projects / shibboleth / sp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: f9e6779 dcdaebe)
Merge commit 'upstream/2.4.2+dfsg'
authorRuss Allbery <rra@debian.org>
Thu, 7 Apr 2011 00:49:32 +0000 (17:49 -0700)
committerRuss Allbery <rra@debian.org>
Thu, 7 Apr 2011 00:49:32 +0000 (17:49 -0700)
Conflicts:
configs/keygen.sh
configs/native.logger.in
configs/shibd-debian.in
schemas/Makefile.am

1  2 
configs/Makefile.am patch | diff1 | diff2 | blob | history
configs/keygen.sh patch | diff1 | diff2 | blob | history
configs/metagen.sh patch | diff1 | diff2 | blob | history
configs/native.logger.in patch | diff1 | diff2 | blob | history
configs/shibd-debian.in patch | diff1 | diff2 | blob | history
schemas/Makefile.am patch | diff1 | diff2 | blob | history
schemas/catalog.xml.in patch | diff1 | diff2 | blob | history

diff --cc configs/Makefile.am
Simple merge
diff --cc configs/keygen.sh
index e68607c,4ee69f6..c94f23e
--- 1/configs/keygen.sh
--- 2/configs/keygen.sh
+++ b/configs/keygen.sh
@@@ -1,13 -1,11 +1,16 @@@
  #! /bin/sh
  
- # Added for Debian.  The upstream version is installed in /etc/shibboleth and
- # for Debian we wanted to move it to /usr/bin, so change directories so that
- # it puts files in the correct location.
- cd /etc/shibboleth
++# Defaults added for Debian.  They can still be overridden by command-line
++# options.
++OUT=/etc/shibboleth
++GROUP=_shibd
 +
- while getopts h:e:y:bf c
+ while getopts h:u:g:o:e:y:bf c
       do
           case $c in
+            u)         USER=$OPTARG;;
+            g)         GROUP=$OPTARG;;
+            o)         OUT=$OPTARG;;
             b)         BATCH=1;;
             f)         FORCE=1;;
             h)         FQDN=$OPTARG;;
diff --cc configs/metagen.sh
index 16c9180,e460240..ce71382
--- 1/configs/metagen.sh
--- 2/configs/metagen.sh
+++ b/configs/metagen.sh
@@@ -1,18 -1,50 +1,50 @@@
 -#! /bin/sh
 +#! /bin/bash
  
- while getopts a:c:e:h:n:o:s:t: c
+ DECLS=1
+ SAML1=0
+ SAML2=0
+ ARTIFACT=0
+ DS=0
+ LOGOUT=0
+ NAMEIDMGMT=0
+ SAML10PROT="urn:oasis:names:tc:SAML:1.0:protocol"
+ SAML11PROT="urn:oasis:names:tc:SAML:1.1:protocol"
+ SAML20PROT="urn:oasis:names:tc:SAML:2.0:protocol"
+ SAML20SOAP="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ SAML20REDIRECT="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ SAML20POST="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ SAML20POSTSS="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+ SAML20ART="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ SAML20PAOS="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+ SAML1POST="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ SAML1ART="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
+ while getopts a:c:e:f:h:n:o:s:t:u:12ADLNO c
       do
           case $c in
-            c)         CERTS[${#CERTS[*]}]=$OPTARG;;
-            e)         ENTITYID=$OPTARG;;
-            h)         HOSTS[${#HOSTS[*]}]=$OPTARG;;
-            n)         NAKEDHOSTS[${#NAKEDHOSTS[*]}]=$OPTARG;;
-            o)         ORGNAME=$OPTARG;;
-            a)         ADMIN[${#ADMIN[*]}]=$OPTARG;;
-            s)         SUP[${#SUP[*]}]=$OPTARG;;
-            t)         TECH[${#TECH[*]}]=$OPTARG;;
-            \?)        echo metagen -c cert1 [-c cert2 ...] -h host1 [-h host2 ...] [-e entityID]
-                       exit 1;;
+            c)   CERTS[${#CERTS[*]}]=$OPTARG;;
+            e)   ENTITYID=$OPTARG;;
+            f)   FORMATS[${#FORMATS[*]}]=$OPTARG;;
+            h)   HOSTS[${#HOSTS[*]}]=$OPTARG;;
+            n)   NAKEDHOSTS[${#NAKEDHOSTS[*]}]=$OPTARG;;
+            o)   ORGNAME=$OPTARG;;
+            a)   ADMIN[${#ADMIN[*]}]=$OPTARG;;
+            s)   SUP[${#SUP[*]}]=$OPTARG;;
+            t)   TECH[${#TECH[*]}]=$OPTARG;;
+            u)   URL=$OPTARG;;
+            1)   SAML1=1;;
+            2)   SAML2=1;;
+            A)   ARTIFACT=1;;
+            D)   DS=1;;
+            L)   LOGOUT=1;;
+            N)   NAMEIDMGMT=1;;
+            O)   DECLS=0;;
+            \?)  echo metagen [-12ADLNO] -c cert1 [-c cert2 ...] -h host1 [-h host2 ...] [-e entityID]
+                 exit 1;;
           esac
       done
  
diff --cc configs/native.logger.in
index 2927392,8c17632..dc5f3c6
--- 1/configs/native.logger.in
--- 2/configs/native.logger.in
+++ b/configs/native.logger.in
@@@ -26,23 -26,17 +26,29 @@@ log4j.category.XMLTooling.libcurl=INF
  
