diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a3780c2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/lasso-2.4.1.tar.gz
diff --git a/.lasso.metadata b/.lasso.metadata
new file mode 100644
index 0000000..6e01132
--- /dev/null
+++ b/.lasso.metadata
@@ -0,0 +1 @@
+4596b8037932d4281828d27c3d4065522b4775dc SOURCES/lasso-2.4.1.tar.gz
diff --git a/README.md b/README.md
deleted file mode 100644
index 98f42b4..0000000
--- a/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-The master branch has no content
-
-Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6
-If you find this file in a distro specific branch, it means that no content has been checked in yet
diff --git a/SOURCES/0001-Missing-variable-initialization.patch b/SOURCES/0001-Missing-variable-initialization.patch
new file mode 100644
index 0000000..2ea91af
--- /dev/null
+++ b/SOURCES/0001-Missing-variable-initialization.patch
@@ -0,0 +1,30 @@
+From d918303a1cf2ea33e5b67e96b671112d7a1df78e Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Thu, 31 Jul 2014 13:36:03 -0400
+Subject: [PATCH 1/3] Missing variable initialization
+
+If name_id s unconditonally dereferenced in the cleanup code.
+If it is not initialized it may cause segfaults or other misbehaviors.
+
+License: MIT
+Signed-off-by: Simo Sorce <simo@redhat.com>
+---
+ lasso/id-ff/session.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lasso/id-ff/session.c b/lasso/id-ff/session.c
+index 4cb3e2b8b530abf8453f5729062e77e3883478d8..9446e2855536d020f3ca9636901d79ca7c7df824 100644
+--- a/lasso/id-ff/session.c
++++ b/lasso/id-ff/session.c
+@@ -858,7 +858,7 @@ init_from_xml_nid_and_session_index(LassoNode *node, xmlNode *nid_and_session_in
+ xmlChar *provider_id = NULL;
+ xmlChar *assertion_id = NULL;
+ xmlNode *nid;
+- LassoNode *name_id;
++ LassoNode *name_id = NULL;
+ struct _NidAndSessionIndex *nid_and_session_index;
+
+ provider_id = xmlGetProp(nid_and_session_index_node, BAD_CAST PROVIDER_ID);
+--
+1.9.3
+
diff --git a/SOURCES/0001-xml-support-xsd-choices-by-allowing-to-rewind-or-adv.patch b/SOURCES/0001-xml-support-xsd-choices-by-allowing-to-rewind-or-adv.patch
new file mode 100644
index 0000000..5708638
--- /dev/null
+++ b/SOURCES/0001-xml-support-xsd-choices-by-allowing-to-rewind-or-adv.patch
@@ -0,0 +1,183 @@
+From a27d1686b387a045607b5f0802001ea8863342cb Mon Sep 17 00:00:00 2001
+From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
+Date: Sat, 7 Jun 2014 09:29:58 +0200
+Subject: [PATCH 1/2] xml: support xsd:choices by allowing to rewind or advance
+ after match or miss of a snippet
+
+---
+ lasso/xml/private.h | 26 ++++++++++++++++++++++++-
+ lasso/xml/xml.c | 56 +++++++++++++++++++++++++++++++++++++++--------------
+ 2 files changed, 66 insertions(+), 16 deletions(-)
+
+diff --git a/lasso/xml/private.h b/lasso/xml/private.h
+index 450ec2644112d6a6931de21eea8b6d10441b90fb..f1b0e94b58eef79501b9264c4da96b8cb049b548 100644
+--- a/lasso/xml/private.h
++++ b/lasso/xml/private.h
+@@ -49,7 +49,23 @@ typedef enum {
+ SNIPPET_LIST_XMLNODES,
+ SNIPPET_XMLNODE,
+ SNIPPET_COLLECT_NAMESPACES,
+-
++ SNIPPET_JUMP_OFFSET_SIGN = 1 << 19,
++ SNIPPET_JUMP_OFFSET_SHIFT = 15,
++ SNIPPET_JUMP_OFFSET_MASK = 0x0f << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_1 = 1 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_2 = 2 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_3 = 3 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_4 = 4 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_5 = 5 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_6 = 6 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_JUMP_7 = 7 << SNIPPET_JUMP_OFFSET_SHIFT,
++ SNIPPET_BACK_1 = 1 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_2 = 2 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_3 = 3 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_4 = 4 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_5 = 5 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_6 = 6 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
++ SNIPPET_BACK_7 = 7 << SNIPPET_JUMP_OFFSET_SHIFT | SNIPPET_JUMP_OFFSET_SIGN,
+ /* transformers for content transformation */
+ SNIPPET_STRING = 1 << 0, /* default, can be omitted */
+ SNIPPET_BOOLEAN = 1 << 20,
+@@ -62,8 +78,16 @@ typedef enum {
+ SNIPPET_KEEP_XMLNODE = 1 << 27, /* force keep xmlNode */
+ SNIPPET_PRIVATE = 1 << 28, /* means that the offset is relative to a private extension */
+ SNIPPET_MANDATORY = 1 << 29, /* means that the element cardinality is at least 1 */
++ SNIPPET_JUMP_ON_MATCH = 1 << 30,
++ SNIPPET_JUMP_ON_MISS = 1 << 31,
++ SNIPPET_JUMP = SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_ON_MATCH,
++
+ } SnippetType;
+
++#define SNIPPET_JUMP_OFFSET(type) ((type & SNIPPET_JUMP_OFFSET_SIGN) ? \
++ (-(type & SNIPPET_JUMP_OFFSET_MASK) >> SNIPPET_JUMP_OFFSET_SHIFT) \
++ : ((type & SNIPPET_JUMP_OFFSET_MASK) >> SNIPPET_JUMP_OFFSET_SHIFT))
++
+ typedef enum {
+ NO_OPTION = 0,
+ NO_SINGLE_REFERENCE = 1 /* SAML signature should contain a single reference,
+diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c
+index 7ffa2d27e37b8a5e1798db0812f0c90470f80454..436dcc198beddf7069c7de591786f55dde19c840 100644
+--- a/lasso/xml/xml.c
++++ b/lasso/xml/xml.c
+@@ -1597,8 +1597,19 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode)
+ gboolean match = FALSE;
+ struct XmlSnippet *matched_snippet = NULL;
+
+-#define ADVANCE \
+- snippet++; \
++#define ADVANCE_MATCH \
++ if (snippet->type & SNIPPET_JUMP_ON_MATCH) { \
++ snippet += (ptrdiff_t)SNIPPET_JUMP_OFFSET(snippet->type); \
++ } else { \
++ snippet++; \
++ } \
++ next_node_snippet(&class_iter, &snippet);
++#define ADVANCE_MISS \
++ if (snippet->type & SNIPPET_JUMP_ON_MISS) { \
++ snippet += (ptrdiff_t)SNIPPET_JUMP_OFFSET(snippet->type); \
++ } else { \
++ snippet++; \
++ } \
+ next_node_snippet(&class_iter, &snippet);
+ #define ERROR \
+ error("Element %s:%s cannot be parsed", \
+@@ -1617,15 +1628,15 @@ lasso_node_impl_init_from_xml(LassoNode *node, xmlNode *xmlnode)
+ g_type = G_TYPE_FROM_CLASS(class);
+ value = SNIPPET_STRUCT_MEMBER_P(node, g_type, snippet);
+ list = value;
+- if (! multiple) {
+- ADVANCE;
++ if (! multiple || (snippet->type & SNIPPET_JUMP_ON_MATCH)) {
++ ADVANCE_MATCH;
+ }
+ break;
+ } else {
+ if (mandatory) {
+ break;
+ } else {
+- ADVANCE;
++ ADVANCE_MISS;
+ }
+ }
+ }
+@@ -2726,22 +2737,29 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x
+
+ g_type = G_TYPE_FROM_CLASS(class);
+
+- for (snippet = snippets; snippet && snippet->name; snippet++) {
++ snippet = snippets;
++ while (snippet && snippet->name) {
+ void *value = NULL;
+- int int_value;
+- gboolean bool_value;
+- char *str;
++ int int_value = 0;
++ gboolean bool_value = FALSE;
++ char *str = NULL;
+ gboolean optional = snippet->type & SNIPPET_OPTIONAL;
+ gboolean optional_neg = snippet->type & SNIPPET_OPTIONAL_NEG;
++ gboolean multiple = is_snippet_multiple(snippet);
+
+ if (! snippet->offset && ! (snippet->type & SNIPPET_PRIVATE)) {
+- continue;
++ goto advance;
+ }
+ if (lasso_dump == FALSE && snippet->type & SNIPPET_LASSO_DUMP) {
+- continue;
++ goto advance;
+ }
+ if ((snippet->type & 0xff) == SNIPPET_ATTRIBUTE && (snippet->type & SNIPPET_ANY)) {
+ snippet_any_attribute = snippet;
++ goto advance;
++ }
++ /* special treatment for 1-* list of nodes, without we would serialize them twice */
++ if (multiple && (snippet->type & SNIPPET_JUMP_ON_MATCH && SNIPPET_JUMP_OFFSET(snippet->type) > 0)) {
++ snippet++;
+ continue;
+ }
+
+@@ -2749,22 +2767,22 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x
+ if (snippet->type & SNIPPET_INTEGER) {
+ int_value = SNIPPET_STRUCT_MEMBER(int, node, g_type, snippet);
+ if (int_value == 0 && optional) {
+- continue;
++ goto advance;
+ }
+ if (int_value == -1 && optional_neg) {
+- continue;
++ goto advance;
+ }
+ str = g_strdup_printf("%i", int_value);
+ } else if (snippet->type & SNIPPET_BOOLEAN) {
+ bool_value = SNIPPET_STRUCT_MEMBER(gboolean, node, g_type, snippet);
+ if (bool_value == FALSE && optional) {
+- continue;
++ goto advance;
+ }
+ str = bool_value ? "true" : "false";
+ } else {
+ value = SNIPPET_STRUCT_MEMBER(void *, node, g_type, snippet);
+ if (value == NULL) {
+- continue;
++ goto advance;
+ }
+ str = value;
+ }
+@@ -2847,6 +2865,14 @@ lasso_node_build_xmlNode_from_snippets(LassoNode *node, LassoNodeClass *class, x
+ if (snippet->type & SNIPPET_INTEGER) {
+ lasso_release(str);
+ }
++ advance:
++ if ((snippet->type & SNIPPET_JUMP_ON_MATCH) && SNIPPET_JUMP_OFFSET(snippet->type) > 0 && value) {
++ snippet += SNIPPET_JUMP_OFFSET(snippet->type);
++ } else if (!value && (snippet->type & SNIPPET_JUMP_ON_MISS) && SNIPPET_JUMP_OFFSET(snippet->type) > 0 && value) {
++ snippet += SNIPPET_JUMP_OFFSET(snippet->type);
++ } else {
++ snippet++;
++ }
+ }
+
+ if (snippet_any_attribute) {
+--
+2.1.0
+
diff --git a/SOURCES/0002-Assert-on-missing-id.patch b/SOURCES/0002-Assert-on-missing-id.patch
new file mode 100644
index 0000000..6f64e3f
--- /dev/null
+++ b/SOURCES/0002-Assert-on-missing-id.patch
@@ -0,0 +1,48 @@
+From 1fbf95be686300f265aa13ac45636fbabb6a1d1e Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Thu, 31 Jul 2014 13:42:10 -0400
+Subject: [PATCH 2/3] Assert on missing id
+
+In this function id is required, so just assert if it is missing.
