Path to this page:
Subject: CVS commit: wip/shibboleth2
From: Fredrik Pettai
Date: 2011-03-14 00:38:33
Message id: E1Pyus6-0003bm-MI@sfs-ml-4.v29.ch3.sourceforge.com
Log Message:
Release Notes - Shibboleth SP - C++ - Version 2.4.2
** Bug
* [SSPCPP-346] - WAYF discovery session initiation ends with error "basic_st
ring::_S_construct NULL not valid"
* [SSPCPP-354] - Installers for 2.4.2 are installing the wrong config file
** Improvement
* [SSPCPP-347] - --with-xmlsec is not taken into account for test xmltooling
version in SP build
Release Notes - Shibboleth SP - C++ - Version 2.4.1
** Bug
* [SSPCPP-325] - ShibAccessControl requires ShibRequireAll to work
* [SSPCPP-327] - Cache timeout calculation has a hole in the event no Sessio
ns properties are found
* [SSPCPP-328] - Session cache applies wrong cache timeout value
* [SSPCPP-329] - Storage-backed relay state value range is insufficient for
high loads
* [SSPCPP-334] - Use of <Query> in RequestMap causes POST data to be lost
** Improvement
* [SSPCPP-338] - RedHat Repository distribution tag
Release Notes - Shibboleth SP - C++ - Version 2.4
** Bug
* [SSPCPP-106] - Security issue with keygen.sh
* [SSPCPP-271] - SAML 2 logout with non-supporting IdP should pass control t
o Local handler
* [SSPCPP-272] - shibd removes the pidfile even if it didn't create it
* [SSPCPP-274] - isPassive option would break non-SAML2 Initiator handlers
* [SSPCPP-277] - Bursty traffic exhausts thread resource limits
* [SSPCPP-279] - mod_shib crashes apache on child initialization
* [SSPCPP-282] - SAML 2 logout handler doesn't support dedicated policyId pr
operty
* [SSPCPP-288] - Metadata handler should generate both validUntil and cacheD
uration
* [SSPCPP-303] - Content settings not applied when using SAMLDS SessionIniti
ator
* [SSPCPP-305] - Logout redirection fails when 'return' parameter is supplie
d as part of the logout URL
* [SSPCPP-306] - Segfault on invalid configuration
* [SSPCPP-309] - fetched ODBC data is misinterpreted on (some) x86_64 system
s
* [SSPCPP-310] - Default deny policy in attribute-policy.xml does not work
* [SSPCPP-311] - Logging of NameID values > 255 characters is truncated
* [SSPCPP-314] - Negating access control rules not working
* [SSPCPP-318] - Manifest Hell with mod_shib on windows
* [SSPCPP-321] - Unexpected behaviour of specified - but missing - filter pl
ugin
** Improvement
* [SSPCPP-74] - Simplified configuration mechanism
* [SSPCPP-195] - Web server module can build incorrect XML messages which sh
ibd then fails to parse
* [SSPCPP-210] - If possible, allow inheritance of RelyingParty definitions
in ApplicationOverride
* [SSPCPP-213] - Simple Attribute aggregation testing and improvement sugges
tions
* [SSPCPP-222] - Status handler could provide more information
* [SSPCPP-254] - New endpoint to produce JSON data used by new Discovery Ser
vice
* [SSPCPP-275] - Autogenerated metadata / make the EntityDescriptor/ID stabl
e
* [SSPCPP-276] - Isolate schema files in a versioned directory
* [SSPCPP-278] - Return 403 on access failures even with templates
* [SSPCPP-284] - Give dynamic metadata plugin ability to regex-transform ent
ityID into a URL
* [SSPCPP-285] - Use the non-blocking mode of the libmemcached library for b
etter performance
* [SSPCPP-287] - Support for multibyte request paths
* [SSPCPP-289] - Add option to session cache to avoid storing complete asser
tions
* [SSPCPP-293] - Externalize security policy config and add plugin interface
for it
* [SSPCPP-297] - Metadata Fetch with a UserAgent String
* [SSPCPP-298] - Support MDX-style artifact lookup in dynamic MD plugin
* [SSPCPP-299] - Provide option for carrying session/storage service key in
HTTP header
* [SSPCPP-300] - Admit defeat and support "unspecified" NameFormat \
without s
pecial config
* [SSPCPP-302] - Override listener details using environment/etc to allow fo
r shared config
* [SSPCPP-313] - Add error information to attribute ResolutionContext
** New Feature
* [SSPCPP-263] - Hard code target value in session
* [SSPCPP-273] - Allow restrictions on signing/digest algorithms to accept.
* [SSPCPP-280] - RFE: Load sysconfig file from init.d script.
* [SSPCPP-281] - RFE: Support for -o and -u on keygen.sh script.
* [SSPCPP-301] - Request for adding the SessionIndex of an AuthnStatement to
the Environment Variables/Request Headers
* [SSPCPP-304] - Support for metadata extensions for algorithm support.
* [SSPCPP-312] - New extension for decoding base64 encoded attributes
* [SSPCPP-315] - Outsource XMLAccess Control file to external file for use i
n Apache config
* [SSPCPP-320] - Support explicit filtering of NameID by qualifiers
* [SSPCPP-324] - Add a function that can convert published attribute value t
o url-encoded string before exported to headers in ISAPI SP
Files: