| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
```
************* Module saml2.saml
src/saml2/saml.py:168:15: E0602: Undefined variable 'unicode' (undefined-variable)
```
There is no compatibility to python2 anymore. We can safely remove any such checks that
tried to set the right types for the string object to catter for the differences in
types between py2 and py3.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
```
************* Module saml2.client
src/saml2/client.py:225:27: E1101: Instance of 'Saml2Client' has no 'logout_requests_signed' member (no-member)
```
The reference should be through the config member of the Saml2Client object.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
```
************* Module saml2.s_utils
src/saml2/s_utils.py:385:42: E0602: Undefined variable 'sha' (undefined-variable)
```
This is referenced on a branch of a backwards compatibility check for py25.
This branch will not be reached anymore and it is now removed.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
```
************* Module saml2.authn
src/saml2/authn.py:32:8: E0711: NotImplemented raised - should raise NotImplementedError (notimplemented-raised)
src/saml2/authn.py:32:8: E0702: Raising NotImplementedType while only classes or instances are allowed (raising-bad-type)
src/saml2/authn.py:35:8: E0711: NotImplemented raised - should raise NotImplementedError (notimplemented-raised)
src/saml2/authn.py:35:8: E0702: Raising NotImplementedType while only classes or instances are allowed (raising-bad-type)
src/saml2/authn.py:38:8: E0711: NotImplemented raised - should raise NotImplementedError (notimplemented-raised)
src/saml2/authn.py:38:8: E0702: Raising NotImplementedType while only classes or instances are allowed (raising-bad-type)
```
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
```
************* Module saml2.config
src/saml2/config.py:464:23: E1135: Value '_logconf' doesn't support membership test (unsupported-membership-test)
src/saml2/config.py:466:27: E1136: Value '_logconf' is unsubscriptable (unsubscriptable-object)
src/saml2/config.py:481:50: E1136: Value '_logconf' is unsubscriptable (unsubscriptable-object)
src/saml2/config.py:486:22: E1120: No value for argument 'filename' in constructor call (no-value-for-parameter)
src/saml2/config.py:488:23: E1135: Value '_logconf' doesn't support membership test (unsupported-membership-test)
src/saml2/config.py:489:42: E1136: Value '_logconf' is unsubscriptable (unsubscriptable-object)
src/saml2/config.py:505:43: E1136: Value '_logconf' is unsubscriptable (unsubscriptable-object)
src/saml2/config.py:552:19: E1136: Value 'self.virtual_organization' is unsubscriptable (unsubscriptable-object)
```
this seems right; the operations upon the Logger object do not make sense.
There is no need to "fix" this, we just remove the relevant code.
We should come back to this and refactor how the logger is configured for the library.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Fix typo
|
| |/ |
|
| |\
| |
| | |
Fix typos and phrasing in docs
|
| | | |
|
| | | |
|
| |/ |
|
| |\
| |
| | |
Fix escape not in cgi in example for newer python versions
|
| |/ |
|
| |\
| |
| | |
Fix eidas attribute mapping for legal person
|
| |/ |
|
| |\
| |
| | |
Disco URL can already contain parameters
|
| |/
|
|
| |
If it contains parameters we need to add return_url as another pamametr into URL.
|
| |\
| |
| | |
Indicate python 3.8 as supported
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Document default value for 'want_response_signed'
|
| |/
|
|
|
| |
Document the default value for 'want_response_signed' so users don't
have to dig through the code to fine it.
|
| |
|
|
|
|
| |
decodestring has been removed from py39
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Test for compile warning using:
find src/ -iname '*.py' | xargs -P 4 -I{} python -Wall -m py_compile {}
find tests/ -iname '*.py' | xargs -P 4 -I{} python -Wall -m py_compile {}
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Update test metadata expiration date
|
| |/
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Provide more information in case of AudienceRestrictions conditions not satisfied
|
| | |\
|/ /
| | |
Update response.py
|
| |/
|
| |
Providing more information in case of AudienceRestrictions conditions not satisfied
|
| |\
| |
| | |
Use os.linesep to write pem files in a cross-platform way
|
| |/ |
|
| |\
| |
| | |
Adding documentation regarding installation of xmlsec1 on centos/rhel 7
|
| | | |
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PySAML2 did not check that the signature in a SAML document is enveloped and thus
XML signature wrapping (XSW) was effective.
The signature information and the node/object that is signed can be in different places
and thus the signature verification will succeed, but the wrong data will be used. This
specifically affects the verification of assertions that have been signed.
This was assigned CVE-2020-5390
Thanks to Alexey Sintsov and Yuri Goltsev from HERE Technologies to report this.
+ + + + + + + +
In more detail:
libxml2 follows the xmldsig-core specification. The xmldsig specification is way too
general. saml-core reuses the xmldsig specification, but constrains it to use of
specific facilities. The implementation of the SAML specification is responsible to
enforce those constraints. libxml2/xmlsec1 are not aware of those constraints and thus
process the document based on the full/general xmldsig rules.
What is happening is the following:
- xmldsig-core allows the signature-information and the data that was signed to be in
different places. This works by setting the URI attribute of the Reference element.
The URI attribute contains an optional identifier of the object being signed. (see
"4.4.3 The Reference Element" -- https://www.w3.org/TR/xmldsig-core1/#sec-Reference)
This identifier is actually a pointer that can be defined in many different ways; from
XPath expressions that need to be executed(!), to a full URL that should be fetched(!)
in order to recalculate the signature.
- saml-core section "5.4 XML Signature Profile" defines constrains on the xmldsig-core
facilities. It explicitly dictates that enveloped signatures are the only signatures
allowed. This mean that:
* Assertion/RequestType/ResponseType elements must have an ID attribute
* signatures must have a single Reference element
* the Reference element must have a URI attribute
* the URI attribute contains an anchor
* the anchor points to the enclosing element's ID attribute
xmlsec1 does the right thing - it follows the reference URI pointer and validates the
assertion. But, the pointer points to an assertion in another part of the document; not
the assertion in which the signature is embedded/enveloped. SAML processing thinks that
the signature is fine (that's what xmlsec1 said), and gets the assertion data from the
assertion that contains the signature - but that assertion was never validated. The
issue is that pysaml2 does not enforce the constrains on the signature validation
facilities of xmldsig-core, that the saml-core spec defines.
The solution is simple; all we need is to make sure that assertions with signatures (1)
contain one reference element that (2) has a URI attribute (3) that is an anchor that
(4) points to the assertion in which the signature is embedded. If those conditions are
met then we're good, otherwise we should fail the verification.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| |
| |
| |
| | |
Define a period for which the metadata fetched from an MDQ are considered valid.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | | |
|
| | | |
|