  # define the appender
  
 -log4j.appender.native_log=org.apache.log4j.RollingFileAppender
 -log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log
 -log4j.appender.native_log.maxFileSize=1000000
 -log4j.appender.native_log.maxBackupIndex=10
 -log4j.appender.native_log.layout=org.apache.log4j.PatternLayout
 -log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 +# This is the default, but it's essentially useless under normal
 +# circumstances since Apache doesn't have access to write to that
 +# directory.
 +#log4j.appender.native_log=org.apache.log4j.RollingFileAppender
 +#log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log
 +#log4j.appender.native_log.maxFileSize=1000000
 +#log4j.appender.native_log.maxBackupIndex=10
- ##log4j.appender.native_log.layout=org.apache.log4j.BasicLayout
 +#log4j.appender.native_log.layout=org.apache.log4j.PatternLayout
 +#log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
++#log4j.appender.warn_log=org.apache.log4j.RollingFileAppender
++#log4j.appender.warn_log.fileName=@-SHIRELOGDIR-@/native_warn.log
++#log4j.appender.warn_log.maxFileSize=1000000
++#log4j.appender.warn_log.maxBackupIndex=10
++#log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout
++#log4j.appender.warn_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
++#log4j.appender.warn_log.threshold=WARN
  
 -log4j.appender.warn_log=org.apache.log4j.RollingFileAppender
 -log4j.appender.warn_log.fileName=@-SHIRELOGDIR-@/native_warn.log
 -log4j.appender.warn_log.maxFileSize=1000000
 -log4j.appender.warn_log.maxBackupIndex=10
 -log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout
 -log4j.appender.warn_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
 -log4j.appender.warn_log.threshold=WARN
 +# Use syslog instead, since then at least the messages will go somewhere.
 +# That facility is (3 << 3) or LOG_DAEMON, since log4cpp apparently
 +# doesn't recognize symbolic log facilities.
 +#
 +# This is a Debian-specific change.
 +log4j.appender.native_log=org.apache.log4j.LocalSyslogAppender
 +log4j.appender.native_log.syslogName=shibboleth-sp
 +log4j.appender.native_log.facility=24
 +log4j.appender.native_log.layout=org.apache.log4j.BasicLayout
diff --cc configs/shibd-debian.in
Simple merge
diff --cc schemas/Makefile.am
index 2651b14,f8c246f..4ed2cd8
--- 1/schemas/Makefile.am
--- 2/schemas/Makefile.am
+++ b/schemas/Makefile.am
@@@ -11,8 -13,8 +13,7 @@@ schemafiles = 
      shibboleth-2.0-afp.xsd \
      shibboleth-2.0-afp-mf-basic.xsd \
      shibboleth-2.0-afp-mf-saml.xsd \
--    shibboleth-2.0-attribute-map.xsd \
-     shibboleth-2.0-sp-notify.xsd
 -    WS-Trust.xsd
++    shibboleth-2.0-attribute-map.xsd
  
  pkgxml_DATA = \
        catalog.xml \
diff --cc schemas/catalog.xml.in
index d483854,ca7c797..fbb3fe3
--- 1/schemas/catalog.xml.in
--- 2/schemas/catalog.xml.in
+++ b/schemas/catalog.xml.in
@@@ -6,9 -8,6 +8,8 @@@
      <system systemId="urn:mace:shibboleth:2.0:afp:mf:basic" uri="@-PKGXMLDIR-@/shibboleth-2.0-afp-mf-basic.xsd"/>
      <system systemId="urn:mace:shibboleth:2.0:afp:mf:saml" uri="@-PKGXMLDIR-@/shibboleth-2.0-afp-mf-saml.xsd"/>
      <system systemId="urn:mace:shibboleth:2.0:attribute-map" uri="@-PKGXMLDIR-@/shibboleth-2.0-attribute-map.xsd"/>
-     <system systemId="urn:mace:shibboleth:2.0:sp:notify" uri="@-PKGXMLDIR-@/shibboleth-2.0-sp-notify.xsd"/>
      <system systemId="urn:mace:shibboleth:1.0" uri="@-PKGXMLDIR-@/shibboleth.xsd"/>
 +  <!-- WS-Trust.xsd has been removed from the Debian package because of license problems
      <system systemId="http://schemas.xmlsoap.org/ws/2005/02/trust" uri="@-PKGXMLDIR-@/WS-Trust.xsd"/>
 +   -->
  </catalog>
Shibboleth SP