Hello community, here is the log from the commit of package opensaml for openSUSE:Factory checked in at 2019-03-22 15:09:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/opensaml (Old) and /work/SRC/openSUSE:Factory/.opensaml.new.25356 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "opensaml" Fri Mar 22 15:09:13 2019 rev:8 rq:687306 version:3.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/opensaml/opensaml.changes 2018-12-04 20:54:14.652858577 +0100 +++ /work/SRC/openSUSE:Factory/.opensaml.new.25356/opensaml.changes 2019-03-22 15:09:16.105395844 +0100 @@ -1,0 +2,7 @@ +Wed Mar 20 12:55:04 UTC 2019 - Kristýna Streitová <[email protected]> + +- update to 3.0.1 + * no changelog available +- requires libxmltooling-devel >= 3.0.1 + +------------------------------------------------------------------- Old: ---- opensaml-3.0.0.tar.bz2 opensaml-3.0.0.tar.bz2.asc New: ---- opensaml-3.0.1.tar.bz2 opensaml-3.0.1.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ opensaml.spec ++++++ --- /var/tmp/diff_new_pack.KnR2y1/_old 2019-03-22 15:09:16.905395152 +0100 +++ /var/tmp/diff_new_pack.KnR2y1/_new 2019-03-22 15:09:16.909395148 +0100 @@ -1,7 +1,7 @@ # # spec file for package opensaml # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define libvers 10 %define pkgdocdir %{_docdir}/%{name} Name: opensaml -Version: 3.0.0 +Version: 3.0.1 Release: 0 Summary: Security Assertion Markup Language library License: Apache-2.0 @@ -34,7 +34,7 @@ BuildRequires: liblog4shib-devel >= 1.0.4 BuildRequires: libxerces-c-devel >= 3.2 BuildRequires: libxml-security-c-devel >= 2.0.0 -BuildRequires: libxmltooling-devel >= 3.0.0 +BuildRequires: libxmltooling-devel >= 3.0.1 BuildRequires: pkgconfig %if 0%{?suse_version} > 1325 BuildRequires: libboost_headers-devel @@ -78,7 +78,7 @@ Requires: libsaml%{libvers} = %{version}-%{release} Requires: libxerces-c-devel >= 3.2 Requires: libxml-security-c-devel >= 2.0.0 -Requires: libxmltooling-devel >= 3.0.0 +Requires: libxmltooling-devel >= 3.0.1 Provides: opensaml-devel = %{version}-%{release} Obsoletes: opensaml-devel < %{version}-%{release} ++++++ opensaml-3.0.0.tar.bz2 -> opensaml-3.0.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/Makefile.in new/opensaml-3.0.1/Makefile.in --- old/opensaml-3.0.0/Makefile.in 2018-07-10 03:09:33.000000000 +0200 +++ new/opensaml-3.0.1/Makefile.in 2019-03-08 16:01:44.000000000 +0100 @@ -232,7 +232,7 @@ $(top_srcdir)/build-aux/install-sh \ $(top_srcdir)/build-aux/ltmain.sh \ $(top_srcdir)/build-aux/missing build-aux/compile \ - build-aux/config.guess build-aux/config.sub \ + build-aux/config.guess build-aux/config.sub build-aux/depcomp \ build-aux/install-sh build-aux/ltmain.sh build-aux/missing DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/config_win32.h new/opensaml-3.0.1/config_win32.h --- old/opensaml-3.0.0/config_win32.h 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/config_win32.h 2019-02-21 21:06:18.000000000 +0100 @@ -81,13 +81,13 @@ #define PACKAGE_NAME "opensaml" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "opensaml 3.0.0" +#define PACKAGE_STRING "opensaml 3.0.1" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "opensaml" /* Define to the version of this package. */ -#define PACKAGE_VERSION "3.0.0" +#define PACKAGE_VERSION "3.0.1" /* Define to the necessary symbol if this constant uses a non-standard name on your system. */ @@ -100,7 +100,7 @@ /* #undef TM_IN_SYS_TIME */ /* Version number of package */ -#define VERSION "3.0.0" +#define VERSION "3.0.1" /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/configure new/opensaml-3.0.1/configure --- old/opensaml-3.0.0/configure 2018-07-10 03:09:31.000000000 +0200 +++ new/opensaml-3.0.1/configure 2019-03-08 16:01:45.