not pointer.
Updated provider types and creds format.
New creds format.
Add SAML library to link lines
Revamped credential APIs.
Errors in KeyStoreResolver
Socket "name" is a string on all platforms.
Added a close() when the child socket exhausts the ONC limit.
Set FD_SETSIZE if not set already.
Fixed bug in service install name
Fix dumping for older OpenSSL
ERROR constant was conflicting on Windows
Missing rest of SAML checking after extract of origin site.
Replaced auto_ptr with try/catch block.
Cleaned up some auto_ptrs.
Cleaned up some auto_ptrs.
Added release() calls.
ShibTargetException needs copy ctor like elf needs food. Badly.
Wasn't returning true from attach()
Removed unneeded warning about socket closure.
Change CVS properties
Check for empty cookie before calling RPC.
Handle empty cookie with a retryable error.
Adding installshield scripts to cvs
Changed media path
Adding installshield scripts to cvs
Should init refcount value.
First draft of URL mapping schema
Made hosts optional.
Untested URL mapping support.
Added scheme enum
Redesigned target around URL->application mapping
Change CVS properties
Fixes to make it compile for now
removed SimpleAttribute
bad filename
Removed sock name typedef, reorgd headers
gcc didn't like empty iterator
Added time and providerId params on redirect
Added time and providerId params on redirect
Interim redesign to DOM-based config factories
Moved RPCHandle functionality inside library, added handle pool across threads.
Change CVS properties
Removed RPCHandle code.
Added creds schema
First draft
Added default attribute lifetime.
Cache sessions and attributes by application_id, remove resourceentry wrapper, support attribute push and new expiration and strictness settings.
Updated version, try and replace state table from older version.
Provide upgrade path for database from old version
Don't require origin to supply client IP
Trust metadata schema
Added AttributeAuthority elements.
New plugin implementations of Shibboleth APIs
Fixes to matching function
Updating licenses and docs
Updated config files.
Updated schemas
Redesigned APIs, factored out pluggable bits, new wrapper classes for SAML.
Fixes to get them compiling
Wasn't verifying peer, fixed matching loops, changed default depth to 1
Added attribute caching options
Change CVS properties
Align to new APIs
Updated makefiles
Wouldn't compile?
Extra dash in comment
Restored AttributeValueType for older origins
Updating licenses and docs
Updated example
Renamed creds section
Metadata revisions, fixed lack of per-thread binding config.
Added more tracing
Bad indirection in iterator
More newer gcc code fixed
Add Apache 2.0 project file
New metadata API, fixes to SAML wrappers, simpler plugin API
New plugin API, some memory leaks and other issues fixed
New config formats
New configuraton API, new APIs for various pluggable pieces, new SHIRE/RM interface for modules, etc.
New config, C++ Listener API
New config API and session cache API
Modules for new library API, merged shibrm code into mod_shire
Revisions for new target libraries
New config file examples, and a self-signed key
Update Apache module build advice
New test client for shar
Revisions for new target libraries
Changed cast to 0
Fixed some extensions
Another file gone
Fixed some Unix bugs
Now works on both platforms
Another header gone.
Fixes to Unix main()
Moved declaration over.
For now, just declare the function...
Missing function
Add extern C to API
Missing lib
Added -d option
check for empty parameters
Update XML schema files
Fixed plugin type
Add some logging, fix reversed conditional
Return boolean from TCP accept
Need to prime the implementation in factory
Updated versions, included default paths
Bypass new path header on Windows
Change inline RequestMap to a level beneath.
Pass through lazy sessions.
Restructured auth check for lazy sessions.
Was deleting socket file too liberally.
const bug
Fix up defaults.
Sync up RM behavior
Tweak to IIS schema
Explicit length on CGI parser.
Move normalizeRequest setting to ISAPI-specific.
Default cookie props
Revise module for new APIs, lazy sessions.
Changed ISAPI section
Update Windows project files, remove embedded CGI parser
Took Location out of AttributeRequester element.
Made consumer service consistent with other elements.
