diff --git a/.gitignore b/.gitignore index 3d301db4..f1edb289 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,10 @@ +# Editor backup files +*~ +.*swp + +# GUI metadata files +.DS_Store +Thumbs.db # / /private @@ -10,10 +17,6 @@ /charting/cache /charting/temp.tmp -# /entities/ -/entities/import.xml -/entities/imported.xml - # /mdx/at_aconet/ /mdx/at_aconet/imported.xml @@ -129,27 +132,3 @@ # /mdx/us_incommon/ /mdx/us_incommon/imported.xml - -# /xml/ -/xml/ukfederation-trust-12-unsigned.xml -/xml/ukfederation-sites-12-unsigned.xml -/xml/ukfederation-wayf-unsigned.xml -/xml/entities.xml -/xml/sdss-wayf-unsigned.xml -/xml/ukfederation-metadata-unsigned.xml -/xml/embedded.pem -/xml/member-dates.txt -/xml/ukfederation-metadata-master.xml -/xml/ukfederation-export-unsigned.xml -/xml/ukfederation-export-preview-unsigned.xml -/xml/ukfederation-test-unsigned.xml -/xml/ukfederation-export.xml -/xml/ukfederation-stats.html -/xml/ukfederation-test.xml -/xml/ukfederation-back-unsigned.xml -/xml/test-metadata.xml -/xml/test-metadata-master.xml -/xml/temp.xml -/xml/temp2.xml -/xml/ukfederation-cdsall-unsigned.xml -/xml/cms-metadata.xml diff --git a/.project b/.project index 6db11066..9dcb5a2a 100644 --- a/.project +++ b/.project @@ -1,6 +1,6 @@ - UK-fed-meta + ukf-meta diff --git a/README.md b/README.md index 43b2f44d..63fba15b 100644 --- a/README.md +++ b/README.md @@ -6,17 +6,17 @@ This is the metadata repository and main toolset for the [UK Access Management F There are two variants of the repository: -* The private variant of the repository is used as part of UK federation operations. This is where we maintain federation membership details and the individual metadata documents for each entity registered with the UK federation. +* The private variant of the repository is used as part of UK federation operations. * The public, read-only variant of the repository is made available on [GitHub](https://github.com/ukf/ukf-meta). If you're reading this, you're probably accessing this more restricted version. We provide it for the benefit of other federation operators who may be wondering how the UK federation systems operate, perhaps with a view to implementing something similar. The public repository is kept roughly in synchronisation with the private one using [our `ukf-meta-meta` tools](https://github.com/ukf/ukf-meta-meta). We do this when we have made significant changes to the toolset and we think other federation operators may find the changes of interest. -We exclude a significant amount of material from the public repository. One reason for this is to save space: for example, the private repository retains a copy of every signed metadata aggregate we have ever produced, going back to 2005. +We exclude a significant amount of material from the public repository. One reason for this is to save space: for example, the private repository retains a copy of every signed metadata aggregate we produced between 2005 and 2016. -The second main category excluded from the public repository is the actual registration database: version-controlled XML documents describing registered entities and the federation membership. We don't include this material because it may include personal information. +The second main category excluded from the public repository is the historic registration database: version-controlled XML documents describing registered entities and the federation membership. We don't include this material because it may include personal information. -The failure to separate the tooling from the data is, in retrospect, a failing of our current systems and we are working to separate them more cleanly in the future. +Since 2016, we have separated the entity database and aggregate record from the main toolchain repository, but the nature of Git is to never discard anything. We will therefore continue to make this repository publicly available only in redacted form. ## Licensing diff --git a/build.xml b/build.xml index a2efb188..9973456d 100644 --- a/build.xml +++ b/build.xml @@ -3,22 +3,55 @@ - + + + + + + + + @@ -26,57 +59,165 @@ + + + + + + + + + + + + + + + + + + + - Multiple remote systems are supported, each with its own ssh-accessable - location for "push" and its own URL for verification of pushed data. + - - - - + + + + + + + - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + - - - - - + + + + - - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - + + - + + + + + + + - - - - - - - - Processing complete. + + Test aggregates built successfully from deferred branch. - - Data pushed and verified. + + Test aggregates built successfully from immediate branch. + + Test aggregates built successfully from master branch. + - - - - Please select the remote host to use: - + + Stage 1 (normal) Success: Lockfile created, API paused, deferred branch merged into immediate and then into master. + - - - - - - - + - - - - - - + Runs on: aggr - - - + Process: + * Lock: Check for presence of lockfile, if not present, create it + * API: Pause the API + * FS: Make sure output directory is clear + * Git: Make sure all repos up to date + * Git: Merge immediate tree into master + --> + + Stage 1 (emergency) Success: Lockfile created, API paused, immediate branch merged into master. + - - - - - - - - - + + + Stage 1 (manual) Success: Lockfile created, API paused. - - - Please enter the password for ${remote.user} on ${remote.host}: - + + Stage 2 Success: Unsigned aggregates created, copied to orchestrator. Message sent to start signing. - - - Pushing non-metadata files. - - - - - - - - - - Pushing UK Federation metadata files. - - - - - - - - - - - + + + Stage 3.1 Success: Aggregates send to keymaster for processing. + + + + + Stage 3.2 Success: Aggregates signed and verified". + + + + + Stage 3.3 Success: Signed aggregates and stats file comitted to data repository, pushed to origin. + + + + + Stage 4 Success: MDQ cache created (not yet implemented!); all files comitted to data repository. + + + + + Stage 5 Success: Master branch pushed to origin, new tag created and pushed, message sent to start publication. + + + + + Stage 6 Success: Aggregates and MDQ cache pushed and verified. + + + + + Checked embedded certificates. + + + + + + + + + + + + + + + + + + + + Checking for presence of lockfile... + + + + + + -> No lockfile, continuing... + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + All branches on all repositories, reset HARD. + + + + + Pulling the latest state from all Git repositories (all branches). + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Merging deferred branch into immediate branch of data repository. + + + + + + + + + + + + + + + + Merging immediate branch into master branch of data repository. + + + + + + + + + + + + + + + + Merging master branch into immediate branch of data repository. + + + + + + + + + + + + + + + + Merging immediate branch into deferred branch of data repository. + + + + + + + + + + + + + + + + Merging master branch into deferred branch of data repository. + + + + + + + + + + + + + + + + Merging deferred branch into master branch of data repository. + + + + + + + + + + + + + + + + Switching to deferred branch in data repository. + + + + + + + + + Switching to deferred branch in data repository. + + + + + + + + + Switching to immediate branch in data repository. + + + + + + + + + Pushing all branches of data repository to origin + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Pushing master branch of products repository to origin + + + + + + + + + + + + + + + Pushing master branch of data repository to origin + + + + + + + + + + + + + + + Pushing immediate branch of data repository to origin + + + + + + + + + + + + + + + Pushing deferred branch of data repository to origin + + + + + + + + + + + + + + + Adding all new files in aggregates/ directory of products repository into Git working set. + + + + + + + + + Commiting all changes in products repository. + + + + + + + + + + Commiting all changes in products repository. + + + + + + + + + + Creating new Tag in master branch of products repository. + + + + + + + + + + + + + + + + + + + + + + + Commiting all changes in products repository. + + + + + + + + + + + + + Triggering Jenkins signing job + + + + + + Triggering Jenkins publication Job. + + + + + - + - + @@ -326,38 +1132,143 @@ Verifying @{i}... - - + + + + + + + + + + + + + + + + + + + + Verifying @{i}... + + + + + + + + + + + + + + Checksum of file matches expected value - + - + - + - - Verifying metadata held at ${remote.url} - - - - - - - + + Computing checksums of each aggregate + + + + + + + + + Verifying metadata held at ${md.dist.host1.name} + + + + + + + + + Verifying metadata held at ${md.dist.host2.name} + + + + + + + + + Verifying metadata held at ${md.dist.host3.name} + + + + + + + + Verification completed. @@ -369,13 +1280,6 @@ ************************************************* --> - - - Generated unsigned metadata. - - - + + Performing dry run of generating UKfed MD. + All UKfed metadata successfully verified. - - Generating unsigned UK metadata files. + + Generating unsigned UKfed metadata files. - - - - - - - - - + + + + + + + + Generated UK unsigned metadata. @@ -462,7 +1365,10 @@ by properties defined in the external properties files, e.g., build.properties. --> - + + + + @@ -571,9 +1473,9 @@ Macro to run the metadatatool application with appropriate defaults. --> - - - + + + @@ -594,7 +1496,7 @@ - + @@ -610,6 +1512,47 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + - - - - + - + - - + + - + Signing @{i} using digest @{digest}. @@ -661,22 +1602,37 @@ + + + + + + + + + + + + - This only works with XmlSecTool 1.2.0 and later. - It requires the java.security file to be unmodified. + - - - - + + - - - + + - + - + - + @@ -774,10 +1730,13 @@ --> - - + + Please enter the password for the keystores: @@ -795,31 +1754,32 @@ - - Signing UK metadata. - + + Signing unsigned aggregates. + + Signing UKfed prod metadata. + - Signing UK WAYF metadata. - + Signing UKfed WAYF metadata. + - Signing UK CDS full metadata. - + Signing UKfed CDS full metadata. + - Signing UK test metadata. - + Signing UKfed test