From a0d040067b24d9999189cc39eb64de893f52d52b Mon Sep 17 00:00:00 2001 From: Jaime Perez Crespo <jaime.perez@uninett.no> Date: Wed, 12 Aug 2015 13:13:58 +0200 Subject: [PATCH] Add some exhaustive upgrade notes for 1.14.0. --- docs/simplesamlphp-upgrade-notes-1.14.txt | 172 ++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 docs/simplesamlphp-upgrade-notes-1.14.txt diff --git a/docs/simplesamlphp-upgrade-notes-1.14.txt b/docs/simplesamlphp-upgrade-notes-1.14.txt new file mode 100644 index 000000000..bc3bf5378 --- /dev/null +++ b/docs/simplesamlphp-upgrade-notes-1.14.txt @@ -0,0 +1,172 @@ +Upgrade notes for simpleSAMLphp 1.14 +==================================== + +The `mcrypt` extension is no longer required by SimpleSAMLphp, so if no signatures or encryption are being used, it +can be skipped. It is still a requirement for `xmlseclibs` though, so for those verifying or creating signed +documents, or using encryption, is is still needed. + +PHP session cookies are now set to HTTP-only by default. This relates to the `session.phpsession.httponly` +configuration option. + +The following deprecated files, directories and endpoints have been removed: + + * `bin/pack.php` + * `docs/pack.txt` + * `docs/simplesamlphp-features.txt` + * `docs/simplesamlphp-reference-sp-hosted.txt` + * `docs/simplesamlphp-subversion.txt` + * `lib/SimpleSAML/Auth/BWC.php` (`SimpleSAML_Auth_BWC`) + * `lib/SimpleSAML/MemcacheStore.php` (`SimpleSAML_MemcacheStore`) + * `lib/SimpleSAML/Metadata/MetaDataStorageHandlerDynamicXML.php` (`SimpleSAML_Metadata_MetaDataStorageHandlerDynamicXML`) + * `modules/aselect/www/linkback.php` + * `modules/core/lib/ModuleDefinition.php` (`sspmod_core_ModuleDefinition`) + * `modules/core/lib/ModuleInstaller.php` (`sspmod_core_ModuleInstaller`) + * `modules/core/www/bwc_resumeauth.php` + * `modules/core/www/idp/resumeauth.php` + * `modules/oauth/lib/OauthSignatureMethodRSASHA1.php` (`sspmod_oauth_OauthSignatureMethodRSASHA1`) + * `modules/oauth/www/accessToken.php` + * `modules/oauth/www/authorize.php` + * `modules/oauth/www/requestToken.php` + * `modules/smartnameattribute/` + * `www/resources/jquery.js` + * `www/resources/jquery-ui.js` + * `www/resources/uitheme/` + * `www/shib13/sp/` + * `www/saml2/idp/idpInitSingleLogoutServiceiFrame.php` + * `www/saml2/idp/SingleLogoutServiceiFrame.php` + * `www/saml2/idp/SingleLogoutServiceiFrameResponse.php` + * `www/saml2/sp/` + * `www/wsfed/` + * `www/example-simple/` + * `www/auth/` + +The following deprecated methods and constants have been removed: + + * `SimpleSAML_AuthMemCookie::getLoginMethod()` + * `SimpleSAML_Session::DATA_TIMEOUT_LOGOUT` + * `SimpleSAML_Session::expireDataLogout()` + * `SimpleSAML_Session::get_sp_list()` + * `SimpleSAML_Session::getAttribute()` + * `SimpleSAML_Session::getAttributes()` + * `SimpleSAML_Session::getAuthnInstant()` + * `SimpleSAML_Session::getAuthnRequest()` + * `SimpleSAML_Session::getAuthority()` + * `SimpleSAML_Session::getIdP()` + * `SimpleSAML_Session::getInstance()` + * `SimpleSAML_Session::getLogoutState()` + * `SimpleSAML_Session::getNameID()` + * `SimpleSAML_Session::getSessionIndex()` + * `SimpleSAML_Session::getSize()` + * `SimpleSAML_Session::isAuthenticated()` + * `SimpleSAML_Session::remainingTime()` + * `SimpleSAML_Session::setAttribute()` + * `SimpleSAML_Session::setAttributes()` + * `SimpleSAML_Session::setAuthnRequest()` + * `SimpleSAML_Session::setIdP()` + * `SimpleSAML_Session::setLogoutState()` + * `SimpleSAML_Session::setNameID()` + * `SimpleSAML_Session::setSessionDuration()` + * `SimpleSAML_Session::setSessionIndex()` + * `SimpleSAML_Utilities::generateRandomBytesMTrand()` + +The following methods have changed their signature. Refer to the code for the updated signatures: + + * `SimpleSAML_Auth_Default::initLogout()` + * `SimpleSAML_Auth_Default::initLogoutReturn()` + * `SimpleSAML_Metadata_MetaDataStorageHandler::getGenerated()` + * `SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData()` + * `SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataCurrent()` + * `SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataCurrentEntityID()` + * `SimpleSAML_Session::doLogout()` + * `SimpleSAML_Session::getAuthState()` + * `SimpleSAML_Session::registerLogoutHandler()` + * `SimpleSAML_Utilities::generateRandomBytes()` + * `SimpleSAML_XML_Shib13_AuthnRequest::createRedirect()` + +The following methods and classes have been deprecated. Refer to the code for alternatives: + + * `SimpleSAML_Auth_Default` + * `SimpleSAML_Utilities` + * `SimpleSAML_Utilities::addURLParameter()` + * `SimpleSAML_Utilities::aesDecrypt()` + * `SimpleSAML_Utilities::aesEncrypt()` + * `SimpleSAML_Utilities::arrayize()` + * `SimpleSAML_Utilities::checkCookie()` + * `SimpleSAML_Utilities::checkDateConditions()` + * `SimpleSAML_Utilities::checkURLAllowed()` + * `SimpleSAML_Utilities::createHttpPostRedirectLink()` + * `SimpleSAML_Utilities::createPostRedirectLink()` + * `SimpleSAML_Utilities::debugMessage()` + * `SimpleSAML_Utilities::doRedirect()` + * `SimpleSAML_Utilities::fatalError()` + * `SimpleSAML_Utilities::fetch()` + * `SimpleSAML_Utilities::formatDOMElement()` + * `SimpleSAML_Utilities::formatXMLString()` + * `SimpleSAML_Utilities::generateID()` + * `SimpleSAML_Utilities::generateRandomBytes()` + * `SimpleSAML_Utilities::generateTimestamp()` + * `SimpleSAML_Utilities::getAcceptLanguage()` + * `SimpleSAML_Utilities::getAdminLogoutURL()` + * `SimpleSAML_Utilities::getBaseURL()` + * `SimpleSAML_Utilities::getDefaultEndpoint()` + * `SimpleSAML_Utilities::getDOMChildren()` + * `SimpleSAML_Utilities::getDOMText()` + * `SimpleSAML_Utilities::getFirstPathElement()` + * `SimpleSAML_Utilities::getLastError()` + * `SimpleSAML_Utilities::getSecretSalt()` + * `SimpleSAML_Utilities::getSelfHost()` + * `SimpleSAML_Utilities::getSelfHostWithPath()` + * `SimpleSAML_Utilities::getTempDir()` + * `SimpleSAML_Utilities::initTimezone()` + * `SimpleSAML_Utilities::ipCIDRcheck()` + * `SimpleSAML_Utilities::isAdmin()` + * `SimpleSAML_Utilities::isDOMElementOfType()` + * `SimpleSAML_Utilities::isHTTPS()` + * `SimpleSAML_Utilities::isWindowsOS()` + * `SimpleSAML_Utilities::loadPrivateKey()` + * `SimpleSAML_Utilities::loadPublicKey()` + * `SimpleSAML_Utilities::maskErrors()` + * `SimpleSAML_Utilities::normalizeURL()` + * `SimpleSAML_Utilities::parseAttributes()` + * `SimpleSAML_Utilities::parseDuration()` + * `SimpleSAML_Utilities::parseQueryString()` + * `SimpleSAML_Utilities::parseStateID()` + * `SimpleSAML_Utilities::popErrorMask()` + * `SimpleSAML_Utilities::postRedirect()` + * `SimpleSAML_Utilities::redirect()` + * `SimpleSAML_Utilities::redirectTrustedURL()` + * `SimpleSAML_Utilities::redirectUntrustedURL()` + * `SimpleSAML_Utilities::requireAdmin()` + * `SimpleSAML_Utilities::resolveCert()` + * `SimpleSAML_Utilities::resolvePath()` + * `SimpleSAML_Utilities::resolveURL()` + * `SimpleSAML_Utilities::selfURL()` + * `SimpleSAML_Utilities::selfURLHost()` + * `SimpleSAML_Utilities::selfURLNoQuery()` + * `SimpleSAML_Utilities::setCookie()` + * `SimpleSAML_Utilities::stringToHex()` + * `SimpleSAML_Utilities::transposeArray()` + * `SimpleSAML_Utilities::validateCA()` + * `SimpleSAML_Utilities::validateXML()` + * `SimpleSAML_Utilities::validateXMLDocument()` + * `SimpleSAML_Utilities::writeFile()` + +The following modules will no longer be shipped with the next version of SimpleSAMLphp: + + * `aggregator` + * `aggregator2` + * `aselect` + * `autotest` + * `casserver` + * `consentSimpleAdmin` + * `discojuice` + * `InfoCard` + * `logpeek` + * `metaedit` + * `modinfo` + * `papi` + * `oauth` + * `openid` + * `openidProvider` + * `saml2debug` + * `themefeidernd` -- GitLab