Développement #85339
lasso 2.8.2 regression build failure against libxmlsec1 1.3.3
0%
Description
Happy new year!
This is Rui, a homebrew maintainer, while we are trying to upgrade
libxmlsec1 from 1.3.2 to 1.3.3, we ran into some build failure:
```
libtool: link: clang -dynamiclib -o .libs/liblasso.3.dylib
.libs/lasso.o .libs/errors.o .libs/registry.o .libs/utils.o
.libs/logging.o .libs/key.o
-Wl,-force_load,../lasso/xml/ecp/.libs/liblasso-xml-ecp.a
-Wl,-force_load,../lasso/xml/.libs/liblasso-xml.a
-Wl,-force_load,../lasso/xml/saml-2.0/.libs/liblasso-xml-saml2.a
-Wl,-force_load,../lasso/xml/soap-1.1/.libs/liblasso-xml-soap11.a
-Wl,-force_load,../lasso/xml/dsig/.libs/liblasso-xml-dsig.a
-Wl,-force_load,../lasso/id-ff/.libs/liblasso-id-ff.a
-Wl,-force_load,../lasso/saml-2.0/.libs/liblasso-saml-20.a
-L/opt/homebrew/Cellar/lasso/2.8.2_2/lib -lz
-L/opt/homebrew/Cellar/glib/2.78.3/lib -L/opt/homebrew/opt/gettext/lib
-L/opt/homebrew/Cellar/libxml2/2.12.3/lib
-L/opt/homebrew/Cellar/openssl@3/3.2.0_1/lib
-L/opt/homebrew/Cellar/libxmlsec1/1.3.3/lib
-L/opt/homebrew/opt/openssl@3/lib -lgobject-2.0 -lglib-2.0 -lintl
-lxmlsec1-openssl -lxmlsec1 -lxslt -lxml2 -lssl -lcrypto
-install_name /opt/homebrew/Cellar/lasso/2.8.2_2/lib/liblasso.3.dylib
-compatibility_version 19 -current_version 19.2
-Wl,-exported_symbols_list,.libs/liblasso-symbols.expsym
ld: Undefined symbols:
_xmlSecCryptoAppKeyLoad, referenced from:
_lasso_get_public_key_from_pem_file in liblasso-xml.a2(tools.o)
clang: error: linker command failed with exit code 1 (use -v to see invocation)
```
This is due to the fact that `xmlSecCryptoAppKeyLoad` is now removed
in the 1.3.3 release. See this commit for details,
https://github.com/lsh123/xmlsec/commit/114f580409e076bbe7b352eb74008d818c6e3e93
Let me know if I need to provide more info.
Associated revisions
misc: mute warning about implicit declaration of lasso_get_default_signature_method (#85339)
xmlsec: replace xmlSecCryptoAppKeyLoad by xmlSecCryptoAppKeyLoadEx (#85339)
xmlSecCryptoAppKeyLoad was removed from libxmlsec1 in version >= 1.3.3:
(xmlsec-core) Removed previously deprecated functions, defines, etc.
xmlSecCryptoAppKeyLoadEx was introduced in libxmlsec in version 1.3.0.
xmlsec: use XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH when writing encrypted keys (#85339)
For compatibility with libxmlsec1>=1.3.0, as we do not use KeyName to
reference the wrapping key:
(API breaking change) Changed the key search to strict mode: only keys referenced by KeyInfo are used. To restore the old "lax" mode, set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx or use '--lax-key-search' option for XMLSec command line utility.
xmlsec: re-enable KeyValue nodes when reading KeyInfo descriptors (#85339)
KeyValue has been disabled in libxmlsec >= 1.3.3, as it can be a security
liability in other settings than SAML:
(xmlsec-core) Disabled KeyValue and DEREncodedKeyValue XML nodes by default. Use the '--enabled-key-data' option for the xmlsec command line utility or update the 'keyInfoCtx->enabledKeyData' parameter if you need to re-enable these nodes (also see question 3.5 in the FAQ).
Fix undefined macro in #if conditional (#85339)
History
Updated by Robot Gitea 12 months ago
- Tracker changed from Support to Développement
- Status changed from Nouveau to Solution proposée
Benjamin Dauvergne (bdauvergne) a ouvert une pull request sur Gitea concernant cette demande :
- URL : https://git.entrouvert.org/entrouvert/lasso/pulls/10
- Titre : compatibilité libxmlsec1 1.3.x (#85339)
- Modifications : https://git.entrouvert.org/entrouvert/lasso/pulls/10/files
Updated by Robot Gitea 12 months ago
- Status changed from Solution proposée to En cours
Thomas NOËL (tnoel) a relu et demandé des modifications sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 12 months ago
- Status changed from En cours to Solution proposée
Benjamin Dauvergne (bdauvergne) a demandé une relecture de Thomas NOËL (tnoel) sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 12 months ago
Thomas NOËL (tnoel) a demandé une relecture de Pierre Ducroquet (pducroquet) sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 12 months ago
- Status changed from Solution proposée to En cours
Pierre Ducroquet (pducroquet) a relu et demandé des modifications sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 12 months ago
- Status changed from En cours to Solution proposée
Benjamin Dauvergne (bdauvergne) a demandé une relecture de Pierre Ducroquet (pducroquet) sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 9 months ago
Benjamin Dauvergne (bdauvergne) a demandé une relecture de Yann Weber (yweber) sur une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 9 months ago
- Status changed from Solution proposée to Solution validée
Yann Weber (yweber) a approuvé une pull request sur Gitea concernant cette demande :
Updated by Robot Gitea 9 months ago
- Status changed from Solution validée to Résolu (à déployer)
Benjamin Dauvergne (bdauvergne) a mergé une pull request sur Gitea concernant cette demande :
- URL : https://git.entrouvert.org/entrouvert/lasso/pulls/10
- Titre : compatibilité libxmlsec1 1.3.x (#85339)
- Modifications : https://git.entrouvert.org/entrouvert/lasso/pulls/10/files
xml: fix uninitialized local variable (#85339)