metadata. + - Signing UK export metadata. - + Signing UKfed export metadata. + - Signing UK export preview metadata. - + Signing UKfed export preview metadata. + - Signing UK fallback metadata. - + Signing UKfed fallback metadata. + - Generated signed UK metadata. - + Verifying signed UK metadata. - + Verifying signed UK WAYF metadata. - + Verifying signed UK CDS full metadata. - + Verifying signed UK test metadata. - + Verifying signed UK export metadata. - + Verifying signed UK export preview metadata. - + Verifying signed UK fallback metadata. - + Verification completed. + + + + + Clearing output directory. + + + + + + + CPing other files that should be checked into git into orchestrator's aggregates dir. + + + + + + + + + SCPing unsigned files and stats file from output dir to orchestrator's build dir. + + + + + + + + + + + + + + + + SCPing unsigned aggregates from orchestrator's output dir to keymaster's build.dir. + + + + + + + + + + + + + + + SCPing signed aggregates from keymaster's output dir into orchestrator's aggregates dir. + + + + + + + + + + + + + + Creating MDQ cache. + -> Not yet implemented. This is not a failure, other than a moral one + + + + + + + Sending Purge command to Azure CDN. + -> Not yet implemented. This is not a failure, other than a moral one + + + + + + + + Pushing UK Federation metadata files to MD dist. + -> MD1 + + + + + + -> MD2 + + + + + + -> MD3 + + + + + + + + + + + + + Pushing UK Federation other files to web site. + -> Web1 + + + + + + + + + + - + - + Checking embedded certificates - - + + - + - + - + @@ -529,7 +531,9 @@ http://www.edugain.org/technical/status.php --> + + @@ -568,8 +572,6 @@ - - @@ -943,6 +945,10 @@ + + + + diff --git a/mdx/int_cobweb/verbs.xml b/mdx/int_cobweb/verbs.xml index 063cb743..dde7a217 100644 --- a/mdx/int_cobweb/verbs.xml +++ b/mdx/int_cobweb/verbs.xml @@ -25,7 +25,7 @@ - + diff --git a/mdx/int_edugain/verbs.xml b/mdx/int_edugain/verbs.xml index 7ca9668e..538fbdaa 100644 --- a/mdx/int_edugain/verbs.xml +++ b/mdx/int_edugain/verbs.xml @@ -26,7 +26,7 @@ - + diff --git a/mdx/schema/refeds-metadata.xsd b/mdx/schema/refeds-metadata.xsd new file mode 100644 index 00000000..1dadc094 --- /dev/null +++ b/mdx/schema/refeds-metadata.xsd @@ -0,0 +1,20 @@ + + + + + + + Unofficial schema for REFEDS metadata; + specifically the contactType extension required for SIRTFI. + + + + + + diff --git a/mdx/test/verbs.xml b/mdx/test/verbs.xml index a3bfd4fb..f5f692df 100644 --- a/mdx/test/verbs.xml +++ b/mdx/test/verbs.xml @@ -25,7 +25,7 @@ - + diff --git a/mdx/uk/beans.xml b/mdx/uk/beans.xml index bd769aa0..1acb9162 100644 --- a/mdx/uk/beans.xml +++ b/mdx/uk/beans.xml @@ -113,7 +113,7 @@ - + @@ -124,37 +124,13 @@ - - - - - - - - - - - + @@ -177,7 +153,7 @@ - + @@ -198,14 +174,16 @@ Checks specific to the UK registrar function. --> - - - - - - + p:XSLResource="classpath:uk/check_ukreg.xsl"/> + + + + + + + @@ -336,6 +328,7 @@ + @@ -460,7 +453,7 @@ - + diff --git a/mdx/uk/check_ukreg.xsl b/mdx/uk/check_ukreg.xsl index 4be22f07..728c0306 100644 --- a/mdx/uk/check_ukreg.xsl +++ b/mdx/uk/check_ukreg.xsl @@ -15,8 +15,7 @@ xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:mdxMail="xalan://uk.ac.sdss.xalan.md.Mail" - xmlns:ukfxMembers="xalan://uk.org.ukfederation.members.Members" - extension-element-prefixes="mdxMail ukfxMembers" + extension-element-prefixes="mdxMail" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> @@ -26,48 +25,6 @@ - - - - - - - - - - - - - - entity lacks OrganizationName - - - - - - - - unknown owner name: - - - - - - - - - - - diff --git a/mdx/uk/collect.xml b/mdx/uk/collect.xml index b6f56398..fa987eb6 100644 --- a/mdx/uk/collect.xml +++ b/mdx/uk/collect.xml @@ -25,7 +25,7 @@ - + diff --git a/mdx/uk/generate.xml b/mdx/uk/generate.xml index a51d2e67..b259957e 100644 --- a/mdx/uk/generate.xml +++ b/mdx/uk/generate.xml @@ -234,7 +234,7 @@ - + @@ -291,7 +291,7 @@ - + @@ -407,7 +407,7 @@ - + @@ -469,7 +469,7 @@ - + @@ -523,7 +523,7 @@ - + @@ -579,7 +579,7 @@ - + @@ -790,7 +790,7 @@ - + @@ -798,100 +798,8 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + @@ -932,10 +839,6 @@ - - - - diff --git a/mdx/uk/import.xsl b/mdx/uk/import.xsl index 7e6bd0b5..b72e9bad 100644 --- a/mdx/uk/import.xsl +++ b/mdx/uk/import.xsl @@ -63,20 +63,20 @@ + xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd + urn:oasis:names:tc:SAML:metadata:algsupport sstc-saml-metadata-algsupport-v1.0.xsd + urn:oasis:names:tc:SAML:metadata:attribute sstc-metadata-attr.xsd + urn:oasis:names:tc:SAML:metadata:rpi saml-metadata-rpi-v1.0.xsd + urn:oasis:names:tc:SAML:metadata:ui sstc-saml-metadata-ui-v1.0.xsd + urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol sstc-saml-idp-discovery.xsd + urn:oasis:names:tc:SAML:profiles:SSO:request-init sstc-request-initiation.xsd + urn:oasis:names:tc:SAML:2.0:assertion saml-schema-assertion-2.0.xsd + urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd + http://ukfederation.org.uk/2006/11/label uk-fed-label.xsd + http://sdss.ac.uk/2006/06/WAYF uk-wayf.xsd + http://www.w3.org/2001/04/xmlenc# xenc-schema.xsd + http://www.w3.org/2009/xmlenc11# xenc-schema-11.xsd + http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"> + xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> - - - - - - - - - - - - - - false - - - - - - - - @@ -66,15 +33,7 @@ - - - - - false - - - - + @@ -84,13 +43,11 @@ If an IdP's SSO or AA roles already includes an Extensions element, this may already contain extensions other than scopes. We need to make sure that if it does not also contain scopes, then any scopes declared at the entity - level are copied down, and any outsourced scopes provided by the member - list are imported. + level are copied down. --> - @@ -100,15 +57,6 @@ - - - - - false - - - - diff --git a/mdx/uk/statistics.xsl b/mdx/uk/statistics.xsl index 9cf1cbad..ef64c117 100644 --- a/mdx/uk/statistics.xsl +++ b/mdx/uk/statistics.xsl @@ -1234,7 +1234,7 @@ ***************************************** --> - + diff --git a/mdx/uk/verbs.xml b/mdx/uk/verbs.xml index 06b2aca4..e613951b 100644 --- a/mdx/uk/verbs.xml +++ b/mdx/uk/verbs.xml @@ -62,7 +62,7 @@ - + @@ -194,7 +194,7 @@ - + @@ -207,7 +207,7 @@ - + @@ -326,7 +326,7 @@ - + diff --git a/mdx/us_incommon/verbs.xml b/mdx/us_incommon/verbs.xml index 3a438a8b..6ca5a631 100644 --- a/mdx/us_incommon/verbs.xml +++ b/mdx/us_incommon/verbs.xml @@ -28,7 +28,7 @@ - + diff --git a/preprod.properties b/preprod.properties new file mode 100644 index 00000000..e7eedb48 --- /dev/null +++ b/preprod.properties @@ -0,0 +1,25 @@ +# +# preprod.properties +# +# Properties defined for the env=preprod deployment environment. +# + +# +# Use the PKCS#11 provider for signatures. +# +sign.uk.keystoreProvider = sun.security.pkcs11.SunPKCS11 + +# +# Location of the PKCS#11 configuration file for the Thales HSM. +# +sign.uk.pkcs11Config = ${basedir}/mdx/uk/nshield.cfg + +# +# Signing key alias within the keystore. +# +sign.uk.keyAlias = UKAMF_Signing_Key + +# +# Give Java processes plenty of headroom in production. +# +java.max.memory = 1536m diff --git a/prod-old.properties b/prod-old.properties new file mode 100644 index 00000000..fdda3b0b --- /dev/null +++ b/prod-old.properties @@ -0,0 +1,23 @@ +# +# prod-old.properties +# +# Properties defined for the env=prod-old deployment environment. +# +# This is associated with the old stand-alone signing machine, and is not expected +# to be used again in anger. +# + +# +# Use the PKCS#11 provider for signatures. +# +sign.uk.keystoreProvider = sun.security.pkcs11.SunPKCS11 + +# +# Location of the PKCS#11 configuration file for an ACOS5 card. +# +sign.uk.pkcs11Config = C\:\\pkcs11\\sdk18\\acs.cfg + +# +# Signing key alias within the keystore. +# +sign.uk.keyAlias = ukfederation diff --git a/prod.properties b/prod.properties new file mode 100644 index 00000000..c085dcd9 --- /dev/null +++ b/prod.properties @@ -0,0 +1,25 @@ +# +# prod.properties +# +# Properties defined for the env=prod deployment environment. +# + +# +# Use the PKCS#11 provider for signatures. +# +sign.uk.keystoreProvider = sun.security.pkcs11.SunPKCS11 + +# +# Location of the PKCS#11 configuration file for the Thales HSM. +# +sign.uk.pkcs11Config = ${basedir}/mdx/uk/nshield.cfg + +# +# Signing key alias within the keystore. +# +sign.uk.keyAlias = UKAMF_Signing_Key + +# +# Give Java processes plenty of headroom in production. +# +java.max.memory = 1536m diff --git a/tools/slacktee/bin/slacktee.sh b/tools/slacktee/bin/slacktee.sh new file mode 100755 index 00000000..08f49b88 --- /dev/null +++ b/tools/slacktee/bin/slacktee.sh @@ -0,0 +1,608 @@ +#!/usr/bin/env bash + +# ---------- +# Default Configuration +# ---------- +webhook_url="" # Incoming Webhooks integration URL +upload_token="" # The user's API authentication token, only used for file uploads +channel="general" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'. +tmp_dir="/tmp" # Temporary file is created in this directory. +username="slacktee" # Default username to post messages. +icon="ghost" # Default emoji to post messages. Don't wrap it with ':'. See http://www.emoji-cheat-sheet.com; can be a url too. +attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used. + +# ---------- +# Initialization +# ---------- +me=$(basename "$0") +title="" +mode="buffering" +link="" +textWrapper="\`\`\`" +parseMode="" +fields=() +# Since bash 3 doesn't support the associative array, we store colors and patterns separately +cond_color_colors=() +cond_color_patterns=() +found_pattern_color="" +# This color is used when 'attachment' is used without color specification +internal_default_color="#C0C0C0" + +# Since bash 3 doesn't support the associative array, we store prefixes and patterns separately +cond_prefix_prefixes=() +cond_prefix_patterns=() +found_title_prefix="" + +function show_help() +{ + echo "usage: $me [options]" + echo " options:" + echo " -h, --help Show this help." + echo " -n, --no-buffering Post input values without buffering." + echo " -f, --file Post input values as a file." + echo " -l, --link Add a URL link to the message." + echo " -c, --channel channel_name Post input values to specified channel or user." + echo " -u, --username user_name This username is used for posting." + echo " -i, --icon emoji_name|url This icon is used for posting. You can use a word" + echo " from http://www.emoji-cheat-sheet.com or a direct url to an image." + echo " -t, --title title_string This title is added to posts." + echo " -m, --message-formatting format Switch message formatting (none|link_names|full)." + echo " See https://api.slack.com/docs/formatting for more details." + echo " -p, --plain-text Don't surround the post with triple backticks." + echo " -a, --attachment [color] Use attachment (richly-formatted message)" + echo " Color can be 'good','warning','danger' or any hex color code (eg. #439FE0)" + echo " See https://api.slack.com/docs/attachments for more details." + echo " -e, --field title value Add a field to the attachment. You can specify this multiple times." + echo " -s, --short-field title value Add a short field to the attachment. You can specify this multiple times." + echo " -o, --cond-color color pattern Change the attachment color if the specified Regex pattern matches the input." + echo " You can specify this multile times." + echo " If more than one pattern matches, the latest matched pattern is used." + echo " -d, --cond-prefix prefix pattern This prefix is added to the message, if the specified Regex pattern matches the input." + echo " You can specify this multile times." + echo " If more than one pattern matches, the latest matched pattern is used." + echo " --config config_file Specify the location of the config file." + echo " --setup Setup slacktee interactively." +} + + + +function send_message() +{ + message="$1" + + # Prepend the prefix to the message, if it's set + if [[ -z $attachment && -n $found_pattern_prefix ]]; then + message="$found_pattern_prefix$message" + # Clear conditional prefix for the nest send + found_pattern_prefix="" + fi + + escaped_message=$(echo "$textWrapper\n$message\n$textWrapper" | sed 's/"/\\"/g' | sed "s/'/\\'/g" ) + message_attr="" + if [[ $message != "" ]]; then + if [[ -n $attachment ]]; then + + # Set message color + message_color="$attachment" + if [[ -n $found_pattern_color ]]; then + message_color="$found_pattern_color" + # Reset with the default color for the next send + found_pattern_color="$attachment" + fi + + message_attr="\"attachments\": [{ \"color\": \"$message_color\", \"mrkdwn_in\": [\"text\", \"fields\"], \"text\": \"$escaped_message\" " + + if [[ -n $found_pattern_prefix ]]; then + orig_title=$title + title="$found_pattern_prefix $title" + # Clear conditional prefix for the nest send + found_pattern_prefix="" + fi + + if [[ -n $title ]]; then + message_attr="$message_attr, \"title\": \"$title\" " + # Clear conditional prefix from title + title=$orig_title + fi + + if [[ -n $link ]]; then + message_attr="$message_attr, \"title_link\": \"$link\" " + fi + + if [[ $mode == "file" ]]; then + fields+=("{\"title\": \"Access URL\", \"value\": \"$access_url\" }") + fields+=("{\"title\": \"Download URL\", \"value\": \"$download_url\"}") + fi + + if [[ ${#fields[@]} != 0 ]]; then + message_attr="$message_attr, \"fields\": [" + for field in "${fields[@]}"; do + message_attr="$message_attr $field," + done + message_attr=${message_attr%?} # Remove last comma + message_attr="$message_attr ]" + fi + + # Close attachment + message_attr="$message_attr }], " + else + message_attr="\"text\": \"$escaped_message\"," + fi + + icon_url="$icon" + #icon_emoji="" + #if echo "$icon" | grep -q "^https\?://.*"; then + # icon_url="$icon" + #else + # icon_emoji=":$icon:" + #fi + + json="{\"channel\": \"$channel\", \"username\": \"$username\", $message_attr \"icon_emoji\": \"$icon_emoji\", \"icon_url\": \"$icon_url\" $parseMode}" + post_result=$(curl -X POST --data-urlencode "payload=$json" "$webhook_url" 2> /dev/null) + exit_code=1 + if [[ $post_result == "ok" ]]; then + exit_code=0 + fi + fi +} + +function process_line() +{ + echo "$1" + line="$(echo "$1" | sed $'s/\t/ /g')" + + # Check the patterns of the conditional colors + # If more than one pattern matches, the latest pattern is used + if [[ ${#cond_color_patterns[@]} != 0 ]]; then + for i in "${!cond_color_patterns[@]}"; do + if [[ $line =~ ${cond_color_patterns[$i]} ]]; then + found_pattern_color=${cond_color_colors[$i]} + fi + done + fi + + # Check the patterns of the conditional titles + # If more than one pattern matches, the latest pattern is used + if [[ ${#cond_prefix_patterns[@]} != 0 ]]; then + for i in "${!cond_prefix_patterns[@]}"; do + if [[ $line =~ ${cond_prefix_patterns[$i]} ]]; then + found_pattern_prefix=${cond_prefix_prefixes[$i]} + if [[ -n $attachment || $mode != "no-buffering" ]]; then + # Append a line break to the prefix for better formatting + found_pattern_prefix="$found_pattern_prefix\n" + else + # Append a space to the prefix for better formatting + found_pattern_prefix="$found_pattern_prefix " + fi + fi + done + fi + + if [[ $mode == "no-buffering" ]]; then + prefix='' + if [[ -z $attachment ]]; then + prefix=$title + fi + send_message "$prefix$line" + elif [[ $mode == "file" ]]; then + echo "$line" >> "$filename" + else + if [[ -z "$text" ]]; then + text="$line" + else + text="$text\n$line" + fi + fi +} + +function setup() +{ + if [[ -z "$HOME" ]]; then + echo "\$HOME is not defined. Please set it first." + exit 1 + fi + + local_conf="$HOME/.slacktee" + + if [[ -e "$local_conf" ]]; then + echo ".slacktee is found in your home directory." + read -p "Are you sure to overwrite it? [y/n] :" choice + case "$choice" in + y|Y ) + # Continue + ;; + * ) + exit 0 # Abort + ;; + esac + fi + + # Load current local config + . $local_conf + + # Start setup + read -p "Incoming Webhook URL [$webhook_url]: " input_webhook_url + if [[ -z "$input_webhook_url" ]]; then + input_webhook_url=$webhook_url + fi + read -p "Upload Token [$upload_token]: " input_upload_token + if [[ -z "$input_upload_token" ]]; then + input_upload_token=$upload_token + fi + read -p "Temporary Directory [$tmp_dir]: " input_tmp_dir + if [[ -z "$input_tmp_dir" ]]; then + input_tmp_dir=$tmp_dir + fi + read -p "Default Channel [$channel]: " input_channel + if [[ -z "$input_channel" ]]; then + input_channel=$channel + fi + read -p "Default Username [$username]: " input_username + if [[ -z "$input_username" ]]; then + input_username=$username + fi + read -p "Default Icon: [$icon]: " input_icon + if [[ -z "$input_icon" ]]; then + input_icon=$icon + fi + read -p "Default color of the attachment. (empty string disables attachment) [$attachment]: " input_attachment + if [[ -z "$input_attachment" ]]; then + input_attachment=$attachment + elif [[ $input_attachment == '""' || $input_attachment == "''" ]]; then + input_attachment="" + fi + + cat <<- EOF | sed 's/^[[:space:]]*//' > "$local_conf" + webhook_url="$input_webhook_url" + upload_token="$input_upload_token" + tmp_dir="$input_tmp_dir" + channel="$input_channel" + username="$input_username" + icon="$input_icon" + attachment="$input_attachment" + EOF +} + +# ---------- +# Parse command line options +# ---------- +OPTIND=1 + +while [[ $# -gt 0 ]]; do + opt="$1" + shift + + case "$opt" in + -h|\?|--help) + show_help + exit 0 + ;; + -n|--no-buffering) + mode="no-buffering" + ;; + -f|--file) + mode="file" + ;; + -l|--link) + link="$1" + shift + ;; + -c|--channel) + opt_channel="$1" + shift + ;; + -u|--username) + opt_username="$1" + shift + ;; + -i|--icon) + opt_icon="$1" + shift + ;; + -t|--title) + title="$1" + shift + ;; + -d|--cond-prefix) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "a prefix of the conditional title was not specified" + show_help + exit 1 + ;; + *) + # Prefix should be found + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "a pattern of the conditional title was not specified" + show_help + exit 1 + ;; + *) + # Set the prefix and the pattern to arrays + cond_prefix_prefixes+=("$1") + cond_prefix_patterns+=("$2") + shift + shift + ;; + esac + ;; + esac + ;; + -m|--message-formatting) + case "$1" in + none) + parseMode=', "parse": "none"' + ;; + link_names) + parseMode=', "link_names": "1"' + ;; + full) + parseMode=', "parse": "full"' + ;; + *) + echo "unknown message formatting option" + show_help + exit 1 + ;; + esac + shift + ;; + -p|--plain-text) + textWrapper="" + ;; + + -a|--attachment) + case "$1" in + -*|'') + # Found next command line option + opt_attachment="$internal_default_color" # Use default color + ;; + \#*|good|warning|danger) + # Found hex color code or predefined colors + opt_attachment="$1" + shift + ;; + *) + echo "unknown attachment color" + show_help + exit 1 + ;; + esac + ;; + -o|--cond-color) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "a color of the conditional color was not specified" + show_help + exit 1 + ;; + \#*|good|warning|danger) + # Found hex color code or predefined colors + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "a pattern of the conditional color was not specified" + show_help + exit 1 + ;; + *) + # Set the color and the pattern to arrays + cond_color_colors+=("$1") + cond_color_patterns+=("$2") + shift + shift + ;; + esac + ;; + *) + echo "unknown attachment color $1" + show_help + exit 1 + ;; + esac + ;; + -e|-s|--field|--short-field) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "field title was not specified" + show_help + exit 1 + ;; + *) + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "field value was not specified" + show_help + exit 1 + ;; + *) + if [[ $opt == "-s" || $opt == "--short-field" ]]; then + fields+=("{\"title\": \"$1\", \"value\": \"$2\", \"short\": true}") + else + fields+=("{\"title\": \"$1\", \"value\": \"$2\"}") + fi + shift + shift + ;; + esac + esac + ;; + --config) + CUSTOM_CONFIG=$1 + shift + ;; + --setup) + setup + exit 1 + ;; + *) + echo "illegal option $opt" + show_help + exit 1 + ;; + esac +done + +# --------- +# Read in our configurations +# --------- +if [[ -e "/etc/slacktee.conf" ]]; then + . /etc/slacktee.conf +fi + +if [[ -n "$HOME" && -e "$HOME/.slacktee" ]]; then + . "$HOME/.slacktee" +fi + +if [[ -e "$CUSTOM_CONFIG" ]]; then + . $CUSTOM_CONFIG +fi + +# Overwrite webhook_url if the environment variable SLACKTEE_WEBHOOK is set +if [[ "$SLACKTEE_WEBHOOK" != "" ]]; then + webhook_url="$SLACKTEE_WEBHOOK" +fi + +# Overwrite upload_token if the environment variable SLACKTEE_TOKEN is set +if [[ "$SLACKTEE_TOKEN" != "" ]]; then + upload_token="$SLACKTEE_TOKEN" +fi + +# Overwrite channel if it's specified in the command line option +if [[ "$opt_channel" != "" ]]; then + channel="$opt_channel" +fi + +# Overwrite username if it's specified in the command line option +if [[ "$opt_username" != "" ]]; then + username="$opt_username" +fi + +# Overwrite icon if it's specified in the command line option +if [[ "$opt_icon" != "" ]]; then + icon="$opt_icon" +fi + +# Overwrite attachment if it's specified in the command line option +if [[ "$opt_attachment" != "" ]]; then + attachment="$opt_attachment" +fi + +# Set the default color to attachment if it's still empty and the length of the cond_color_patterns is not 0 +if [[ -z $attachment ]] && [[ ${#cond_color_patterns[@]} != 0 ]]; then + attachment="$internal_default_color" +fi + +# ---------- +# Validate configurations +# ---------- + +if [[ $webhook_url == "" ]]; then + echo "Please setup the webhook url of this incoming webhook integration." + exit 1 +fi + +if [[ $upload_token == "" && $mode == "file" ]]; then + echo "Please provide the authentication token for file uploads." + exit 1 +fi + +if [[ $channel == "" ]]; then + echo "Please specify a channel." + exit 1 +elif [[ ( "$channel" != "#"* ) && ( "$channel" != "@"* ) ]]; then + channel="#$channel" +fi + +if [[ -n "$icon" ]]; then + icon=${icon#:} # remove leading ':' + icon=${icon%:} # remove trailing ':' +fi + +# ---------- +# Start script +# ---------- + +text="" +if [[ -n "$title" || -n "$link" ]]; then + # Use link as title, if title is not specified + if [[ -z "$title" ]]; then + title="$link" + fi + + # Add title to filename in the file mode + if [[ "$mode" == "file" ]]; then + filetitle=$(echo "$title"|sed 's/[ /:.]//g') + filetitle="$filetitle-" + fi + + if [[ -z "$attachment" ]]; then + if [[ "$mode" == "no-buffering" ]]; then + if [[ -n "$link" ]]; then + title="<$link|$title>: " + else + title="$title: " + fi + elif [[ "$mode" == "file" ]]; then + if [[ -n "$link" ]]; then + title="<$link|$title>" + fi + else + if [[ -n "$link" ]]; then + text="-- <$link|$title> --\n" + else + text="-- $title --\n" + fi + fi + fi +fi + +timestamp="$(date +'%m%d%Y-%H%M%S')" +filename="$tmp_dir/$filetitle$$-$timestamp.log" + +if [[ "$mode" == "file" ]]; then + touch $filename +fi + +exit_code=0 + +while IFS='' read line; do + process_line "$line" +done +if [[ -n $line ]]; then + process_line "$line" +fi + +if [[ "$mode" == "buffering" ]]; then + send_message "$text" +elif [[ "$mode" == "file" ]]; then + if [[ -s "$filename" ]]; then + channels_param="" + if [[ ( "$channel" == "#"* ) ]]; then + # Set channels for making the file public + channels_param="-F channels=$channel" + fi + result="$(curl -F file=@"$filename" -F token="$upload_token" $channels_param https://slack.com/api/files.upload 2> /dev/null)" + access_url="$(echo "$result" | awk 'match($0, /url_private":"([^"]*)"/) {print substr($0, RSTART+14, RLENGTH-15)}'|sed 's/\\//g')" + download_url="$(echo "$result" | awk 'match($0, /url_private_download":"([^"]*)"/) {print substr($0, RSTART+23, RLENGTH-24)}'|sed 's/\\//g')" + if [[ -n "$attachment" ]]; then + text="Input file has been uploaded" + else + if [[ "$title" != "" ]]; then + title=" of $title" + fi + text="Input file$title has been uploaded.\n$access_url\n\nYou can download it from the link below.\n$download_url" + fi + send_message "$text" + fi + # Clean up the temp file + rm "$filename" +fi + +exit $exit_code diff --git a/tools/ukf-mda/ukf-mda-0.9.1.jar b/tools/ukf-mda/ukf-mda-0.9.1.jar deleted file mode 100644 index 39e622c7..00000000 Binary files a/tools/ukf-mda/ukf-mda-0.9.1.jar and /dev/null differ diff --git a/tools/ukf-mda/ukf-mda-0.9.3.jar b/tools/ukf-mda/ukf-mda-0.9.3.jar new file mode 100644 index 00000000..f8807096 Binary files /dev/null and b/tools/ukf-mda/ukf-mda-0.9.3.jar differ diff --git a/tools/ukf-mda/ukf-members-1.2.0.jar b/tools/ukf-mda/ukf-members-1.2.0.jar new file mode 100644 index 00000000..1f55db2e Binary files /dev/null and b/tools/ukf-mda/ukf-members-1.2.0.jar differ diff --git a/tools/xalan/lib/ukf-members-1.1.0.jar b/tools/xalan/lib/ukf-members-1.1.0.jar deleted file mode 100644 index 2fd5a75f..00000000 Binary files a/tools/xalan/lib/ukf-members-1.1.0.jar and /dev/null differ diff --git a/tools/xmlsectool/doc/LICENSE.txt b/tools/xmlsectool-2.0.0/doc/LICENSE.txt similarity index 100% rename from tools/xmlsectool/doc/LICENSE.txt rename to tools/xmlsectool-2.0.0/doc/LICENSE.txt diff --git a/tools/xmlsectool/doc/xmlsectool.patch b/tools/xmlsectool-2.0.0/doc/xmlsectool.patch similarity index 69% rename from tools/xmlsectool/doc/xmlsectool.patch rename to tools/xmlsectool-2.0.0/doc/xmlsectool.patch index d2073233..bcbbd039 100644 --- a/tools/xmlsectool/doc/xmlsectool.patch +++ b/tools/xmlsectool-2.0.0/doc/xmlsectool.patch @@ -1,6 +1,6 @@ -diff -Naur xmlsectool.orig/xmltool.sh xmlsectool/xmltool.sh ---- xmlsectool.orig/xmltool.sh 2011-02-18 16:50:21.000000000 +0100 -+++ xmlsectool/xmltool.sh 2011-02-18 16:49:58.000000000 +0100 +diff -Naur xmlsectool.orig/xmlsectool.sh xmlsectool/xmlsectool.sh +--- xmlsectool.orig/xmlsectool.sh 2011-02-18 16:50:21.000000000 +0100 ++++ xmlsectool/xmlsectool.sh 2011-02-18 16:49:58.000000000 +0100 @@ -6,8 +6,7 @@ declare LOCALCLASSPATH declare LIBDIR diff --git a/tools/xmlsectool/doc/xmlsectool.spec b/tools/xmlsectool-2.0.0/doc/xmlsectool.spec similarity index 84% rename from tools/xmlsectool/doc/xmlsectool.spec rename to tools/xmlsectool-2.0.0/doc/xmlsectool.spec index b963680d..dee6d4cf 100644 --- a/tools/xmlsectool/doc/xmlsectool.spec +++ b/tools/xmlsectool-2.0.0/doc/xmlsectool.spec @@ -1,16 +1,16 @@ %define unzip /usr/bin/unzip -%define scriptname xmltool +%define scriptname xmlsectool Summary: Java command line tool for checking and verifying XML documents Name: xmlsectool -Version: 1.2.0 +Version: 2.0.0 Release: 1 Epoch: 0 License: Apache License 2.0 Group: System Environment/Libraries -Source0: http://www.shibboleth.net/downloads/tools/%{name}/%{version}/%{name}-%{version}-bin.zip +Source0: http://shibboleth.net/downloads/tools/%{name}/%{version}/%{name}-%{version}-bin.zip Patch0: xmlsectool.patch -URL: https://wiki.shibboleth.net/confluence/display/SHIB2/XmlSecTool -Requires: java +URL: https://wiki.shibboleth.net/confluence/display/XSTJ/ +Requires: java >= 1.7.0 BuildRequires: unzip BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%(id -u -n) @@ -25,7 +25,7 @@ It can also create enveloped signatures of an XML document. %{unzip} -q $RPM_SOURCE_DIR/%{name}-%{version}-bin.zip cd %{name}-%{version} -%patch -p1 +%patch0 -p1 %install [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT @@ -33,9 +33,8 @@ cd %{name}-%{version} install -d %{buildroot}%{_bindir} install $RPM_BUILD_DIR/%{name}-%{version}/%{scriptname}.sh %{buildroot}%{_bindir}/%{scriptname} -install -d %{buildroot}%{_javadir}/%{name}/endorsed +install -d %{buildroot}%{_javadir}/%{name} install -m644 $RPM_BUILD_DIR/%{name}-%{version}/lib/*.jar %{buildroot}%{_javadir}/%{name} -install -m644 $RPM_BUILD_DIR/%{name}-%{version}/lib/endorsed/*.jar %{buildroot}%{_javadir}/%{name}/endorsed install -d %{buildroot}%{_docdir}/%{name} install -m644 $RPM_BUILD_DIR/%{name}-%{version}/doc/* %{buildroot}%{_docdir}/%{name} @@ -51,6 +50,9 @@ install -m644 $RPM_BUILD_DIR/%{name}-%{version}/doc/* %{buildroot}%{_docdir}/%{n %{_javadir}/%{name}/* %changelog +* Fri May 27 2016 Ian Young 2.0.0-1 +- update to latest version + * Mon Mar 04 2013 Ian Young 1.2.0-1 - Import into xmlsectool package, update to latest version. diff --git a/tools/xmlsectool-2.0.0/lib/bcprov-jdk15on-1.53.jar b/tools/xmlsectool-2.0.0/lib/bcprov-jdk15on-1.53.jar new file mode 100644 index 00000000..c9fbafba Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/bcprov-jdk15on-1.53.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/commons-codec-1.10.jar b/tools/xmlsectool-2.0.0/lib/commons-codec-1.10.jar new file mode 100644 index 00000000..1d7417c4 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/commons-codec-1.10.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/cryptacular-1.0.jar b/tools/xmlsectool-2.0.0/lib/cryptacular-1.0.jar new file mode 100644 index 00000000..0b8abab6 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/cryptacular-1.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/guava-18.0.jar b/tools/xmlsectool-2.0.0/lib/guava-18.0.jar new file mode 100644 index 00000000..8f89e490 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/guava-18.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/httpclient-4.3.6.jar b/tools/xmlsectool-2.0.0/lib/httpclient-4.3.6.jar new file mode 100644 index 00000000..091498c9 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/httpclient-4.3.6.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/httpcore-4.3.3.jar b/tools/xmlsectool-2.0.0/lib/httpcore-4.3.3.jar new file mode 100644 index 00000000..a8747b0c Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/httpcore-4.3.3.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/java-support-7.2.0.jar b/tools/xmlsectool-2.0.0/lib/java-support-7.2.0.jar new file mode 100644 index 00000000..f4be76a1 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/java-support-7.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/jcl-over-slf4j-1.7.12.jar b/tools/xmlsectool-2.0.0/lib/jcl-over-slf4j-1.7.12.jar new file mode 100644 index 00000000..64ec66f2 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/jcl-over-slf4j-1.7.12.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/jcommander-1.48.jar b/tools/xmlsectool-2.0.0/lib/jcommander-1.48.jar new file mode 100644 index 00000000..ad0a12c9 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/jcommander-1.48.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/joda-time-2.9.jar b/tools/xmlsectool-2.0.0/lib/joda-time-2.9.jar new file mode 100644 index 00000000..340af06a Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/joda-time-2.9.