+This also silences a warning about "reference" being used unintialized
+if "id" is null.
+
+License: MIT
+Signed-off-by: Simo Sorce <simo@redhat.com>
+---
+ lasso/xml/tools.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
+index fd3defbe1f0559c6cbb1ef17bbdd020170d485f5..09f7da8541b15e0a60e370111968f38b4f93f366 100644
+--- a/lasso/xml/tools.c
++++ b/lasso/xml/tools.c
+@@ -2525,6 +2525,8 @@ lasso_xmlnode_add_saml2_signature_template(xmlNode *node, LassoSignatureContext
+ xmlNode *existing_signature = NULL, *signature = NULL, *reference, *key_info;
+ char *uri;
+
++ g_assert(id);
++
+ if (! lasso_validate_signature_context(context) || ! node)
+ return;
+
+@@ -2555,12 +2557,10 @@ lasso_xmlnode_add_saml2_signature_template(xmlNode *node, LassoSignatureContext
+ * other cases, set snippet->offset to 0 and use xmlSecTmpSignatureAddReference from another
+ * node get_xmlNode virtual method to add the needed reference.
+ */
+- if (id) {
+- uri = g_strdup_printf("#%s", id);
+- reference = xmlSecTmplSignatureAddReference(signature,
+- xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL);
+- lasso_release(uri);
+- }
++ uri = g_strdup_printf("#%s", id);
++ reference = xmlSecTmplSignatureAddReference(signature,
++ xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL);
++ lasso_release(uri);
+
+ /* add enveloped transform */
+ xmlSecTmplReferenceAddTransform(reference, xmlSecTransformEnvelopedId);
+--
+1.9.3
+
diff --git a/SOURCES/0002-xml-modify-xschema-snippets-to-handle-xsd-choice-con.patch b/SOURCES/0002-xml-modify-xschema-snippets-to-handle-xsd-choice-con.patch
new file mode 100644
index 0000000..93aedc6
--- /dev/null
+++ b/SOURCES/0002-xml-modify-xschema-snippets-to-handle-xsd-choice-con.patch
@@ -0,0 +1,343 @@
+From 4ad4b673940ef72de1a62d7589cd0d86290086b1 Mon Sep 17 00:00:00 2001
+From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
+Date: Sat, 7 Jun 2014 14:09:58 +0200
+Subject: [PATCH 2/2] xml: modify xschema snippets to handle xsd:choice
+ constructs
+
+---
+ lasso/xml/saml-2.0/saml2_advice.c | 6 +++---
+ lasso/xml/saml-2.0/saml2_assertion.c | 6 +++---
+ lasso/xml/saml-2.0/saml2_attribute_statement.c | 2 +-
+ lasso/xml/saml-2.0/saml2_authn_context.c | 10 +++++++---
+ lasso/xml/saml-2.0/saml2_conditions.c | 6 +++---
+ lasso/xml/saml-2.0/saml2_evidence.c | 16 +++++++++++++---
+ lasso/xml/saml-2.0/saml2_subject.c | 8 +++++---
+ lasso/xml/saml-2.0/saml2_subject_confirmation.c | 4 ++--
+ lasso/xml/saml-2.0/samlp2_logout_request.c | 4 ++--
+ lasso/xml/saml-2.0/samlp2_manage_name_id_request.c | 6 +++---
+ lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c | 4 ++--
+ lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c | 2 +-
+ lasso/xml/saml-2.0/samlp2_requested_authn_context.c | 10 ++++++++--
+ lasso/xml/saml-2.0/samlp2_response.c | 5 +++--
+ lasso/xml/saml_advice.c | 2 +-
+ lasso/xml/saml_assertion.c | 4 ++--
+ lasso/xml/saml_subject.c | 2 +-
+ 17 files changed, 60 insertions(+), 37 deletions(-)
+
+diff --git a/lasso/xml/saml-2.0/saml2_advice.c b/lasso/xml/saml-2.0/saml2_advice.c
+index e5ea13d0bc8f3d34a8bd119f5c114f3df1340023..54c436e54b15e5cc45074618b3061c41822d274c 100644
+--- a/lasso/xml/saml-2.0/saml2_advice.c
++++ b/lasso/xml/saml-2.0/saml2_advice.c
+@@ -52,11 +52,11 @@
+ static struct XmlSnippet schema_snippets[] = {
+ { "AssertionIDRef", SNIPPET_LIST_NODES,
+ G_STRUCT_OFFSET(LassoSaml2Advice, AssertionIDRef), NULL, NULL, NULL},
+- { "AssertionURIRef", SNIPPET_LIST_NODES,
++ { "AssertionURIRef", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSaml2Advice, AssertionURIRef), NULL, NULL, NULL},
+- { "Assertion", SNIPPET_LIST_NODES,
++ { "Assertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_2,
+ G_STRUCT_OFFSET(LassoSaml2Advice, Assertion), NULL, NULL, NULL},
+- { "EncryptedAssertion", SNIPPET_LIST_NODES,
++ { "EncryptedAssertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_3,
+ G_STRUCT_OFFSET(LassoSaml2Advice, EncryptedAssertion), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+diff --git a/lasso/xml/saml-2.0/saml2_assertion.c b/lasso/xml/saml-2.0/saml2_assertion.c
+index 3346a86e0f2a7876f31db2cb1e03aedd17347a73..549742a69814936f30c6f394bc6b696ad0c93079 100644
+--- a/lasso/xml/saml-2.0/saml2_assertion.c
++++ b/lasso/xml/saml-2.0/saml2_assertion.c
+@@ -78,11 +78,11 @@ static struct XmlSnippet schema_snippets[] = {
+ G_STRUCT_OFFSET(LassoSaml2Assertion, Advice), NULL, NULL, NULL},
+ { "Statement", SNIPPET_LIST_NODES,
+ G_STRUCT_OFFSET(LassoSaml2Assertion, Statement), NULL, NULL, NULL},
+- { "AuthnStatement", SNIPPET_LIST_NODES,
++ { "AuthnStatement", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSaml2Assertion, AuthnStatement), NULL, NULL, NULL},
+- { "AuthzDecisionStatement", SNIPPET_LIST_NODES,
++ { "AuthzDecisionStatement", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_2,