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for opensaml 3.0.0. +# Generated by GNU Autoconf 2.69 for opensaml 3.0.1. # # Report bugs to <https://issues.shibboleth.net/>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='opensaml' PACKAGE_TARNAME='opensaml' -PACKAGE_VERSION='3.0.0' -PACKAGE_STRING='opensaml 3.0.0' +PACKAGE_VERSION='3.0.1' +PACKAGE_STRING='opensaml 3.0.1' PACKAGE_BUGREPORT='https://issues.shibboleth.net/' PACKAGE_URL='' @@ -1430,7 +1430,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures opensaml 3.0.0 to adapt to many kinds of systems. +\`configure' configures opensaml 3.0.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1500,7 +1500,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of opensaml 3.0.0:";; + short | recursive ) echo "Configuration of opensaml 3.0.1:";; esac cat <<\_ACEOF @@ -1658,7 +1658,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -opensaml configure 3.0.0 +opensaml configure 3.0.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2202,7 +2202,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by opensaml $as_me 3.0.0, which was +It was created by opensaml $as_me 3.0.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3067,7 +3067,7 @@ # Define the identity of the package. PACKAGE='opensaml' - VERSION='3.0.0' + VERSION='3.0.1' cat >>confdefs.h <<_ACEOF @@ -21436,7 +21436,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by opensaml $as_me 3.0.0, which was +This file was extended by opensaml $as_me 3.0.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21502,7 +21502,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -opensaml config.status 3.0.0 +opensaml config.status 3.0.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/configure.ac new/opensaml-3.0.1/configure.ac --- old/opensaml-3.0.0/configure.ac 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/configure.ac 2019-02-21 21:05:56.000000000 +0100 @@ -1,5 +1,5 @@ AC_PREREQ([2.50]) -AC_INIT([opensaml],[3.0.0],[https://issues.shibboleth.net/],[opensaml]) +AC_INIT([opensaml],[3.0.1],[https://issues.shibboleth.net/],[opensaml]) AC_CONFIG_SRCDIR(saml) AC_CONFIG_AUX_DIR(build-aux) AC_CONFIG_MACRO_DIR(m4) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/opensaml.spec new/opensaml-3.0.1/opensaml.spec --- old/opensaml-3.0.0/opensaml.spec 2018-07-10 03:10:00.000000000 +0200 +++ new/opensaml-3.0.1/opensaml.spec 2019-03-08 16:02:01.000000000 +0100 @@ -1,5 +1,5 @@ Name: opensaml -Version: 3.0.0 +Version: 3.0.1 Release: 1 Summary: OpenSAML SAML library Group: Development/Libraries/C and C++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/Makefile.am new/opensaml-3.0.1/saml/Makefile.am --- old/opensaml-3.0.0/saml/Makefile.am 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/Makefile.am 2019-02-21 21:07:18.000000000 +0100 @@ -179,7 +179,7 @@ # this is different from the project version # http://sources.redhat.com/autobook/autobook/autobook_91.html -libsaml_la_LDFLAGS = -version-info 10:0:0 +libsaml_la_LDFLAGS = -version-info 10:1:0 libsaml_la_CPPFLAGS = \ $(BOOST_CPPFLAGS) libsaml_la_CXXFLAGS = \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/Makefile.in new/opensaml-3.0.1/saml/Makefile.in --- old/opensaml-3.0.0/saml/Makefile.in 2018-07-10 03:09:33.000000000 +0200 +++ new/opensaml-3.0.1/saml/Makefile.in 2019-03-08 16:01:44.000000000 +0100 @@ -731,7 +731,7 @@ # this is different from the project version # http://sources.redhat.com/autobook/autobook/autobook_91.html -libsaml_la_LDFLAGS = -version-info 10:0:0 +libsaml_la_LDFLAGS = -version-info 10:1:0 libsaml_la_CPPFLAGS = \ $(BOOST_CPPFLAGS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/binding/impl/ClientCertAuthRule.cpp new/opensaml-3.0.1/saml/binding/impl/ClientCertAuthRule.cpp --- old/opensaml-3.0.0/saml/binding/impl/ClientCertAuthRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/binding/impl/ClientCertAuthRule.cpp 2019-02-21 20:50:27.000000000 +0100 @@ -103,7 +103,7 @@ if (!x509trust->validate(chain.front(), chain, *(policy.getMetadataProvider()), &cc)) { if (m_errorFatal) throw SecurityPolicyException("Client certificate supplied, but could not be verified."); - log.error("unable to verify certificate chain with supplied trust engine"); + log.warn("unable to verify certificate chain with supplied trust engine"); return false; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/binding/impl/MessageFlowRule.cpp new/opensaml-3.0.1/saml/binding/impl/MessageFlowRule.cpp --- old/opensaml-3.0.0/saml/binding/impl/MessageFlowRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/binding/impl/MessageFlowRule.cpp 2019-02-21 20:45:47.000000000 +0100 @@ -85,12 +85,12 @@ } else { if (issueInstant > now + skew) { - log.errorStream() << "rejected not-yet-valid message, timestamp (" << issueInstant << + log.warnStream() << "rejected not-yet-valid message, timestamp (" << issueInstant << "), newest allowed (" << now + skew << ")" << logging::eol; throw SecurityPolicyException("Message rejected, was issued in the future."); } else if (issueInstant < now - skew - m_expires) { - log.errorStream() << "rejected expired message, timestamp (" << issueInstant << + log.warnStream() << "rejected expired message, timestamp (" << issueInstant << "), oldest allowed (" << (now - skew - m_expires) << ")" << logging::eol; throw SecurityPolicyException("Message expired, was issued too long ago."); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/binding/impl/SimpleSigningRule.cpp new/opensaml-3.0.1/saml/binding/impl/SimpleSigningRule.cpp --- old/opensaml-3.0.0/saml/binding/impl/SimpleSigningRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/binding/impl/SimpleSigningRule.cpp 2019-02-21 20:50:57.000000000 +0100 @@ -123,7 +123,7 @@ const char* sigAlgorithm = request->getParameter("SigAlg"); if (!sigAlgorithm) { - log.error("SigAlg parameter not found, no way to verify the signature"); + log.warn("SigAlg parameter not found, no way to verify the signature"); return false; } @@ -214,7 +214,7 @@ cc.setXMLAlgorithm(alg.get()); if (!sigtrust->validate(alg.get(), signature, keyInfo, input.c_str(), input.length(), *(policy.getMetadataProvider()), &cc)) { - log.error("unable to verify message signature with supplied trust engine"); + log.warn("unable to verify message signature with supplied trust