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/jsr305-3.0.1.jar b/tools/xmlsectool-2.0.0/lib/jsr305-3.0.1.jar new file mode 100644 index 00000000..021df892 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/jsr305-3.0.1.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/logback-classic-1.1.3.jar b/tools/xmlsectool-2.0.0/lib/logback-classic-1.1.3.jar new file mode 100644 index 00000000..c5ecdeb5 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/logback-classic-1.1.3.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/logback-core-1.1.3.jar b/tools/xmlsectool-2.0.0/lib/logback-core-1.1.3.jar new file mode 100644 index 00000000..c776e4a0 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/logback-core-1.1.3.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-core-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-core-3.2.0.jar new file mode 100644 index 00000000..5de45828 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-core-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-messaging-api-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-messaging-api-3.2.0.jar new file mode 100644 index 00000000..07e4689a Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-messaging-api-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-security-api-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-security-api-3.2.0.jar new file mode 100644 index 00000000..9f0bc71f Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-security-api-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-security-impl-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-security-impl-3.2.0.jar new file mode 100644 index 00000000..59af529a Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-security-impl-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-api-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-api-3.2.0.jar new file mode 100644 index 00000000..85673b9c Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-api-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-impl-3.2.0.jar b/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-impl-3.2.0.jar new file mode 100644 index 00000000..2e8afc5c Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/opensaml-xmlsec-impl-3.2.0.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/slf4j-api-1.7.12.jar b/tools/xmlsectool-2.0.0/lib/slf4j-api-1.7.12.jar new file mode 100644 index 00000000..51e2fad1 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/slf4j-api-1.7.12.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/stax-api-1.0-2.jar b/tools/xmlsectool-2.0.0/lib/stax-api-1.0-2.jar new file mode 100644 index 00000000..015169dc Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/stax-api-1.0-2.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/stax2-api-3.1.4.jar b/tools/xmlsectool-2.0.0/lib/stax2-api-3.1.4.jar new file mode 100644 index 00000000..dded0369 Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/stax2-api-3.1.4.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/woodstox-core-asl-4.4.1.jar b/tools/xmlsectool-2.0.0/lib/woodstox-core-asl-4.4.1.jar new file mode 100644 index 00000000..d8b4e8cf Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/woodstox-core-asl-4.4.1.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/xmlsec-2.0.5.jar b/tools/xmlsectool-2.0.0/lib/xmlsec-2.0.5.jar new file mode 100644 index 00000000..9bc7db6c Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/xmlsec-2.0.5.jar differ diff --git a/tools/xmlsectool-2.0.0/lib/xmlsectool-2.0.0.jar b/tools/xmlsectool-2.0.0/lib/xmlsectool-2.0.0.jar new file mode 100644 index 00000000..e163552d Binary files /dev/null and b/tools/xmlsectool-2.0.0/lib/xmlsectool-2.0.0.jar differ diff --git a/tools/xmlsectool/xmlsectool.sh b/tools/xmlsectool-2.0.0/xmlsectool.sh old mode 100755 new mode 100644 similarity index 82% rename from tools/xmlsectool/xmlsectool.sh rename to tools/xmlsectool-2.0.0/xmlsectool.sh index 61938572..3738e3ee --- a/tools/xmlsectool/xmlsectool.sh +++ b/tools/xmlsectool-2.0.0/xmlsectool.sh @@ -46,4 +46,4 @@ do fi done -"$JAVACMD" '-Xmx256m' '-classpath' "$LOCALCLASSPATH" '-Djava.endorsed.dirs='"$LIBDIR/endorsed" $JVMOPTS '-Dedu.internet2.middleware.security.XmlSecTool.home='"$LOCATION" 'edu.internet2.middleware.security.XmlSecTool' "$@" \ No newline at end of file +"$JAVACMD" '-Xmx256m' '-classpath' "$LOCALCLASSPATH" $JVMOPTS '-Dnet.shibboleth.tool.xmlsectool.XMLSecTool.home='"$LOCATION" 'net.shibboleth.tool.xmlsectool.XMLSecTool' "$@" diff --git a/tools/xmlsectool/doc/RELEASE-NOTES.txt b/tools/xmlsectool/doc/RELEASE-NOTES.txt deleted file mode 100644 index fb167986..00000000 --- a/tools/xmlsectool/doc/RELEASE-NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -Changes in Release 1.2.0 -============================================= -[XSTJ-38] - blacklist MD5 algorithm during signature verification -[XSTJ-33] - release process for XmlSecTool 1.2.0 -[XSTJ-31] - add ECDSA elliptic curve signature support -[XSTJ-28] - provide blacklist ability for SHA-1 during signature verification -[XSTJ-27] - compatibility with Apache Santuario 1.5.x -[XSTJ-24] - should not use xmlsec IdResolver class -[XSTJ-23] - stabilise xmlsectool build, update dependencies -[XSTJ-22] - non-zero exit codes from shell script -[XSTJ-20] - pass JVMOPTS environment variable through xmlsectool.sh -[XSTJ-19] - pkcs11Config option fails to use indicated keystore provider -[XSTJ-17] - multiple errors in --help documentation -[XSTJ-16] - misleading error message on failed schema validation -[XSTJ-15] - XmlSecTool fails with String index out of range -1 -[XSTJ-14] - allow specification of Digest and Signature algorithms when signing -[XSTJ-5] - ship RPM packaging files with xmlsectool - -Changes in Release 1.1.4 -============================================= -[XTSJ-10] - Correct class and command name -[XSTJ-9] - Add support for reading/writting base64, deflate, gzip encoded files -[XTSJ-8] - xmlsectool generates spurious xmlns:xml definitions in output -[XTSJ-7] - verify xmlsectool dependencies - -Changes in Release 1.1.3 -============================================= -[XSTJ-6] - program fails with a NullPointerException when using a signing key from the filesystem without a password - -Changes in Release 1.1.2 -============================================= -[XSTJ-1] - Update dependency libraries for version 1.1.2 -[XSTJ-2] - non-zero status code not returned when a signature is invalid \ No newline at end of file diff --git a/tools/xmlsectool/lib/bcprov-jdk15-1.46.jar b/tools/xmlsectool/lib/bcprov-jdk15-1.46.jar deleted file mode 100644 index daa0b54c..00000000 Binary files a/tools/xmlsectool/lib/bcprov-jdk15-1.46.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/commons-codec-1.7.jar b/tools/xmlsectool/lib/commons-codec-1.7.jar deleted file mode 100644 index efa7f729..00000000 Binary files a/tools/xmlsectool/lib/commons-codec-1.7.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/commons-httpclient-3.1.jar b/tools/xmlsectool/lib/commons-httpclient-3.1.jar deleted file mode 100644 index 7c59774a..00000000 Binary files a/tools/xmlsectool/lib/commons-httpclient-3.1.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/endorsed/serializer-2.10.0.jar b/tools/xmlsectool/lib/endorsed/serializer-2.10.0.jar deleted file mode 100644 index de9b007b..00000000 Binary files a/tools/xmlsectool/lib/endorsed/serializer-2.10.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/endorsed/xalan-2.7.1.jar b/tools/xmlsectool/lib/endorsed/xalan-2.7.1.jar deleted file mode 100644 index 458fa73d..00000000 Binary files a/tools/xmlsectool/lib/endorsed/xalan-2.7.1.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/endorsed/xercesImpl-2.10.0.jar b/tools/xmlsectool/lib/endorsed/xercesImpl-2.10.0.jar deleted file mode 100644 index 9dcd8c38..00000000 Binary files a/tools/xmlsectool/lib/endorsed/xercesImpl-2.10.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/endorsed/xml-apis-2.10.0.jar b/tools/xmlsectool/lib/endorsed/xml-apis-2.10.0.jar deleted file mode 100644 index 46733464..00000000 Binary files a/tools/xmlsectool/lib/endorsed/xml-apis-2.10.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/endorsed/xml-resolver-1.2.jar b/tools/xmlsectool/lib/endorsed/xml-resolver-1.2.jar deleted file mode 100644 index e535bdc0..00000000 Binary files a/tools/xmlsectool/lib/endorsed/xml-resolver-1.2.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/jargs-1.0.jar b/tools/xmlsectool/lib/jargs-1.0.jar deleted file mode 100644 index cdbc80bb..00000000 Binary files a/tools/xmlsectool/lib/jargs-1.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/jcip-annotations-1.0.jar b/tools/xmlsectool/lib/jcip-annotations-1.0.jar deleted file mode 100644 index 06e9066b..00000000 Binary files a/tools/xmlsectool/lib/jcip-annotations-1.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/jcl-over-slf4j-1.7.5.jar b/tools/xmlsectool/lib/jcl-over-slf4j-1.7.5.jar deleted file mode 100644 index 90153b06..00000000 Binary files a/tools/xmlsectool/lib/jcl-over-slf4j-1.7.5.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/joda-time-2.2.jar b/tools/xmlsectool/lib/joda-time-2.2.jar deleted file mode 100644 index 69fa9240..00000000 Binary files a/tools/xmlsectool/lib/joda-time-2.2.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/jul-to-slf4j-1.7.5.jar b/tools/xmlsectool/lib/jul-to-slf4j-1.7.5.jar deleted file mode 100644 index 9b5e8c1a..00000000 Binary files a/tools/xmlsectool/lib/jul-to-slf4j-1.7.5.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/log4j-over-slf4j-1.7.5.jar b/tools/xmlsectool/lib/log4j-over-slf4j-1.7.5.jar deleted file mode 100644 index 3f303968..00000000 Binary files a/tools/xmlsectool/lib/log4j-over-slf4j-1.7.5.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/logback-classic-1.0.11.jar b/tools/xmlsectool/lib/logback-classic-1.0.11.jar deleted file mode 100644 index 5ae700f1..00000000 Binary files a/tools/xmlsectool/lib/logback-classic-1.0.11.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/logback-core-1.0.11.jar b/tools/xmlsectool/lib/logback-core-1.0.11.jar deleted file mode 100644 index ec4f6b47..00000000 Binary files a/tools/xmlsectool/lib/logback-core-1.0.11.