This is an automated email from the git hooks/post-receive script. gregoa pushed a change to annotated tag upstream/1.17 in repository libnet-openid-consumer-perl.
at 0ad7997 (tag) tagging 50a3a72db2503890b912f31f5d2d8f3e8470730d (commit) replaces upstream/1.16 tagged by gregor herrmann on Sun Feb 7 17:29:17 2016 +0100 - Log ----------------------------------------------------------------- Upstream version 1.17 Adam Sjøgren (3): Set openid.ns.sreg when using sreg 1.1 Look at ext_uri to find the sreg version Try handling possible Timing Attack problems Alexandr Ciornii (4): add compat layer for WriteMakefile1 better META.yml add missing prereqs typo David Steinbrunner (2): typo fix typo fixes Evgeniy Kosov (1): Fix uri_escape'ing of UTF-8 attributes Ludwig Nussel (1): explictly require CGI Mario Domgoergen (2): added missing error messages error messages sorted and intended Paul Johnson (1): Fix typo in comment. Robert Norris (32): dzil config Merge branch 'asjo-fixes' Merge branch 'asjo-timing-attack' Merge branch 'dist-zilla' version bump and changelog update explicitly use crypt::dh::gmp dzil version stuff get crypt::dh stuff from -common use digest:sha for hmac stuff switch to int conversion funcs remove shipit files changelog version changes is more standard gitignore more dzil support dist metadata v1.030099_001 fix a call to hmac stuff in ::Common that no longer exists version bump v1.030099_002 this is what you get when dzil dies during release missed the changelog entry for _002. oh well doc tweaks add namespace to check_authentication signature verification calls to fix stateless mode against strict OPs v1.030099_003 add link to group as homepage example cgi include lwp v1.030099_004 use proper json and uri escapers v1.030099_005 depend on json Roger Crew (76): move use statements inside the package improve <head> extraction to ignore comments and CDATA improve <link|meta> parsing for _find_semantic_info + tests correctly handle setup_needed if setup_url is missing in 2.0 fix handling of sreg extension under 2.0 handle version 2.0 associations and all session/association types introduce consumer->assoc_options Improved/fixed error message texts, moved to global variable Avoid eq vs. uninitialized warning pod fix -- close #65481 fix handle_server_response unknown callback error message -- close #58368 documentation changes re setup_needed() and user_setup_url() fix minimum_version confusion replace _message_mode with _message_mode_is handle 2.0 provider 'error' mode responses introduce 'setup_needed' callback to replace 'setup_required' callback whitespace update Changes edit Changes dist.ini changes v1.030099_006 add handle_server_response bad callback tests Fix check_authentication under OpenID 2.0 -- close #63460 rearrange bogus html parsing code, cache semantic info rather than document fix uninit warning in FakeFetch use HTML::Parser -- close #24357 Moved HTML parsing routines to Net::OpenID::Common update Changes and highlight API changes added setup_required deprecation warning Added INSTALL and README v1.100099_001 Prevent eq vs. uninitialized warning in _find_semantic_info 'server' -> 'provider' comment tweaks pod reorder method descriptions pod subdivide method section pod miscellaneous cleanups/typos/reformats pod consumer_secret redo explanation to include CSRF advice clean up sort criterion in _discover_acceptable_endpoints() introduce _hashgetset; prep for adding nonce_options implement response_nonce checking v1.100099_002 yes, there were more Changes new repository URL use message_version >= 2 not message_version == 2 factor out _canonicalize_id_url remove _canonicalize_id_url call from _discover_acceptable_endpointsa fix openID 2.0 directed identity endpoints causing 1.1 verified_identities to fail move endpoint->uri == server check earlier pod fix synopsis and other cleanups add ROBN and WROG as authors fix blankness of VerifiedIdentity->signed_fields pod added section on error codes added missing Error_text update Changes, flesh out previous major Changes v1.11 bump required Net-OpenID-Common version to 1.13 v1.12 dist.ini files fix copyrignt and old danga.com reference added POD section on protocol conformance, fixed links v1.13 Merge pull request #1 from pjcj/patch-1 fix uninit warning if assoc_handle is missing make t/99 not rely on utf8 source docfix: expose protocol_version, has_ext, and get_ext on IndirectMessage docfix: update consumer.cgi example to conform to current API (closes #74101) v1.14 v1.14 more tests Require Net-OpenID-Common 1.18 (closes #88460) v1.15 Merge pull request #3 from dsteinbrunner/patch-1 Require Net-OpenID-Common 1.19 (closes #90547) v1.16 Merge pull request #5 from lnussel/cgi v1.17 bradfitz (29): Comitting OpenID consumer and server modules. first version of DH/HMAC-based protocol. more misc bug fixes/changes bug bugs bugs getting there... more debugging, a FIXME, and caching fixes helps to not have syntax errors pass $csr, not $cache to handle_assoc sha1 not in util package lowercase scheme and hostname in identity URLs + * copy all signed parameters into POST args in dumb mode, + * handle openid.delegate properly (was losing state because I'd invalidate_handle support, and other misc bugfixes openid.mode=cancel support bugs util not Util + * document common error codes from claimed_identity, and version 0.11 + * reject cached association validation if expiry is in past decode entities + * required_root in constructor/method/validated_identity final version numbers for release give users access to the signed_fields from the verified identity object + * go into dumb mode earlier if it's detected that our cache object + * work-around bug in some openid servers that don't escape "+". Checking in changes prior to tagging of version 0.13. Changelog diff is: Checking in changes prior to tagging of version 0.14. Changelog diff is: add method on claimed identity object to get delgated URL gregor herrmann (1): Imported Upstream version 1.17 mart (12): Merge the changes from the openid2 branch into trunk. Let's bump our version number up to 1.01 in preparation for a release. We don't actually depend on URI::Fetch anymore. Looks like the MANIFEST has got a little out of date. Remove leftover reference to URI::Fetch. Put the version number in the changelog. Add information about the mailing list to the docs. Declare dependency on XML::Simple. Create Net::OpenID::Common and move some bits out of ::Consumer into it so that future versions of ::Server can use them: Merge changes from Consumer 1.03 into trunk. Remove the "messages" test from the consumer manifest, since it's now in the "common" package. Always expect user_setup_url, even in the 2.0 case. This violates the spec, but is consistent with what providers in the wild do and is the only way this can work without breaking backward compatibility. miyagawa (5): works with CGI::Fast revert the previous commit fixed an URI canonicalization bug with https claimed identity reorder CGI::Subclass and CGI definition so no warnings redefined actually works chop extra attribtues in Cotent-Type so it could work with Google's XRD direct input ----------------------------------------------------------------------- No new revisions were added by this update. -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libnet-openid-consumer-perl.git _______________________________________________ Pkg-perl-cvs-commits mailing list Pkgfirstname.lastname@example.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-perl-cvs-commits