engine"); if (m_errorFatal) throw SecurityPolicyException("Message was signed, but signature could not be verified."); return false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/binding/impl/XMLSigningRule.cpp new/opensaml-3.0.1/saml/binding/impl/XMLSigningRule.cpp --- old/opensaml-3.0.0/saml/binding/impl/XMLSigningRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/binding/impl/XMLSigningRule.cpp 2019-02-21 20:51:19.000000000 +0100 @@ -99,7 +99,7 @@ sigval.validateSignature(*(signable->getSignature())); } catch (ValidationException& ve) { - log.error("signature profile failed to validate: %s", ve.what()); + log.warn("signature profile failed to validate: %s", ve.what()); if (m_errorFatal) throw; return false; @@ -109,7 +109,7 @@ MetadataCredentialCriteria cc(*(policy.getIssuerMetadata())); if (!sigtrust->validate(*(signable->getSignature()), *(policy.getMetadataProvider()), &cc)) { - log.error("unable to verify message signature with supplied trust engine"); + log.warn("unable to verify message signature with supplied trust engine"); if (m_errorFatal) throw SecurityPolicyException("Message was signed, but signature could not be verified."); return false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/profile/impl/AudienceRestrictionRule.cpp new/opensaml-3.0.1/saml/profile/impl/AudienceRestrictionRule.cpp --- old/opensaml-3.0.0/saml/profile/impl/AudienceRestrictionRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/profile/impl/AudienceRestrictionRule.cpp 2019-02-21 20:55:00.000000000 +0100 @@ -100,7 +100,7 @@ ostringstream os; os << *ac2; - Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.AudienceRestriction").error( + Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.AudienceRestriction").warn( "unacceptable AudienceRestriction in assertion (%s)", os.str().c_str() ); throw SecurityPolicyException("Assertion contains an unacceptable AudienceRestriction."); @@ -129,7 +129,7 @@ ostringstream os; os << *ac1; - Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.AudienceRestriction").error( + Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.AudienceRestriction").warn( "unacceptable AudienceRestrictionCondition in assertion (%s)", os.str().c_str() ); throw SecurityPolicyException("Assertion contains an unacceptable AudienceRestrictionCondition."); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/saml.rc new/opensaml-3.0.1/saml/saml.rc --- old/opensaml-3.0.0/saml/saml.rc 2018-07-12 00:28:04.000000000 +0200 +++ new/opensaml-3.0.1/saml/saml.rc 2019-02-21 21:06:52.000000000 +0100 @@ -28,8 +28,8 @@ // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,0,0,1 - PRODUCTVERSION 3,0,0,0 + FILEVERSION 3,0,1,0 + PRODUCTVERSION 3,0,1,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -47,13 +47,13 @@ VALUE "Comments", "\0" VALUE "CompanyName", "Shibboleth Consortium\0" VALUE "FileDescription", "OpenSAML Library\0" - VALUE "FileVersion", "3, 0, 0, 1\0" + VALUE "FileVersion", "3, 0, 1, 0\0" #ifdef _DEBUG VALUE "InternalName", "saml3_0D\0" #else VALUE "InternalName", "saml3_0\0" #endif - VALUE "LegalCopyright", "Copyright � 2018 UCAID\0" + VALUE "LegalCopyright", "Copyright � 2018 UCAID\0" VALUE "LegalTrademarks", "\0" #ifdef _DEBUG VALUE "OriginalFilename", "saml3_0D.dll\0" @@ -61,8 +61,8 @@ VALUE "OriginalFilename", "saml3_0.dll\0" #endif VALUE "PrivateBuild", "\0" - VALUE "ProductName", "OpenSAML 3.0.0\0" - VALUE "ProductVersion", "3, 0, 0, 0\0" + VALUE "ProductName", "OpenSAML 3.0.1\0" + VALUE "ProductVersion", "3, 0, 1, 0\0" VALUE "SpecialBuild", "\0" END END diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/saml2/profile/impl/BearerConfirmationRule.cpp new/opensaml-3.0.1/saml/saml2/profile/impl/BearerConfirmationRule.cpp --- old/opensaml-3.0.0/saml/saml2/profile/impl/BearerConfirmationRule.cpp 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/saml2/profile/impl/BearerConfirmationRule.cpp 2019-02-21 20:53:28.000000000 +0100 @@ -139,7 +139,7 @@ } } - log.error(msg ? msg : "no error message"); + log.warn(msg ? msg : "no error message"); if (m_fatal) throw SecurityPolicyException("Unable to locate satisfiable bearer SubjectConfirmation in assertion."); return false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/saml/version.h new/opensaml-3.0.1/saml/version.h --- old/opensaml-3.0.0/saml/version.h 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/saml/version.h 2019-02-21 21:07:05.000000000 +0100 @@ -44,7 +44,7 @@ #define OPENSAML_VERSION_MAJOR 3 #define OPENSAML_VERSION_MINOR 0 -#define OPENSAML_VERSION_REVISION 0 +#define OPENSAML_VERSION_REVISION 1 /** DO NOT MODIFY BELOW THIS LINE */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samlsign/samlsign.rc new/opensaml-3.0.1/samlsign/samlsign.rc --- old/opensaml-3.0.0/samlsign/samlsign.rc 2018-07-10 03:09:09.000000000 +0200 +++ new/opensaml-3.0.1/samlsign/samlsign.rc 2019-02-21 21:08:26.000000000 +0100 @@ -28,8 +28,8 @@ // VS_VERSION_INFO VERSIONINFO - FILEVERSION 2,7,0,0 - PRODUCTVERSION 2,7,0,0 + FILEVERSION 3,0,1,0 + PRODUCTVERSION 3,0,1,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -47,14 +47,14 @@ VALUE "Comments", "\0" VALUE "CompanyName", "Shibboleth Consortium\0" VALUE "FileDescription", "OpenSAML Signature Utility\0" - VALUE "FileVersion", "2, 7, 0, 0\0" + VALUE "FileVersion", "3, 0, 1, 0\0" VALUE "InternalName", "samlsign\0" - VALUE "LegalCopyright", "Copyright � 2017 UCAID\0" + VALUE "LegalCopyright", "Copyright � 2018 UCAID\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "samlsign.exe\0" VALUE "PrivateBuild", "\0" - VALUE "ProductName", "OpenSAML 2.7.0\0" - VALUE "ProductVersion", "2, 7, 0, 0\0" + VALUE "ProductName", "OpenSAML 3.0.1\0" + VALUE "ProductVersion", "3, 0, 1, 0\0" VALUE "SpecialBuild", "\0" END END diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samltest/data/saml2/metadata/HTTPMetadataProvider.xml new/opensaml-3.0.1/samltest/data/saml2/metadata/HTTPMetadataProvider.xml --- old/opensaml-3.0.0/samltest/data/saml2/metadata/HTTPMetadataProvider.xml 2018-07-10 03:09:10.000000000 +0200 +++ new/opensaml-3.0.1/samltest/data/saml2/metadata/HTTPMetadataProvider.xml 2018-11-01 15:09:08.000000000 +0100 @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> <MetadataProvider type="XML" url="http://URL.TO.EXAMPLE/ORG/InCommon-metadata.xml"; backingFilePath="../samltest/data/saml2/metadata/InCommon-metadata.xml.bck" validate="0"> - <MetadataFilter type="Signature" certificate="../../../samltest/data/incommon.pem" /> + <MetadataFilter type="Signature" certificate="../samltest/data/incommon.pem" /> </MetadataProvider> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samltest/data/signature/SAML1Assertion.xml