kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/shibboleth-sp/Makefile

112 lines
3.8 KiB
Makefile
Raw Normal View History

Revbump after boost-libs update
2014-08-13 12:57:32 +02:00
# $NetBSD: Makefile,v 1.15 2014/08/13 10:57:38 adam Exp $
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
#
2.5.2: Bugfixes [SSPCPP-543] - AttributeExtractor fails to deal with multiple Logos [SSPCPP-547] - Encoding problem with Metadata Attribute Extractor [SSPCPP-549] - Shiboleth SP 2.5.1 breaks Apache 2.4.3's error pages [SSPCPP-550] - Problems with native.log file rotation [SSPCPP-551] - DiscoFeed Content-Type header lacks charset [SSPCPP-552] - Solaris TCP Listener code is broken [SSPCPP-568] - Unattended install pegs the CPU and never completes [SSPCPP-569] - native log files not closed at/before CGI exec [SSPCPP-570] - mod_shib takes over valid-user for entire server [SSPCPP-573] - ShibDisable on breaks basic auth valid user [SSPCPP-575] - Source build w/memcached and/or fastcgi support fails [SSPCPP-579] - Internal stack overflow in log4shib Improvements [SSPCPP-493] - Default allow access to Shibboleth.sso by default in shibd.conf [SSPCPP-501] - Make metagen ingest a list of hostnames from a file 2.5.1: Bugfixes [SSPCPP-409] - Shibboleth2.xml - undefined InProcess/OutOfProcess means no shibd.log/native.log [SSPCPP-490] - CLang build issue with stream operator overload [SSPCPP-492] - SP Release 2.5.0 does not compile with xml-security-c versions prior to 1.7.0 [SSPCPP-495] - Warning Shibboleth.PropertySet : load() skipping duplicate property set: [SSPCPP-499] - Fresh Installation on Windows XP fails after service daemon fails to start [SSPCPP-500] - configure fails against Apache 2.4 [SSPCPP-502] - Apache 2.4 post_read hook isn't run on subrequests, breaks module [SSPCPP-504] - ScopedAttributeDecoder fails on non-ascii chars? [SSPCPP-505] - shibd on Windows missing a version option [SSPCPP-507] - Insert record failed Violation of PRIMARY KEY constraint with ODBC plugin [SSPCPP-510] - Installer scripts (particularly the uninstall ones) should fail safe [SSPCPP-514] - FCGI responder stdin buffer missing termination [SSPCPP-516] - apache24.config missing from makefile target [SSPCPP-518] - Incorrect requireLogoutWith redirection if the original URL has query string [SSPCPP-519] - Shorthand SSO/Logout syntax not working with policyId setting [SSPCPP-521] - Schemas are not being edited on Windows Installation [SSPCPP-522] - Transform resolver echoes source string when match fails [SSPCPP-526] - Transaction log crashes on SOAP-based logout [SSPCPP-527] - Add ignoreNoPassive attribute to SSO element [SSPCPP-540] - ISAPI header detection code is prone to false alarms Improvements [SSPCPP-402] - Support front-channel SLO without cookies [SSPCPP-447] - Extension of consistentAddress for IPv6 [SSPCPP-501] - Make metagen ingest a list of hostnames from a file [SSPCPP-517] - Windows SP installer should not always roll back when shibd fails to start New Feature [SSPCPP-515] - Make /Status handler report SessionCache 2.5.0: Bugfixes [SSPCPP-344] - Version strings in various spots are wired at compile time [SSPCPP-345] - Split "package-level" and "user-level" settings in shib.conf to limit effect of RPM upgrades. [SSPCPP-365] - Support for binary attributes in resolver [SSPCPP-382] - Correct date format in Expires headers [SSPCPP-383] - Tag entityID not usable in error templates [SSPCPP-387] - Cryptographic nameID is longer than key length that memcache can handle [SSPCPP-391] - Generation of keys for relay state is not strongly random [SSPCPP-392] - Valgrind detects memory leaks [SSPCPP-393] - Setting session timeout="0" creates infinite loop between SP and IDP [SSPCPP-400] - NameID lookup for logout ignores logical SP boundaries [SSPCPP-401] - IIS App Pool Crash [SSPCPP-406] - Should check for cross platform previous versions? [SSPCPP-408] - ECP flow fails for Session configured inside of ApplicationOverride [SSPCPP-411] - openSUSE 12.1 erases /var/run at each reboot, so shibd fails to start [SSPCPP-413] - Schema catalogs should be set after XMLTooling init. [SSPCPP-416] - IIS breaks with error "isapi_shib: Attempted to insert duplicate storage key." Server restart required to fix [SSPCPP-417] - redirectErrors configuration attribute does not handle relative URLs [SSPCPP-419] - ExtensibleAttribute internal marshalling doesn't handle attribute naming correctly [SSPCPP-423] - After upgrading SP to Alpha SP 2.5 RPM from previous version of SP, shibd does not start. [SSPCPP-431] - Change links of https://spaces.inetrnet2.edu to wiki.shibboleth.net [SSPCPP-438] - Artifact resolver code doesn't use EndpointIndex in 2.0 artifacts [SSPCPP-439] - Auto-generated ACS endpoints improperly tracked by index [SSPCPP-443] - SP not signing ECP AuthnRequests [SSPCPP-444] - Multiple shib_state cookies get set -> server