Changed schema location, might have some positive effects
Updated openssl path
Removed CGI parser
Moved path constants into main header for WIN32
Should only need svc_fdcreate decl on Linux
Change CVS properties
Fixes to error handling, attribute export.
Removed TCP shar option from script
Removed apreq checks.
Removed reference to ini file
Removed apreq reference
Removed mod_shibrm
Updated for new metadata and specifying root element with the command
Cleanup usage message
Added a macro to fix a Solaris header issue
Add a Shibboleth version header to HTTP requests.
Made a localhost cert
Added a default key binding for the localhost sample key.
Attempt at a default "localhost" config
Added new exception for invalid handle, and detect during queries.
Handle new exception type as retryable.
Always propagate InvalidHandleException out of query.
Changed default sites list to localhost.
Mention mod_so in docs.
New mod_shibXX projects
Add Apache Windows project files
Moved our headers into the per-version files above the Apache headers
Need the old Handler unless AuthType shib is set at root.
New default settings to support InQueue along with private testing.
Added require Shibboleth rule, fixed valid-user, and handling of no session.
Support replay checking disablement for testing
Add a replayCheck option for testing
Changed libs to use .so extension
More cleanup -- use default key always, example.edu will accept it.
Removed dual config mode.
Removed Apache config section
Removed extra key
Removed Apache element
Always include providerId in audience.
Fix for older gcc?
Problem with function cast was OpenSSL specific
Add warning on wildcards.
missed else clause
vi, aargh
Wasn't initializing wildcard pointer.
Added a 0-depth trust entry for the sample key for SSL
Have to use dynamic_cast to check for base class.
For now, pull log config from etc/
Filter out some debug level garbage
Move exception "package" path into opensaml.
Try and remove la file(s)
Implement OpenSSL locking callbacks (way too late)
static cast required for Solaris
Changed dashes to character references.
Log some of the config-related errors.
Added clock skew config.
Restrained attribute wildcarding, added clockSkew
Added clockSkew attribute
Had an attribute mis-named.
Leave Errors extensions open.
Added noverify option, will check sig if present, but warns user
Changed default for strict lifetime checking to false
Added version check for saml
Removed extra comment in SQL cache
Hacking the schema to work around a Xerces-C validation bug.
Moved NameIdentifier out of Subject.
Removed incorrect schema hint.
Fix some imports to pull local copy of DSIG schema.
Had to hang AttributeValueType off the SAML hack.
NDC was duplicating itself on stack.
Make the parameter globals a bit more unique.
Added logging to shutdown
Added a config checking option.
Added a Xerces version check.
missed a variable name
corrected some log messages
Treat empty response as success.
Added comment.
Changed from localhost in site names.
Added alias commands for css/logo
Added styleSheet tag.
Added styleSheet Error property.
Add style sheet for templates
Cleaned up the schema a bit.
The pig has landed
Added error template sample content.
Accept unscoped affiliation by default.
Convert some errors to warn.
Changes for installer.
A wee bit smaller...
Extended MLP to support arbitrary tag subbing from XML config
Tweaked some APIs to conform better to eventual metadata
Updated for 1.2
Version changes rolled back.
Switch to basic layout, add in transaction log.
Added a transaction log, reduced some clutter in session cache logging.
Repeat after me...providerId, not provider_id
Switch to basic layout, add in transaction log.
Missed a log name.
Leave session ID shorter for now
Update to installer files
Update installer fileset
Switching to local file handler for XML configs, much better for Windows
Some cleanup for config checking
Slightly better IP mismatch msg
Update to installer files
Lowered a log to debug.
Sample should have propagateErrors true, easier to test with.
Embed spaces in DNs
logging is swallowing stderr on Windows
Embed spaces in DNs
Bug in metadata-based AA query.
Add an option for emulating 1.1 authn request
Filter out xlog from this end
Was masking better error details coming from below.
Stop dumping the whole exception.
Parser seems unhappy with xml decl
For now, added space in DNs
Fixed some ambiguities.
Fixed ASC URLs for sample targets.
Added InCommon, and HEPKI middle CA so origins won't need to do extra work.
Extra KeyInfo element.
Added export of NameIdentifier.
Probably incorrect addition of URI as a subjectAltName
Cleaned up some default behaviors
Fixed some parameter setting, still need logging fixes.
Bad variable name
Got rid of very bad schema hack.
Made cookieName optional.
Handle DN matching better.
Made cookieName optional.
Update installer string tables
Factor out some of the cookie name handling.
Forgot to clear the vector.
Add AnyAttribute support for global attrib acceptance with export rules.
Tightened up RequestMap elements.
Raise logging level to WARN
Added logging config as a distinct feature
Wasn't compiling on Apache 1.3
Auto-apply handler to *.shire
Handle library unload.
Inline element should be unqualified.
Adjusted ACL API to take authn statement as well as attrs.
More likely altName algorithm, still need to test
Add a log msg when adding CAs.
Explicit log of callback errors.
Scale back log a bit, that's too much...
Added a ShibURLScheme server command
Better handling of default port when scheme is overridden
IIS fix to properly handle URL c14n
Forgot to change constant.
Proper KeyAuth matching when multiple key descriptors exist.
Adjusted some logging levels.
Renamed metadata for IQ
Added simple conditional if/ifnot tags to MLP class.
Show use of conditionals to avoid excess ugliness.
Bit of cleanup
Forgot to move reference to example origin
Update installer fileset
Proper error return for bad args.
Updated build notes and shibtest
Block use of KeyName inside KeyInfo, avoids confusion.
Block use of KeyName inside KeyInfo, avoids confusion.
Last sync up to SAML draft
Missing slash was breaking service install
Corrected and clarified some behavior.
Removed a few rarely used attributes.
Add password to commented example Key
Example of alternate way of hooking handler.
Removed Policy element from configuration
Missing closing tag
Default to memory cache
Sync up
Add debug option
Fix debug option for non-GCC compilers
Need to use apr-config on Fedora
Apache header conflict on Solaris 9
Switched to child_init hook for startup on Apache 2
Last sec draft std adjustment
Copying over latest docs.
Update for 1.2
Update installer fileset
Copying over latest docs.
Need to treat contact info as UTF-8
Ugh, forgot to encode the providerId
More checking against getApplication calls.
Had a naked throw() in get_assertions
Another naked throw()
Need to skip embedded Application tags.
Wrap child thread creation to catch exceptions.
Add logging of result codes.
Helps to include header...
Cleaned up some stray objects when threads die
Switch back to PatternLayout
Sync to 1.2
Added depcomp to dist target
Small improvement to detect bad shireURL settings.
Wrong error return on openssl call.
Bad link paths.
Remove upgrade guide from tree
Need CRLF pair when sending headers back from filter.
Update Windows install doc
Fixed errors in restriction elements.
Add application cross checking to session lookup.
Patch for Forte compiler
Protect destructors against post-shutdown use of config.
Adding case sensitivity flag to AAP rules.
Adding case sensitivity flag to AAP rules.
Adding case sensitivity flag to htaccess processing
Fixed crash when removing lone assertion due to condition check (bug 111)
Add a timeout reset to 1.3 module, emulating other examples.
Added Win32 config to distribution
Added missing files to dist.
Added wrapper around pthread include.
Fix to Site definition
Port 1.2 branch fixes
Porting changes from 1.2 branch
Porting changes from 1.2 branch
Porting changes from 1.2 branch
Porting changes from 1.2 branch
Porting changes from 1.2 branch
Porting changes from 1.2 branch
Update to Eclipse CDT file
Porting changes from 1.2 branch
Add stderr appender
Porting changes from 1.2 branch
Forgot to add appender header
Clarified an error message.
Updated to latest libcurl
Fixed broken scheme computation in extension
Tweaks for 1.2.1
Changing defaults/examples to avoid use of DN.
Change CVS properties
Missing stat definition on older Red Hat.
Adding more/most files to protected list.
Add all-data-local to install hook
Patched filter redirects to match extension redirects.
Added a sanity check if cookie value has an equal sign in it.
Added option to read file from stdin, easier way to support SSL
Added __sparc for Forte compiler
Use const char for strict C++ headers.
Block @ character in EPPN values.
Added Scoped indicator, avoids reliance on sender.
Added Scoped indicator, avoids reliance on sender.
Correct bug from last merge.
Added new constants for metadata.
Moved Domain out to be usable as an extension element.
Fixed crash during shutdown by putting RPC handle pool on the heap.
Added additional constants.
Needed for new metadata spec.
Updated package version.
Updated lib version.
Upped SAML version requirement.
Added XENC schema
Adding 2.0 metadata-related schemas.
Updated Apache link path
Revised metadata API.
Added logging of filename during errors.
Require Xerces 2.6.1 for xml:lang in metadata, check for xmlsec 1.1 header
Added unspecified to Key use enum, added request profile constant
Cleaned up usage of KeyDescriptor use attribute
Register SAML2 schemas.
Forgot to add XMLEnc schema
New sample metadata.
Some quick improvements to support new schema and multiple signatures.
New pre-install versions to replace schema hint.
New pre-install versions to replace schema hint.
Relocate XML schemas to share/xml/shibboleth
New pre-install versions to replace schema hint.
Relocate XML schemas to share/xml/shibboleth
Corrected Xerces and XMLSec tests
Moved executables to sbin
Relocate XML schemas to share/xml/shibboleth
Added strcasecmp check/redefine at top.
Small fix to bool warning, plus a missing variable change in the 1.3 code.
Use new SAML date class.
Remove legacy APIs and stubbed methods.
Added expiration handling to metadata.
Use new SAML date class.
Missing const specifier
Added expiration.
Moved plugin and locking interfaces into libsaml.
CredentialProvider should be optional.
Fix for bug #109
Partial fix for bug #121
Wrong slash constant
New profile API, consolidated RPCs, simplified cache.
Missed second set of RPC constants
Fixed value rules.
Hid plugin mgr.
Redesigned ShibBinding as an HTTP binding hook.
Missed a plugin change
Sync to profile method change
Sync to SAMLRequest c'tor change.
Added artifact lookup API to metadata
Added const to binding/profile methods
Artifact mapper implementation
Sync to SAMLRequest c'tor change.
Artifact mapper implementation
Added real-time repair, cleaned up some error handling
Clean up error handling during cache insertion
Separate metadata extension schema.
Separate metadata extension schema.
Separate metadata extension schema.
Added Shib protocol enum to IdP role
New sample metadata.
Tweaked AA role API
Reordered version in metadata namespace.
Fixed name of KeyDescriptor method.
Fixed name of KeyDescriptor method, fixed loop in EncryptionMethod
Cascade org method.
XML bug.
Renamed Domain extension to Scope.
Forgot to init pointers.
Extra colon in namespace.
Reimplement AAP step to AND every policy together.
Revamped AAP to combine site rules, and support denials.
Evaluate each AAP when manipulating headers.
Added trust extension.
Forgot to break AAP loop once an attribute is deleted.
Missing comment mark.
Forgot to import dsig.
Correct timestamp.
Change CVS properties
Library update.
More aggressive about populating issuer.
Null pointer bug around origin pointer.
Library update.
RAII instead of catch(...) in factories, bubble more errors in debug mode
RAII instead of catch(...) in factories, bubble more errors in debug mode
Relax attribute wildcards for better interop.
Updated factory names.
Need to limit reloading of failed updates.
Nasty off by 1 bug.
Better error handling.
Renamed some config features/elements.
Remapping of legacy properties.
Revamp cred use API
Begin config schema changes/fixes
Revamp cred use API, fixed a deadlock problem
Prepare for addition of replay cache.
Changed wording
Pass through artifact profile GETs
Correct some unknown error codes.
Changed name of config section.
Null pointer bug.
Forgot to hexify the hash before lookup.
Delete the artifact mapper to clear locks.
Fixed temp object bug in mapper.
Loop bug when dealing with non-attribute statements.
Move metadata lookups to avoid nested locking.
Remove legacy code that processes IdP supplied AA bindings.
Add option to store attributes in MySQL cache.
Added ASCII metadata lookup.
Rework cached data, add (stubbed) statemgr RPC.
Preserve xsi:type across clones.
Fix caching inconsistencies.
Add attribute response caching
Error out when cert file is missing.
New relay state attributes
Remove state mgr (overkill for now), implement local relay state option
Reworked cookie name handling.
Added application "hash".
Add Exclude element.
Added Exclude element processing
Removed switch statement for getting exception classname.
New exception c'tors.
Small change to exception signature
Added HRESULT facility to exceptions
Added code range.
Added exception annotation, missing exception factories.
Fix up profile exception handling.
Adjusted wording.
Annotate exceptions with issuer in place of parameter.
Consolidated exception and status handling into a single class.
Removed obsolete file
Update an enum constant
Log message fix.
Add some smart pointers.
The requireAll check was backwards.
Corrected exception parameter
ShibRequireAll must be 1 to set flag true.
Added KeyAuthority extension interfaces
Add KeyAuthority extension elements.
Strip linefeeds from base64.
Added sslport to ISAPI sites.
Eliminated some extra string wrapping.
Added Site Alias capability for vhosts, missing cookie methods, fixed exception handlers.
Added explicit inclusion as well as exclusion.
Added a strict flag to permit loose metadata lookup for contact info.
Add access to tree structure.
Add more contact lookups.
Skip inserts if no data available.
Update to final SAML 2.0 schema filenames.
Final SAML 2.0 schemas.
Update to final SAML 2.0 schema filenames.
Return provider ID during session creation for CDC
Return provider ID during session creation for CDC, promoted error page method.
Convert more strings to references.
Final SAML 2.0 schemas.
Interim fix to handle HTTP codes.
Send a 403 back when access page is missing.
Update to final SAML 2.0 schema filenames.
Renamed binary
Add alias for addn function.
Add metadata error template.
Adjust default error template
Support multiple set-cookie calls.
Reduce Windows logging.
Add common domain cookie class.
Add CDC impl, local IdP history cookie
Added a const
Some logging cleanup.
Winsock types optval as a char* for some odd reason
Schema filename change
Renamed various files, added new sample config elements.
Moved annotation
Renamed various files, added new session config elements.
Added some new profile constants.
Minor cleanup
Moved timestamp insert.
New endpoint management and refactored profile methods.
Implemented simple logout handler.
Fix logout response URL
Wrong table function used.
Add expiration headers to error pages.
Create httpd log dir if needed.
Forgot to change key file names.
Fixed application node filter.
Add some shutdown code
Create var/run if needed.
Added MetadataProvider constant.
Added MetadataProvider constant.
Reduced derivations from anyType, added Metadata and KeyInfoResolver.
Added new trust config.
New trust APIs, some additional metadata APIs.
New trust APIs, some additional metadata APIs.
Fixed "cast" of key resolver.
Use proper stack creation function.
Move depth check out of openssl for better logging.
Some API refactoring
Revert to "legacy" RequestMap type for Apache/htaccess support
In process of request map cleanup
API consolidation around ShibTarget class
Fix up namespace references, make cert parsing more robust.
Added some RequestMap comments.
Update comments in Apache configs
Unify authType handling across implementations
Split up logging code.
Streamline request map plugin, unify authType/requestSession handling.
Add requireSessionWith option.
Fix to match latest opensaml changes
Updated for 1.3
Fixed compile errors, need to redo command handling.
Added nsapi project
Change default mapper type to "Native".
Added native command mapper.
Rename httpd log to "native"
A few cleanup items.
Fix up file references.
Fixed saml dependency
New two part init call.
Exclude inittest.
Fixed template references.
Missing directory component.
selinux names and paths were wrong
Extra space on the end.
Add MetadataProvider to the filter.
Extraneous character.
Lower some log msgs.
Removed DTD subset
Removed wildcard.
Corrected trigger.
Added logging of attribute names.
Removing logdir reference.
Add restorecon after loading policy.
Allow shibd to read/run /usr
Added logdir creation.
Added getattr right to the socket.
Added ability to override path validator in trust API to fix legacy plugin
Only log printable data.
Added comments.
Need to allow for unnamed groups.
Check for null group names.
Removed Factory property.
First cut at new sample config.
Add AttributeFactory and DiagnosticService elements.
Move scoped attribute subclass, add attribute plugin support.
Add AttributeFactory and DiagnosticService elements.
Move scoped attribute subclass, add TargetedID plugin.
Added in-memory listener.
Refactored remote API into IListener
Refactored remote API into IListener, moved ONC server marshallers to shibd
Changed authz API to take a session cache entry
Split init logging.
Bad counter variable.
Add base constructor call
Fix up sources
Fix Unix side
Added server stubs.
Removed externs from callbacks.
Try static scoping.
Handle non-existent creds.
Fixed up IdP endpoints.
Tightened up verification.
Relax some restrictions.
Added some support for real-time metadata verification.
Added minOccurs 0 to Key element for use in metadata verifier.
Sync with Java version.
Style sheets from Ian
Trap errors when building some plugins
Corrected CDC implementation to match mistakes in SAML spec.
Wasn't building full chain to pass to validator.
Had to copy key name check from new implementation back to old one.
Check for mailto: before saving address property.
Improve handling of bad or missing credentials.
Updated service name.
Added wildcards, made cred IDs optional.
Reworked profile handlers outside of core library.
Dangling reference to SAML schema.
Added (hopefully) simultaneous 1.0/1.1 support.
Added (hopefully) simultaneous 1.0/1.1 support.
Added (hopefully) simultaneous 1.0/1.1 support.
SessionInitiator should look for Shib protocol URI
Added (hopefully) simultaneous 1.0/1.1 support.
Namespace qualified MinorVersion property.
Added option to register schemas only on 1.1 pool.
Added thread entry points for replay cache
Wrong type in replay cache.
Added replay cache to plugin.
sp.example.org dummy keypair
Added new targeted ID name to AAP
idp.example.org dummy keypair
Updated key names again
Delete dummy keypair
Farewell, pig.
Change CVS properties and update a VS project
Change CVS properties
Added logo
Try and block copy of headers.
Set to noinst headers
Rebuild response with proper version.
First cut for 1.3
Missing configs.
Switched to Apache license.
Base64 encoding seems superfluous
Move DLLs to sbin/ during install
First cut for 1.3
Switch to ASF license
Apache-dictated format
Added notice files
Change a few defaults.
Chop a few headers
Add a header
Version updates
Corrected paths
Version updates
Correct creds paths
Change default propagation of query errors
Remove diag service for now
Update credits
Remove old deploy guides.
Forgot to remove old schema.
Fixes for missing docs, sbin path.
Updated mysql path
Updated include path
Updated copyrights.
Updated mysql path
1.3 updates
Updated for upcoming release.
Removed IQ guidelines
Added XSLT files
Use tabs consistently, for now at least
Check for null objects when fetching session.
Messed up schema folder (again?)
Wrong NSAPI version pulled in.
Removed ONC headers.
Make function decl consistent
Renamed metadata files
Renamed sites files to avoid colliding with 1.2
Added additional comments.
Renamed keys.
Removed more old files
Added XSL files
Fixed initial bugs
Add back ONC path
Fixed IdP metadata and added new default initiator to config.
Better results if we add the Bossie intermediate
Add log msg for later research into metadata error
Add wayf endpoints and bossie cert for test site.
Removed old targetedID reference.
Block access for valid-user if no session provided.
Handle getting session data properly in the different methods.
Better logging of empty response data.
Removed default key password.
Added support for errorURL.
Updated for new server.
Removed SP locations that only apply to IQ testing.
Missed a check-in to fix the missing xmlenc schema
Added back spaces to ensure Win installer comments out UnixListener.
Missed renaming of metadata files.
Applied Valery's 0.9.6 patches (bug 366)
Update libtool scripts to 1.5.6 for AMD64 patches
Added example.edu scope for wayf site.
Fixed inconsistent shib metadata prefix.
Attempted fix for bug 369
Add some more comments per Tom's suggestions.
Solaris pkg scripts
Tweaked mysql text
Solaris pkg scripts
Corrected removeValue signature.
Sun compiler type safety.
Corrected removeValue signature.
Sun compiler type safety.
Merged up NSAPI option.
Removed RPC flags.
Merged up NSAPI option.
Lost selinux option.
Some Unix fixes.
Was missing org/contact for SP.
Fix overeager exception while detecting for retry.
Was treating port integer as a char.
Had to add Shib prototol support for older metadata.
Fixed comments.
Corrected Apache commands.
Lower log level.
Avoid logging query attempts during no-retry interval.
Improve some header handling, at least on Solaris.
Bumped version
Do NOT require extensions!
Renewed for 25 years.
0.9.6 function parameter is int fn(void), so fixed cast.
Added urandom access.
Updated certs.
Synchronized/unioned SP endpoints and moved Java SSO to 443.
Moved logo/css file alias.
Handle missing NameID Format.
Forgot to store off pointers.
New artifact mapper, handles signing, multiple endpoints.
Add indication of whether binding was authenticated.
Require signing if binding is unauthenticated.
Handle null TARGET value.
Add hook for specifying signing algorithms.
Hide signing/hashing algorithm constants from callers.
Enable user-specified signing algorithms.
Auto-detection of cred format.
Skip authn assertions when checking expiration.
NSAPI 3.x fix
Move key generation inside try/catch.
Fixed authn check when https connections are reused.
Try and hook CPPFLAGS
Undo CPP change.
Added HTTP auth settings.
Updated to xsec 1.2, removed dead code.
Updated to xsec 1.2
Updated to xsec 1.2, moved HTTP Hook out.
Updated to xsec 1.2, converted to new HTTP Hook.
Switch to locker wrapper in AAP apply.
Safer locking code.
Dispose of anything not issued by the authenticating IdP.
Check for NameID before using it.
Ouch, missing AAP lock.
Update xsec.
Removed static keyword, breaks gcc4
Upped spec release.
Log adjustments.
Further relax setAuthn for reuse of HTTP connections.
InvalidHandle exception no longer retryable.
Block signing SAML 1.0 requests, stop propagating InvalidHandle error out unless told to.
Logout handler wasn't adding cookieProps to value.
Embed iterators inside metadata/trust wrappers to fix race conditions.
Changed default paths.
Various updates.
Switched remaining files to Apache license.
Corrected year.
Removing stale code.
Initial check-in of install action scripts.
Moved to new base path.
Reduce exceptions thrown under "ordinary" conditions.
Log failures instead of just bubbling them back to httpd.
Upped RPM rev
Stop loading overrides into default application.
Full XML version of installer output by WISE.
set ignores for msi directory
Walter Hoehn (32):
Added license to c++ source files.
Added license to header files.
Removed tags from endif. Was causing bootstrap to fail.
Added name-based default security domain to Origin Mapper.
Changed ENV exporting of multi-valued attributes to use : as the separator. Added escaping of the same.
String was going out of scope. Changed to use ap_table_set, which makes a copy.
Everyone seems to agree that ; is better than : as a separator.
Backed out default security domain change. The change in behavior I was attempting to correct was intended.
Add the NSDL "Site CA" Certificate
Fixed require alias processing. Should now match correctly on single/multiple values and work with semicolon escaping.
Added RSA server CA for UTH.
Fixed metadata schema annotations.
Merging from 1.0 branch.
Added InQueue federation config guide.
Many changes.
More documentation fixes from Steven.
Fix goofed update.
Implemented Bob's latest suggestions.
Rev.
Copied from /java/doc/
Copied from /java/doc/.
Copied updates from /java/doc/.
Rev'd version number.
Updated some version numbers and an outdated path.
Added new 1.1 features to NEWS file.
Integrating new doc changes from Steven.
Minor fixes.
Copied from /java/doc/.
Copied from /java/doc/.
Copied from /java/doc/.
Updated NSDL CA cert.
Updated NSDL CA cert.
no-author (1):
New repository initialized by cvs2svn.
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list