import lasso-2.6.0-7.el8
This commit is contained in:
parent
a9862e7e85
commit
442e5a2c6a
@ -0,0 +1,382 @@
|
|||||||
|
From 12a3f6c10ee3d5f321a751cf6c4cb7f63313582e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||||
|
Date: Thu, 13 Jun 2019 13:03:04 +0200
|
||||||
|
Subject: [PATCH] tests: use self-generated certificate to sign federation
|
||||||
|
metadata file (#33823)
|
||||||
|
|
||||||
|
---
|
||||||
|
tests/basic_tests.c | 13 +---
|
||||||
|
tests/data/lasso.crt | 23 +++++++
|
||||||
|
tests/data/lasso.csr | 15 ++++
|
||||||
|
tests/data/lasso.key | 27 ++++++++
|
||||||
|
.../metadata/metadata-federation-renater.crt | 15 ----
|
||||||
|
tests/data/metadata/renater-metadata.xml | 69 +++++++++++--------
|
||||||
|
tests/data/rootCA.crt | 32 +++++++++
|
||||||
|
tests/data/rootCA.key | 51 ++++++++++++++
|
||||||
|
tests/data/rootCA.srl | 1 +
|
||||||
|
9 files changed, 192 insertions(+), 54 deletions(-)
|
||||||
|
create mode 100644 tests/data/lasso.crt
|
||||||
|
create mode 100644 tests/data/lasso.csr
|
||||||
|
create mode 100644 tests/data/lasso.key
|
||||||
|
delete mode 100644 tests/data/metadata/metadata-federation-renater.crt
|
||||||
|
create mode 100644 tests/data/rootCA.crt
|
||||||
|
create mode 100644 tests/data/rootCA.key
|
||||||
|
create mode 100644 tests/data/rootCA.srl
|
||||||
|
|
||||||
|
diff --git a/tests/basic_tests.c b/tests/basic_tests.c
|
||||||
|
index c08cab69..84999a17 100644
|
||||||
|
--- a/tests/basic_tests.c
|
||||||
|
+++ b/tests/basic_tests.c
|
||||||
|
@@ -1983,24 +1983,13 @@ START_TEST(test13_test_lasso_server_load_metadata)
|
||||||
|
block_lasso_logs;
|
||||||
|
check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP,
|
||||||
|
TESTSDATADIR "/metadata/renater-metadata.xml",
|
||||||
|
- TESTSDATADIR "/metadata/metadata-federation-renater.crt",
|
||||||
|
+ TESTSDATADIR "/rootCA.crt",
|
||||||
|
&blacklisted_1, &loaded_entity_ids,
|
||||||
|
LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT));
|
||||||
|
unblock_lasso_logs;
|
||||||
|
check_equals(g_hash_table_size(server->providers), 110);
|
||||||
|
check_equals(g_list_length(loaded_entity_ids), 110);
|
||||||
|
|
||||||
|
-#if 0
|
||||||
|
- /* UK federation file are too big to distribute (and I don't even known if it's right to do
|
||||||
|
- * it, disable this test for now ) */
|
||||||
|
- check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP,
|
||||||
|
- TESTSDATADIR "/ukfederation-metadata.xml",
|
||||||
|
- TESTSDATADIR "/ukfederation.pem",
|
||||||
|
- &blacklisted_1, &loaded_entity_ids,
|
||||||
|
- LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT));
|
||||||
|
- check_equals(g_list_length(loaded_entity_ids), 283);
|
||||||
|
- check_equals(g_hash_table_size(server->providers), 393);
|
||||||
|
-#endif
|
||||||
|
lasso_release_list_of_strings(loaded_entity_ids);
|
||||||
|
|
||||||
|
lasso_release_gobject(server);
|
||||||
|
diff --git a/tests/data/lasso.crt b/tests/data/lasso.crt
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..568a0b9c
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/lasso.crt
|
||||||
|
@@ -0,0 +1,23 @@
|
||||||
|
+-----BEGIN CERTIFICATE-----
|
||||||
|
+MIID6zCCAdMCFALT+lN2uLJWF7p2xOo65/5KwxixMA0GCSqGSIb3DQEBCwUAMEUx
|
||||||
|
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
||||||
|
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwIBcNMTkwNjExMDc0NTU2WhgPMjI5MzAzMjUw
|
||||||
|
+NzQ1NTZaMB0xCzAJBgNVBAYTAkZSMQ4wDAYDVQQDDAVMYXNzbzCCASIwDQYJKoZI
|
||||||
|
+hvcNAQEBBQADggEPADCCAQoCggEBAOIS/WATGMJsv7OvgrjpYmAW3RmojVp4cHi0
|
||||||
|
+17HelWVZ5adX3zSljecmpb1UQcBNzEDb15tOnNO708O94fFLWiWRfjYWa1QYOLkZ
|
||||||
|
+6kHAR2yJTkhBNQl326K6BnJkWoCsErkXa1608+6+rXR+9KchB/lLSY3Dqh8L6N7s
|
||||||
|
+qE+xyD1Z8HM3mHs9CM4crIpCPaZ80/yNfBPqPA2Zv4uIBrwSF32rPnh1ciJuIKQg
|
||||||
|
+jnCQOaKC2j+VsytgthriI0PVRzC7WPAJReQa65N/i721jG6rPecwVcCS9G6cmG+s
|
||||||
|
+pq6GERUe7nFVdNZ5sRzNsGuDpEdmeCS1pCPtW2hufm8vqvtw9ZkCAwEAATANBgkq
|
||||||
|
+hkiG9w0BAQsFAAOCAgEAfbHk+QNvLYDNlqwwlu5+88/3CcEx+s1voXOBTxgyIAR2
|
||||||
|
+NVKkO7dAW5me51jPPZhy+xC4i+AAeLW5JGwirM5LDgU+9P02JBsZ4OoZI3pBAZ5m
|
||||||
|
+GrmxrMm6q+9mJ+6bMHolfBNN6hoaWeJiknvc1Id7o0Dh4PbdV7r6ISuXisDb/1je
|
||||||
|
+tmzxoFuXhmDwwHMTG7eUORVFEgS8V5NNKMv16BeWNDohJVP6icxwoi5JswUl+vfO
|
||||||
|
+rvIwx2GAJ2EQAbSZv5ADFQ4/vxeopULgLnblc3BwVG4RTT7plNgT2iXP8YwmEGKb
|
||||||
|
+JDHRVFUo1tX6EKkBUI9AgETrdUnLq6XxP11JmrqNL9oOHw+hGb5vT1wyn6FFxZo2
|
||||||
|
+BVgfqdiGbjcs1bTKeQAZKuhaW90oV6+yYD6WtWn/LfHnftAJivALkmUk+XaSqqbO
|
||||||
|
+FxuyRsz9C/yq0azr6IkCWhGwBYoLvf2CrvovSYpPXefeQ+1yXNDW7bvfAQfOO9xk