chokes on header field size [SSPCPP-445] - RequestInitiator metadata generated in a case where it shouldn't be [SSPCPP-448] - setting relayState to use ODBC storage service results in attempted redirects to an invalid URL [SSPCPP-449] - RequestMap not normalizing hostname for comparison [SSPCPP-459] - redirectLimit parser typo [SSPCPP-460] - A spelling error in the configure file [SSPCPP-461] - caching DiscoFeed fails b/c cache directory does not exist [SSPCPP-465] - CLONE - Tag entityID not usable in error templates [SSPCPP-467] - Cross-contamination from conflicting @relayState settings [SSPCPP-468] - Aliases support in XML Attribute Extractor no longer working in 2.5.0 Beta 1 [SSPCPP-487] - relayStateLimitWhitelist parameter is being changed inadvertently by limitRelayState method [SSPCPP-488] - No way to get client address set for ExternalAuth sessions [SSPCPP-489] - Windows installer (tries to) install a 64 bit path into IIS [SSPCPP-498] - Hardcoded path in XMLTooling is invalid on localized WinXP/2003 Improvements [SSPCPP-319] - Augment XMLAccessControl for time based access control. [SSPCPP-326] - Abbreviated IPv6 address format and CIDR support for acl [SSPCPP-332] - Session cache slows down if large numbers of sessions with a single NameID are created [SSPCPP-335] - Handle query strings on POST and avoid unintended POST data consumption [SSPCPP-352] - Expose RelayState limiter as a public API and revisit default setting [SSPCPP-353] - Package the SP to run as non-root user [SSPCPP-361] - Session handler with better parseable and accessable (X)HTML code [SSPCPP-362] - add 'metadata last refresh' to SP's status page [SSPCPP-366] - generated metadata should include cryptographic algorithms [SSPCPP-375] - Add httpOnly to cookieProps in the shibboleth2.xml config [SSPCPP-376] - Add a post-filtering hashing feature to shorten long attributes, namely ePTIDs [SSPCPP-394] - Support multiple authn context references in requests [SSPCPP-399] - SImple Aggregation plugin should allow "prefixing" of attributes or dedicated extractors [SSPCPP-403] - Facilitate signing Logout messages [SSPCPP-404] - Log entry for failed consistentAddress="true" check [SSPCPP-405] - CRIT Shibboleth.Application : no MetadataProvider available should be a warning not CRIT [SSPCPP-407] - Improve logging on invalid XML in shibboleth2.xml configuration file [SSPCPP-418] - Incorporating Boost libraries into code base [SSPCPP-420] - Memcache build on RH6 and error handling fixes [SSPCPP-425] - ShibAccessControl Relative Paths to user web content [SSPCPP-436] - Log on DEBUG when a shibsession cookie is being cleared because no corresponding session is found by Shibboleth [SSPCPP-446] - Try moving child_init hooks in Apache 2.x modules to post_config [SSPCPP-458] - Unprecise error message when wrong certificate is used for SAML2 encryption [SSPCPP-464] - Provide Logging to Recommend Production Settings [SSPCPP-470] - Identify deprecated features or suboptimal settings and add warnings [SSPCPP-472] - AttributeExtractor: remove leading/trailing whitespace created by formatter New Features [SSPCPP-245] - Support for attribute requirements in the SP [SSPCPP-339] - Extraction of contacts and other built-in metadata information [SSPCPP-341] - AttributeResolver plugin(s) for regexp or template-based transformation of values [SSPCPP-342] - Metadata / Attribute filtering based on EntityAttributes [SSPCPP-343] - Add support for capturing AuthenticatingAuthority [SSPCPP-349] - Parseable audit logs for SP [SSPCPP-389] - Add option to shibd to set uid and gid at startup [SSPCPP-390] - Multiple language versions for the same attribute [SSPCPP-396] - Simplify logout support for Native SP [SSPCPP-410] - add support for the 'policy' query string parameter [SSPCPP-421] - Extraction of consent attribute from SAML 2 responses [SSPCPP-430] - Apache 2.4 support [SSPCPP-437] - Add artifact binding for resolving artifacts via file system [SSPCPP-440] - Loopback handler to exchange an assertion for a session [SSPCPP-469] - Logout request extension to specify no response [SSPCPP-471] - Shorthand settings for manipulating cookie properties [SSPCPP-486] - Add automatic algorithm blacklist
2013-09-22 00:16:41 +02:00
DISTNAME= shibboleth-sp-2.5.2
Revbump after boost-libs update
2014-08-13 12:57:32 +02:00
PKGREVISION= 4
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
CATEGORIES= www
