Projet

Général

Profil

1006-test13_test_lasso_server_load_metadata-Don-t-verify-.patch

Jakub Hrozek, 22 juin 2021 11:02

Télécharger (1,48 ko)

Voir les différences: 

Subject: [PATCH 1006/1006] test13_test_lasso_server_load_metadata: Don't
 verify signature if lasso is not configured with sha-1


 tests/basic_tests.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)
tests/basic_tests.c
1974 1974 
	LassoServer *server = NULL;
1975 1975 
	GList *loaded_entity_ids = NULL;
1976 1976 
	GList blacklisted_1 = { .data = "https://identities.univ-jfc.fr/idp/prod", .next = NULL };
1977 
	const gchar *trusted_roots = TESTSDATADIR "/rootCA.crt";
1978 

  		




  
  1979
  
    
	/* The IDP metadata file is signed with rsa-sha1, so verifying it would

  		




  
  1980
  
    
	 * fail incase sha1 is not available

  		




  
  1981
  
    
	 */

  		




  
  1982
  
    
	if (lasso_get_default_signature_method() != LASSO_SIGNATURE_METHOD_RSA_SHA1) {

  		




  
  1983
  
    
		trusted_roots = NULL;

  		




  
  1984
  
    
	}

  		




  1977
  1985
  
    

  		




  1978
  1986
  
    
	check_not_null(server = lasso_server_new(

  		




  1979
  1987
  
    
			TESTSDATADIR "/idp5-saml2/metadata.xml",

  		




  ......




  1983
  1991
  
    
	block_lasso_logs;

  		




  1984
  1992
  
    
	check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP,

  		




  1985
  1993
  
    
				TESTSDATADIR "/metadata/renater-metadata.xml",

  		




  1986
  
  
    
				TESTSDATADIR "/rootCA.crt",

  		




  
  1994
  
    
				trusted_roots,

  		




  1987
  1995
  
    
				&blacklisted_1, &loaded_entity_ids,

  		




  1988
  1996
  
    
				LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT));

  		




  1989
  1997
  
    
	unblock_lasso_logs;

  		




  1990
  
  
    
-