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/not-yet-commons-ssl-0.3.9.jar b/tools/xmlsectool/lib/not-yet-commons-ssl-0.3.9.jar deleted file mode 100644 index 9e38f97a..00000000 Binary files a/tools/xmlsectool/lib/not-yet-commons-ssl-0.3.9.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/openws-1.5.0.jar b/tools/xmlsectool/lib/openws-1.5.0.jar deleted file mode 100644 index 83d562ab..00000000 Binary files a/tools/xmlsectool/lib/openws-1.5.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/shibboleth-jce-1.1.0.jar b/tools/xmlsectool/lib/shibboleth-jce-1.1.0.jar deleted file mode 100644 index 2f78d404..00000000 Binary files a/tools/xmlsectool/lib/shibboleth-jce-1.1.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/slf4j-api-1.7.5.jar b/tools/xmlsectool/lib/slf4j-api-1.7.5.jar deleted file mode 100644 index 8f004d39..00000000 Binary files a/tools/xmlsectool/lib/slf4j-api-1.7.5.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/xmlsec-1.5.4.jar b/tools/xmlsectool/lib/xmlsec-1.5.4.jar deleted file mode 100644 index 06615c18..00000000 Binary files a/tools/xmlsectool/lib/xmlsec-1.5.4.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/xmlsectool-1.2.0.jar b/tools/xmlsectool/lib/xmlsectool-1.2.0.jar deleted file mode 100644 index 34ed690d..00000000 Binary files a/tools/xmlsectool/lib/xmlsectool-1.2.0.jar and /dev/null differ diff --git a/tools/xmlsectool/lib/xmltooling-1.4.0.jar b/tools/xmlsectool/lib/xmltooling-1.4.0.jar deleted file mode 100644 index ab1b41c3..00000000 Binary files a/tools/xmlsectool/lib/xmltooling-1.4.0.jar and /dev/null differ diff --git a/build/check_embedded.pl b/utilities/check_embedded.pl similarity index 99% rename from build/check_embedded.pl rename to utilities/check_embedded.pl index f356636c..cd502c00 100755 --- a/build/check_embedded.pl +++ b/utilities/check_embedded.pl @@ -53,7 +53,7 @@ # # Load expiry whitelist. # -open WL, '../build/expiry_whitelist.txt' || die "can't open certificate expiry whitelist"; +open(WL, 'expiry_whitelist.txt') || die "can't open certificate expiry whitelist"; while () { # fold lines while (/^(.*)\\\s*$/) { diff --git a/utilities/diff-between-publications.sh b/utilities/diff-between-publications.sh new file mode 100755 index 00000000..3b1dc26d --- /dev/null +++ b/utilities/diff-between-publications.sh @@ -0,0 +1,98 @@ +#!/bin/bash + +# This script will output details about the current UKf publication and +# the differences since the last. +# +# Expects the following to be provided as arguments: +# * Absolute path to shared workspace directory +# * Git project's group name +# * Git data repository's name +# * Git products repository's name +# +# Assumes the data repository's master branch is currently checked out. +# + +# Fail if $1, $2, $3, and $4 aren't provided. +if [[ -z $1 && -z $2 && -z $3 && -z $4 ]]; then + echo "usage: diff-between-publications.sh " + exit 1 +fi + +# Get the input +sharedwsdir=$1 +repogroup=$2 +repodata=$3 +repoproducts=$4 + +# ===== +# = First of all, we need to calculate some stuff. +# ===== + +# Figure out name of the latest tag and the previous tag. +# These point to the latest, and previous, publication. +currenttag=$(git --work-tree=$sharedwsdir/$repoproducts --git-dir=$sharedwsdir/$repoproducts/.git tag | tail -n 1) +previoustag=$(git --work-tree=$sharedwsdir/$repoproducts --git-dir=$sharedwsdir/$repoproducts/.git tag | tail -n 2 | head -n 1) + +# Calculate current member count (the final awk is for Mac compatibility, since wc on Mac outputs leading spaces) +membercount=$(grep 'Member ID' $sharedwsdir/$repodata/members/members.xml | wc -l | awk '{print $1}') + +# Calculate current entities count (UK only) +entitycountuk=$(grep 'registrationAuthority="http://ukfederation.org.uk"' $sharedwsdir/$repoproducts/aggregates/ukfederation-metadata.xml | wc -l | awk '{print $1}') + +# Calculate current entities count (total, including all imported entities) +entitycounttotal=$(grep ' First, calculate date/time of latest publication (epoch) in products repo +# -> Next, calculate date/time of previous publication (epoch) in products repo +# -> Finally, get a git log between those two dates (epoch) in data repo +currenttagdate=$(git --work-tree=$sharedwsdir/$repoproducts --git-dir=$sharedwsdir/$repoproducts/.git log -1 $currenttag --format=%ct) +previoustagdate=$(git --work-tree=$sharedwsdir/$repoproducts --git-dir=$sharedwsdir/$repoproducts/.git log -1 $previoustag --format=%ct) +gitlog=$(git --work-tree=$sharedwsdir/$repodata --git-dir=$sharedwsdir/$repodata/.git log --format="" --after=$previoustagdate --before=$currenttagdate) +gitlognumentries=$(git --work-tree=$sharedwsdir/$repodata --git-dir=$sharedwsdir/$repodata/.git log --format="%h" --after=$previoustagdate --before=$currenttagdate | wc -l | awk '{print $1}') + +# ===== +# = Now we're ready to output the message +# ===== + +# First part of the message is just a canned success message with a timestamp +msg="$(date) - Successfully published UKf metadata.\n" + +# Second part is some stats about the UK fed +msg+="> The UK federation now has $membercount members and $entitycountuk entities.\n" + +# Third part is stats about the aggregate, and some diff info +if [ $aggregatesizediff -lt 0 ]; then + aggregatesizediffnegated=$(( $aggregatesizediff * -1 )) + msg+="> The main aggregate contains $entitycounttotal entities and is $currentaggregatesizemb MB ($aggregatesizediffnegated bytes smaller than in the last publication, a $aggregatesizediffpc % difference).\n" +elif [ $aggregatesizediff -eq 0 ]; then + msg+="> The main aggregate contains $entitycounttotal entities and is $currentaggregatesizemb MB (exactly the same size as in the last publication).\n" +else + msg+="> The main aggregate contains $entitycounttotal entities and is $currentaggregatesizemb MB ($aggregatesizediff bytes bigger than in the last publication, a $aggregatesizediffpc % difference).\n" +fi + +# Finally all commits +if [ $gitlognumentries -eq 0 ]; then + msg+="There have been no commits since last publication; any changes are from imported entities only.\n" +elif [ $gitlognumentries -eq 1 ]; then + msg+="There has been $gitlognumentries commit since last publication:\n" + msg+="\`\`\`\n$gitlog\n\`\`\`" +else + msg+="There have been $gitlognumentries commits since last publication:\n" + msg+="\`\`\`\n$gitlog\n\`\`\`" +fi + +echo -e "$msg" +exit 0 diff --git a/utilities/expiry_whitelist.txt b/utilities/expiry_whitelist.txt new file mode 100644 index 00000000..9bedfb6d --- /dev/null +++ b/utilities/expiry_whitelist.txt @@ -0,0 +1,73 @@ +# +# expiry_whitelist.txt +# +# This file lists certificates whose expiry should be ignored for some +# reason. +# +# Lines can be continued by ending them with a '\'. +# Blank lines, and lines starting with a '#', are ignored. +# +# The format of lines describing a whitelisted certificate is a series +# of fields separated by spaces or tabs (standard Perl fields). +# +# Field 1: SHA-1-fingerprint for the certificate +# Field 2: reason code +# +# Subsequent fields are ignored, and can be used as a comment. +# +# Combining the above: +# +# A9:16:56:BB:5C:0C:27:BE:B4:D0:3B:CF:A8:DA:1D:8E:37:54:00:4A reason \ +# this is a comment describing the certificate. Entity uk123456. Call 9999. +# +# Common reason codes: +# * none +# +B1:1A:B2:19:0E:7E:2B:97:C4:6A:AA:D8:97:F6:09:BE:E3:81:EB:D6 \ + Certificate expired for a "e-academy Incorporated: OnTheHub" Shibboleth SP for e-academy Incorporated. Entity uk001473. Call 6592. + +43:39:DB:D5:08:1C:87:7A:F5:72:6E:60:80:7F:CA:AC:B5:A2:94:1B \ + Certificate expired in a Palgrave Macmillan staging SP. Entity uk001446. Call 7663. + +4D:4B:09:FF:2E:E3:36:77:CD:65:59:94:DE:28:CF:8B:51:55:90:E4 \ + Certificate expired in an 'RM Easymail Plus' Shibboleth SP owned by RM Education plc. Entity uk001483. Call 8254. + +F9:04:F9:4A:4B:D4:7D:30:42:88:64:1B:C8:51:EF:CC:43:D9:30:10 \ + Certificate expired - no reply from Kindit Ltd (Picturemaxx) - call 10305. + +4D:DE:9C:CB:68:F7:EB:FF:A2:E9:CC:A0:1A:9F:9D:9D:86:DA:C2:97 \ + Certificate expired in a Shibboleth IdP for Hopwood Hall College. Entity uk001648. Call 10211. + +90:A3:BB:7B:C3:8E:EB:57:8D:DA:4E:42:01:64:3B:11:D9:B4:F5:75 \ + Certificate expires 8 January 2015 - merger - Stourbridge College. Entity uk001743. Call 11565. + +10:6D:8F:2D:14:31:B6:56:18:D8:CB:E9:BD:AB:96:DC:9D:ED:30:35 \ + Certificate expired 8 March 2015 - Shibboleth IdP for Southport College. Entity uk000308. Call 11905. + +64:44:D0:DF:86:52:F3:CD:3D:D6:75:8F:8E:84:82:92:7F:4E:93:C3 \ + Certificate expired 10 April 2015 - Dawson Shibboleth SP for Semantico Limited. Entity uk002112. Call 12202. + +AD:08:96:85:E3:C1:50:AD:31:4C:6D:B2:74:78:40:21:20:5A:7D:D3 \ + Certificate expired 10 Jan 2016 - Cardiff pre-prod IdP. Entity uk001170. Call 14603. + +92:11:9D:AC:9D:B2:6E:97:1D:10:CC:FD:30:48:EB:04:0F:91:7E:B3 \ + Certificate expired 25 Jan 2016 - Janet community site staging SP. Entity uk002056. Call 14681. + +AC:61:A4:E0:0B:93:13:AD:30:B4:25:3E:34:09:BB:89:4D:97:9A:C4 \ + Old certificate expired 29 Jan 2016 - Lancaster and Morecambe College IdP. Entity uk001215. Call 14774. + +F7:E4:37:53:85:79:7D:41:B2:8A:ED:D5:6B:D4:21:57:FE:59:F3:05 \ + Old certificate expired 16 Nov 2015 - Cadbury Sixth Form College IdP. Entity uk001150. Call 14032. + +3D:68:7B:71:14:31:20:6F:19:49:C4:34:CE:AE:B0:00:68:60:FF:46 \ + Expired certificate in an unused staging IdP - University of Essex. Entity uk001359. Call 15615. + +94:E5:25:42:BC:70:9C:19:75:07:1E:9A:58:EE:C4:A7:D6:BA:97:2B \ + Expired certificate (23/04/16) in an unused Shibboleth IdP for Totton College. Entity uk000231. Call 15316. + +F3:63:1C:35:CC:BC:FD:E7:A4:B7:3B:C8:54:FF:AF:0F:0F:A2:66:04 \ + Expired certificate (26/07/16) for a Shibboleth test IdP for Canterbury Christ Church University. Entity uk002469. Call 15960. + +13:C7:EB:D0:42:30:4A:41:40:1C:6F:F8:08:AA:EB:89:B2:31:05:2B \ + Expired certificate (09/05/2016) for a Shibboleth IdP for King George V College. Entity uk001322. Call 15465. +# END diff --git a/windows.properties b/windows.properties index 2a29a5b6..dedbf633 100644 --- a/windows.properties +++ b/windows.properties @@ -6,7 +6,5 @@ # properties defined in a machine-specific build.properties file. # -# -# Location of the PKCS#11 configuration file for an ACOS5 card. -# -pkcs11.config = C\:\\pkcs11\\sdk18\\acs.cfg +# Null device location. +null.device=nul: diff --git a/xml/.cvsignore b/xml/.cvsignore deleted file mode 100644 index d0c441d1..00000000 --- a/xml/.cvsignore +++ /dev/null @@ -1,5 +0,0 @@ -ukfederation-trust-12-unsigned.xml -ukfederation-sites-12-unsigned.xml -ukfederation-wayf-unsigned.xml -entities.xml -sdss-wayf-unsigned.xml diff --git a/xml/MetadataExchange.xsd b/xml/MetadataExchange.xsd deleted file mode 100644 index 53094fb7..00000000 --- a/xml/MetadataExchange.xsd +++ /dev/null @@ -1,112 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/incommon-metadata.xsd b/xml/incommon-metadata.xsd deleted file mode 100644 index f33a8398..00000000 --- a/xml/incommon-metadata.xsd +++ /dev/null @@ -1,28 +0,0 @@ - - - - - - - Document title: Schema for InCommon Federation metadata extensions - Document identifier: Metadata Extension Schema - Location: https://spaces.internet2.edu/x/iIuVAQ - Revision history: - V1.2 (3 May 2013): - Make schema itself schema-valid. - V1.1 (2 May 2013): - Initial version. Added documentation. - V1.0 (2 December 2011): - Initial version. Added contactType attribute. - - - - - - diff --git a/xml/members.xml b/xml/members.xml deleted file mode 100644 index 212e43da..00000000 --- a/xml/members.