CVS commit: pkgsrc/www/shibboleth-sp

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/shibboleth-sp
From: "Fredrik Pettai" <pettai%netbsd.org@localhost>
Date: Sat, 21 Sep 2013 22:16:41 +0000
Module Name:    pkgsrc
Committed By:   pettai
Date:           Sat Sep 21 22:16:41 UTC 2013

Modified Files:
        pkgsrc/www/shibboleth-sp: Makefile PLIST distinfo
Added Files:
        pkgsrc/www/shibboleth-sp/patches: patch-configs_Makefile.in
Removed Files:
        pkgsrc/www/shibboleth-sp/patches: patch-aa

Log Message:
2.5.2:
Bugfixes
[SSPCPP-543] - AttributeExtractor fails to deal with multiple Logos
[SSPCPP-547] - Encoding problem with Metadata Attribute Extractor
[SSPCPP-549] - Shiboleth SP 2.5.1 breaks Apache 2.4.3's error pages
[SSPCPP-550] - Problems with native.log file rotation
[SSPCPP-551] - DiscoFeed Content-Type header lacks charset
[SSPCPP-552] - Solaris TCP Listener code is broken
[SSPCPP-568] - Unattended install pegs the CPU and never completes
[SSPCPP-569] - native log files not closed at/before CGI exec
[SSPCPP-570] - mod_shib takes over valid-user for entire server
[SSPCPP-573] - ShibDisable on breaks basic auth valid user
[SSPCPP-575] - Source build w/memcached and/or fastcgi support fails
[SSPCPP-579] - Internal stack overflow in log4shib
Improvements
[SSPCPP-493] - Default allow access to Shibboleth.sso by default in shibd.conf
[SSPCPP-501] - Make metagen ingest a list of hostnames from a file

2.5.1:
Bugfixes
[SSPCPP-409] - Shibboleth2.xml - undefined InProcess/OutOfProcess means no 
shibd.log/native.log
[SSPCPP-490] - CLang build issue with stream operator overload
[SSPCPP-492] - SP Release 2.5.0 does not compile with xml-security-c versions 
prior to 1.7.0
[SSPCPP-495] - Warning Shibboleth.PropertySet : load() skipping duplicate 
property set:
[SSPCPP-499] - Fresh Installation on Windows XP fails after service daemon 
fails to start
[SSPCPP-500] - configure fails against Apache 2.4
[SSPCPP-502] - Apache 2.4 post_read hook isn't run on subrequests, breaks module
[SSPCPP-504] - ScopedAttributeDecoder fails on non-ascii chars?
[SSPCPP-505] - shibd on Windows missing a version option
[SSPCPP-507] - Insert record failed Violation of PRIMARY KEY constraint with 
ODBC plugin
[SSPCPP-510] - Installer scripts (particularly the uninstall ones) should fail 
safe
[SSPCPP-514] - FCGI responder stdin buffer missing termination
[SSPCPP-516] - apache24.config missing from makefile target
[SSPCPP-518] - Incorrect requireLogoutWith redirection if the original URL has 
query string
[SSPCPP-519] - Shorthand SSO/Logout syntax not working with policyId setting
[SSPCPP-521] - Schemas are not being edited on Windows Installation
[SSPCPP-522] - Transform resolver echoes source string when match fails
[SSPCPP-526] - Transaction log crashes on SOAP-based logout
[SSPCPP-527] - Add ignoreNoPassive attribute to SSO element
[SSPCPP-540] - ISAPI header detection code is prone to false alarms
Improvements
[SSPCPP-402] - Support front-channel SLO without cookies
[SSPCPP-447] - Extension of consistentAddress for IPv6
[SSPCPP-501] - Make metagen ingest a list of hostnames from a file
[SSPCPP-517] - Windows SP installer should not always roll back when shibd 
fails to start
New Feature
[SSPCPP-515] - Make /Status handler report SessionCache

2.5.0:
Bugfixes
[SSPCPP-344] - Version strings in various spots are wired at compile time
[SSPCPP-345] - Split "package-level" and "user-level" settings in shib.conf to 
limit effect of RPM upgrades.
[SSPCPP-365] - Support for binary attributes in resolver
[SSPCPP-382] - Correct date format in Expires headers
[SSPCPP-383] - Tag entityID not usable in error templates
[SSPCPP-387] - Cryptographic nameID is longer than key length that memcache can 
handle
[SSPCPP-391] - Generation of keys for relay state is not strongly random
[SSPCPP-392] - Valgrind detects memory leaks
[SSPCPP-393] - Setting session timeout="0" creates infinite loop between SP and 
IDP
[SSPCPP-400] - NameID lookup for logout ignores logical SP boundaries
[SSPCPP-401] - IIS App Pool Crash
[SSPCPP-406] - Should check for cross platform previous versions?
[SSPCPP-408] - ECP flow fails for Session configured inside of 
ApplicationOverride
[SSPCPP-411] - openSUSE 12.1 erases /var/run at each reboot, so shibd fails to 
start
[SSPCPP-413] - Schema catalogs should be set after XMLTooling init.
[SSPCPP-416] - IIS breaks with error "isapi_shib: Attempted to insert duplicate 
storage key." Server restart required to fix
[SSPCPP-417] - redirectErrors configuration attribute does not handle relative 
URLs
[SSPCPP-419] - ExtensibleAttribute internal marshalling doesn't handle 
attribute naming correctly
[SSPCPP-423] - After upgrading SP to Alpha SP 2.5 RPM from previous version of 
SP, shibd does not start.
[SSPCPP-431] - Change links of https://spaces.inetrnet2.edu to 
wiki.shibboleth.net
[SSPCPP-438] - Artifact resolver code doesn't use EndpointIndex in 2.0 artifacts
[SSPCPP-439] - Auto-generated ACS endpoints improperly tracked by index
[SSPCPP-443] - SP not signing ECP AuthnRequests
[SSPCPP-444] - Multiple shib_state cookies get set -> server chokes on header 
field size
[SSPCPP-445] - RequestInitiator metadata generated in a case where it shouldn't 
be
[SSPCPP-448] - setting relayState to use ODBC storage service results in 
attempted redirects to an invalid URL
[SSPCPP-449] - RequestMap not normalizing hostname for comparison
[SSPCPP-459] - redirectLimit parser typo
[SSPCPP-460] - A spelling error in the configure file
[SSPCPP-461] - caching DiscoFeed fails b/c cache directory does not exist
[SSPCPP-465] - CLONE - Tag entityID not usable in error templates
[SSPCPP-467] - Cross-contamination from conflicting @relayState settings
[SSPCPP-468] - Aliases support in XML Attribute Extractor no longer working in 
2.5.0 Beta 1
[SSPCPP-487] - relayStateLimitWhitelist parameter is being changed 
inadvertently by limitRelayState method
[SSPCPP-488] - No way to get client address set for ExternalAuth sessions
[SSPCPP-489] - Windows installer (tries to) install a 64 bit path into IIS
[SSPCPP-498] - Hardcoded path in XMLTooling is invalid on localized WinXP/2003
Improvements
[SSPCPP-319] - Augment XMLAccessControl for time based access control.
[SSPCPP-326] - Abbreviated IPv6 address format and CIDR support for acl
[SSPCPP-332] - Session cache slows down if large numbers of sessions with a 
single NameID are created
[SSPCPP-335] - Handle query strings on POST and avoid unintended POST data 
consumption
[SSPCPP-352] - Expose RelayState limiter as a public API and revisit default 
setting
[SSPCPP-353] - Package the SP to run as non-root user
[SSPCPP-361] - Session handler with better parseable and accessable (X)HTML code
[SSPCPP-362] - add 'metadata last refresh' to SP's status page
[SSPCPP-366] - generated metadata should include cryptographic algorithms
[SSPCPP-375] - Add httpOnly to cookieProps in the shibboleth2.xml config
[SSPCPP-376] - Add a post-filtering hashing feature to shorten long attributes, 
namely ePTIDs
[SSPCPP-394] - Support multiple authn context references in requests
[SSPCPP-399] - SImple Aggregation plugin should allow "prefixing" of attributes 
or dedicated extractors
[SSPCPP-403] - Facilitate signing Logout messages
[SSPCPP-404] - Log entry for failed consistentAddress="true" check
[SSPCPP-405] - CRIT Shibboleth.Application : no MetadataProvider available 
should be a warning not CRIT
[SSPCPP-407] - Improve logging on invalid XML in shibboleth2.xml configuration 
file
[SSPCPP-418] - Incorporating Boost libraries into code base
[SSPCPP-420] - Memcache build on RH6 and error handling fixes
[SSPCPP-425] - ShibAccessControl Relative Paths to user web content
[SSPCPP-436] - Log on DEBUG when a shibsession cookie is being cleared because 
no corresponding session is found by Shibboleth
[SSPCPP-446] - Try moving child_init hooks in Apache 2.x modules to post_config
[SSPCPP-458] - Unprecise error message when wrong certificate is used for SAML2 
encryption
[SSPCPP-464] - Provide Logging to Recommend Production Settings
[SSPCPP-470] - Identify deprecated features or suboptimal settings and add 
warnings
[SSPCPP-472] - AttributeExtractor: remove leading/trailing whitespace created 
by formatter
New Features
[SSPCPP-245] - Support for attribute requirements in the SP
[SSPCPP-339] - Extraction of contacts and other built-in metadata information
[SSPCPP-341] - AttributeResolver plugin(s) for regexp or template-based 
transformation of values
[SSPCPP-342] - Metadata / Attribute filtering based on EntityAttributes
[SSPCPP-343] - Add support for capturing AuthenticatingAuthority
[SSPCPP-349] - Parseable audit logs for SP
[SSPCPP-389] - Add option to shibd to set uid and gid at startup
[SSPCPP-390] - Multiple language versions for the same attribute
[SSPCPP-396] - Simplify logout support for Native SP
[SSPCPP-410] - add support for the 'policy' query string parameter
[SSPCPP-421] - Extraction of consent attribute from SAML 2 responses
[SSPCPP-430] - Apache 2.4 support
[SSPCPP-437] - Add artifact binding for resolving artifacts via file system
[SSPCPP-440] - Loopback handler to exchange an assertion for a session
[SSPCPP-469] - Logout request extension to specify no response
[SSPCPP-471] - Shorthand settings for manipulating cookie properties
[SSPCPP-486] - Add automatic algorithm blacklist


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/shibboleth-sp/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/shibboleth-sp/PLIST
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/shibboleth-sp/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/www/shibboleth-sp/patches/patch-aa
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/www/shibboleth-sp/patches/patch-configs_Makefile.in

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Prev by Date: Re: CVS commit: pkgsrc/misc/rpm
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/www/firefox
Next by Thread: CVS commit: pkgsrc/doc
Indexes:
Home | Main Index | Thread Index | Old Index