+ G_STRUCT_OFFSET(LassoSaml2Assertion, AuthzDecisionStatement), NULL, NULL, NULL},
+- { "AttributeStatement", SNIPPET_LIST_NODES,
++ { "AttributeStatement", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_3,
+ G_STRUCT_OFFSET(LassoSaml2Assertion, AttributeStatement), NULL, NULL, NULL},
+ { "Version", SNIPPET_ATTRIBUTE,
+ G_STRUCT_OFFSET(LassoSaml2Assertion, Version), NULL, NULL, NULL},
+diff --git a/lasso/xml/saml-2.0/saml2_attribute_statement.c b/lasso/xml/saml-2.0/saml2_attribute_statement.c
+index b7303fee7cd0bd61a5b2ee5bda62335de3bf37c6..e251c6b0d69870af4e5968c843a03e67073c7609 100644
+--- a/lasso/xml/saml-2.0/saml2_attribute_statement.c
++++ b/lasso/xml/saml-2.0/saml2_attribute_statement.c
+@@ -53,7 +53,7 @@
+ static struct XmlSnippet schema_snippets[] = {
+ { "Attribute", SNIPPET_LIST_NODES,
+ G_STRUCT_OFFSET(LassoSaml2AttributeStatement, Attribute), NULL, NULL, NULL},
+- { "EncryptedAttribute", SNIPPET_LIST_NODES,
++ { "EncryptedAttribute", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSaml2AttributeStatement, EncryptedAttribute), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+diff --git a/lasso/xml/saml-2.0/saml2_authn_context.c b/lasso/xml/saml-2.0/saml2_authn_context.c
+index 995a7ab311aaf742e3953f9dae39caf22ebbbae0..5b7c49805ef13cf7d7a260f62e2267cca7dbf400 100644
+--- a/lasso/xml/saml-2.0/saml2_authn_context.c
++++ b/lasso/xml/saml-2.0/saml2_authn_context.c
+@@ -59,11 +59,15 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "AuthnContextClassRef", SNIPPET_CONTENT | SNIPPET_OPTIONAL,
++ { "AuthnContextClassRef", SNIPPET_CONTENT | SNIPPET_OPTIONAL | SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_3,
+ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthnContextClassRef), NULL, NULL, NULL},
+- { "AuthnContextDecl", SNIPPET_NODE | SNIPPET_OPTIONAL,
++ { "AuthnContextDecl", SNIPPET_NODE | SNIPPET_OPTIONAL | SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_4,
+ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthnContextDecl), NULL, NULL, NULL},
+- { "AuthnContextDeclRef", SNIPPET_CONTENT | SNIPPET_OPTIONAL,
++ { "AuthnContextDeclRef", SNIPPET_CONTENT | SNIPPET_OPTIONAL | SNIPPET_JUMP | SNIPPET_JUMP_3,
++ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthnContextDeclRef), NULL, NULL, NULL},
++ { "AuthnContextDecl", SNIPPET_NODE | SNIPPET_OPTIONAL | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
++ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthnContextDecl), NULL, NULL, NULL},
++ { "AuthnContextDeclRef", SNIPPET_CONTENT | SNIPPET_MANDATORY,
+ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthnContextDeclRef), NULL, NULL, NULL},
+ { "AuthenticatingAuthority", SNIPPET_CONTENT | SNIPPET_OPTIONAL,
+ G_STRUCT_OFFSET(LassoSaml2AuthnContext, AuthenticatingAuthority), NULL, NULL, NULL},
+diff --git a/lasso/xml/saml-2.0/saml2_conditions.c b/lasso/xml/saml-2.0/saml2_conditions.c
+index 37bff88093512c200b5f2ac1f2f4da86f2c994ea..cfa1b012b3bfc85fedfdee8a187f4ff1e387d1c4 100644
+--- a/lasso/xml/saml-2.0/saml2_conditions.c
++++ b/lasso/xml/saml-2.0/saml2_conditions.c
+@@ -53,11 +53,11 @@
+ static struct XmlSnippet schema_snippets[] = {
+ { "Condition", SNIPPET_LIST_NODES,
+ G_STRUCT_OFFSET(LassoSaml2Conditions, Condition), NULL, NULL, NULL},
+- { "AudienceRestriction", SNIPPET_LIST_NODES,
++ { "AudienceRestriction", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSaml2Conditions, AudienceRestriction), NULL, NULL, NULL},
+- { "OneTimeUse", SNIPPET_LIST_NODES,
++ { "OneTimeUse", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_2,
+ G_STRUCT_OFFSET(LassoSaml2Conditions, OneTimeUse), NULL, NULL, NULL},
+- { "ProxyRestriction", SNIPPET_LIST_NODES,
++ { "ProxyRestriction", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_3,
+ G_STRUCT_OFFSET(LassoSaml2Conditions, ProxyRestriction), NULL, NULL, NULL},
+ { "NotBefore", SNIPPET_ATTRIBUTE,
+ G_STRUCT_OFFSET(LassoSaml2Conditions, NotBefore), NULL, NULL, NULL},
+diff --git a/lasso/xml/saml-2.0/saml2_evidence.c b/lasso/xml/saml-2.0/saml2_evidence.c
+index 986390c038db90b1f76f734ba163f71ee46f3858..bb9b66f71d26d33a8f2ee2f40f71d55cb1f98663 100644
+--- a/lasso/xml/saml-2.0/saml2_evidence.c
++++ b/lasso/xml/saml-2.0/saml2_evidence.c
+@@ -49,13 +49,23 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
++ /* 1 */
++ { "AssertionIDRef", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_4,
++ G_STRUCT_OFFSET(LassoSaml2Evidence, AssertionIDRef), NULL, NULL, NULL},
++ { "AssertionURIRef", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3,
++ G_STRUCT_OFFSET(LassoSaml2Evidence, AssertionURIRef), NULL, NULL, NULL},
++ { "Assertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
++ G_STRUCT_OFFSET(LassoSaml2Evidence, Assertion), NULL, NULL, NULL},
++ { "EncryptedAssertion", SNIPPET_LIST_NODES | SNIPPET_MANDATORY | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_1,
