Possibility to use a certificate instead of a public key (#879)
This commit is contained in:
Clément Oudot
parent
2e3479bca4
commit
dae02078ce
|
|
@ -146,6 +146,11 @@ qr/^(?:(?:\-+\s*BEGIN\s+RSA\s+PRIVATE\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,
|
|||
'msgFail' => '__badPemEncoding__',
|
||||
'test' =>
|
||||
qr/^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$/s
|
||||
},
|
||||
'RSAPublicKeyOrCertificate' => {
|
||||
'msgFail' => '__badPemEncoding__',
|
||||
'test' =>
|
||||
qr/^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$/s
|
||||
},
|
||||
'rule' => {
|
||||
'test' => sub {
|
||||
|
|
@ -181,7 +186,7 @@ qr/^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r
|
|||
'test' => sub {
|
||||
my $test =
|
||||
grep( { $_ eq $_[0]; }
|
||||
map( { $_->{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
map( { $$_{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
return $test
|
||||
? 1
|
||||
: ( 0, "Invalid value '$_[0]' for this select" );
|
||||
|
|
@ -998,7 +1003,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'default' => 'ldap://localhost',
|
||||
'test' => sub {
|
||||
my $l = shift();
|
||||
my @s = split( /[\s,]+/, $l, 0 );
|
||||
my (@s) = split( /[\s,]+/, $l, 0 );
|
||||
foreach my $s (@s) {
|
||||
return 0, qq[Bad ldap uri "$s"]
|
||||
unless $s =~
|
||||
|
|
@ -2011,11 +2016,11 @@ qr/^(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.
|
|||
},
|
||||
'samlServicePublicKeyEnc' => {
|
||||
'default' => '',
|
||||
'type' => 'RSAPublicKey'
|
||||
'type' => 'RSAPublicKeyOrCertificate'
|
||||
},
|
||||
'samlServicePublicKeySig' => {
|
||||
'default' => '',
|
||||
'type' => 'RSAPublicKey'
|
||||
'type' => 'RSAPublicKeyOrCertificate'
|
||||
},
|
||||
'samlSPMetaDataExportedAttributes' => {
|
||||
'default' => ';;;',
|
||||
|
|
|
|||
|
|
@ -104,6 +104,11 @@ sub types {
|
|||
qr/^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$/s,
|
||||
msgFail => '__badPemEncoding__',
|
||||
},
|
||||
'RSAPublicKeyOrCertificate' => {
|
||||
'test' =>
|
||||
qr/^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$/s,
|
||||
'msgFail' => '__badPemEncoding__',
|
||||
},
|
||||
RSAPrivateKey => {
|
||||
test =>
|
||||
qr/^(?:(?:\-+\s*BEGIN\s+RSA\s+PRIVATE\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+RSA\s+PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$/s,
|
||||
|
|
@ -1088,7 +1093,7 @@ sub attributes {
|
|||
documentation => 'SAML signature private key password',
|
||||
},
|
||||
samlServicePublicKeySig => {
|
||||
type => 'RSAPublicKey',
|
||||
type => 'RSAPublicKeyOrCertificate',
|
||||
default => '',
|
||||
documentation => 'SAML signature public key',
|
||||
},
|
||||
|
|
@ -1099,7 +1104,7 @@ sub attributes {
|
|||
},
|
||||
samlServicePrivateKeyEncPwd => { type => 'password', },
|
||||
samlServicePublicKeyEnc => {
|
||||
type => 'RSAPublicKey',
|
||||
type => 'RSAPublicKeyOrCertificate',
|
||||
default => '',
|
||||
documentation => 'SAML encryption public key',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ foreach my $type ( keys %types ) {
|
|||
delete $types{$type};
|
||||
next
|
||||
if ( $type =~
|
||||
/^(?:authParamsText|url|PerlModule|hostname|pcre|lmAttrOrMacro|subContainer|RSAP(?:ublic|rivate)Key)$/
|
||||
/^(?:authParamsText|url|PerlModule|hostname|pcre|lmAttrOrMacro|subContainer|RSAP(?:ublic|rivate)Key(?:OrCertificate)?)$/
|
||||
);
|
||||
ok( $forms{$type}, "Found $type" );
|
||||
delete $forms{$type};
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user