2.4.3: Bug: * [SSPCPP-357] - Library init routines should be idempotent * [SSPCPP-358] - OpenSUSE 11.4 RPM build can't handle warnings during mod_shib build * [SSPCPP-363] - Windows Installer loops infinitely if the SP is deinstalled from the Control Panel * [SSPCPP-368] - Fails to build with g++ 4.6 (missing stddef.h) * [SSPCPP-370] - SSL_CHECK_SERVERHELLO_TLSEXT * [SSPCPP-371] - <SSO>SAML2</SSO> does not enable ECP support * [SSPCPP-372] - Bug in query in ODBC storage service plugin * [SSPCPP-374] - metagen.sh creates PAOS ACS elements twice * [SSPCPP-379] - DiscoFeed should return empty feed with no metadata provider * [SSPCPP-380] - When maxTimeSinceAuthn is used, valid time interval is miscalculated when IdP time is a few seconds ahead of SP time Improvement: * [SSPCPP-359] - metagen.sh includes xmlns for NAKEDHOSTS * [SSPCPP-381] - Option to expire redirects on Apache New Feature: * [SSPCPP-364] - Add <mdui> examples into the example metadata shipped with the SP
2011-07-29 01:16:24 +02:00
MASTER_SITES= http://www.shibboleth.net/downloads/service-provider/${PKGVERSION_NOREV}/
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
MAINTAINER= pettai@NetBSD.org
2.5.2: Bugfixes [SSPCPP-543] - AttributeExtractor fails to deal with multiple Logos [SSPCPP-547] - Encoding problem with Metadata Attribute Extractor [SSPCPP-549] - Shiboleth SP 2.5.1 breaks Apache 2.4.3's error pages [SSPCPP-550] - Problems with native.log file rotation [SSPCPP-551] - DiscoFeed Content-Type header lacks charset [SSPCPP-552] - Solaris TCP Listener code is broken [SSPCPP-568] - Unattended install pegs the CPU and never completes [SSPCPP-569] - native log files not closed at/before CGI exec [SSPCPP-570] - mod_shib takes over valid-user for entire server [SSPCPP-573] - ShibDisable on breaks basic auth valid user [SSPCPP-575] - Source build w/memcached and/or fastcgi support fails [SSPCPP-579] - Internal stack overflow in log4shib Improvements [SSPCPP-493] - Default allow access to Shibboleth.sso by default in shibd.conf [SSPCPP-501] - Make metagen ingest a list of hostnames from a file 2.5.1: Bugfixes [SSPCPP-409] - Shibboleth2.xml - undefined InProcess/OutOfProcess means no shibd.log/native.log [SSPCPP-490] - CLang build issue with stream operator overload [SSPCPP-492] - SP Release 2.5.0 does not compile with xml-security-c versions prior to 1.7.0 [SSPCPP-495] - Warning Shibboleth.PropertySet : load() skipping duplicate property set: [SSPCPP-499] - Fresh Installation on Windows XP fails after service daemon fails to start [SSPCPP-500] - configure fails against Apache 2.4 [SSPCPP-502] - Apache 2.4 post_read hook isn't run on subrequests, breaks module [SSPCPP-504] - ScopedAttributeDecoder fails on non-ascii chars? [SSPCPP-505] - shibd on Windows missing a version option [SSPCPP-507] - Insert record failed Violation of PRIMARY KEY constraint with ODBC plugin [SSPCPP-510] - Installer scripts (particularly the uninstall ones) should fail safe [SSPCPP-514] - FCGI responder stdin buffer missing termination [SSPCPP-516] - apache24.config missing from makefile target [SSPCPP-518] - Incorrect requireLogoutWith redirection if the original URL has query string [SSPCPP-519] - Shorthand SSO/Logout syntax not working with policyId setting [SSPCPP-521] - Schemas are not being edited on Windows Installation [SSPCPP-522] - Transform resolver echoes source string when match fails [SSPCPP-526] - Transaction log crashes on SOAP-based logout [SSPCPP-527] - Add ignoreNoPassive attribute to SSO element [SSPCPP-540] - ISAPI header detection code is prone to false alarms Improvements [SSPCPP-402] - Support front-channel SLO without cookies [SSPCPP-447] - Extension of consistentAddress for IPv6 [SSPCPP-501] - Make metagen ingest a list of hostnames from a file [SSPCPP-517] - Windows SP installer should not always roll back when shibd fails to start New Feature [SSPCPP-515] - Make /Status handler report SessionCache 2.5.0: Bugfixes [SSPCPP-344] - Version strings in various spots are wired at compile time [SSPCPP-345] - Split "package-level" and "user-level" settings in shib.conf to limit effect of RPM upgrades. [SSPCPP-365] - Support for binary attributes in resolver [SSPCPP-382] - Correct date format in Expires headers [SSPCPP-383] - Tag entityID not usable in error templates [SSPCPP-387] - Cryptographic nameID is longer than key length that memcache can handle [SSPCPP-391] - Generation of keys for relay state is not strongly random [SSPCPP-392] - Valgrind detects memory leaks [SSPCPP-393] - Setting session timeout="0" creates infinite loop between SP and IDP [SSPCPP-400] - NameID lookup for logout ignores logical SP boundaries [SSPCPP-401] - IIS App Pool Crash [SSPCPP-406] - Should check for cross platform previous versions? [SSPCPP-408] - ECP flow fails for Session configured inside of ApplicationOverride [SSPCPP-411] - openSUSE 12.1 erases /var/run at each reboot, so shibd fails to start [SSPCPP-413] - Schema catalogs should be set after XMLTooling init. [SSPCPP-416] - IIS breaks with error "isapi_shib: Attempted to insert duplicate storage key." Server restart required to fix [SSPCPP-417] - redirectErrors configuration attribute does not handle relative URLs [SSPCPP-419] - ExtensibleAttribute internal marshalling doesn't handle attribute naming correctly [SSPCPP-423] - After upgrading