Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package simplesamlphp/1.13.1-1 This is an upstream release limited to strictly bugfixes. Attached debdiff shows the changes with autogenerated files removed; the original debdiff is much larger because the upstream tarball contains some .svn dirs with changed contents. These dirs are not present in the binary package, and will be removed in the next upstream release. unblock simplesamlphp/1.13.1-1 Thanks, Thijs
diff -Nru simplesamlphp-1.13.0/debian/changelog simplesamlphp-1.13.1/debian/changelog --- simplesamlphp-1.13.0/debian/changelog 2014-09-25 20:27:30.000000000 +0200 +++ simplesamlphp-1.13.1/debian/changelog 2014-10-27 20:23:50.000000000 +0100 @@ -1,3 +1,9 @@ +simplesamlphp (1.13.1-1) unstable; urgency=medium + + * New upstream bugfix release. + + -- Thijs Kinkhorst <th...@debian.org> Mon, 27 Oct 2014 19:23:35 +0000 + simplesamlphp (1.13.0-1) unstable; urgency=medium * New upstream release. diff -Nru simplesamlphp-1.13.0/debian/control simplesamlphp-1.13.1/debian/control --- simplesamlphp-1.13.0/debian/control 2014-08-18 11:11:23.000000000 +0200 +++ simplesamlphp-1.13.1/debian/control 2014-10-27 20:24:41.000000000 +0100 @@ -7,7 +7,7 @@ Homepage: http://simplesamlphp.org/ Vcs-Git: git://git.assembla.com/confusa_packaging Vcs-Browser: http://www.assembla.com/code/confusa_packaging/git/nodes -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Package: simplesamlphp Architecture: all diff -Nru simplesamlphp-1.13.0/debian/lintian-overrides simplesamlphp-1.13.1/debian/lintian-overrides --- simplesamlphp-1.13.0/debian/lintian-overrides 2014-08-18 11:11:23.000000000 +0200 +++ simplesamlphp-1.13.1/debian/lintian-overrides 2014-10-27 20:25:30.000000000 +0100 @@ -1,3 +1,2 @@ simplesamlphp: non-standard-dir-perm var/lib/simplesamlphp/data/ 0730 != 0755 simplesamlphp: non-standard-dir-perm var/log/simplesamlphp/ 0730 != 0755 -simplesamlphp: package-contains-empty-directory usr/share/simplesamlphp/modules/openid/hooks/ diff -Nru simplesamlphp-1.13.0/debian/rules simplesamlphp-1.13.1/debian/rules --- simplesamlphp-1.13.0/debian/rules 2014-09-25 20:36:29.000000000 +0200 +++ simplesamlphp-1.13.1/debian/rules 2014-10-27 20:28:46.000000000 +0100 @@ -25,7 +25,7 @@ debian/simplesamlphp/usr/share/simplesamlphp/vendor/simplesamlphp/saml2/LICENSE \ debian/simplesamlphp/usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/LICENSE find . -type f -executable -not -path '*/bin/*' | xargs chmod -x - find . -type d -name \.svn | xargs rm -r + find . -type d -name \.svn | xargs -r rm -r dh_fixperms chgrp www-data debian/simplesamlphp/var/lib/simplesamlphp/data \ debian/simplesamlphp/var/log/simplesamlphp diff -Nru simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt --- simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt 2014-10-27 16:28:10.000000000 +0100 @@ -6,6 +6,16 @@ This document lists the changes between versions of simpleSAMLphp. See the upgrade notes for specific information about upgrading. +## Version 1.13.1 + +Released 2014-10-27 + + * Solved an issue with empty fields in metadata to cause SimpleSAMLphp to fail with a translation error. Issues #97 and #114. + * Added Basque language to the list of known languages. Issue #117. + * Optimized the execution of redirections by removing an additional, unnecessary function call. + * Solved an issue that caused SimpleSAMLphp to fail when the RelayState parameter was empty or missing on an IdP-initiated authentication. Issues #99 and # 104. + * Fixed a certificate check for SubjectConfirmations with Holder of Key methods. + ## Version 1.13 Released 2014-09-25. diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php 2014-10-27 16:28:10.000000000 +0100 @@ -289,7 +289,7 @@ * @return string */ public function getVersion() { - return '1.13.0'; + return '1.13.1'; } diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php 2014-10-27 16:28:10.000000000 +0100 @@ -636,7 +636,7 @@ $this->addExtensions($ret, $spd); // prioritize