lasso-2.8.2 test suite fails against xmlsec1-1.3.0
In Fedora Rawhide, we upgraded xmlsec1 to v1.3.0, which has caused lasso-2.8.2 to fail to build due to the test suite failing.
I've attached the log of the failures.
The current suspicion is that there's some attempt to use old crypto which is now disabled (e.g. MD5 and others).
More info on the new xmlsec1 release is on their website: https://www.aleksey.com/xmlsec/
Our packaging (for your perusal) is also available here: https://src.fedoraproject.org/rpms/lasso/blob/0f5cb2907431eb5290be03a1cb8cd17ba66ff462/f/lasso.spec
Updated by Neal Gompa 4 months ago
A potentially related ticket from Ipsilon (a consumer of lasso for SAML2 support): https://pagure.io/ipsilon/issue/393
It is noted in that ticket that lasso defaults to SHA-1, which is being disabled by default due to it being considered weak like MD5 before it.