Clément OUDOT
069c4ada49
Update packaging files
2019-06-29 22:37:48 +02:00
Clément OUDOT
750557e88b
Update documentation
2019-06-29 22:35:59 +02:00
Clément OUDOT
9bb42cf046
Update changelog for 2.0.5
2019-06-29 22:30:26 +02:00
Christophe Maudoux
bcbea7bee0
Update version ( #1825 )
2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432
Don t mix && with and ( #1825 )
2019-06-29 21:35:13 +02:00
Christophe Maudoux
3e7f87eca6
Append config. tests ( #1825 )
2019-06-29 21:32:31 +02:00
Christophe Maudoux
4e97b8dd02
Update lang ( #1825 )
2019-06-29 21:14:59 +02:00
Christophe Maudoux
5054f5ac95
Append unit test ( #1825 )
2019-06-29 21:13:08 +02:00
Christophe Maudoux
11d2909b0a
WIP - Disable persistent sessions storage ( #1825 )
2019-06-29 21:10:16 +02:00
Christophe Maudoux
acd6e5513c
Improve unit test ( #1783 )
2019-06-29 00:16:37 +02:00
Christophe Maudoux
d97c36a97e
Disable spoofed sessions ( #1783 )
2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93
Merge branch 'v2.0' into 1783
2019-06-28 22:05:48 +02:00
Xavier Guimard
43d5139040
Update versions
2019-06-28 17:04:14 +02:00
Xavier Guimard
f59caf3ea1
Merge branch 'ssl-button-race-fix' into 'v2.0'
...
Avoid race when clicking the login button in SSL form (#1826 )
See merge request lemonldap-ng/lemonldap-ng!82
2019-06-28 16:56:46 +02:00
Xavier Guimard
ce59789747
Update doc
2019-06-28 16:53:45 +02:00
Clément OUDOT
b0a69d3473
Use skin rules in 2F plugins ( #1828 )
2019-06-28 15:56:57 +02:00
Clément OUDOT
9336aaa992
Merge branch '1828' into 'v2.0'
...
Use user skin in loadTemplate (Fixes : #1828 )
See merge request lemonldap-ng/lemonldap-ng!83
2019-06-28 15:46:13 +02:00
Xavier Guimard
8b7ce08587
Merge branch 'v2.0'
2019-06-28 14:35:30 +02:00
Xavier
c921c295ed
Use user skin in loadTemplate ( Fixes : #1828 )
2019-06-28 13:40:56 +02:00
Xavier
c411406886
Typo
2019-06-28 13:13:31 +02:00
Christophe Maudoux
87329a26a1
Make manifest
2019-06-28 11:22:23 +02:00
Xavier Guimard
44a6e25851
Improve cryptographic functions ( #1823 )
2019-06-28 10:30:37 +02:00
Xavier
c8d38d52a6
Merge branch 'crypto-improvements'
2019-06-27 22:15:19 +02:00
Xavier
cbde82bdfc
Fix HMAC verif
2019-06-27 22:12:57 +02:00
Xavier
1a1ccd7568
Merge branch 'crypto-improvements'
2019-06-27 22:03:05 +02:00
Christophe Maudoux
6519695797
Tidy ( #1783 )
2019-06-27 22:02:11 +02:00
Xavier
2fcaf52bcf
Better random string generation ( #1803 )
2019-06-27 21:59:18 +02:00
Christophe Maudoux
bb39dca317
Append & update unit tests ( #1783 )
2019-06-27 21:54:14 +02:00
Christophe Maudoux
6510f854c8
Append unit test ( #1783 )
2019-06-27 21:13:10 +02:00
Christophe Maudoux
8ad895c3b8
Merge branch 'v2.0' into 1783
2019-06-27 21:11:56 +02:00
Xavier
b1f12b72e5
Add MAC verification to crypto
2019-06-27 20:48:01 +02:00
Xavier Guimard
cc8c5e057e
Use IV for *cryptHex methods
2019-06-27 19:36:01 +02:00
Xavier Guimard
9d5d1f6cd5
Don't use Crypt::URandom inside jail: this import file access libraries
2019-06-27 19:10:51 +02:00
Xavier Guimard
0b1643c294
Add an initialization vector in crypt methods
2019-06-27 18:39:01 +02:00
Xavier Guimard
e23611b73b
Avoid failure with future Perl (warnings reserved)
2019-06-27 17:41:24 +02:00
Clément OUDOT
e53129568a
Set some default values for lemonldap-ng-cli info ( #1827 )
2019-06-27 17:29:56 +02:00
Xavier Guimard
4b48f95507
Move missing deps in the good place ( #1824 )
2019-06-27 17:08:21 +02:00
Maxime Besson
a7c7c51bba
Avoid race when clicking the login button in SSL form ( #1826 )
2019-06-27 17:05:29 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Christophe Maudoux
8f834f5bb8
Append use directive ( #1824 )
2019-06-27 13:27:05 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Christophe Maudoux
859d7fad79
Update fr.json
2019-06-27 10:49:59 +02:00
Xavier Guimard
c7cb6594dd
Fix bad merge
2019-06-27 10:24:44 +02:00
Xavier Guimard
72439d341f
Merge branch 'v2.0'
2019-06-27 07:59:37 +02:00
Xavier Guimard
167b3df4b4
Merge branch 'fix-2f-upgradesession' into 'v2.0'
...
Add authenticated routes to 2FA for session upgrade (#1822 )
See merge request lemonldap-ng/lemonldap-ng!80
2019-06-27 07:57:29 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0
Add unit test for #1821
2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b
Don't keep pdata on upgrade ( Fixes : #1821 )
2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71
Clean tests ( #1819 )
2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00