mdui:DisplayName as the name if available - if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) { + if (!empty($ret['UIInfo']['DisplayName'])) { $ret['name'] = $ret['UIInfo']['DisplayName']; } @@ -705,7 +705,7 @@ $this->addExtensions($ret, $idp); // prioritize mdui:DisplayName as the name if available - if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) { + if (!empty($ret['UIInfo']['DisplayName'])) { $ret['name'] = $ret['UIInfo']['DisplayName']; } diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php 2014-10-27 16:28:10.000000000 +0100 @@ -309,12 +309,10 @@ * allowed by configuration. */ public static function checkURLAllowed($url, array $trustedSites = NULL) { - $url = self::normalizeURL($url); - - // verify that the URL points to an http or https site - if (!preg_match('@^https?://@i', $url)) { - throw new SimpleSAML_Error_Exception('Invalid URL: '.$url); + if (empty($url)) { + return ''; } + $url = self::normalizeURL($url); // get the white list of domains if ($trustedSites === NULL) { @@ -652,9 +650,10 @@ assert(strlen($url) > 0); assert(is_array($parameters)); - $url = self::normalizeURL($url); if ($allowed_redirect_hosts !== NULL) { - $url = self::checkURLAllowed($url, $allowed_redirect_hosts); + $url = self::checkURLAllowed($url, $allowed_redirect_hosts); + } else { + $url = self::normalizeURL($url); } self::_doRedirect($url, $parameters); } diff -Nru simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php --- simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php 2014-10-27 16:28:10.000000000 +0100 @@ -60,9 +60,9 @@ echo '<br /><b>Deprecated</b>'; if ($hm['entityid'] !== $hm['metadata-index']) echo '<br />Index: ' . $hm['metadata-index']; - if (array_key_exists('name', $hm)) + if (!empty($hm['name'])) echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['name'], 'en')) . '</strong>'; - if (array_key_exists('descr', $hm)) + if (!empty($hm['descr'])) echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['descr'], 'en')) . '</strong>'; echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]'; @@ -81,9 +81,9 @@ echo ('<a href="' . htmlspecialchars(SimpleSAML_Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey ))) . '">'); - if (array_key_exists('name', $entry)) { + if (!empty($entry['name'])) { echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en'))); - } elseif (array_key_exists('OrganizationDisplayName', $entry)) { + } elseif (!empty($entry['OrganizationDisplayName'])) { echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['OrganizationDisplayName'], 'en'))); } else { echo htmlspecialchars($entry['entityid']); diff -Nru simplesamlphp-1.13.0/modules/saml/lib/Message.php simplesamlphp-1.13.1/modules/saml/lib/Message.php --- simplesamlphp-1.13.0/modules/saml/lib/Message.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/modules/saml/lib/Message.php 2014-10-27 16:28:10.000000000 +0100 @@ -614,8 +614,9 @@ /* Extract certificate data (if this is a certificate). */ $clientCert = $_SERVER['SSL_CLIENT_CERT']; $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m'; - if (preg_match($pattern, $clientCert, $matches) === FALSE) { - $lastError = 'No valid client certificate provided during TLS Handshake with SP'; + if (!preg_match($pattern, $clientCert, $matches)) { + $lastError = 'Error while looking for client certificate during TLS handshake with SP, the client certificate does not ' + . 'have the expected structure'; continue; } /* We have a valid client certificate from the browser. */ diff -Nru simplesamlphp-1.13.0/templates/includes/header.php simplesamlphp-1.13.1/templates/includes/header.php --- simplesamlphp-1.13.0/templates/includes/header.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/templates/includes/header.php 2014-10-27 16:28:10.000000000 +0100 @@ -188,6 +188,7 @@ 'sr' => 'Srpski', // Serbian 'lv' => 'Latviešu', // Latvian 'ro' => 'Românește', // Romanian + 'eu' => 'Euskara', // Basque ); $textarray = array();