SP to Alpha SP 2.5 RPM from previous version of SP, shibd does not start. [SSPCPP-431] - Change links of https://spaces.inetrnet2.edu to wiki.shibboleth.net [SSPCPP-438] - Artifact resolver code doesn't use EndpointIndex in 2.0 artifacts [SSPCPP-439] - Auto-generated ACS endpoints improperly tracked by index [SSPCPP-443] - SP not signing ECP AuthnRequests [SSPCPP-444] - Multiple shib_state cookies get set -> server chokes on header field size [SSPCPP-445] - RequestInitiator metadata generated in a case where it shouldn't be [SSPCPP-448] - setting relayState to use ODBC storage service results in attempted redirects to an invalid URL [SSPCPP-449] - RequestMap not normalizing hostname for comparison [SSPCPP-459] - redirectLimit parser typo [SSPCPP-460] - A spelling error in the configure file [SSPCPP-461] - caching DiscoFeed fails b/c cache directory does not exist [SSPCPP-465] - CLONE - Tag entityID not usable in error templates [SSPCPP-467] - Cross-contamination from conflicting @relayState settings [SSPCPP-468] - Aliases support in XML Attribute Extractor no longer working in 2.5.0 Beta 1 [SSPCPP-487] - relayStateLimitWhitelist parameter is being changed inadvertently by limitRelayState method [SSPCPP-488] - No way to get client address set for ExternalAuth sessions [SSPCPP-489] - Windows installer (tries to) install a 64 bit path into IIS [SSPCPP-498] - Hardcoded path in XMLTooling is invalid on localized WinXP/2003 Improvements [SSPCPP-319] - Augment XMLAccessControl for time based access control. [SSPCPP-326] - Abbreviated IPv6 address format and CIDR support for acl [SSPCPP-332] - Session cache slows down if large numbers of sessions with a single NameID are created [SSPCPP-335] - Handle query strings on POST and avoid unintended POST data consumption [SSPCPP-352] - Expose RelayState limiter as a public API and revisit default setting [SSPCPP-353] - Package the SP to run as non-root user [SSPCPP-361] - Session handler with better parseable and accessable (X)HTML code [SSPCPP-362] - add 'metadata last refresh' to SP's status page [SSPCPP-366] - generated metadata should include cryptographic algorithms [SSPCPP-375] - Add httpOnly to cookieProps in the shibboleth2.xml config [SSPCPP-376] - Add a post-filtering hashing feature to shorten long attributes, namely ePTIDs [SSPCPP-394] - Support multiple authn context references in requests [SSPCPP-399] - SImple Aggregation plugin should allow "prefixing" of attributes or dedicated extractors [SSPCPP-403] - Facilitate signing Logout messages [SSPCPP-404] - Log entry for failed consistentAddress="true" check [SSPCPP-405] - CRIT Shibboleth.Application : no MetadataProvider available should be a warning not CRIT [SSPCPP-407] - Improve logging on invalid XML in shibboleth2.xml configuration file [SSPCPP-418] - Incorporating Boost libraries into code base [SSPCPP-420] - Memcache build on RH6 and error handling fixes [SSPCPP-425] - ShibAccessControl Relative Paths to user web content [SSPCPP-436] - Log on DEBUG when a shibsession cookie is being cleared because no corresponding session is found by Shibboleth [SSPCPP-446] - Try moving child_init hooks in Apache 2.x modules to post_config [SSPCPP-458] - Unprecise error message when wrong certificate is used for SAML2 encryption [SSPCPP-464] - Provide Logging to Recommend Production Settings [SSPCPP-470] - Identify deprecated features or suboptimal settings and add warnings [SSPCPP-472] - AttributeExtractor: remove leading/trailing whitespace created by formatter New Features [SSPCPP-245] - Support for attribute requirements in the SP [SSPCPP-339] - Extraction of contacts and other built-in metadata information [SSPCPP-341] - AttributeResolver plugin(s) for regexp or template-based transformation of values [SSPCPP-342] - Metadata / Attribute filtering based on EntityAttributes [SSPCPP-343] - Add support for capturing AuthenticatingAuthority [SSPCPP-349] - Parseable audit logs for SP [SSPCPP-389] - Add option to shibd to set uid and gid at startup [SSPCPP-390] - Multiple language versions for the same attribute [SSPCPP-396] - Simplify logout support for Native SP [SSPCPP-410] - add support for the 'policy' query string parameter [SSPCPP-421] - Extraction of consent attribute from SAML 2 responses [SSPCPP-430] - Apache 2.4 support [SSPCPP-437] - Add artifact binding for resolving artifacts via file system [SSPCPP-440] - Loopback handler to exchange an assertion for a session [SSPCPP-469] - Logout request extension to specify no response [SSPCPP-471] - Shorthand settings for manipulating cookie properties [SSPCPP-486] - Add automatic algorithm blacklist
2013-09-22 00:16:41 +02:00
HOMEPAGE= http://shibboleth.net/
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
COMMENT= Shibboleth2 Service Provider
LICENSE= apache-2.0
BUILD_DEFS+= VARBASE
GNU_CONFIGURE= yes
Fix some pkglint, mostly whitespace.