++ G_STRUCT_OFFSET(LassoSaml2Evidence, EncryptedAssertion), NULL, NULL, NULL},
++ /* star */
+ { "AssertionIDRef", SNIPPET_LIST_NODES,
+ G_STRUCT_OFFSET(LassoSaml2Evidence, AssertionIDRef), NULL, NULL, NULL},
+- { "AssertionURIRef", SNIPPET_LIST_NODES,
++ { "AssertionURIRef", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSaml2Evidence, AssertionURIRef), NULL, NULL, NULL},
+- { "Assertion", SNIPPET_LIST_NODES,
++ { "Assertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_2,
+ G_STRUCT_OFFSET(LassoSaml2Evidence, Assertion), NULL, NULL, NULL},
+- { "EncryptedAssertion", SNIPPET_LIST_NODES,
++ { "EncryptedAssertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_3,
+ G_STRUCT_OFFSET(LassoSaml2Evidence, EncryptedAssertion), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+diff --git a/lasso/xml/saml-2.0/saml2_subject.c b/lasso/xml/saml-2.0/saml2_subject.c
+index f9d865fbdbcaba3f415c4655b2d997eb05b8d5f8..9bba80d4888e0cac49ca5c8451b5b1950c19a66e 100644
+--- a/lasso/xml/saml-2.0/saml2_subject.c
++++ b/lasso/xml/saml-2.0/saml2_subject.c
+@@ -54,13 +54,15 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "BaseID", SNIPPET_NODE,
++ { "BaseID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3,
+ G_STRUCT_OFFSET(LassoSaml2Subject, BaseID), NULL, NULL, NULL},
+- { "NameID", SNIPPET_NODE,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSaml2Subject, NameID), NULL, NULL, NULL},
+- { "EncryptedID", SNIPPET_NODE,
++ { "EncryptedID", SNIPPET_NODE | SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSaml2Subject, EncryptedID),
+ "LassoSaml2EncryptedElement", NULL, NULL},
++ { "SubjectConfirmation", SNIPPET_NODE | SNIPPET_OPTIONAL | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
++ G_STRUCT_OFFSET(LassoSaml2Subject, SubjectConfirmation), NULL, NULL, NULL},
+ { "SubjectConfirmation", SNIPPET_NODE,
+ G_STRUCT_OFFSET(LassoSaml2Subject, SubjectConfirmation), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+diff --git a/lasso/xml/saml-2.0/saml2_subject_confirmation.c b/lasso/xml/saml-2.0/saml2_subject_confirmation.c
+index 3a8f9047eba96ff9da55caca3ea75f689e9f94a5..e591369bead8b2ffa9cee95088c3b6a91d08d921 100644
+--- a/lasso/xml/saml-2.0/saml2_subject_confirmation.c
++++ b/lasso/xml/saml-2.0/saml2_subject_confirmation.c
+@@ -52,9 +52,9 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "BaseID", SNIPPET_NODE,
++ { "BaseID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3,
+ G_STRUCT_OFFSET(LassoSaml2SubjectConfirmation, BaseID), NULL, NULL, NULL},
+- { "NameID", SNIPPET_NODE,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSaml2SubjectConfirmation, NameID), NULL, NULL, NULL},
+ { "EncryptedID", SNIPPET_NODE,
+ G_STRUCT_OFFSET(LassoSaml2SubjectConfirmation, EncryptedID),
+diff --git a/lasso/xml/saml-2.0/samlp2_logout_request.c b/lasso/xml/saml-2.0/samlp2_logout_request.c
+index 034d63de260962810a61275e73b44c3c863c2465..d57f0789a57e8d26df9c18804b7552e220a84915 100644
+--- a/lasso/xml/saml-2.0/samlp2_logout_request.c
++++ b/lasso/xml/saml-2.0/samlp2_logout_request.c
+@@ -66,9 +66,9 @@ struct _LassoSamlp2LogoutRequestPrivate {
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL,
++ { "BaseID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, BaseID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+- { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, NameID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+ { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2LogoutRequest, EncryptedID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+diff --git a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c
+index ff9dc34a10b94ce092b40c3b8060eba2444fb41d..e2d831223339b8adb1da2f9ed1fe88be6a2bd9c1 100644
+--- a/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c
++++ b/lasso/xml/saml-2.0/samlp2_manage_name_id_request.c
+@@ -58,14 +58,14 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NameID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+ { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, EncryptedID),
+ "LassoSaml2EncryptedElement", LASSO_SAML2_ASSERTION_PREFIX,
+ LASSO_SAML2_ASSERTION_HREF},
+- { "NewID", SNIPPET_CONTENT,
++ { "NewID", SNIPPET_CONTENT | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3,
+ G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NewID), NULL, NULL, NULL},
+- { "NewEncryptedID", SNIPPET_NODE,
++ { "NewEncryptedID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSamlp2ManageNameIDRequest, NewEncryptedID),
+ "LassoSaml2EncryptedElement", NULL, NULL},
+ { "Terminate", SNIPPET_NODE,
+diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c
+index 8b81d0090679bd89b7380a1e54807021c0d3442c..fd23dd3df2dd950490499e36545778a7eafaff1b 100644
+--- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c
++++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_request.c