new/opensaml-3.0.1/samltest/data/signature/SAML1Assertion.xml --- old/opensaml-3.0.0/samltest/data/signature/SAML1Assertion.xml 2018-07-10 03:09:10.000000000 +0200 +++ new/opensaml-3.0.1/samltest/data/signature/SAML1Assertion.xml 2018-11-01 15:09:08.000000000 +0100 @@ -1,8 +1,4 @@ -<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="ident" -IssueInstant="1970-01-02T01:01:02.100Z" Issuer="issuer" -MajorVersion="1" MinorVersion="1"><saml:AuthenticationStatement AuthenticationInstant="1970-01-02T01:01:02.100Z" -AuthenticationMethod="method" -><saml:Subject><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> +<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="ident" IssueInstant="1970-01-02T01:01:02.100Z" Issuer="issuer" MajorVersion="1" MinorVersion="1"><saml:AuthenticationStatement AuthenticationInstant="1970-01-02T01:01:02.100Z" AuthenticationMethod="method"><saml:Subject><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> @@ -11,13 +7,13 @@ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>j2GRm2UDOBvxwlzvX0fjXYeAGIA=</ds:DigestValue> +<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +<ds:DigestValue>wc8nsN/vydGVRrRESM4J9A/3wAy/oIWTmCaOtFJPk9c=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> -<ds:SignatureValue>AA5098JC4gfdAf2bvPQRZ9Ld/VehXAB3uhp0r4js4i6fMB3hGMs4VnE9iEJEsPDD -0Kj4cfewxHij/kHrWcxpKMMqIgGlqKYZhuQHfFt8GzDeeFIgu1R675jcN4uCOoWl -3aRVd9hgPRsXzf7/RkMiXHIsU/NjUPRKf7GjNt2jNT0=</ds:SignatureValue> +<ds:SignatureValue>S+dC36V+L4yYAOobK3LABIM8XmpCecuZx6xwmk4BMRinuUNCJpowt5YM7EGwY2lT +qpBp5A35/c60ShDSXlIthOP+0FvLp8uSMbw8QMnU2/wdLfFq/2imGYsjjt3IMw2s +A1BQ2l8hU8uPPNXXCOW6bO1MRPbwXM9Aaj6Jhr25e48=</ds:SignatureValue> <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samltest/data/signature/SAML1Request.xml new/opensaml-3.0.1/samltest/data/signature/SAML1Request.xml --- old/opensaml-3.0.0/samltest/data/signature/SAML1Request.xml 2018-07-10 03:09:10.000000000 +0200 +++ new/opensaml-3.0.1/samltest/data/signature/SAML1Request.xml 2018-11-01 15:09:08.000000000 +0100 @@ -1,5 +1,4 @@ -<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" IssueInstant="1970-01-02T01:01:02.100Z" -MajorVersion="1" MinorVersion="1" RequestID="ident"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> +<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" IssueInstant="1970-01-02T01:01:02.100Z" MajorVersion="1" MinorVersion="1" RequestID="ident"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> @@ -8,13 +7,13 @@ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>pqhIt8nUldh3KVL6IEewRxKXYhM=</ds:DigestValue> +<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +<ds:DigestValue>lPzigs+xAxljZ6FiItmyiMBZwBrFk9UM+FNk69PmrY0=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> -<ds:SignatureValue>UE5p832pLFYvMloRofN3y0rrFY7B8zOcF7+CHYyxFn6pqgPeEYGqkbUWlV15/tJ5 -wXJ3LiLQroYQI3XHPvKRSV4OtF9ZFm4QDK7RNd6gnUmHed6Zje//e6z2ekA0UzTl -IeWCuD84mWemMJzRAhSFKcnqJDBHA61Krvg1kf/2c2E=</ds:SignatureValue> +<ds:SignatureValue>1VME3lZuPgLki6ly93Hg6x37dZJRI3jVOXTZPxbGWrlPeENHA+8E0hVUycQ2xJNv +TR/V+90WKaEv1LyF9o4oaLv7XLi8DwfXyQiDpCJ46oiSO9MxNcC4M8VaNmSkRVP6 +otJ5PG+ac8Ydq7Ocru2nbJZ4p8XuzeFVeaWpzmzaq0k=</ds:SignatureValue> <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC @@ -29,4 +28,4 @@ gYEAMFq/UeSQyngE0GpZueyD2UW0M358uhseYOgGEIfm+qXIFQF6MYwNoX7WFzhC LJZ2E6mEvZZFHCHUtl7mGDvsRwgZ85YCtRbvleEpqfgNQToto9pLYe+X6vvH9Z6p gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0= -</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><samlp:AuthenticationQuery AuthenticationMethod="method"><saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></samlp:AuthenticationQuery></samlp:Request> +</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><samlp:AuthenticationQuery AuthenticationMethod="method"><saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></samlp:AuthenticationQuery></samlp:Request> \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samltest/data/signature/SAML1Response.xml new/opensaml-3.0.1/samltest/data/signature/SAML1Response.xml --- old/opensaml-3.0.0/samltest/data/signature/SAML1Response.xml 2018-07-10 03:09:10.000000000 +0200 +++ new/opensaml-3.0.1/samltest/data/signature/SAML1Response.xml 2018-11-01 15:09:08.000000000 +0100 @@ -1,4 +1,4 @@ -<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:shib="urn:mace:shibboleth" IssueInstant="1970-01-02T01:01:02.100Z" MajorVersion="1" MinorVersion="1" ResponseID="rident"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> +<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" IssueInstant="1970-01-02T01:01:02.100Z" MajorVersion="1" MinorVersion="1" ResponseID="rident" xmlns:shib="urn:mace:shibboleth"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> @@ -9,13 +9,13 @@ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="shib"/> </ds:Transform> </ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>9sBlLRUZWT199jgSaCfzqSRWMTc=</ds:DigestValue> +<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +<ds:DigestValue>/4Pgha71hsJVzrYT1Hy1x7l9m04kkQEnKhCyEMzwxUE=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> -<ds:SignatureValue>BpkmYve9GGRwMOUpRRnINKGhAK2mmZZSFFTImpxzD62++Kbzygg4+T6OP+5cs1BR -wf/Ca+uuEHIeo/1MHpmqVASMfDPMY3L1M7JzZ+kAbmnywohhwtj7zMSQ8kOFRVDo -mEbY9lFSfb7VRDMKWOGZPRAj7ezZdeXmGpdrHobrY5s=</ds:SignatureValue> +<ds:SignatureValue>Gt/2YBwmZY2J6Odf8VkYbRVlTwO3D+smn6zZ7YQMXtG2P1rEl+fQP+QSWaU6ZqA5 +27Oad3MSe/T2BlMOHa7V90RNCkFTJHQa7fBK13+CPVkhmLfLuHhpy0sX89r22e0q +S7f1I27KSZq7BlHhzhBPDoFbXsdgNQFNjBG0RjVrqYU=</ds:SignatureValue> <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC @@ -30,11 +30,7 @@ gYEAMFq/UeSQyngE0GpZueyD2UW0M358uhseYOgGEIfm+qXIFQF6MYwNoX7WFzhC LJZ2E6mEvZZFHCHUtl7mGDvsRwgZ85YCtRbvleEpqfgNQToto9pLYe+X6vvH9Z6p gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0= -</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><samlp:Status><samlp:StatusCode -Value="samlp:Success"><samlp:StatusCode Value="shib:NoReally"/></samlp:StatusCode></samlp:Status><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="aident" -IssueInstant="1970-01-02T01:01:02.100Z" Issuer="issuer" MajorVersion="1" MinorVersion="1"><saml:AuthenticationStatement -AuthenticationInstant="1970-01-02T01:01:02.100Z" -AuthenticationMethod="method"><saml:Subject><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> +</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><samlp:Status><samlp:StatusCode Value="samlp:Success"><samlp:StatusCode Value="shib:NoReally"/></samlp:StatusCode></samlp:Status><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="aident" IssueInstant="1970-01-02T01:01:02.100Z" Issuer="issuer" MajorVersion="1" MinorVersion="1"><saml:AuthenticationStatement