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - Ian A. Young - 2007-04-12 - - iay.org.uk - - iay.org.uk - - diff --git a/xml/oasis-200401-wss-wssecurity-secext-1.0.xsd b/xml/oasis-200401-wss-wssecurity-secext-1.0.xsd deleted file mode 100644 index 6829a00f..00000000 --- a/xml/oasis-200401-wss-wssecurity-secext-1.0.xsd +++ /dev/null @@ -1,195 +0,0 @@ - - - - - - - - - This type represents an element with arbitrary attributes. - - - - - - - - - - - This type is used for password elements per Section 4.1. - - - - - - - - - - This type is used for elements containing stringified binary data. - - - - - - - - - - This type represents a username token per Section 4.1 - - - - - - - - - - - A security token that is encoded in binary - - - - - - - - - - A security token key identifier - - - - - - - - - - Typedef to allow a list of usages (as URIs). - - - - - - This global attribute is used to indicate the usage of a referenced or indicated token within the containing context - - - - - This type represents a reference to an external security token. - - - - - - - - This type represents a reference to an embedded security token. - - - - - - - - - - This type is used reference a security token. - - - - - - - - - - - This complexType defines header block to use for security-relevant data directed at a specific SOAP actor. - - - - - The use of "any" is to allow extensibility and different forms of security data. - - - - - - - - This complexType defines a container for elements to be specified from any namespace as properties/parameters of a DSIG transformation. - - - - - The use of "any" is to allow extensibility from any namespace. - - - - - - - - This element defines the wsse:UsernameToken element per Section 4.1. - - - - - This element defines the wsse:BinarySecurityToken element per Section 4.2. - - - - - This element defines a security token reference - - - - - This element defines a security token embedded reference - - - - - This element defines a key identifier reference - - - - - This element defines the wsse:SecurityTokenReference per Section 4.3. - - - - - This element defines the wsse:Security SOAP header element per Section 4. - - - - - This element contains properties for transformations from any namespace, including DSIG. - - - - - - - - - - - - - - - - diff --git a/xml/oasis-200401-wss-wssecurity-utility-1.0.xsd b/xml/oasis-200401-wss-wssecurity-utility-1.0.xsd deleted file mode 100644 index f8d74e9c..00000000 --- a/xml/oasis-200401-wss-wssecurity-utility-1.0.xsd +++ /dev/null @@ -1,108 +0,0 @@ - - - - - - - -This type defines the fault code value for Timestamp message expiration. - - - - - - - - - - -This global attribute supports annotating arbitrary elements with an ID. - - - - - - -Convenience attribute group used to simplify this schema. - - - - - - - - - -This type is for elements whose [children] is a psuedo-dateTime and can have arbitrary attributes. - - - - - - - - - - - -This type is for elements whose [children] is an anyURI and can have arbitrary attributes. - - - - - - - - - - - - -This complex type ties together the timestamp related elements into a composite type. - - - - - - - - - - - - - - -This element allows Timestamps to be applied anywhere element wildcards are present, -including as a SOAP header. - - - - - - - -This element allows an expiration time to be applied anywhere element wildcards are present. - - - - - - -This element allows a creation time to be applied anywhere element wildcards are present. - - - - diff --git a/xml/saml-metadata-rpi-v1.0.xsd b/xml/saml-metadata-rpi-v1.0.xsd deleted file mode 100644 index 135efa33..00000000 --- a/xml/saml-metadata-rpi-v1.0.xsd +++ /dev/null @@ -1,79 +0,0 @@ - - - - - - - - - Document title: SAML V2.0 Metadata Extensions for Registration and Publication Information Version 1.0 - Document identifier: sstc-saml-metadata-rpi-v1.0.xsd - Location: http://docs.oasis-open.org/security/saml/Post2.0/ - Revision history: - 21 March 2011 - Correct minOccurs on elements that were meant to be optional - 17 December 2010 - Change of document title and namespace - 24 November 2010 - Initial Submission - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/xml/saml-schema-assertion-2.0.xsd b/xml/saml-schema-assertion-2.0.xsd deleted file mode 100644 index 2b2f7b80..00000000 --- a/xml/saml-schema-assertion-2.0.xsd +++ /dev/null @@ -1,283 +0,0 @@ - - - - - - - Document identifier: saml-schema-assertion-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V1.0 (November, 2002): - Initial Standard Schema. - V1.1 (September, 2003): - Updates within the same V1.0 namespace. - V2.0 (March, 2005): - New assertion schema for SAML V2.0 namespace. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/saml-schema-metadata-2.0.xsd b/xml/saml-schema-metadata-2.0.xsd deleted file mode 100644 index b656d4f4..00000000 --- a/xml/saml-schema-metadata-2.0.xsd +++ /dev/null @@ -1,337 +0,0 @@ - - - - - - - - - Document identifier: saml-schema-metadata-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V2.0 (March, 2005): - Schema for SAML metadata, first published in SAML 2.0. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/shibboleth-metadata-1.0.xsd b/xml/shibboleth-metadata-1.0.xsd deleted file mode 100644 index be1441dd..00000000 --- a/xml/shibboleth-metadata-1.0.xsd +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - SAML metadata extension used to regulate allowable attribute scopes. - - - - - - - - - - - - - - - Binds keying authorities to the system entity/entities to which the enclosing - metadata element applies. - - - - - - - - - - - - diff --git a/xml/sstc-metadata-attr.xsd b/xml/sstc-metadata-attr.xsd deleted file mode 100644 index 5a445e21..00000000 --- a/xml/sstc-metadata-attr.xsd +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - Document title: SAML V2.0 Metadata Extention for Entity Attributes Schema - Document identifier: sstc-metadata-attr.xsd - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.0 (November 2008): - Initial version. - - - - - - - - - - - - - - \ No newline at end of file diff --git a/xml/sstc-request-initiation.xsd b/xml/sstc-request-initiation.xsd deleted file mode 100644 index 10318f15..00000000 --- a/xml/sstc-request-initiation.xsd +++ /dev/null @@ -1,23 +0,0 @@ - - - - Document identifier: sstc-request-initiation - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.0 (March 2010): - Initial version. - - - - - - diff --git a/xml/sstc-saml-holder-of-key-browser-sso.xsd b/xml/sstc-saml-holder-of-key-browser-sso.xsd deleted file mode 100644 index 7860d029..00000000 --- a/xml/sstc-saml-holder-of-key-browser-sso.xsd +++ /dev/null @@ -1,28 +0,0 @@ - - - - - - - Document title: Schema for SAML V2.0 Holder-of-Key Web Browser SSO Profile - Document identifier: sstc-saml-holder-of-key-browser-sso.xsd - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.2 (2 November 2008): - Renamed attribute from protocol to ProtocolBinding; targetNamespace changed in accordance with new conventions - V1.1 (6 August 2008): - string type changed to anyURI to match original SAML2Meta schema - V1.0 (4 August 2008): - Initial version. - - - - - - diff --git a/xml/sstc-saml-idp-discovery.xsd b/xml/sstc-saml-idp-discovery.xsd deleted file mode 100644 index a2c03820..00000000 --- a/xml/sstc-saml-idp-discovery.xsd +++ /dev/null @@ -1,22 +0,0 @@ - - - - Document identifier: sstc-saml-idp-discovery - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.0 (January 2007): - Initial version. - - - - - diff --git a/xml/sstc-saml-metadata-algsupport-v1.0.xsd b/xml/sstc-saml-metadata-algsupport-v1.0.xsd deleted file mode 100644 index c4e0f58b..00000000 --- a/xml/sstc-saml-metadata-algsupport-v1.0.xsd +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - - - Document title: Metadata Extension Schema for SAML V2.0 Metadata Profile for Algorithm Support Version 1.0 - Document identifier: sstc-saml-metadata-algsupport.xsd - Location: http://docs.oasis-open.org/security/saml/Post2.0/ - Revision history: - V1.0 (June 2010): - Initial version. - (October 2010): - Add processContents="lax" to wildcards. - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/sstc-saml-metadata-ui-v1.0.xsd b/xml/sstc-saml-metadata-ui-v1.0.xsd deleted file mode 100644 index 66a4a8ba..00000000 --- a/xml/sstc-saml-metadata-ui-v1.0.xsd +++ /dev/null @@ -1,96 +0,0 @@ - - - - - - - - - Document title: Metadata Extension Schema for SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0 - Document identifier: sstc-saml-metadata-ui-v1.0.xsd - Location: http://docs.oasis-open.org/security/saml/Post2.0/ - Revision history: - 01 November 2010 - Changed filename. - September 2010: - Initial version. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/uk-fed-label.xsd b/xml/uk-fed-label.xsd deleted file mode 100644 index 83213fb8..00000000 --- a/xml/uk-fed-label.xsd +++ /dev/null @@ -1,136 +0,0 @@ - - - - - - This schema describes the UK federation label namespace. - - For additional information, see the Federation Technical Specification. - - This version of the schema follows FTS edition 1.1 of 1-June-2007. - - - - - - - Most elements defined in the UK federation label namespace - are basic labels: empty elements whose presence or absence - is all that is important. - - - - - - - - - A datedLabel is like a basicLabel, but with a single - additional mandatory date attribute. - - - - - - - - - - - - - Indicates an entity whose owner is a member in good standing - of the UK federation. - - - - - - - - Indicates an identity provider entity whose owner has - asserted to the UK federation that the entity provides - user accountability in terms of the definition given - in section 6 of the federation's Rules of Membership. - - - - - - - - Indicates the software used to implement the entity, and - optionally both general and specific indications of the - version of software used. This information is added to - an entity only if it has been received from the deployer - of the entity on the indicated date. - - This information is used in entity fragment files only, - and is not included in the metadata published by the - UK federation. Its principal use is in classifying - entities for statistical purposes. - - - - - - - - - The name of the software used to implement the entity. - Although not described as such in this schema, the name - should be picked from the controlled vocabulary understood - by the federation statistics scripts. - - - - - - - - The general version of the software in use. This should - only be specific enough to identify the broad functionality - of the entity, for example "1.3" vs. "2.0" would be sufficient - for Shibboleth entities. - - - - - - - - The specific version of the software in use, if known. - - - - - - - - - - - - Indicates that the entity has been opted-in to inclusion in - the UK federation export aggregate. - - - - - - - - Indicates that the entity has been opted-out from inclusion in - the UK federation export aggregate. - - - - - \ No newline at end of file diff --git a/xml/uk-wayf.xsd b/xml/uk-wayf.xsd deleted file mode 100644 index 1139a62c..00000000 --- a/xml/uk-wayf.xsd +++ /dev/null @@ -1,39 +0,0 @@ - - - - - - This schema describes the WAYF namespace, used internally by the - UK federation for the "HideFromWAYF" label. - - For additional information, see the Federation Technical Specification. - - - - - - - Basic labels are empty elements whose presence or absence - is all that is important. - - - - - - - - - Indicates an entity which should be hidden from the - Central Discovery Service. - - - - - diff --git a/xml/ws-addr.xsd b/xml/ws-addr.xsd deleted file mode 100644 index 47362edb..00000000 --- a/xml/ws-addr.xsd +++ /dev/null @@ -1,137 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/ws-authorization.xsd b/xml/ws-authorization.xsd deleted file mode 100644 index 5b8ae986..00000000 --- a/xml/ws-authorization.xsd +++ /dev/null @@ -1,145 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/xml/ws-federation.xsd b/xml/ws-federation.xsd deleted file mode 100644 index f87059db..00000000 --- a/xml/ws-federation.xsd +++ /dev/null @@ -1,471 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/ws-securitypolicy-1.2.xsd b/xml/ws-securitypolicy-1.2.xsd deleted file mode 100644 index 0e562726..00000000 --- a/xml/ws-securitypolicy-1.2.xsd +++ /dev/null @@ -1,1205 +0,0 @@ - - - - - - - - - - - 4.1.1 SignedParts Assertion - - - - - - - 4.2.1 EncryptedParts Assertion - - - - - - - - - - - - - - - - - - - - - - - 4.1.2 SignedElements Assertion - - - - - - - 4.2.2 EncryptedElements Assertion - - - - - - - 4.3.1 RequiredElements Assertion - - - - - - - - - - - - - - - - - 5.1 Token Inclusion - - - - - - - - - - - - - - - - - - - - 5.4.1 UsernameToken Assertion - - - - - - - - - - - - - - - - - - - - 5.4.1 UsernameToken Assertion - - - - - - - 5.4.1 UsernameToken Assertion - - - - - - - 5.4.1 UsernameToken Assertion - - - - - - - 5.4.1 UsernameToken Assertion - - - - - - - - - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - 5.4.2 IssuedToken Assertion - - - - - - - - 5.4.3 X509Token Assertion - - - - - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - 5.4.3 X509Token Assertion - - - - - - - - 5.4.4 KerberosToken Assertion - - - - - - - - - - - - 5.4.4 KerberosToken Assertion - - - - - - - 5.4.4 KerberosToken Assertion - - - - - - - - 5.4.5 SpnegoContextToken Assertion - - - - - - - - - - - - - - - - - - - - - - 5.4.5 SpnegoContextToken Assertion - - - - - - - 5.4.5 SpnegoContextToken Assertion - - - - - - - 5.4.5 SpnegoContextToken Assertion - - - - - - - - 5.4.6 SecurityContextToken Assertion - - - - - - - - - - - 5.4.6 SecurityContextToken Assertion - - - - - - - 5.4.6 SecurityContextToken Assertion - - - - - - - - 5.4.7 SecureConversationToken Assertion - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5.4.7 SecureConversationToken Assertion - - - - - - - - 5.4.8 SamlToken Assertion - - - - - - - - - - - - 5.4.8 SamlToken Assertion - - - - - - - 5.4.8 SamlToken Assertion - - - - - - - 5.4.8 SamlToken Assertion - - - - - - - - 5.4.9 RelToken Assertion - - - - - - - - - - - - 5.4.9 RelToken Assertion - - - - - - - 5.4.9 RelToken Assertion - - - - - - - 5.4.9 RelToken Assertion - - - - - - - 5.4.9 RelToken Assertion - - - - - - - - 5.4.10 HttpsToken Assertion - - - - - - - 5.4.10 HttpsToken Assertion - - - - - - - 5.4.10 HttpsToken Assertion - - - - - - - 5.4.10 HttpsToken Assertion - - - - - - - - 5.4.11 KeyValueToken Assertion - - - - - - - - - - - - - - - 5.4.11 KeyValueToken Assertion - - - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - 7.1 AlgorithmSuite Assertion - - - - - - - - 7.2 Layout Assertion - - - - - - - - 7.2 Layout Assertion - - - - - - - 7.2 Layout Assertion - - - - - - - 7.2 Layout Assertion - - - - - - - 7.2 Layout Assertion - - - - - - - - 7.3 TransportBinding Assertion - - - - - - - - 7.3 TransportBinding Assertion - - - - - - - - - - 7.3 TransportBinding Assertion - - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - 8=7.4 SymmetricBinding Assertion - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - 7.4 SymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - 7.5 AsymmetricBinding Assertion - - - - - - - - - - - - - - - - 8.1 SupportingTokens Assertion - - - - - - - - - - - - - 8.2 SignedSupportingTokens Assertion - - - - - - - - - - - - - 8.3 EndorsingSupportingTokens Assertion - - - - - - - - - - - - - 8.4 SignedEndorsingSupportingTokens Assertion - - - - - - - - - - - - - 8.5 SignedEncryptedSupportingTokens Assertion - - - - - - - - - - - - - 8.6 EncryptedSupportingTokens Assertion - - - - - - - - - - - - - 8.7 EndorsingEncryptedSupportingTokens Assertion - - - - - - - - - - - - - 8.8 SignedEndorsingEncryptedSupportingTokens Assertion - - - - - - - - - - - - - - 9.1 Wss10 Assertion - - - - - - - - 9.1 Wss10 Assertion - - - - - - - 9.1 Wss10 Assertion - - - - - - - 9.1 Wss10 Assertion - - - - - - - 9.1 Wss10 Assertion - - - - - - - - 9.2 Wss11 Assertion - - - - - - - - - - - - 9.2 Wss11 Assertion - - - - - - - 9.2 Wss11 Assertion - - - - - - - 9.2 Wss11 Assertion - - - - - - - - - 10.1 Trust13 Assertion - - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - - - 10.1 Trust13 Assertion - - - - - \ No newline at end of file diff --git a/xml/xenc-schema-11.xsd b/xml/xenc-schema-11.xsd deleted file mode 100644 index 1abb6437..00000000 --- a/xml/xenc-schema-11.xsd +++ /dev/null @@ -1,107 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/xenc-schema.xsd b/xml/xenc-schema.xsd deleted file mode 100644 index cdfc8333..00000000 --- a/xml/xenc-schema.xsd +++ /dev/null @@ -1,171 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/xml.xsd b/xml/xml.xsd deleted file mode 100644 index 38bba34d..00000000 --- a/xml/xml.xsd +++ /dev/null @@ -1,80 +0,0 @@ - - - - - - See http://www.w3.org/XML/1998/namespace.html and - http://www.w3.org/TR/REC-xml for information about this namespace. - - - - - This schema defines attributes and an attribute group - suitable for use by - schemas wishing to allow xml:base, xml:lang or xml:space attributes - on elements they define. - - To enable this, such a schema must import this schema - for the XML namespace, e.g. as follows: - <schema . . .> - . . . - <import namespace="http://www.w3.org/XML/1998/namespace" - schemaLocation="http://www.w3.org/2001/03/xml.xsd"/> - - Subsequently, qualified reference to any of the attributes - or the group defined below will have the desired effect, e.g. - - <type . . .> - . . . - <attributeGroup ref="xml:specialAttrs"/> - - will define a type which will schema-validate an instance - element with any of those attributes - - - - In keeping with the XML Schema WG's standard versioning - policy, this schema document will persist at - http://www.w3.org/2001/03/xml.xsd. - At the date of issue it can also be found at - http://www.w3.org/2001/xml.xsd. - The schema document at that URI may however change in the future, - in order to remain compatible with the latest version of XML Schema - itself. In other words, if the XML Schema namespace changes, the version - of this document at - http://www.w3.org/2001/xml.xsd will change - accordingly; the version at - http://www.w3.org/2001/03/xml.xsd will not change. - - - - - - In due course, we should install the relevant ISO 2- and 3-letter - codes as the enumerated possible values . . . - - - - - - - - - - - - - - - See http://www.w3.org/TR/xmlbase/ for - information about this attribute. - - - - - - - - - - diff --git a/xml/xmldsig-core-schema.xsd b/xml/xmldsig-core-schema.xsd deleted file mode 100644 index 07aad278..00000000 --- a/xml/xmldsig-core-schema.xsd +++ /dev/null @@ -1,308 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/xmldsig11-schema.xsd b/xml/xmldsig11-schema.xsd deleted file mode 100644 index f03643a3..00000000 --- a/xml/xmldsig11-schema.xsd +++ /dev/null @@ -1,144 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -