Project

General

Profile

Development #85339

lasso 2.8.2 regression build failure against libxmlsec1 1.3.3

Added by Rui Chen 4 months ago. Updated about 1 month ago.

Status:
Résolu (à déployer)
Priority:
Normal
Category:
-
Target version:
-
Start date:
05 January 2024
Due date:
% Done:

0%

Estimated time:
Patch proposed:
No
Planning:
No

Description

Happy new year!

This is Rui, a homebrew maintainer, while we are trying to upgrade
libxmlsec1 from 1.3.2 to 1.3.3, we ran into some build failure:

```
libtool: link: clang -dynamiclib -o .libs/liblasso.3.dylib
.libs/lasso.o .libs/errors.o .libs/registry.o .libs/utils.o
.libs/logging.o .libs/key.o
-Wl,-force_load,../lasso/xml/ecp/.libs/liblasso-xml-ecp.a
-Wl,-force_load,../lasso/xml/.libs/liblasso-xml.a
-Wl,-force_load,../lasso/xml/saml-2.0/.libs/liblasso-xml-saml2.a
-Wl,-force_load,../lasso/xml/soap-1.1/.libs/liblasso-xml-soap11.a
-Wl,-force_load,../lasso/xml/dsig/.libs/liblasso-xml-dsig.a
-Wl,-force_load,../lasso/id-ff/.libs/liblasso-id-ff.a
-Wl,-force_load,../lasso/saml-2.0/.libs/liblasso-saml-20.a
-L/opt/homebrew/Cellar/lasso/2.8.2_2/lib -lz
-L/opt/homebrew/Cellar/glib/2.78.3/lib -L/opt/homebrew/opt/gettext/lib
-L/opt/homebrew/Cellar/libxml2/2.12.3/lib
-L/opt/homebrew/Cellar/openssl@3/3.2.0_1/lib
-L/opt/homebrew/Cellar/libxmlsec1/1.3.3/lib
-L/opt/homebrew/opt/openssl@3/lib -lgobject-2.0 -lglib-2.0 -lintl
-lxmlsec1-openssl -lxmlsec1 -lxslt -lxml2 -lssl -lcrypto
-install_name /opt/homebrew/Cellar/lasso/2.8.2_2/lib/liblasso.3.dylib
-compatibility_version 19 -current_version 19.2
-Wl,-exported_symbols_list,.libs/liblasso-symbols.expsym
ld: Undefined symbols:
_xmlSecCryptoAppKeyLoad, referenced from:
_lasso_get_public_key_from_pem_file in liblasso-xml.a2(tools.o)
clang: error: linker command failed with exit code 1 (use -v to see invocation)
```

This is due to the fact that `xmlSecCryptoAppKeyLoad` is now removed
in the 1.3.3 release. See this commit for details,
https://github.com/lsh123/xmlsec/commit/114f580409e076bbe7b352eb74008d818c6e3e93

Let me know if I need to provide more info.

Associated revisions

Revision 46caef81 (diff)
Added by Benjamin Dauvergne about 1 month ago

xml: fix uninitialized local variable (#85339)

Revision 1ca8e869 (diff)
Added by Benjamin Dauvergne about 1 month ago

misc: mute warning about implicit declaration of lasso_get_default_signature_method (#85339)

Revision 66c9f50f (diff)
Added by Benjamin Dauvergne about 1 month ago

xmlsec: replace xmlSecCryptoAppKeyLoad by xmlSecCryptoAppKeyLoadEx (#85339)

xmlSecCryptoAppKeyLoad was removed from libxmlsec1 in version >= 1.3.3:

(xmlsec-core) Removed previously deprecated functions, defines, etc.

xmlSecCryptoAppKeyLoadEx was introduced in libxmlsec in version 1.3.0.

Revision 21c224cf (diff)
Added by Benjamin Dauvergne about 1 month ago

xmlsec: use XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH when writing encrypted keys (#85339)

For compatibility with libxmlsec1>=1.3.0, as we do not use KeyName to
reference the wrapping key:

(API breaking change) Changed the key search to strict mode: only keys referenced by KeyInfo are used. To restore the old "lax" mode, set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx or use '--lax-key-search' option for XMLSec command line utility.

Revision 3768f1be (diff)
Added by Benjamin Dauvergne about 1 month ago

xmlsec: re-enable KeyValue nodes when reading KeyInfo descriptors (#85339)

KeyValue has been disabled in libxmlsec >= 1.3.3, as it can be a security
liability in other settings than SAML:

(xmlsec-core) Disabled KeyValue and DEREncodedKeyValue XML nodes by default. Use the '--enabled-key-data' option for the xmlsec command line utility or update the 'keyInfoCtx->enabledKeyData' parameter if you need to re-enable these nodes (also see question 3.5 in the FAQ).

Revision 49e0ea80 (diff)
Added by Benjamin Dauvergne about 1 month ago

Fix undefined macro in #if conditional (#85339)

History

#1

Updated by Benjamin Dauvergne 4 months ago

  • Assignee set to Benjamin Dauvergne
#2

Updated by Robot Gitea 4 months ago

  • Tracker changed from Support to Development
  • Status changed from Nouveau to Solution proposée

Benjamin Dauvergne (bdauvergne) a ouvert une pull request sur Gitea concernant cette demande :

#3

Updated by Robot Gitea 4 months ago

  • Status changed from Solution proposée to En cours

Thomas NOËL (tnoel) a relu et demandé des modifications sur une pull request sur Gitea concernant cette demande :

#4

Updated by Robot Gitea 4 months ago

  • Status changed from En cours to Solution proposée

Benjamin Dauvergne (bdauvergne) a demandé une relecture de Thomas NOËL (tnoel) sur une pull request sur Gitea concernant cette demande :

#5

Updated by Robot Gitea 4 months ago

Thomas NOËL (tnoel) a demandé une relecture de Pierre Ducroquet (pducroquet) sur une pull request sur Gitea concernant cette demande :

#6

Updated by Robot Gitea 4 months ago

  • Status changed from Solution proposée to En cours

Pierre Ducroquet (pducroquet) a relu et demandé des modifications sur une pull request sur Gitea concernant cette demande :

#7

Updated by Robot Gitea 4 months ago

  • Status changed from En cours to Solution proposée

Benjamin Dauvergne (bdauvergne) a demandé une relecture de Pierre Ducroquet (pducroquet) sur une pull request sur Gitea concernant cette demande :

#8

Updated by Robot Gitea about 1 month ago

Benjamin Dauvergne (bdauvergne) a demandé une relecture de Yann Weber (yweber) sur une pull request sur Gitea concernant cette demande :

#9

Updated by Robot Gitea about 1 month ago

  • Status changed from Solution proposée to Solution validée

Yann Weber (yweber) a approuvé une pull request sur Gitea concernant cette demande :

#10

Updated by Robot Gitea about 1 month ago

  • Status changed from Solution validée to Résolu (à déployer)

Benjamin Dauvergne (bdauvergne) a mergé une pull request sur Gitea concernant cette demande :

Also available in: Atom PDF