Bug#768402: marked as done (unblock: simplesamlphp/1.13.1-1)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 12 Nov 2014 17:59:28 +0000
with message-id <20141112175928.GN21455@lupin.home.powdarrmonkey.net>
and subject line Re: Bug#768402: unblock: simplesamlphp/1.13.1-1
has caused the Debian Bug report #768402,
regarding unblock: simplesamlphp/1.13.1-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
768402: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768402
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: simplesamlphp/1.13.1-1
• From: Thijs Kinkhorst <thijs@debian.org>
• Date: Fri, 07 Nov 2014 08:30:51 +0100
• Message-id: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package simplesamlphp/1.13.1-1

This is an upstream release limited to strictly bugfixes.

Attached debdiff shows the changes with autogenerated files removed;
the original debdiff is much larger because the upstream tarball
contains some .svn dirs with changed contents. These dirs are not
present in the binary package, and will be removed in the next
upstream release.

unblock simplesamlphp/1.13.1-1


Thanks,
Thijs

diff -Nru simplesamlphp-1.13.0/debian/changelog simplesamlphp-1.13.1/debian/changelog
--- simplesamlphp-1.13.0/debian/changelog	2014-09-25 20:27:30.000000000 +0200
+++ simplesamlphp-1.13.1/debian/changelog	2014-10-27 20:23:50.000000000 +0100
@@ -1,3 +1,9 @@
+simplesamlphp (1.13.1-1) unstable; urgency=medium
+
+  * New upstream bugfix release.
+
+ -- Thijs Kinkhorst <thijs@debian.org>  Mon, 27 Oct 2014 19:23:35 +0000
+
 simplesamlphp (1.13.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru simplesamlphp-1.13.0/debian/control simplesamlphp-1.13.1/debian/control
--- simplesamlphp-1.13.0/debian/control	2014-08-18 11:11:23.000000000 +0200
+++ simplesamlphp-1.13.1/debian/control	2014-10-27 20:24:41.000000000 +0100
@@ -7,7 +7,7 @@
 Homepage: http://simplesamlphp.org/
 Vcs-Git: git://git.assembla.com/confusa_packaging
 Vcs-Browser: http://www.assembla.com/code/confusa_packaging/git/nodes
-Standards-Version: 3.9.5
+Standards-Version: 3.9.6
 
 Package: simplesamlphp
 Architecture: all 
diff -Nru simplesamlphp-1.13.0/debian/lintian-overrides simplesamlphp-1.13.1/debian/lintian-overrides
--- simplesamlphp-1.13.0/debian/lintian-overrides	2014-08-18 11:11:23.000000000 +0200
+++ simplesamlphp-1.13.1/debian/lintian-overrides	2014-10-27 20:25:30.000000000 +0100
@@ -1,3 +1,2 @@
 simplesamlphp: non-standard-dir-perm var/lib/simplesamlphp/data/ 0730 != 0755
 simplesamlphp: non-standard-dir-perm var/log/simplesamlphp/ 0730 != 0755
-simplesamlphp: package-contains-empty-directory usr/share/simplesamlphp/modules/openid/hooks/
diff -Nru simplesamlphp-1.13.0/debian/rules simplesamlphp-1.13.1/debian/rules
--- simplesamlphp-1.13.0/debian/rules	2014-09-25 20:36:29.000000000 +0200
+++ simplesamlphp-1.13.1/debian/rules	2014-10-27 20:28:46.000000000 +0100
@@ -25,7 +25,7 @@
 	   debian/simplesamlphp/usr/share/simplesamlphp/vendor/simplesamlphp/saml2/LICENSE \
 	   debian/simplesamlphp/usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/LICENSE
 	find . -type f -executable -not -path '*/bin/*' | xargs chmod -x
-	find . -type d -name \.svn | xargs rm -r
+	find . -type d -name \.svn | xargs -r rm -r
 	dh_fixperms
 	chgrp www-data debian/simplesamlphp/var/lib/simplesamlphp/data \
 		debian/simplesamlphp/var/log/simplesamlphp
diff -Nru simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt
--- simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt	2014-10-27 16:28:10.000000000 +0100
@@ -6,6 +6,16 @@
 This document lists the changes between versions of simpleSAMLphp.
 See the upgrade notes for specific information about upgrading.
 
+## Version 1.13.1
+
+Released 2014-10-27
+
+  * Solved an issue with empty fields in metadata to cause SimpleSAMLphp to fail with a translation error. Issues #97 and #114.
+  * Added Basque language to the list of known languages. Issue #117.
+  * Optimized the execution of redirections by removing an additional, unnecessary function call.
+  * Solved an issue that caused SimpleSAMLphp to fail when the RelayState parameter was empty or missing on an IdP-initiated authentication. Issues #99 and # 104.
+  * Fixed a certificate check for SubjectConfirmations with Holder of Key methods.
+
 ## Version 1.13
 
 Released 2014-09-25.
diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php
--- simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php	2014-10-27 16:28:10.000000000 +0100
@@ -289,7 +289,7 @@
 	 * @return string
 	 */
 	public function getVersion() {
-		return '1.13.0';
+		return '1.13.1';
 	}
 
 
diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php
--- simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php	2014-10-27 16:28:10.000000000 +0100
@@ -636,7 +636,7 @@
 		$this->addExtensions($ret, $spd);
 
 		// prioritize mdui:DisplayName as the name if available
-		if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) {
+		if (!empty($ret['UIInfo']['DisplayName'])) {
 			$ret['name'] = $ret['UIInfo']['DisplayName'];
 		}
 
@@ -705,7 +705,7 @@
 		$this->addExtensions($ret, $idp);
 
 		// prioritize mdui:DisplayName as the name if available
-		if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) {
+		if (!empty($ret['UIInfo']['DisplayName'])) {
 			$ret['name'] = $ret['UIInfo']['DisplayName'];
 		}
 
diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php
--- simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php	2014-10-27 16:28:10.000000000 +0100
@@ -309,12 +309,10 @@
 	 * allowed by configuration.
 	 */
 	public static function checkURLAllowed($url, array $trustedSites = NULL) {
-		$url = self::normalizeURL($url);
-
-		// verify that the URL points to an http or https site
-		if (!preg_match('@^https?://@i', $url)) {
-			throw new SimpleSAML_Error_Exception('Invalid URL: '.$url);
+		if (empty($url)) {
+			return '';
 		}
+		$url = self::normalizeURL($url);
 
 		// get the white list of domains
 		if ($trustedSites === NULL) {
@@ -652,9 +650,10 @@
 		assert(strlen($url) > 0);
 		assert(is_array($parameters));
 
-		$url = self::normalizeURL($url);
 		if ($allowed_redirect_hosts !== NULL) {
-			$url = self::checkURLAllowed($url, $allowed_redirect_hosts);	
+			$url = self::checkURLAllowed($url, $allowed_redirect_hosts);
+		} else {
+			$url = self::normalizeURL($url);
 		}
 		self::_doRedirect($url, $parameters);
 	}
diff -Nru simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php
--- simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php	2014-10-27 16:28:10.000000000 +0100
@@ -60,9 +60,9 @@
 		echo '<br /><b>Deprecated</b>';
 	if ($hm['entityid'] !== $hm['metadata-index']) 
 		echo '<br />Index: ' . $hm['metadata-index'];
-	if (array_key_exists('name', $hm))
+	if (!empty($hm['name']))
 		echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['name'], 'en')) . '</strong>';
-	if (array_key_exists('descr', $hm))
+	if (!empty($hm['descr']))
 		echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['descr'], 'en')) . '</strong>';
 
 	echo '<br  />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]';
@@ -81,9 +81,9 @@
 		echo ('<a href="' . 
 			htmlspecialchars(SimpleSAML_Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey ))) .
 			'">');
-		if (array_key_exists('name', $entry)) {
+		if (!empty($entry['name'])) {
 			echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en')));
-		} elseif (array_key_exists('OrganizationDisplayName', $entry)) {
+		} elseif (!empty($entry['OrganizationDisplayName'])) {
 			echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['OrganizationDisplayName'], 'en')));
 		} else {
 			echo htmlspecialchars($entry['entityid']);
diff -Nru simplesamlphp-1.13.0/modules/saml/lib/Message.php simplesamlphp-1.13.1/modules/saml/lib/Message.php
--- simplesamlphp-1.13.0/modules/saml/lib/Message.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/modules/saml/lib/Message.php	2014-10-27 16:28:10.000000000 +0100
@@ -614,8 +614,9 @@
 				/* Extract certificate data (if this is a certificate). */
 				$clientCert = $_SERVER['SSL_CLIENT_CERT'];
 				$pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m';
-				if (preg_match($pattern, $clientCert, $matches) === FALSE) {
-				    $lastError = 'No valid client certificate provided during TLS Handshake with SP';
+				if (!preg_match($pattern, $clientCert, $matches)) {
+				    $lastError = 'Error while looking for client certificate during TLS handshake with SP, the client certificate does not '
+				                 . 'have the expected structure';
 				    continue;
 				}
 				/* We have a valid client certificate from the browser. */
diff -Nru simplesamlphp-1.13.0/templates/includes/header.php simplesamlphp-1.13.1/templates/includes/header.php
--- simplesamlphp-1.13.0/templates/includes/header.php	2014-09-25 14:25:08.000000000 +0200
+++ simplesamlphp-1.13.1/templates/includes/header.php	2014-10-27 16:28:10.000000000 +0100
@@ -188,6 +188,7 @@
 					'sr' => 'Srpski', // Serbian
 					'lv' => 'Latviešu', // Latvian
 					'ro' => 'Românește', // Romanian
+					'eu' => 'Euskara', // Basque
 		);
 		
 		$textarray = array();

--- End Message ---

--- Begin Message ---

• To: Thijs Kinkhorst <thijs@debian.org>, 768402-done@bugs.debian.org
• Subject: Re: Bug#768402: unblock: simplesamlphp/1.13.1-1
• From: Jonathan Wiltshire <jmw@debian.org>
• Date: Wed, 12 Nov 2014 17:59:28 +0000
• Message-id: <20141112175928.GN21455@lupin.home.powdarrmonkey.net>
• In-reply-to: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>
• References: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>

On Fri, Nov 07, 2014 at 08:30:51AM +0100, Thijs Kinkhorst wrote:
> This is an upstream release limited to strictly bugfixes.
> 
> Attached debdiff shows the changes with autogenerated files removed;
> the original debdiff is much larger because the upstream tarball
> contains some .svn dirs with changed contents. These dirs are not
> present in the binary package, and will be removed in the next
> upstream release.

Unblocked.

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Attachment: signature.asc
Description: Digital signature

--- End Message ---