+@@ -55,9 +55,9 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "BaseID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL,
++ { "BaseID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_3, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, BaseID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+- { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest, NameID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+ { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingRequest,
+ EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX,
+diff --git a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c
+index 101aa86373c5aeac1a398a6de5daaa751796d1db..1374e0ab8f2854ea05400670625589b2aed3eb29 100644
+--- a/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c
++++ b/lasso/xml/saml-2.0/samlp2_name_id_mapping_response.c
+@@ -51,7 +51,7 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "NameID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL,
++ { "NameID", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse, NameID), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+ { "EncryptedID", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlp2NameIDMappingResponse,
+ EncryptedID), NULL, LASSO_SAML2_ASSERTION_PREFIX,
+diff --git a/lasso/xml/saml-2.0/samlp2_requested_authn_context.c b/lasso/xml/saml-2.0/samlp2_requested_authn_context.c
+index c5afd625b0377f8ee848b75cfa58fc2604b46e75..b19035979d8b39726fc2808695ff9be12d7e99e0 100644
+--- a/lasso/xml/saml-2.0/samlp2_requested_authn_context.c
++++ b/lasso/xml/saml-2.0/samlp2_requested_authn_context.c
+@@ -48,13 +48,19 @@
+
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "AuthnContextClassRef", SNIPPET_LIST_CONTENT,
++ { "AuthnContextClassRef", SNIPPET_LIST_CONTENT | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
++ G_STRUCT_OFFSET(LassoSamlp2RequestedAuthnContext, AuthnContextClassRef),
++ NULL, LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF },
++ { "AuthnContextDeclRef", SNIPPET_LIST_CONTENT | SNIPPET_MANDATORY | SNIPPET_JUMP_ON_MATCH | SNIPPET_JUMP_2,
++ G_STRUCT_OFFSET(LassoSamlp2RequestedAuthnContext, AuthnContextDeclRef),
++ NULL, LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF },
++ { "AuthnContextClassRef", SNIPPET_LIST_CONTENT | SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSamlp2RequestedAuthnContext, AuthnContextClassRef),
+ NULL, LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF },
+ { "AuthnContextDeclRef", SNIPPET_LIST_CONTENT,
+ G_STRUCT_OFFSET(LassoSamlp2RequestedAuthnContext, AuthnContextDeclRef),
+ NULL, LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF },
+- { "Comparison", SNIPPET_CONTENT,
++ { "Comparison", SNIPPET_CONTENT | SNIPPET_OPTIONAL,
+ G_STRUCT_OFFSET(LassoSamlp2RequestedAuthnContext, Comparison), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+diff --git a/lasso/xml/saml-2.0/samlp2_response.c b/lasso/xml/saml-2.0/samlp2_response.c
+index 411e8cc8d2d1d3d584b02358fde15f3a9efa43e5..ee2ee5dec50e910357e894bbec597d51ea95ffc3 100644
+--- a/lasso/xml/saml-2.0/samlp2_response.c
++++ b/lasso/xml/saml-2.0/samlp2_response.c
+@@ -57,8 +57,9 @@ extern LassoNode* lasso_assertion_encrypt(LassoSaml2Assertion *assertion, char *
+ static struct XmlSnippet schema_snippets[] = {
+ { "Assertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response, Assertion), NULL,
+ LASSO_SAML2_ASSERTION_PREFIX, LASSO_SAML2_ASSERTION_HREF},
+- { "EncryptedAssertion", SNIPPET_LIST_NODES, G_STRUCT_OFFSET(LassoSamlp2Response,
+- EncryptedAssertion), NULL, LASSO_SAML2_ASSERTION_PREFIX,
++ { "EncryptedAssertion", SNIPPET_LIST_NODES | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
++ G_STRUCT_OFFSET(LassoSamlp2Response, EncryptedAssertion),
++ NULL, LASSO_SAML2_ASSERTION_PREFIX,
+ LASSO_SAML2_ASSERTION_HREF},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+diff --git a/lasso/xml/saml_advice.c b/lasso/xml/saml_advice.c
+index dd1fd6771ef15a9b7ade59fc198183f7b58cf472..f2fe607b0fbd7d8122cc648ab5bc7e4700ecc16a 100644
+--- a/lasso/xml/saml_advice.c
++++ b/lasso/xml/saml_advice.c
+@@ -55,7 +55,7 @@
+ static struct XmlSnippet schema_snippets[] = {
+ { "AssertionIDReference", SNIPPET_LIST_CONTENT,
+ G_STRUCT_OFFSET(LassoSamlAdvice, AssertionIDReference), NULL, NULL, NULL},
+- { "Assertion", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAdvice, Assertion), NULL, NULL, NULL},
++ { "Assertion", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1, G_STRUCT_OFFSET(LassoSamlAdvice, Assertion), NULL, NULL, NULL},
+ {NULL, 0, 0, NULL, NULL, NULL}
+ };
+
+diff --git a/lasso/xml/saml_assertion.c b/lasso/xml/saml_assertion.c
+index c87fe81e3113449d0200dcae3ec51bbc6cda4319..43bab051ff5b81fc9e725d8e238dcc6e0dc157e3 100644
+--- a/lasso/xml/saml_assertion.c
++++ b/lasso/xml/saml_assertion.c
+@@ -74,9 +74,9 @@ static struct XmlSnippet schema_snippets[] = {
