[shibboleth-sp2] annotated tag 2.0-alpha2 created (now 3731d8f)
Ferenc Wágner
wferi-guest at moszumanska.debian.org
Tue Jan 26 21:30:22 UTC 2016
This is an automated email from the git hooks/post-receive script.
wferi-guest pushed a change to annotated tag 2.0-alpha2
in repository shibboleth-sp2.
at 3731d8f (tag)
tagging 55c66daf827aaff8c05332b7d036ebea52def088 (commit)
replaces 1.3f
tagged by Scott Cantor
on Mon Jul 16 00:48:50 2007 +0000
- Log -----------------------------------------------------------------
Tag 2.0-alpha2 release.
Jim Fox (3):
Add changes for apache2 filters and permit use of env in lieu of headers.
Initial checkin of ODBC storage service
Fix return values. Check text for qoutes.
Scott Cantor (393):
Redirects were being totally mishandled.
Fixed a warning.
VS.NET project file
Fixed some 64-bit warnings.
Redesigned cache interface and implementation to store XML, not DOMs.
Fixed some 64-bit warnings.
Enabled 64-bit warnings on build.
Added additional permissions, synced with FC3 policy 1.17.30-3.16
Correct declaration of lseek.
BSD needs pthread header inline.
Trap known exceptions during request config processing.
Trap known exceptions during request config processing.
Added KeyDescriptor for AA in case it signs.
Sync with 1.3
Better log message for valid-user rule failure with no session.
pidfile patch from Jim Fox
Sync with 1.3
Added noreplace option to config files.
Include spaces in URL encoding.
Allow SurName by itself.
Add script mapping to each site /ROOT.
Fixed inheritance of handler definitions.
Fix for header spoofing bug wasn't checked into HEAD
Fixed inheritance of authz plugins.
Up-ported ACL plugin.
Remove duplicate definition.
Expose SAML objects from ICacheEntry
XML access control plugin
Check for null session.
Allow slashes in path names, fix bugs in handling nested Paths.
Nested paths were skipping rest of children.
Properly clear REMOTE_USER mapping.
Fixed new Apache 1 commands.
Begin to relax restrictions so endpoints can be shared.
Without connection: close, redirects are timing out.
Final? rename of SHAR/SHIRE sections
Initial version bump to 2.0
Turn off bogus MS deprecation warnings.
Moved CGI processing out of library, separate artifact/POST methods.
VS2005 project file
Ignore VS2005 user files.
Moved CDC cookie impl into separate file.
Merge in OSU dynamic RPC library
Disabled MS warnings, moved RPC classes out of header.
Updated file list for new design.
Remote messaging registration and handling.
Fix for XSS bug.
Dynamic RPC interface.
Added In/OutProc constants.
Use for_each alg for cleanup.
VS2005 project file.
First cut at 2.0 API design.
Moved logging method out, refined RPC client handle method.
Moved RPC-related decls into separate header.
Merged in new RPC and transport-specific logic and server socket mgmt.
New handler APIs.
Removed memory listener (for now), added deferred initialization of config.
Revamped cache (again) to support new remoting design.
Added CGI processing, recoded trunk methods for new cache and remoting APIs.
Recoded handlers to new API, still need to extend SessionInitiator support.
Logic moved into new "remoted handlers".
Disable MS warnings.
Use for_each alg for cleanup.
API changes, disable MS warnings.
Switch shutdown flag to a boolean and reverse intent.
Switch shutdown flag to a boolean and reverse intent, moved socket handling into listener plugin.
Moved socket handling into listener plugin.
Support for new CGI data handling methods.
Ignore VS2005 user files.
VS2005 project file.
Syncing some old changes.
Added additional chars to encoder
Moved scope extension to entity level, added token validation callback to profile.
Add token validate callback for condition/signature checking.
Moved scope extension to entity level
Added cache store API, token validation callback.
Added token validation callback.
Moved condition/signature checking to callback.
Added backing store callbacks, refactored filtering, moved query to session creation step.
