Xavier
1a1ccd7568
Merge branch 'crypto-improvements'
2019-06-27 22:03:05 +02:00
Xavier
2fcaf52bcf
Better random string generation ( #1803 )
2019-06-27 21:59:18 +02:00
Xavier
b1f12b72e5
Add MAC verification to crypto
2019-06-27 20:48:01 +02:00
Xavier Guimard
cc8c5e057e
Use IV for *cryptHex methods
2019-06-27 19:36:01 +02:00
Xavier Guimard
9d5d1f6cd5
Don't use Crypt::URandom inside jail: this import file access libraries
2019-06-27 19:10:51 +02:00
Xavier Guimard
0b1643c294
Add an initialization vector in crypt methods
2019-06-27 18:39:01 +02:00
Xavier Guimard
e23611b73b
Avoid failure with future Perl (warnings reserved)
2019-06-27 17:41:24 +02:00
Clément OUDOT
e53129568a
Set some default values for lemonldap-ng-cli info ( #1827 )
2019-06-27 17:29:56 +02:00
Xavier Guimard
4b48f95507
Move missing deps in the good place ( #1824 )
2019-06-27 17:08:21 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Christophe Maudoux
8f834f5bb8
Append use directive ( #1824 )
2019-06-27 13:27:05 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Christophe Maudoux
859d7fad79
Update fr.json
2019-06-27 10:49:59 +02:00
Xavier Guimard
c7cb6594dd
Fix bad merge
2019-06-27 10:24:44 +02:00
Xavier Guimard
72439d341f
Merge branch 'v2.0'
2019-06-27 07:59:37 +02:00
Xavier Guimard
167b3df4b4
Merge branch 'fix-2f-upgradesession' into 'v2.0'
...
Add authenticated routes to 2FA for session upgrade (#1822 )
See merge request lemonldap-ng/lemonldap-ng!80
2019-06-27 07:57:29 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0
Add unit test for #1821
2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b
Don't keep pdata on upgrade ( Fixes : #1821 )
2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71
Clean tests ( #1819 )
2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b
Disable external entities in XML parsers ( Fixes : #1818 )
2019-06-26 11:32:10 +02:00
Xavier Guimard
c222fb4009
Update tr
2019-06-26 07:50:31 +02:00
Xavier
400b9eaab9
Revert "Better password generation ( #1803 )"
...
This reverts commit b4ec8eaeeb
.
2019-06-26 06:19:07 +02:00
Xavier
b4ec8eaeeb
Better password generation ( Fixes : #1803 )
2019-06-25 21:01:57 +02:00
Christophe Maudoux
b9af5d1adc
Use Id
2019-06-25 19:30:06 +02:00
Christophe Maudoux
13ed1589e4
Update lang
2019-06-25 19:03:04 +02:00
Xavier Guimard
a6a25f0aa5
Fix randomly CI failure ( #1797 )
2019-06-25 17:46:49 +02:00
Xavier Guimard
3d1be3e7e5
Set negetive values for PE_PASSWORD_OK and PE_LOGOUT_OK ( Fixes : #1816 )
2019-06-25 17:38:08 +02:00
Xavier Guimard
1c0ffb3e83
Import v2.0 tests
2019-06-25 17:20:27 +02:00
Xavier Guimard
1b4600b15c
Merge branch 'v2.0'
2019-06-25 17:14:00 +02:00
Xavier Guimard
e91f6df254
Fix test count ( #1813 )
2019-06-25 10:00:46 +02:00
Xavier Guimard
390ccb4f5b
Fix Apache::Session::REST::get_key_from_all_sessions when using CODE ( #1813 )
2019-06-25 09:48:15 +02:00
Xavier Guimard
93ccb9fd76
Set Content-Length in Apache::Session::REST requests ( #1813 )
2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c
Add searchOn() in Apache::Session::REST ( #1813 )
2019-06-25 09:18:58 +02:00
Xavier
c5d6bc42b6
Add get_key_from_all_sessions in Apache::Session::REST ( #1813 )
2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9
In REST, PE_LOGOUT_OK must return 200
2019-06-24 23:06:15 +02:00
Xavier Guimard
442a26a537
Remove localStorage purge (see #1815 )
2019-06-24 19:05:10 +02:00
Xavier Guimard
2cb221b4e0
Set cache_depth to 3 in local config cache ( Fixes : #1814 )
2019-06-24 18:51:15 +02:00
Xavier Guimard
4bfad92530
Merge branch 'v2.0'
2019-06-24 11:46:57 +02:00
Xavier Guimard
f9fb8a2772
Update manager JS
2019-06-24 11:45:53 +02:00
Xavier Guimard
1c17c6b077
Update portal JS
2019-06-24 11:38:00 +02:00
Xavier
243cad350f
Enable Ubuntu Disco build
2019-06-23 08:45:23 +02:00
Xavier
2e7b3c584a
Fix LDAP Policy
2019-06-23 08:18:19 +02:00
Xavier
9e16e2b75c
Merge branch 'v2.0'
2019-06-23 07:21:55 +02:00
Xavier
750eaafe65
Fix test rule to hide some warnings
2019-06-20 21:48:13 +02:00
Xavier
38bb0cedf6
Typo
2019-06-20 21:27:49 +02:00
Xavier
8bd2a6c244
Prove that sessionInfo() is launched by each UserDB in combination ( #1809 )
2019-06-20 21:17:29 +02:00
Xavier
50ba6e6144
Install nginx* files for all handlers ( Fixes : #1811 )
2019-06-20 12:51:00 +02:00
Xavier
1c195437f1
Typo ( #1810 )
2019-06-19 21:47:07 +02:00