Project

General

Profile

Bug #78280

lasso-2.8.2 test suite fails against xmlsec1-1.3.0

Added by Neal Gompa 4 months ago. Updated 4 months ago.

Status:
Nouveau
Priority:
Normal
Assignee:
Benjamin Dauvergne
Category:
-
Target version:
-
Start date:
08 June 2023
Due date:
% Done:

0%

Estimated time:
Patch proposed:
No
Planning:
No

Description

In Fedora Rawhide, we upgraded xmlsec1 to v1.3.0, which has caused lasso-2.8.2 to fail to build due to the test suite failing.

I've attached the log of the failures.

The current suspicion is that there's some attempt to use old crypto which is now disabled (e.g. MD5 and others).

More info on the new xmlsec1 release is on their website: https://www.aleksey.com/xmlsec/

Our packaging (for your perusal) is also available here: https://src.fedoraproject.org/rpms/lasso/blob/0f5cb2907431eb5290be03a1cb8cd17ba66ff462/f/lasso.spec

Files

1101855.txt (6.66 KB) 1101855.txt test suite log from lasso-2.8.2 build against xmlsec1-1.3.0 on Fedora Rawhide Neal Gompa, 08 June 2023 07:11 PM

History

#1

Updated by Neal Gompa 4 months ago

A potentially related ticket from Ipsilon (a consumer of lasso for SAML2 support): https://pagure.io/ipsilon/issue/393

It is noted in that ticket that lasso defaults to SHA-1, which is being disabled by default due to it being considered weak like MD5 before it.

#2

Updated by Benjamin Dauvergne 4 months ago

I look at it before end of the month.

#3

Updated by Benjamin Dauvergne 4 months ago

  • Assignee set to Benjamin Dauvergne

Also available in: Atom PDF