Added token validation callback.
Added consistentAddress setting.
Rewrap configuration failures to ensure proper cleanup if thrown from extension libs.
Pass back return code from main function.
Renamed some types, added optional session cache def. to InProcess section.
Get rid of thread notifications, simply not practical.
Determine cache type based on which half of system is loading.
New backing store API for cache.
Add mysql include.
Plugin now implements backing store API.
Added writeThrough flag to poke last access stamp into backing store on every access.
writeThrough has to be defined for the supplemental cache types.
Change default SQL cache settings.
Added backing store methods to read in parts of entry.
Implemented write-through to backing store for clustered use.
Added methods to return tokens or last access.
Cleaned up some logging and error codes.
Only shutdown MySQL if it's been started.
Reversed checkName in subjectAltName loop.
Reworked test to use full SP stack.
First clean build, untested.
Change CVS properties
Added odbc cache project.
Added ODBC cache elements.
Shouldn't require a DOM to initialize cache.
Set writeThrough default to false.
Exceptions weren't being unmarshalled properly.
Avoid updating backing store before entries are fully created.
Corrected a variety of ODBC bugs.
Reimplement with new listener interface.
Added ODBC replay cache element.
Make connection string optional.
Fix replay cache instantiation to pull from proper config block.
Add replay cache, handle single or multiple connection strings.
Add new makefiles to dist
Add automake file to ODBC cache plugin
Added ODBC to build.
Fix target
Fixes to ODBC checking
Add missing stdexcept header
Bad autoptr init
g++ complaining about function templates, switched to functors
g++ won't export inlined functions.
Made cleanup functors public.
Switch to shibtarget cleanup functors
Add config header.
Switch from min macro to STL algorithm
Need to delete impl object before outer members.
Log unregister call.
Bump version.
Switched to raw insert statements, more portable that way
Replace MySQL cache elements with ODBC.
Clear state cookie after consuming it.
Added content-type and encoding.
Added redirectToSSL option to block non-SSL access.
case sensitive URI altName check
Add sslError file.
Allow non-user aliases to map to REMOTE_USER
Log error when user used as Alias.
Added mail attribute to LDAP list.
Correct user alias warning.
Extra else clause removed.
Fixed exception parameter string.
Handle resource->handler computation when path is empty.
Non-threadsafe call to ctime()
Check for empty entityID.
Fix for bug 593, add leading slash to handlers.
Detect invalid resource URLs.
Handle high-range characters when URL encoding.
Revert design decision to multiplex handlers.
Pull in Apache 2.2 module.
Getting the debug build going again.
Merge up from branch.
Replaced RPC remoting with plain sockets and length-prefixed XML.
Update ignores.
Removed link dep to RPC.
Merge up some more Apache 2.2 changes.
Baby steps. First replacement of old code, link to new libs.
Reorg projects a bit, created new ODBC extension project.
More lib migration, purged old thread/error template code.
Purging more old files.
Deleted some per-file settings.
Prepping new SP library.
Starting migration to new SP library
Switch to library for URL encoder.
Moved remoting layer to new library.
Moved property set classes to new library.
Move Shib constants to new lib, fixed symbol conflicts.
Move Shib constants to new lib, fixed symbol conflicts.
Metadata extension classes.
Starting catalog for schemas.
PKIX trust engine using metadata exts.
Simplify KeyAuth iteration.
Build chained trust engines off of old config.
Remove deprecated metadata element.
Finished adding new metadata/trust plugins to config.
Next integration phase, metadata and trust conversion.
Switched to xmltooling cred resolver.
Pulled old credential schema.
Pulled old credential schema.
Pull IQ refs.
Pulled old credential schema.
Missing new macros from env fixes.
Converted to XML metadata plugin.
New base class for ACL files.
New base class for XMLRequestMap.
Forgot to delete wrapped impl.
New base class for XMLAAP.
Moved credential resolver map inside SP.
Old config class ported, all config files now loading with new parser.
Shell of new SP object interface to replace old IConfig layer.