2012-07-01 03:33:13 +02:00
CONFIGURE_ARGS+= --with-xmltooling=${PREFIX}
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
EGDIR= ${PREFIX}/share/examples/shibboleth
SHIB_CONFDIR= ${PKG_SYSCONFDIR}/shibboleth
USE_LIBTOOL= yes
USE_LANGUAGES= c c++
RCD_SCRIPTS= shibd
APACHE_MODULE= YES
SUBST_CLASSES+= paths
SUBST_FILES.paths= ${WRKSRC}/configs/Makefile.in
SUBST_FILES.paths+= ${WRKSRC}/configs/keygen.sh
SUBST_STAGE.paths= post-patch
SUBST_SED.paths= -e 's,@EGDIR@,${EGDIR},'
SUBST_SED.paths+= -e 's,@SHIB_CONFDIR@,${SHIB_CONFDIR},'
2.5.2: Bugfixes [SSPCPP-543] - AttributeExtractor fails to deal with multiple Logos [SSPCPP-547] - Encoding problem with Metadata Attribute Extractor [SSPCPP-549] - Shiboleth SP 2.5.1 breaks Apache 2.4.3's error pages [SSPCPP-550] - Problems with native.log file rotation [SSPCPP-551] - DiscoFeed Content-Type header lacks charset [SSPCPP-552] - Solaris TCP Listener code is broken [SSPCPP-568] - Unattended install pegs the CPU and never completes [SSPCPP-569] - native log files not closed at/before CGI exec [SSPCPP-570] - mod_shib takes over valid-user for entire server [SSPCPP-573] - ShibDisable on breaks basic auth valid user [SSPCPP-575] - Source build w/memcached and/or fastcgi support fails [SSPCPP-579] - Internal stack overflow in log4shib Improvements [SSPCPP-493] - Default allow access to Shibboleth.sso by default in shibd.conf [SSPCPP-501] - Make metagen ingest a list of hostnames from a file 2.5.1: Bugfixes [SSPCPP-409] - Shibboleth2.xml - undefined InProcess/OutOfProcess means no shibd.log/native.log [SSPCPP-490] - CLang build issue with stream operator overload [SSPCPP-492] - SP Release 2.5.0 does not compile with xml-security-c versions prior to 1.7.0 [SSPCPP-495] - Warning Shibboleth.PropertySet : load() skipping duplicate property set: [SSPCPP-499] - Fresh Installation on Windows XP fails after service daemon fails to start [SSPCPP-500] - configure fails against Apache 2.4 [SSPCPP-502] - Apache 2.4 post_read hook isn't run on subrequests, breaks module [SSPCPP-504] - ScopedAttributeDecoder fails on non-ascii chars? [SSPCPP-505] - shibd on Windows missing a version option [SSPCPP-507] - Insert record failed Violation of PRIMARY KEY constraint with ODBC plugin [SSPCPP-510] - Installer scripts (particularly the uninstall ones) should fail safe [SSPCPP-514] - FCGI responder stdin buffer missing termination [SSPCPP-516] - apache24.config missing from makefile target [SSPCPP-518] - Incorrect requireLogoutWith redirection if the original URL has query string [SSPCPP-519] - Shorthand SSO/Logout syntax not working with policyId setting [SSPCPP-521] - Schemas are not being edited on Windows Installation [SSPCPP-522] - Transform resolver echoes source string when match fails [SSPCPP-526] - Transaction log crashes on SOAP-based logout [SSPCPP-527] - Add ignoreNoPassive attribute to SSO element [SSPCPP-540] - ISAPI header detection code is prone to false alarms Improvements [SSPCPP-402] - Support front-channel SLO without cookies [SSPCPP-447] - Extension of consistentAddress for IPv6 [SSPCPP-501] - Make metagen ingest a list of hostnames from a file [SSPCPP-517] - Windows SP installer should not always roll back when shibd fails to start New Feature [SSPCPP-515] - Make /Status handler report SessionCache 2.5.0: Bugfixes [SSPCPP-344] - Version strings in various spots are wired at compile time [SSPCPP-345] - Split "package-level" and "user-level" settings in shib.conf to limit effect of RPM upgrades. [SSPCPP-365] - Support for binary attributes in resolver [SSPCPP-382] - Correct date format in Expires headers [SSPCPP-383] - Tag entityID not usable in error templates [SSPCPP-387] - Cryptographic nameID is longer than key length that memcache can handle [SSPCPP-391] - Generation of keys for relay state is not strongly random [SSPCPP-392] - Valgrind detects memory leaks [SSPCPP-393] - Setting session timeout="0" creates infinite loop between SP and IDP [SSPCPP-400] - NameID lookup for logout ignores logical SP boundaries [SSPCPP-401] - IIS App Pool Crash [SSPCPP-406] - Should check for cross platform previous versions? [SSPCPP-408] - ECP flow fails for Session configured inside of ApplicationOverride [SSPCPP-411] - openSUSE 12.1 erases /var/run at each reboot, so shibd fails to start [SSPCPP-413] - Schema catalogs should be set after XMLTooling init. [SSPCPP-416] - IIS breaks with error "isapi_shib: Attempted to insert duplicate storage key." Server restart required to fix [SSPCPP-417] - redirectErrors configuration attribute does not handle relative URLs [SSPCPP-419] - ExtensibleAttribute internal marshalling doesn't handle attribute naming correctly [SSPCPP-423] - After upgrading SP to Alpha SP 2.5 RPM from previous version of SP, shibd does not start. [SSPCPP-431] - Change links of https://spaces.inetrnet2.edu to wiki.shibboleth.net [SSPCPP-438] - Artifact resolver code doesn't use EndpointIndex in 2.0 artifacts [SSPCPP-439] - Auto-generated ACS endpoints improperly tracked by index [SSPCPP-443] - SP not signing ECP AuthnRequests [SSPCPP-444] - Multiple shib_state cookies get set -> server chokes on header field size [SSPCPP-445] - RequestInitiator metadata generated in a case where it shouldn't be [SSPCPP-448] - setting relayState to use ODBC storage service results in attempted redirects to an invalid URL [SSPCPP-449] - RequestMap not normalizing hostname for comparison [SSPCPP-459] - redirectLimit parser typo [SSPCPP-460] - A spelling error in the configure file [SSPCPP-461] - caching DiscoFeed fails b/c cache directory does not exist [SSPCPP-465] - CLONE - Tag entityID not usable in error templates [SSPCPP-467] - Cross-contamination from conflicting @relayState settings [SSPCPP-468] - Aliases support in XML Attribute