+ { "Conditions", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAssertion, Conditions), NULL, NULL, NULL},
+ { "Advice", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAssertion, Advice), NULL, NULL, NULL},
+ { "SubjectStatement", SNIPPET_NODE,G_STRUCT_OFFSET(LassoSamlAssertion, SubjectStatement), NULL, NULL, NULL},
+- { "AuthenticationStatement", SNIPPET_NODE,
++ { "AuthenticationStatement", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_1,
+ G_STRUCT_OFFSET(LassoSamlAssertion, AuthenticationStatement), NULL, NULL, NULL},
+- { "AttributeStatement", SNIPPET_NODE,
++ { "AttributeStatement", SNIPPET_NODE | SNIPPET_JUMP_ON_MATCH | SNIPPET_BACK_2,
+ G_STRUCT_OFFSET(LassoSamlAssertion, AttributeStatement), NULL, NULL, NULL},
+ { "Signature", SNIPPET_SIGNATURE,
+ G_STRUCT_OFFSET(LassoSamlAssertion, AssertionID), NULL, LASSO_DS_PREFIX, LASSO_DS_HREF},
+diff --git a/lasso/xml/saml_subject.c b/lasso/xml/saml_subject.c
+index 36226cb99adf4e24c3622b106eed20a83f3720d6..a9203332092fd2a4e6d26971a8f0c0ec8e30d3fe 100644
+--- a/lasso/xml/saml_subject.c
++++ b/lasso/xml/saml_subject.c
+@@ -50,7 +50,7 @@
+ /*****************************************************************************/
+
+ static struct XmlSnippet schema_snippets[] = {
+- { "NameIdentifier", SNIPPET_NODE,
++ { "NameIdentifier", SNIPPET_NODE | SNIPPET_JUMP_ON_MISS | SNIPPET_JUMP_2,
+ G_STRUCT_OFFSET(LassoSamlSubject, NameIdentifier), NULL, NULL, NULL},
+ { "EncryptedNameIdentifier", SNIPPET_NODE,
+ G_STRUCT_OFFSET(LassoSamlSubject, EncryptedNameIdentifier),
+--
+2.1.0
+
diff --git a/SPECS/lasso.spec b/SPECS/lasso.spec
new file mode 100644
index 0000000..64bab86
--- /dev/null
+++ b/SPECS/lasso.spec
@@ -0,0 +1,281 @@
+%global with_java 0
+%global with_php 0
+%global with_perl 0
+%global with_python 1
+%global with_wsf 0
+
+%if %{with_php}
+%if "%{php_version}" < "5.6"
+%global ini_name %{name}.ini
+%else
+%global ini_name 40-%{name}.ini
+%endif
+%endif
+
+Summary: Liberty Alliance Single Sign On
+Name: lasso
+Version: 2.4.1
+Release: 5%{?dist}
+License: GPLv2+
+Group: System Environment/Libraries
+Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
+%if %{with_wsf}
+BuildRequires: cyrus-sasl-devel
+%endif
+BuildRequires: gtk-doc, libtool-ltdl-devel
+BuildRequires: glib2-devel, swig
+BuildRequires: libxml2-devel, xmlsec1-devel, openssl-devel, xmlsec1-openssl-devel
+BuildRequires: libtool autoconf automake
+Url: http://lasso.entrouvert.org/
+
+Patch01: 0001-Missing-variable-initialization.patch
+Patch02: 0002-Assert-on-missing-id.patch
+Patch03: 0001-xml-support-xsd-choices-by-allowing-to-rewind-or-adv.patch
+Patch04: 0002-xml-modify-xschema-snippets-to-handle-xsd-choice-con.patch
+
+%description
+Lasso is a library that implements the Liberty Alliance Single Sign On
+standards, including the SAML and SAML2 specifications. It allows to handle
+the whole life-cycle of SAML based Federations, and provides bindings
+for multiple languages.
+
+%package devel
+Summary: Lasso development headers and documentation
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description devel
+This package contains the header files, static libraries and development
+documentation for Lasso.
+
+%if %{with_perl}
+%package perl
+Summary: Liberty Alliance Single Sign On (lasso) Perl bindings
+Group: Development/Libraries
+BuildRequires: perl(ExtUtils::MakeMaker)
+BuildRequires: perl(Test::More)
+Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description perl
+Perl language bindings for the lasso (Liberty Alliance Single Sign On) library.
+%endif
+
+%if %{with_java}
+%package java
+Summary: Liberty Alliance Single Sign On (lasso) Java bindings
+Group: Development/Libraries
+BuildRequires: java-devel
+BuildRequires: jpackage-utils
+Requires: java-headless
+Requires: jpackage-utils
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description java
+Java language bindings for the lasso (Liberty Alliance Single Sign On) library.
+%endif
+
+%if %{with_php}
+%package php
+Summary: Liberty Alliance Single Sign On (lasso) PHP bindings
+Group: Development/Libraries
+BuildRequires: php-devel, expat-devel
+BuildRequires: python2
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: php(zend-abi) = %{php_zend_api}
+Requires: php(api) = %{php_core_api}
+Provides: php-lasso = %{version}-%{release}
+Provides: php-lasso%{?_isa} = %{version}-%{release}
+
+%description php
+PHP language bindings for the lasso (Liberty Alliance Single Sign On) library.
+%endif
+
+%if %{with_python}
+%package python
+Summary: Liberty Alliance Single Sign On (lasso) Python bindings
+Group: Development/Libraries
+BuildRequires: python2-devel
+BuildRequires: python-lxml
+Requires: python
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description python
+Python language bindings for the lasso (Liberty Alliance Single Sign On)
+library.