Large reorg of shibsp lib, new SPRequest API, ported modules, shifted code out of ShibTarget class.
Removed ShibTarget members.
Next refactoring stage, STPriv class gone, most of ST API gutted.
Migrated Handler interface, set up segregated handler plugin factories.
Moved handler accessors up to base.
Pulled attribute designators, moved audiences up.
Starting to refactor session cache, eliminated IConfig class.
Migrated ShibTarget logic into ServiceProvider base.
Some draft attribute classes.
Add attribute remoting.
First draft of session cache API
Combined SAML versions in one session API, implemented in-process half of cache.
Add value count accessor.
Shift some SAML intelligence out of cache API, start on SS-based cache.
Add indexed storage plugins, build replay cache.
Reworked outgoing messages to optimize for pre-serialized case.
Reworked outgoing messages to optimize for pre-serialized case.
Reworking legacy caching config.
Nearly testable draft of storage-based cache, minus remoting.
Revamped cache plugins, buffering on inproc side, write-through each access.
Update copyright.
Completed attribute remoting support.
Process attributes when loading sessions.
Lock SP instance for incoming calls.
Move assertions to separate storage records, improve error handling.
Attribute lookup, port ACL code and mainline SP code to Session/Attribute API.
Remove xmlproviders from build, deleted old AAP interface.
Removed MySQL cache.
Remove extra files.
Uncomment a destructor call.
Move config logic into an "XML" SP plugin, divorce shibd and modules from old libs.
Shorten "built-in" plugin types, delete stale files, new config file.
Change default namespace, support namespace remapping.
Draft of 2.0 config schema/file, removed legacy support, validate config.
Remove 1.1-compat. files, include old shib schema for attribute interop.
Renamed shar project, some Makefile fixes.
Draft of query tool, not working yet.
Glue SOAP client to SP config, expand policy settings.
Correct constness of transport API, handle both chunked and buffered encoding.
Bug in request signing.
Correct name of signing flag.
Adjust logging files, add console logging for command line.
Simple and Scoped Attribute decoders.
NameID decoder.
Convenience method for accessing SP instance.
Fix catalog usage, checked in resolver schema.
A "simple" attribute resolver, and token validation.
Moved CGI parsing to OS, add handler base for remoting HTTP req/resp data.
Rework decoder handling in simple resolver, add IdP/SP names to decoder API, hook resolver up to Applications.
Moved key/cred resolution classes out of xmlsig namespace, start cleaning up configure.
Moved handler sources.
ArtifactMap support.
Allow cache insertion with multiple assertions.
Handle multiple assertions in resolver.
Added marker interface for assertion types.
Move token validation into SAML library, first draft SAML 1 SSO handler.
Factor out RelayState recovery.
Moved URLEncoder down to tooling lib, added exception->querystring method.
Add option to use redirection for handler errors, capture relay state when propagating exceptions.
Add option to use redirection for handler errors.
Adjust logging/error-handling, schema fixes, failed message handling.
Fix format handling in resolver, correct DDF looping bugs.
Lock configuration before dispatching calls.
Rework address handling based on app/location.
Rework address handling based on app/location.
Allow for unsigned artifact response.
Cache invalid tokens in case they're targeted at other services.
Make NameID optional in session.
First support for encrypted attributes.
Return default creds when peer is unknown.
Draft SAML 2 SSO impl.
Config changes and rework for new credential APIs.
Serializing pointer instead of object.
Handle reverse mapping of IDs into attributes to query.
Support for application-specific attribute IDs.
SP policy subclass for use by artifact resolver.
Implement artifact resolution support.
Upport Apache auto-detect code.
Can't overlap headers or we'll break multiple Set-Cookies.
Improve property inheritance, first batch of SessionInitiators, rename providerId.
Factor entityID into SessionInitiator subinterface, move WAYF logic out of Shib handler.
Old and new discovery handlers.
Enhance relay state handling.
Untested, but a bunch of caching fixes added.
Inject logging category into base class.
Remove extra marshall call.
