ruby-openid 2.1.5 → 2.1.6

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of ruby-openid might be problematic. Click here for more details.

Files changed (5) hide show
  1. data/CHANGELOG +12 -15
  2. data/lib/openid.rb +1 -1
  3. data/lib/openid/consumer/idres.rb +1 -1
  4. data/test/test_idres.rb +2 -1
  5. metadata +2 -2
data/CHANGELOG CHANGED
@@ -1,18 +1,15 @@
1
- Fri Apr 17 11:05:55 PDT 2009 cygnus@janrain.com
2
- tagged 2.1.5
3
- Ignore-this: 5f2efd8e91589c54cb0833b6379b9cfa
4
-
5
- Fri Apr 17 11:05:49 PDT 2009 cygnus@janrain.com
6
- * Up version to 2.1.5
7
- Ignore-this: 9f500a47200c6e2edb54057ebe9b19a0
1
+ Tue Apr 21 11:42:57 PDT 2009 cygnus@janrain.com
2
+ tagged 2.1.6
3
+ Ignore-this: b97ef05fbb348ace2f86513a5de7db46
8
4
 
9
- Fri Apr 17 11:03:31 PDT 2009 cygnus@janrain.com
10
- * SECURITY FIX: Claimed identifier verification was inadvertently comparing values that would always return true (thanks to jbradley@mac.com)
11
- Ignore-this: f69797d1383b08b6e58da70f183edb39
5
+ Tue Apr 21 11:42:54 PDT 2009 cygnus@janrain.com
6
+ * Set version to 2.1.6
7
+ Ignore-this: 992c07fd2dca61765d11f90167008ebd
12
8
 
13
- Fri Apr 17 11:01:45 PDT 2009 cygnus@janrain.com
14
- * Remove redundant test code
15
- Ignore-this: 78592d7f2d00ff25e4ab07a90df84477
9
+ Mon Apr 20 12:57:11 PDT 2009 cygnus@janrain.com
10
+ * Consumer: require that op_endpoint be signed in id_res responses
11
+ Ignore-this: a0fbd71a105194bac2624f7cff8a3e7a
16
12
 
17
- Fri Dec 19 11:50:10 PST 2008 cygnus@janrain.com
18
- tagged 2.1.4
13
+ Fri Apr 17 11:05:55 PDT 2009 cygnus@janrain.com
14
+ tagged 2.1.5
15
+ Ignore-this: 5f2efd8e91589c54cb0833b6379b9cfa
data/lib/openid.rb CHANGED
@@ -13,7 +13,7 @@
13
13
  # permissions and limitations under the License.
14
14
 
15
15
  module OpenID
16
- VERSION = "2.1.5"
16
+ VERSION = "2.1.6"
17
17
  end
18
18
 
19
19
  require "openid/consumer"
data/lib/openid/consumer/idres.rb CHANGED
@@ -114,7 +114,7 @@ module OpenID
114
114
  when OPENID2_NS
115
115
  require_fields = basic_fields + ['op_endpoint']
116
116
  require_sigs = basic_sig_fields +
117
- ['response_nonce', 'claimed_id', 'assoc_handle',]
117
+ ['response_nonce', 'claimed_id', 'assoc_handle', 'op_endpoint']
118
118
  when OPENID1_NS
119
119
  require_fields = basic_fields + ['identity']
120
120
  require_sigs = basic_sig_fields
data/test/test_idres.rb CHANGED
@@ -27,7 +27,8 @@ module OpenID
27
27
 
28
28
  OPENID1_SIGNED = ['return_to', 'identity']
29
29
  OPENID2_SIGNED =
30
- OPENID1_SIGNED + ['response_nonce', 'claimed_id', 'assoc_handle']
30
+ OPENID1_SIGNED + ['response_nonce', 'claimed_id', 'assoc_handle',
31
+ 'op_endpoint']
31
32
 
32
33
  def mkMsg(ns, fields, signed_fields)
33
34
  msg = Message.new(ns)
metadata CHANGED
@@ -3,8 +3,8 @@ rubygems_version: 0.9.0
3
3
  specification_version: 1
4
4
  name: ruby-openid
5
5
  version: !ruby/object:Gem::Version
6
- version: 2.1.5
7
- date: 2009-04-17 00:00:00 -07:00
6
+ version: 2.1.6
7
+ date: 2009-04-21 00:00:00 -07:00
8
8
  summary: A library for consuming and serving OpenID identities.
9
9
  require_paths:
10
10
  - lib