Your message dated Wed, 12 Nov 2014 17:59:28 +0000 with message-id <20141112175928.GN21455@lupin.home.powdarrmonkey.net> and subject line Re: Bug#768402: unblock: simplesamlphp/1.13.1-1 has caused the Debian Bug report #768402, regarding unblock: simplesamlphp/1.13.1-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 768402: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768402 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: simplesamlphp/1.13.1-1
- From: Thijs Kinkhorst <thijs@debian.org>
- Date: Fri, 07 Nov 2014 08:30:51 +0100
- Message-id: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package simplesamlphp/1.13.1-1 This is an upstream release limited to strictly bugfixes. Attached debdiff shows the changes with autogenerated files removed; the original debdiff is much larger because the upstream tarball contains some .svn dirs with changed contents. These dirs are not present in the binary package, and will be removed in the next upstream release. unblock simplesamlphp/1.13.1-1 Thanks, Thijsdiff -Nru simplesamlphp-1.13.0/debian/changelog simplesamlphp-1.13.1/debian/changelog --- simplesamlphp-1.13.0/debian/changelog 2014-09-25 20:27:30.000000000 +0200 +++ simplesamlphp-1.13.1/debian/changelog 2014-10-27 20:23:50.000000000 +0100 @@ -1,3 +1,9 @@ +simplesamlphp (1.13.1-1) unstable; urgency=medium + + * New upstream bugfix release. + + -- Thijs Kinkhorst <thijs@debian.org> Mon, 27 Oct 2014 19:23:35 +0000 + simplesamlphp (1.13.0-1) unstable; urgency=medium * New upstream release. diff -Nru simplesamlphp-1.13.0/debian/control simplesamlphp-1.13.1/debian/control --- simplesamlphp-1.13.0/debian/control 2014-08-18 11:11:23.000000000 +0200 +++ simplesamlphp-1.13.1/debian/control 2014-10-27 20:24:41.000000000 +0100 @@ -7,7 +7,7 @@ Homepage: http://simplesamlphp.org/ Vcs-Git: git://git.assembla.com/confusa_packaging Vcs-Browser: http://www.assembla.com/code/confusa_packaging/git/nodes -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Package: simplesamlphp Architecture: all diff -Nru simplesamlphp-1.13.0/debian/lintian-overrides simplesamlphp-1.13.1/debian/lintian-overrides --- simplesamlphp-1.13.0/debian/lintian-overrides 2014-08-18 11:11:23.000000000 +0200 +++ simplesamlphp-1.13.1/debian/lintian-overrides 2014-10-27 20:25:30.000000000 +0100 @@ -1,3 +1,2 @@ simplesamlphp: non-standard-dir-perm var/lib/simplesamlphp/data/ 0730 != 0755 simplesamlphp: non-standard-dir-perm var/log/simplesamlphp/ 0730 != 0755 -simplesamlphp: package-contains-empty-directory usr/share/simplesamlphp/modules/openid/hooks/ diff -Nru simplesamlphp-1.13.0/debian/rules simplesamlphp-1.13.1/debian/rules --- simplesamlphp-1.13.0/debian/rules 2014-09-25 20:36:29.000000000 +0200 +++ simplesamlphp-1.13.1/debian/rules 2014-10-27 20:28:46.000000000 +0100 @@ -25,7 +25,7 @@ debian/simplesamlphp/usr/share/simplesamlphp/vendor/simplesamlphp/saml2/LICENSE \ debian/simplesamlphp/usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/LICENSE find . -type f -executable -not -path '*/bin/*' | xargs chmod -x - find . -type d -name \.svn | xargs rm -r + find . -type d -name \.svn | xargs -r rm -r dh_fixperms chgrp www-data debian/simplesamlphp/var/lib/simplesamlphp/data \ debian/simplesamlphp/var/log/simplesamlphp diff -Nru simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt --- simplesamlphp-1.13.0/docs/simplesamlphp-changelog.txt 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/docs/simplesamlphp-changelog.txt 2014-10-27 16:28:10.000000000 +0100 @@ -6,6 +6,16 @@ This document lists the changes between versions of simpleSAMLphp. See the upgrade notes for specific information about upgrading. +## Version 1.13.1 + +Released 2014-10-27 + + * Solved an issue with empty fields in metadata to cause SimpleSAMLphp to fail with a translation error. Issues #97 and #114. + * Added Basque language to the list of known languages. Issue #117. + * Optimized the execution of redirections by removing an additional, unnecessary function call. + * Solved an issue that caused SimpleSAMLphp to fail when the RelayState parameter was empty or missing on an IdP-initiated authentication. Issues #99 and # 104. + * Fixed a certificate check for SubjectConfirmations with Holder of Key methods. + ## Version 1.13 Released 2014-09-25. diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Configuration.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Configuration.php 2014-10-27 16:28:10.000000000 +0100 @@ -289,7 +289,7 @@ * @return string */ public function getVersion() { - return '1.13.0'; + return '1.13.1'; } diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Metadata/SAMLParser.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Metadata/SAMLParser.php 2014-10-27 16:28:10.000000000 +0100 @@ -636,7 +636,7 @@ $this->addExtensions($ret, $spd); // prioritize mdui:DisplayName as the name if available - if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) { + if (!empty($ret['UIInfo']['DisplayName'])) { $ret['name'] = $ret['UIInfo']['DisplayName']; } @@ -705,7 +705,7 @@ $this->addExtensions($ret, $idp); // prioritize mdui:DisplayName as the name if available - if (isset($ret['UIInfo']) && isset($ret['UIInfo']['DisplayName'])) { + if (!empty($ret['UIInfo']['DisplayName'])) { $ret['name'] = $ret['UIInfo']['DisplayName']; } diff -Nru simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php --- simplesamlphp-1.13.0/lib/SimpleSAML/Utilities.