Set signing/digest algorithms using new settings.
Drafts of remoted Shib and SAML2 SessionInitiators.
Stop defaulting in xercesc namespace.
Additional AuthnRequest creation options.
Copied over mapping and filtering schemas.
Fix old namespace defaults.
Add chaining resolver.
Fix reference to providerId.
Need to use SP-specific policy subclass for SOAP client.
Delete old files.
Attribute filtering code.
Boolean match functors, policy context to manage lifetime and references.
First three string functors, added authn context to resolver/filter contexts.
Fix attributeID name.
Genericize string values and scopes, add value/scope functors.
Run wildcard rules.
Regex functors, added regex options feature to schema.
Better logging for remoted errors.
Mix/max functor.
Metadata based functors.
Added OIDs for SAML 2.0 attribute mappings.
Wasn't returning from errors during POST read.
Update thread config macro, add openssl headers to libsaml build.
Fixed attribute-based functors.
New -lite library and elimination of SAML libraries from modules.
Start to clean up Unix build.
Delete old files.
Add inheritance for relying party properties.
Add a RP-based key name to credential lookup.
Move ReplayCache and StorageService APIs to full build only.
Eliminate extra buffer operations.
Header clearing infrastructure.
Backend of storage-based relay state.
Switch encoders to metadata-based recipient parameter.
Implement artifact generation, start work on resolution support.
Draft artifact resolver.
Client certificate bridge.
Bypass timestamp update in cache.
Add accessor for session ID.
Assertion export and lookup service using URI binding.
Factor out application ID when remoting.
Merge in updated Apache POST body code.
Rename Shibboleth request handler type.
Moved CGI parser into SP library.
Removed some comments.
Missing directories.
Macro should be Windows-only.
Nested template fix.
Linux porting changes
Remove schema paths.
Correct schema name.
Stale namespace.
Stale namespace.
Fix Unix catalog paths.
Unix installation fixes
Add xmltooling to build
Port up spoof checking
A stab at handling empty response from DS.
Missing namespace.
Catch up some changes.
Rename service name.
On second thought...and rename catalog parameters.
Updating versions, working on new installer.
Rename config file.
Updates for the installer.
Tweak some logging.
remove deleted file from list
Makefile cleanup.
Cleanups and changes.
Fix SAML header check.
Fixes from RPM build
Streamline link settings, reroute output.
Add REMOTE_USER to built-in cleared list.
Guard non-initialization.
Fix link and Apache conf install.
Convert path separators to Windows syntax.
Wrong decoder for unscoped attribute.
Fix for empty decoder result, take out old logout handler.
ODBC storage plugin building on Windows...
Delete old cache plugin.
Can't base Library element on pluggable type.
Handle failures properly.
Switch to double quotes to improve SQLness.
Suppress nested property sets.
Correct misc. SQL errors.
Add conditional fetch of values during read.
Prepping Unix build of ODBC plugin.
add odbc plugin to dist
Change ownership of attributes input to cache.
Disallow sessions with no expiration.
Expose detection of duplicate insertions.
Maintain NameID backmapping in cache.
Export SessionID for use by applications.
Adjust some cache operations.
Add logout notifications to config.
Add cache method to find but not remove sessions by name.
Wrong method to fetch property.
Generalize notification mechanism (should work for NameID mgmt later).
Move redirectError property up to application.
Factor up message encoding along with credential resolution.
Skip extra attempts when SAML response comes back.
First set of logout base classes and non-building draft of SP-initiated logout.
Local logout handler, makefile changes, bug fix to SAML initiator.
Move back channel notify loop out of base class for better control.
missing template from dist
Switch tag names to match rest of system.
Fix SAML error checker.
Parameterize config namespace for message plugins.
Collapse output/error tables for deferred headers.
Choose query type based on session. May add more options later.
Was setting content type twice.
Make sure logout notification only happens in one handler.
Fix old attribute id.
Add logout templates, some missing settings.
Correct Notify element.
Update doc files, add release notes.
Update ignores.
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list