+%endif
+
+%prep
+%setup -q -n %{name}-%{version}
+%patch01 -p1
+%patch02 -p1
+%patch03 -p1
+%patch04 -p1
+
+%build
+autoreconf -vif
+%configure --prefix=%{_prefix} \
+%if !%{with_java}
+ --disable-java \
+%endif
+%if !%{with_python}
+ --disable-python \
+%endif
+%if !%{with_perl}
+ --disable-perl \
+%endif
+%if %{with_php}
+ --enable-php5=yes \
+ --with-php5-config-dir=%{php_inidir} \
+%else
+ --enable-php5=no \
+%endif
+%if %{with_wsf}
+ --enable-wsf \
+ --with-sasl2=%{_prefix}/sasl2 \
+%endif
+# --with-html-dir=%{_datadir}/gtk-doc/html
+
+make %{?_smp_mflags} CFLAGS="%{optflags}"
+
+%check
+make check
+
+%install
+#install -m 755 -d %{buildroot}%{_datadir}/gtk-doc/html
+
+make install exec_prefix=%{_prefix} DESTDIR=%{buildroot}
+find %{buildroot} -type f -name '*.la' -exec rm -f {} \;
+find %{buildroot} -type f -name '*.a' -exec rm -f {} \;
+
+# Perl subpackage
+%if %{with_perl}
+find %{buildroot} \( -name perllocal.pod -o -name .packlist \) -exec rm -v {} \;
+
+find %{buildroot}/usr/lib*/perl5 -type f -print |
+ sed "s@^%{buildroot}@@g" > %{name}-perl-filelist
+if [ "$(cat %{name}-perl-filelist)X" = "X" ] ; then
+ echo "ERROR: EMPTY FILE LIST"
+ exit -1
+fi
+%endif
+
+# PHP subpackage
+%if %{with_php}
+install -m 755 -d %{buildroot}%{_datadir}/php/%{name}
+mv %{buildroot}%{_datadir}/php/lasso.php %{buildroot}%{_datadir}/php/%{name}
+
+# rename the PHP config file when needed (PHP 5.6+)
+if [ "%{name}.ini" != "%{ini_name}" ]; then
+ mv %{buildroot}%{php_inidir}/%{name}.ini \
+ %{buildroot}%{php_inidir}/%{ini_name}
+fi
+%endif
+
+# Remove bogus doc files
+rm -fr %{buildroot}%{_defaultdocdir}/%{name}
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(-,root,root)
+%{_libdir}/liblasso.so.*
+%doc AUTHORS COPYING NEWS README
+
+%files devel
+%defattr(-,root,root)
+%{_libdir}/liblasso.so
+%{_libdir}/pkgconfig/lasso.pc
+%{_includedir}/%{name}
+
+%if %{with_perl}
+%files perl -f %{name}-perl-filelist
+%defattr(-,root,root)
+%endif
+
+%if %{with_java}
+%files java
+%defattr(-,root,root)
+%{_libdir}/java/libjnilasso.so
+%{_javadir}/lasso.jar
+%endif
+
+%if %{with_php}
+%files php
+%defattr(-,root,root)
+%attr(755,root,root) %{php_extdir}/lasso.so
+%config(noreplace) %attr(644,root,root) %{php_inidir}/%{ini_name}
+%attr(755,root,root) %dir %{_datadir}/php/%{name}
+%attr(644,root,root) %{_datadir}/php/%{name}/lasso.php
+%endif
+
+%if %{with_python}
+%files python
+%defattr(-,root,root)
+%{python_sitearch}/lasso.py*
+%{python_sitearch}/_lasso.so
+%endif
+
+%changelog
+* Fri Dec 5 2014 Simo Sorce <simo@redhat.com> - 2.4.1-5
+- Add support for ADFS interoperability
+- Resolves: #1160803
+
+* Thu Sep 11 2014 Simo Sorce <simo@redhat.com> - 2.4.1-4
+- Add missing covscan related patches previously sent upstream
+- Related: #1120360
+
+* Thu Sep 11 2014 Simo Sorce <simo@redhat.com> - 2.4.1-3
+- ppc4le fails to build without autoreconf being run first
+- Resolves: #1140419
+
+* Fri Sep 5 2014 Simo Sorce <simo@redhat.com> - 2.4.1-2
+- Import packge in RHEL7
+- Resolves: #1120360
+
+* Thu Aug 28 2014 Simo Sorce <simo@redhat.com> - 2.4.1-1
+- New upstream relase 2.4.1
+- Drop patches as they have all been integrated upstream
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Fri Jun 20 2014 Remi Collet <rcollet@redhat.com> - 2.4.0-4
+- rebuild for https://fedoraproject.org/wiki/Changes/Php56
+- add numerical prefix to extension configuration file
+- drop unneeded dependency on pecl
+- add provides php-lasso
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Fri Apr 25 2014 Simo Sorce <simo@redhat.com> - 2.4.0-2
+- Fixes for arches where pointers and integers do not have the same size
+ (ppc64, s390, etc..)
+
+* Mon Apr 14 2014 Stanislav Ochotnicky <sochotnicky@redhat.com> - 2.4.0-1
+- Use OpenJDK instead of GCJ for java bindings
+
+* Sat Jan 11 2014 Simo Sorce <simo@redhat.com> 2.4.0-0
+- Update to final 2.4.0 version
+- Drop all patches, they are now included in 2.4.0
+- Change Source URI
+
+* Mon Dec 9 2013 Simo Sorce <simo@redhat.com> 2.3.6-0.20131125.5
+- Add patches to fix rpmlint license issues
+- Add upstream patches to fix some build issues
+
+* Thu Dec 5 2013 Simo Sorce <simo@redhat.com> 2.3.6-0.20131125.4
+- Add patch to support automake-1.14 for rawhide
+
+* Mon Nov 25 2013 Simo Sorce <simo@redhat.com> 2.3.6-0.20131125.3
+- Initial packaging
+- Based on the spec file by Jean-Marc Liger <jmliger@siris.sorbonne.fr>
+- Code is updated to latest master via a jumbo patch while waiting for
+ official upstream release.
+- Jumbo patch includes also additional patches sent to upstream list)
+ to build on Fedora 20
+- Perl bindings are disabled as they fail to build
+- Disable doc building as it doesn't ork correctly for now