Extractor no longer working in 2.5.0 Beta 1 [SSPCPP-487] - relayStateLimitWhitelist parameter is being changed inadvertently by limitRelayState method [SSPCPP-488] - No way to get client address set for ExternalAuth sessions [SSPCPP-489] - Windows installer (tries to) install a 64 bit path into IIS [SSPCPP-498] - Hardcoded path in XMLTooling is invalid on localized WinXP/2003 Improvements [SSPCPP-319] - Augment XMLAccessControl for time based access control. [SSPCPP-326] - Abbreviated IPv6 address format and CIDR support for acl [SSPCPP-332] - Session cache slows down if large numbers of sessions with a single NameID are created [SSPCPP-335] - Handle query strings on POST and avoid unintended POST data consumption [SSPCPP-352] - Expose RelayState limiter as a public API and revisit default setting [SSPCPP-353] - Package the SP to run as non-root user [SSPCPP-361] - Session handler with better parseable and accessable (X)HTML code [SSPCPP-362] - add 'metadata last refresh' to SP's status page [SSPCPP-366] - generated metadata should include cryptographic algorithms [SSPCPP-375] - Add httpOnly to cookieProps in the shibboleth2.xml config [SSPCPP-376] - Add a post-filtering hashing feature to shorten long attributes, namely ePTIDs [SSPCPP-394] - Support multiple authn context references in requests [SSPCPP-399] - SImple Aggregation plugin should allow "prefixing" of attributes or dedicated extractors [SSPCPP-403] - Facilitate signing Logout messages [SSPCPP-404] - Log entry for failed consistentAddress="true" check [SSPCPP-405] - CRIT Shibboleth.Application : no MetadataProvider available should be a warning not CRIT [SSPCPP-407] - Improve logging on invalid XML in shibboleth2.xml configuration file [SSPCPP-418] - Incorporating Boost libraries into code base [SSPCPP-420] - Memcache build on RH6 and error handling fixes [SSPCPP-425] - ShibAccessControl Relative Paths to user web content [SSPCPP-436] - Log on DEBUG when a shibsession cookie is being cleared because no corresponding session is found by Shibboleth [SSPCPP-446] - Try moving child_init hooks in Apache 2.x modules to post_config [SSPCPP-458] - Unprecise error message when wrong certificate is used for SAML2 encryption [SSPCPP-464] - Provide Logging to Recommend Production Settings [SSPCPP-470] - Identify deprecated features or suboptimal settings and add warnings [SSPCPP-472] - AttributeExtractor: remove leading/trailing whitespace created by formatter New Features [SSPCPP-245] - Support for attribute requirements in the SP [SSPCPP-339] - Extraction of contacts and other built-in metadata information [SSPCPP-341] - AttributeResolver plugin(s) for regexp or template-based transformation of values [SSPCPP-342] - Metadata / Attribute filtering based on EntityAttributes [SSPCPP-343] - Add support for capturing AuthenticatingAuthority [SSPCPP-349] - Parseable audit logs for SP [SSPCPP-389] - Add option to shibd to set uid and gid at startup [SSPCPP-390] - Multiple language versions for the same attribute [SSPCPP-396] - Simplify logout support for Native SP [SSPCPP-410] - add support for the 'policy' query string parameter [SSPCPP-421] - Extraction of consent attribute from SAML 2 responses [SSPCPP-430] - Apache 2.4 support [SSPCPP-437] - Add artifact binding for resolving artifacts via file system [SSPCPP-440] - Loopback handler to exchange an assertion for a session [SSPCPP-469] - Logout request extension to specify no response [SSPCPP-471] - Shorthand settings for manipulating cookie properties [SSPCPP-486] - Add automatic algorithm blacklist
2013-09-22 00:16:41 +02:00
REPLACE_BASH= configs/metagen.sh
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
CONF_FILES= ${EGDIR}/console.logger \
${SHIB_CONFDIR}/console.logger
CONF_FILES+= ${EGDIR}/native.logger \
${SHIB_CONFDIR}/native.logger
CONF_FILES+= ${EGDIR}/shibd.logger \
${SHIB_CONFDIR}/shibd.logger
CONF_FILES+= ${EGDIR}/syslog.logger \
${SHIB_CONFDIR}/syslog.logger
CONF_FILES+= ${EGDIR}/shibboleth2.xml \
${SHIB_CONFDIR}/shibboleth2.xml
CONF_FILES+= ${EGDIR}/attribute-map.xml \
${SHIB_CONFDIR}/attribute-map.xml
CONF_FILES+= ${EGDIR}/attribute-policy.xml \
${PKG_SYSCONFDIR}/attribute-policy.xml
CONF_FILES+= ${EGDIR}/protocols.xml \
${SHIB_CONFDIR}/protocols.xml
CONF_FILES+= ${EGDIR}/security-policy.xml \
${SHIB_CONFDIR}/security-policy.xml
CONF_FILES+= ${EGDIR}/accessError.html \
${SHIB_CONFDIR}/accessError.html
CONF_FILES+= ${EGDIR}/sessionError.html \
${SHIB_CONFDIR}/sessionError.html
CONF_FILES+= ${EGDIR}/metadataError.html \
${SHIB_CONFDIR}/metadataError.html
CONF_FILES+= ${EGDIR}/bindingTemplate.html \
${SHIB_CONFDIR}/bindingTemplate.html
CONF_FILES+= ${EGDIR}/discoveryTemplate.html \
${SHIB_CONFDIR}/discoveryTemplate.html
CONF_FILES+= ${EGDIR}/postTemplate.html \
${SHIB_CONFDIR}/postTemplate.html
CONF_FILES+= ${EGDIR}/localLogout.html \
${SHIB_CONFDIR}/localLogout.html
CONF_FILES+= ${EGDIR}/globalLogout.html \
${SHIB_CONFDIR}/globalLogout.html
CONF_FILES+= ${EGDIR}/partialLogout.html \
${SHIB_CONFDIR}/partialLogout.html
CONF_FILES+= ${EGDIR}/sslError.html \
${SHIB_CONFDIR}/sslError.html
INSTALLATION_DIRS+= ${PREFIX}/bin ${PREFIX}/sbin
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/attribute/resolver
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/binding
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/handler
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/lite
Fix some pkglint, mostly whitespace.
2012-07-01 03:33:13 +02:00
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/metadata
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/remoting
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/security
INSTALLATION_DIRS+= ${PREFIX}/include/shibsp/util
recursive bump from gettext-lib shlib bump.