AuthenticationInstant="1970-01-02T01:01:02.100Z" AuthenticationMethod="method"><saml:Subject><saml:NameIdentifier>John Doe</saml:NameIdentifier></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> @@ -43,13 +39,13 @@ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>/owFROXYYru5+/j0TpHEz+hjXqY=</ds:DigestValue> +<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +<ds:DigestValue>9NYMsHLRPcafmjoRnggkvUuzMnFE9mzlWdLHzJL/y7Y=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> -<ds:SignatureValue>d4SsRgDSjboTRA2YUD68TPp+17AqRmxbY/LrWJhueIC/JY+Ct7+Fd6bugUXliIeD -NVRDACsEB7PqYWZ99+Ecf8XAmQYCw5elj8mWxPp0o+UVHtBZOR2bC+/YjNitSM+x -G/F3JgZqfunUcg7mcj6WEAUt4pjKhjaTY8Z7QJltdKc=</ds:SignatureValue> +<ds:SignatureValue>Fk4s35idW+0Vm/XfMgH+a04XqcrX4jiCYZ0aRdkKEpZcO75EetZxtuLdg8c57yO3 +tCPzkDFRaeFzI23/SciGlk+nhl+s+5iNysFY/iEG174tzgFHtBbcEjGjw3c6YUd8 +GmcaJ7cuV+iv8rCUpLu0NxQ9jSEOCshX5ZIKglddiMI=</ds:SignatureValue> <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/opensaml-3.0.0/samltest/data/signature/SAML2Assertion.xml new/opensaml-3.0.1/samltest/data/signature/SAML2Assertion.xml --- old/opensaml-3.0.0/samltest/data/signature/SAML2Assertion.xml 2018-07-10 03:09:10.000000000 +0200 +++ new/opensaml-3.0.1/samltest/data/signature/SAML2Assertion.xml 2018-11-01 15:09:08.000000000 +0100 @@ -1,5 +1,4 @@ -<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ident" IssueInstant="1970-01-02T01:01:02.100Z" -Version="2.0"><saml:Issuer>issuer</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> +<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ident" IssueInstant="1970-01-02T01:01:02.100Z" Version="2.0"><saml:Issuer>issuer</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> @@ -8,13 +7,13 @@ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>8DSEsWJl4wOiwY15f7fAurDWpbo=</ds:DigestValue> +<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +<ds:DigestValue>AQGLm1KiW4D78s+fxQ2UPZHwwXR7CPKDIvkgzNDFzbU=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> -<ds:SignatureValue>zgKU42nQKyB9m8RkDz1I2r7h0N9pc5ys9kve7oN9/Dugrn583/3bMgQBfk1rw4Pq -BfztAZNcf2lstzvgpVB9fVTsTUuEDtT0mhc+f5t8kbCkABGu0SrfCnDjbYpmEeLC -j8rJO4aSZIV4tN21aAkQyys28l4oB3KGTTDASjEPVgQ=</ds:SignatureValue> +<ds:SignatureValue>jLLZZQ6cty2FcjsGn/zuzfjXQqyMNMkbdw+wJXXTS1YmnKVYtE9H7skjU9bcj4Lo +MpRXQlJLtX1sIgpTQS2pSh4kkwE+Z7yO/SDaM5qcVawH5zI3C03s3ty0xGQx9SzW +1TTK4vgfWLOh5NQzDt2WhZPGSS3H1hpxS+MlbnflPTU=</ds:SignatureValue> <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC @@ -29,5 +28,4 @@ gYEAMFq/UeSQyngE0GpZueyD2UW0M358uhseYOgGEIfm+qXIFQF6MYwNoX7WFzhC LJZ2E6mEvZZFHCHUtl7mGDvsRwgZ85YCtRbvleEpqfgNQToto9pLYe+X6vvH9Z6p gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0= -</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml:Subject><saml:NameID>John Doe</saml:NameID></saml:Subject><saml:AuthnStatement -AuthnInstant="1970-01-02T01:01:02.100Z"><saml:AuthnContext><saml:AuthnContextClassRef>method</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement></saml:Assertion> \ No newline at end of file +</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml:Subject><saml:NameID>John Doe</saml:NameID></saml:Subject><saml:AuthnStatement AuthnInstant="1970-01-02T01:01:02.100Z"><saml:AuthnContext><saml:AuthnContextClassRef>method</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement></saml:Assertion> \ No newline at end of file