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/lib/SimpleSAML/Utilities.php 2014-10-27 16:28:10.000000000 +0100 @@ -309,12 +309,10 @@ * allowed by configuration. */ public static function checkURLAllowed($url, array $trustedSites = NULL) { - $url = self::normalizeURL($url); - - // verify that the URL points to an http or https site - if (!preg_match('@^https?://@i', $url)) { - throw new SimpleSAML_Error_Exception('Invalid URL: '.$url); + if (empty($url)) { + return ''; } + $url = self::normalizeURL($url); // get the white list of domains if ($trustedSites === NULL) { @@ -652,9 +650,10 @@ assert(strlen($url) > 0); assert(is_array($parameters)); - $url = self::normalizeURL($url); if ($allowed_redirect_hosts !== NULL) { - $url = self::checkURLAllowed($url, $allowed_redirect_hosts); + $url = self::checkURLAllowed($url, $allowed_redirect_hosts); + } else { + $url = self::normalizeURL($url); } self::_doRedirect($url, $parameters); } diff -Nru simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php --- simplesamlphp-1.13.0/modules/core/templates/frontpage_federation.tpl.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/modules/core/templates/frontpage_federation.tpl.php 2014-10-27 16:28:10.000000000 +0100 @@ -60,9 +60,9 @@ echo '<br /><b>Deprecated</b>'; if ($hm['entityid'] !== $hm['metadata-index']) echo '<br />Index: ' . $hm['metadata-index']; - if (array_key_exists('name', $hm)) + if (!empty($hm['name'])) echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['name'], 'en')) . '</strong>'; - if (array_key_exists('descr', $hm)) + if (!empty($hm['descr'])) echo '<br /><strong>' . $this->getTranslation(SimpleSAML_Utilities::arrayize($hm['descr'], 'en')) . '</strong>'; echo '<br />[ <a href="' . $hm['metadata-url'] . '">' . $this->t('{core:frontpage:show_metadata}') . '</a> ]'; @@ -81,9 +81,9 @@ echo ('<a href="' . htmlspecialchars(SimpleSAML_Module::getModuleURL('core/show_metadata.php', array('entityid' => $entry['entityid'], 'set' => $setkey ))) . '">'); - if (array_key_exists('name', $entry)) { + if (!empty($entry['name'])) { echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['name'], 'en'))); - } elseif (array_key_exists('OrganizationDisplayName', $entry)) { + } elseif (!empty($entry['OrganizationDisplayName'])) { echo htmlspecialchars($this->getTranslation(SimpleSAML_Utilities::arrayize($entry['OrganizationDisplayName'], 'en'))); } else { echo htmlspecialchars($entry['entityid']); diff -Nru simplesamlphp-1.13.0/modules/saml/lib/Message.php simplesamlphp-1.13.1/modules/saml/lib/Message.php --- simplesamlphp-1.13.0/modules/saml/lib/Message.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/modules/saml/lib/Message.php 2014-10-27 16:28:10.000000000 +0100 @@ -614,8 +614,9 @@ /* Extract certificate data (if this is a certificate). */ $clientCert = $_SERVER['SSL_CLIENT_CERT']; $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m'; - if (preg_match($pattern, $clientCert, $matches) === FALSE) { - $lastError = 'No valid client certificate provided during TLS Handshake with SP'; + if (!preg_match($pattern, $clientCert, $matches)) { + $lastError = 'Error while looking for client certificate during TLS handshake with SP, the client certificate does not ' + . 'have the expected structure'; continue; } /* We have a valid client certificate from the browser. */ diff -Nru simplesamlphp-1.13.0/templates/includes/header.php simplesamlphp-1.13.1/templates/includes/header.php --- simplesamlphp-1.13.0/templates/includes/header.php 2014-09-25 14:25:08.000000000 +0200 +++ simplesamlphp-1.13.1/templates/includes/header.php 2014-10-27 16:28:10.000000000 +0100 @@ -188,6 +188,7 @@ 'sr' => 'Srpski', // Serbian 'lv' => 'Latviešu', // Latvian 'ro' => 'Românește', // Romanian + 'eu' => 'Euskara', // Basque ); $textarray = array();
--- End Message ---
--- Begin Message ---
- To: Thijs Kinkhorst <thijs@debian.org>, 768402-done@bugs.debian.org
- Subject: Re: Bug#768402: unblock: simplesamlphp/1.13.1-1
- From: Jonathan Wiltshire <jmw@debian.org>
- Date: Wed, 12 Nov 2014 17:59:28 +0000
- Message-id: <20141112175928.GN21455@lupin.home.powdarrmonkey.net>
- In-reply-to: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>
- References: <[🔎] 20141107073051.6434.32489.reportbug@localhost.localdomain>
On Fri, Nov 07, 2014 at 08:30:51AM +0100, Thijs Kinkhorst wrote: > This is an upstream release limited to strictly bugfixes. > > Attached debdiff shows the changes with autogenerated files removed; > the original debdiff is much larger because the upstream tarball > contains some .svn dirs with changed contents. These dirs are not > present in the binary package, and will be removed in the next > upstream release. Unblocked. Thanks, -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51Attachment: signature.asc
Description: Digital signature
--- End Message ---