2011-04-22 15:41:54 +02:00
INSTALLATION_DIRS+= ${PREFIX}/share/doc/shibboleth-${PKGVERSION_NOREV}
Fix some pkglint, mostly whitespace.
2012-07-01 03:33:13 +02:00
INSTALLATION_DIRS+= ${PREFIX}/share/doc/shibboleth-${PKGVERSION_NOREV}/api
INSTALLATION_DIRS+= ${PREFIX}/share/xml/shibboleth
INSTALLATION_DIRS+= ${PREFIX}/lib/shibboleth
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
INSTALLATION_DIRS+= ${EGDIR} ${SHIB_CONFDIR}
OWN_DIRS+= ${VARBASE}/log/shibboleth
post-install:
${INSTALL} ${WRKSRC}/configs/keygen.sh \
${DESTDIR}${PREFIX}/sbin/shib-keygen
${INSTALL} ${WRKSRC}/configs/metagen.sh \
${DESTDIR}${PREFIX}/bin/shib-metagen
2.5.2: Bugfixes [SSPCPP-543] - AttributeExtractor fails to deal with multiple Logos [SSPCPP-547] - Encoding problem with Metadata Attribute Extractor [SSPCPP-549] - Shiboleth SP 2.5.1 breaks Apache 2.4.3's error pages [SSPCPP-550] - Problems with native.log file rotation [SSPCPP-551] - DiscoFeed Content-Type header lacks charset [SSPCPP-552] - Solaris TCP Listener code is broken [SSPCPP-568] - Unattended install pegs the CPU and never completes [SSPCPP-569] - native log files not closed at/before CGI exec [SSPCPP-570] - mod_shib takes over valid-user for entire server [SSPCPP-573] - ShibDisable on breaks basic auth valid user [SSPCPP-575] - Source build w/memcached and/or fastcgi support fails [SSPCPP-579] - Internal stack overflow in log4shib Improvements [SSPCPP-493] - Default allow access to Shibboleth.sso by default in shibd.conf [SSPCPP-501] - Make metagen ingest a list of hostnames from a file 2.5.1: Bugfixes [SSPCPP-409] - Shibboleth2.xml - undefined InProcess/OutOfProcess means no shibd.log/native.log [SSPCPP-490] - CLang build issue with stream operator overload [SSPCPP-492] - SP Release 2.5.0 does not compile with xml-security-c versions prior to 1.7.0 [SSPCPP-495] - Warning Shibboleth.PropertySet : load() skipping duplicate property set: [SSPCPP-499] - Fresh Installation on Windows XP fails after service daemon fails to start [SSPCPP-500] - configure fails against Apache 2.4 [SSPCPP-502] - Apache 2.4 post_read hook isn't run on subrequests, breaks module [SSPCPP-504] - ScopedAttributeDecoder fails on non-ascii chars? [SSPCPP-505] - shibd on Windows missing a version option [SSPCPP-507] - Insert record failed Violation of PRIMARY KEY constraint with ODBC plugin [SSPCPP-510] - Installer scripts (particularly the uninstall ones) should fail safe [SSPCPP-514] - FCGI responder stdin buffer missing termination [SSPCPP-516] - apache24.config missing from makefile target [SSPCPP-518] - Incorrect requireLogoutWith redirection if the original URL has query string [SSPCPP-519] - Shorthand SSO/Logout syntax not working with policyId setting [SSPCPP-521] - Schemas are not being edited on Windows Installation [SSPCPP-522] - Transform resolver echoes source string when match fails [SSPCPP-526] - Transaction log crashes on SOAP-based logout [SSPCPP-527] - Add ignoreNoPassive attribute to SSO element [SSPCPP-540] - ISAPI header detection code is prone to false alarms Improvements [SSPCPP-402] - Support front-channel SLO without cookies [SSPCPP-447] - Extension of consistentAddress for IPv6 [SSPCPP-501] - Make metagen ingest a list of hostnames from a file [SSPCPP-517] - Windows SP installer should not always roll back when shibd fails to start New Feature [SSPCPP-515] - Make /Status handler report SessionCache 2.5.0: Bugfixes [SSPCPP-344] - Version strings in various spots are wired at compile time [SSPCPP-345] - Split "package-level" and "user-level" settings in shib.conf to limit effect of RPM upgrades. [SSPCPP-365] - Support for binary attributes in resolver [SSPCPP-382] - Correct date format in Expires headers [SSPCPP-383] - Tag entityID not usable in error templates [SSPCPP-387] - Cryptographic nameID is longer than key length that memcache can handle [SSPCPP-391] - Generation of keys for relay state is not strongly random [SSPCPP-392] - Valgrind detects memory leaks [SSPCPP-393] - Setting session timeout="0" creates infinite loop between SP and IDP [SSPCPP-400] - NameID lookup for logout ignores logical SP boundaries [SSPCPP-401] - IIS App Pool Crash [SSPCPP-406] - Should check for cross platform previous versions? [SSPCPP-408] - ECP flow fails for Session configured inside of ApplicationOverride [SSPCPP-411] - openSUSE 12.1 erases /var/run at each reboot, so shibd fails to start [SSPCPP-413] - Schema catalogs should be set after XMLTooling init. [SSPCPP-416] - IIS breaks with error "isapi_shib: Attempted to insert duplicate storage key." Server restart required to fix [SSPCPP-417] - redirectErrors configuration attribute does not handle relative URLs [SSPCPP-419] - ExtensibleAttribute internal marshalling doesn't handle attribute naming correctly [SSPCPP-423] - After upgrading SP to Alpha SP 2.5 RPM from previous version of SP, shibd does not start. [SSPCPP-431] - Change links of https://spaces.inetrnet2.edu to wiki.shibboleth.net [SSPCPP-438] - Artifact resolver code doesn't use EndpointIndex in 2.0 artifacts [SSPCPP-439] - Auto-generated ACS endpoints improperly tracked