release 1.5.5
Features
- set HttpOnly by default on cookies, override using OIDCCookieHTTPOnly [On|Off]
- use default of "/" for OIDCCookiePath
Bugs
- fix debug printout on open redirect prevention and code response validation
- cleanup in-memory crypto context on shutdown
- clear session cookie after cache miss or corruption
Other
- disable OIDCMetadataDir in sample config since it may be overlooked
- use FQDN for sample hostname in sample configs since Google requires that
- make implicit post javascript HTML 4.01 Strict compliant
- provide Wheezy backports as uploaded to the Debian repositories