by index [SSPCPP-443] - SP not signing ECP AuthnRequests [SSPCPP-444] - Multiple shib_state cookies get set -> server chokes on header field size [SSPCPP-445] - RequestInitiator metadata generated in a case where it shouldn't be [SSPCPP-448] - setting relayState to use ODBC storage service results in attempted redirects to an invalid URL [SSPCPP-449] - RequestMap not normalizing hostname for comparison [SSPCPP-459] - redirectLimit parser typo [SSPCPP-460] - A spelling error in the configure file [SSPCPP-461] - caching DiscoFeed fails b/c cache directory does not exist [SSPCPP-465] - CLONE - Tag entityID not usable in error templates [SSPCPP-467] - Cross-contamination from conflicting @relayState settings [SSPCPP-468] - Aliases support in XML Attribute Extractor no longer working in 2.5.0 Beta 1 [SSPCPP-487] - relayStateLimitWhitelist parameter is being changed inadvertently by limitRelayState method [SSPCPP-488] - No way to get client address set for ExternalAuth sessions [SSPCPP-489] - Windows installer (tries to) install a 64 bit path into IIS [SSPCPP-498] - Hardcoded path in XMLTooling is invalid on localized WinXP/2003 Improvements [SSPCPP-319] - Augment XMLAccessControl for time based access control. [SSPCPP-326] - Abbreviated IPv6 address format and CIDR support for acl [SSPCPP-332] - Session cache slows down if large numbers of sessions with a single NameID are created [SSPCPP-335] - Handle query strings on POST and avoid unintended POST data consumption [SSPCPP-352] - Expose RelayState limiter as a public API and revisit default setting [SSPCPP-353] - Package the SP to run as non-root user [SSPCPP-361] - Session handler with better parseable and accessable (X)HTML code [SSPCPP-362] - add 'metadata last refresh' to SP's status page [SSPCPP-366] - generated metadata should include cryptographic algorithms [SSPCPP-375] - Add httpOnly to cookieProps in the shibboleth2.xml config [SSPCPP-376] - Add a post-filtering hashing feature to shorten long attributes, namely ePTIDs [SSPCPP-394] - Support multiple authn context references in requests [SSPCPP-399] - SImple Aggregation plugin should allow "prefixing" of attributes or dedicated extractors [SSPCPP-403] - Facilitate signing Logout messages [SSPCPP-404] - Log entry for failed consistentAddress="true" check [SSPCPP-405] - CRIT Shibboleth.Application : no MetadataProvider available should be a warning not CRIT [SSPCPP-407] - Improve logging on invalid XML in shibboleth2.xml configuration file [SSPCPP-418] - Incorporating Boost libraries into code base [SSPCPP-420] - Memcache build on RH6 and error handling fixes [SSPCPP-425] - ShibAccessControl Relative Paths to user web content [SSPCPP-436] - Log on DEBUG when a shibsession cookie is being cleared because no corresponding session is found by Shibboleth [SSPCPP-446] - Try moving child_init hooks in Apache 2.x modules to post_config [SSPCPP-458] - Unprecise error message when wrong certificate is used for SAML2 encryption [SSPCPP-464] - Provide Logging to Recommend Production Settings [SSPCPP-470] - Identify deprecated features or suboptimal settings and add warnings [SSPCPP-472] - AttributeExtractor: remove leading/trailing whitespace created by formatter New Features [SSPCPP-245] - Support for attribute requirements in the SP [SSPCPP-339] - Extraction of contacts and other built-in metadata information [SSPCPP-341] - AttributeResolver plugin(s) for regexp or template-based transformation of values [SSPCPP-342] - Metadata / Attribute filtering based on EntityAttributes [SSPCPP-343] - Add support for capturing AuthenticatingAuthority [SSPCPP-349] - Parseable audit logs for SP [SSPCPP-389] - Add option to shibd to set uid and gid at startup [SSPCPP-390] - Multiple language versions for the same attribute [SSPCPP-396] - Simplify logout support for Native SP [SSPCPP-410] - add support for the 'policy' query string parameter [SSPCPP-421] - Extraction of consent attribute from SAML 2 responses [SSPCPP-430] - Apache 2.4 support [SSPCPP-437] - Add artifact binding for resolving artifacts via file system [SSPCPP-440] - Loopback handler to exchange an assertion for a session [SSPCPP-469] - Logout request extension to specify no response [SSPCPP-471] - Shorthand settings for manipulating cookie properties [SSPCPP-486] - Add automatic algorithm blacklist
2013-09-22 00:16:41 +02:00
.include "../../devel/boost-libs/buildlink3.mk"
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
.include "../../security/openssl/buildlink3.mk"
Add boost header required by parts of xmltooling.
2013-09-21 01:11:01 +02:00
.include "../../devel/boost-headers/buildlink3.mk"
Import the latest shibboleth-sp from pkgsrc-wip.
2011-03-15 14:15:37 +01:00
.include "../../devel/log4shib/buildlink3.mk"
.include "../../textproc/xerces-c/buildlink3.mk"
.include "../../security/xml-security-c/buildlink3.mk"
.include "../../textproc/xmltooling/buildlink3.mk"
.include "../../security/opensaml/buildlink3.mk"
.include "../../www/curl/buildlink3.mk"
.include "../../mk/apache.mk"
.include "../../mk/bsd.pkg.mk"
Reference in a new issue Copy permalink