|
||||||
|
+SqQi4cYJw9hNqTk2f61x6UX/o8wKVhXEHyaCr9lVLNpCK0Uy07f3zkubx1mW5PST
|
||||||
|
+ITSnD8sPD7iMyGOJa5tQJ8W5u2NJT6qo52Jubgc8PapkOoYyEhUaTQEb8RN6D3oD
|
||||||
|
+xc8cCKn4HUtpkJKgxYhQDtsomJp2RK7lzjVPXAlFUmld88WgqdJwp9GSvMEktA0=
|
||||||
|
+-----END CERTIFICATE-----
|
||||||
|
diff --git a/tests/data/lasso.csr b/tests/data/lasso.csr
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..c450e1b4
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/lasso.csr
|
||||||
|
@@ -0,0 +1,15 @@
|
||||||
|
+-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
+MIICYjCCAUoCAQAwHTELMAkGA1UEBhMCRlIxDjAMBgNVBAMMBUxhc3NvMIIBIjAN
|
||||||
|
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hL9YBMYwmy/s6+CuOliYBbdGaiN
|
||||||
|
+WnhweLTXsd6VZVnlp1ffNKWN5yalvVRBwE3MQNvXm06c07vTw73h8UtaJZF+NhZr
|
||||||
|
+VBg4uRnqQcBHbIlOSEE1CXfboroGcmRagKwSuRdrXrTz7r6tdH70pyEH+UtJjcOq
|
||||||
|
+Hwvo3uyoT7HIPVnwczeYez0IzhysikI9pnzT/I18E+o8DZm/i4gGvBIXfas+eHVy
|
||||||
|
+Im4gpCCOcJA5ooLaP5WzK2C2GuIjQ9VHMLtY8AlF5Brrk3+LvbWMbqs95zBVwJL0
|
||||||
|
+bpyYb6ymroYRFR7ucVV01nmxHM2wa4OkR2Z4JLWkI+1baG5+by+q+3D1mQIDAQAB
|
||||||
|
+oAAwDQYJKoZIhvcNAQELBQADggEBAJcoM7bn2yEElJjpX8mYuawWwlNdLOCyIPCc
|
||||||
|
+tr6b61CmVDVntWw61fExrg+n1b5uOVuUAEaYNutw6nypzrfvr4wjGKxbl/jTSJCM
|
||||||
|
+WHLl0/+IGQgr41SbRaySA1Y1hdJEd1ummH07sd7FfQNN/T/zLGaM0CI2/yj89VRk
|
||||||
|
+BJwiSwbFp1zqntoITQPjo/vpWAqahqNpSKR+C5l1f870wVI2wPg89McRw35EACdx
|
||||||
|
+Pys8g15+3eKBRTD24eOSWDAL4iDz1jh8ejwtuPjZCQRgg7pkV7uK9Qq4XbStW8AR
|
||||||
|
+JftZ9BBmUOkpdTY0ml6uNojI5u3J/A8KL0UHeiOGLzEy6l64qjE=
|
||||||
|
+-----END CERTIFICATE REQUEST-----
|
||||||
|
diff --git a/tests/data/lasso.key b/tests/data/lasso.key
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..d6ee4142
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/lasso.key
|
||||||
|
@@ -0,0 +1,27 @@
|
||||||
|
+-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
+MIIEpAIBAAKCAQEA4hL9YBMYwmy/s6+CuOliYBbdGaiNWnhweLTXsd6VZVnlp1ff
|
||||||
|
+NKWN5yalvVRBwE3MQNvXm06c07vTw73h8UtaJZF+NhZrVBg4uRnqQcBHbIlOSEE1
|
||||||
|
+CXfboroGcmRagKwSuRdrXrTz7r6tdH70pyEH+UtJjcOqHwvo3uyoT7HIPVnwczeY
|
||||||
|
+ez0IzhysikI9pnzT/I18E+o8DZm/i4gGvBIXfas+eHVyIm4gpCCOcJA5ooLaP5Wz
|
||||||
|
+K2C2GuIjQ9VHMLtY8AlF5Brrk3+LvbWMbqs95zBVwJL0bpyYb6ymroYRFR7ucVV0
|
||||||
|
+1nmxHM2wa4OkR2Z4JLWkI+1baG5+by+q+3D1mQIDAQABAoIBAClNONcFhh93CKrG
|
||||||
|
+JMatdJiDdM9MOM7PdBTJTSKkvHxwqQEij5epqzwQlnT5YK3GSMuMnl40RXh1NyHq
|
||||||
|
+nc2ca5KzevBctiz949cFQgPTIflVOGUA7LSXHhwjiiv544LgbOc9vRLnUi1Kzpua
|
||||||
|
+2g1yfmdv9rcciQb1AQ1BBRrSKvfyD410KojJXwunYx32hrHdnhPwC3xyg6BEMpq9
|
||||||
|
+PtcnTvFY/iDeyzYLwAwJb2xdTCpg7okd1KthtohS740Y0uS+UVaEDK7xOIj+CNIq
|
||||||
|
+ii+j0fv5N5fjke8TdUszLWkDYQQ9BTJWFOjJ72FZs9J8pk7RlNhnt6tEoZ6866+w
|
||||||
|
+nprmJwUCgYEA9VWT0FswnSnm+lkRP7vc/SJYTg6zD2BrGOKEo58L8TObb242G+Fs
|
||||||
|
+JteMvdVm14GublmqXZv6Md5x5iVh3kRlu+8dbM5WnBNpwt6mGZPK7if5K/X1qiJg
|
||||||
|
+BeroAX/KuVjSHBYVDFfHqPQg146RFcj/q7aCsqc+aMwgdUZ8OlBjRf8CgYEA6+cP
|
||||||
|
+GG9VOlXWZ2RzSBoKrvxJgSQRpgVXeJAr1BWZ+pJVGIft3zSbeJ30nsUuob61UDVH
|
||||||
|
+g6HzjOUQWHyK4wq2gyK3kOw/Aii6z4REXDVMVq3OgqaE4Fw+MH31ci8JILU415ZY
|
||||||
|
+DQGo++E87tbSgp32gqou7Aj7Y4Sfvx+V/da4NGcCgYAv+tGSsRLb2cMLePnPnh0F
|
||||||
|
+AH+GnIdWXYP0dPB903ARdwdSDprUbwyouAUVZzPat8j2WeDgt82BjUB3Qx5Vysie
|
||||||
|
+rY/ypJP5qC5J5yNS4z2PwA+SEmM+J8Thw2QmTujFwOIujf8Fz/EDUONPZNlpCks+
|
||||||
|
+OM5sxBqHgkxiwysueGRB3wKBgQCWwXDaMrwKrbR5Gq65kzrknQH0b7J/oMZHnAsG
|
||||||
|
+XE+s3DtZk/SmQh5hNMCRfn3Qi+mfOo1bR/I3RmPtyJmRgtUkdNlO2kth+9l2qJZv
|
||||||
|
+PvhsJGLnB7e/EfQEVVq3/+sbZfTPgZr/pOHzJfwkvlCFfKF+23dlDFBrRuQ35d2a
|
||||||
|
+/M93XQKBgQCmAatw/7+z/CS6HinOW7W4k77eQ4wHb8XwzTl8T/5mf6KzejDUuEpZ
|
||||||
|
+hi4ZMAZqNywiJo7UOu6APVzRU7qF6Dbg4eIZWtIocMhp19kUArAPz7NcrghXsTIZ
|
||||||
|
+UdBWeG3kgUa5Q6d/D2OpWHK9S8LRdUL4/H0WZoqDOoDpJwKpljevyg==
|
||||||
|
+-----END RSA PRIVATE KEY-----
|
||||||
|
diff --git a/tests/data/metadata/metadata-federation-renater.crt b/tests/data/metadata/metadata-federation-renater.crt
|
||||||
|
deleted file mode 100644
|
||||||
|
index b6117441..00000000
|
||||||
|
--- a/tests/data/metadata/metadata-federation-renater.crt
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,15 +0,0 @@
|
||||||
|
------BEGIN CERTIFICATE-----
|
||||||
|
-MIICZTCCAc6gAwIBAgIEScn+qTANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJG
|
||||||
|
-UjEQMA4GA1UEChMHUkVOQVRFUjFWMFQGA1UEAxNNQ2VydGlmaWNhdCBkZSBzaWdu
|
||||||
|
-YXR1cmUgZGVzIG1ldGEgZG9ubmVlcyBkZSBsYSBmZWRlcmF0aW9uIEVkdWNhdGlv
|
||||||
|
-bi1SZWNoZXJjaGUwHhcNMDkwMzI1MDk1MTM3WhcNMTkwMzIzMDk1MTM3WjB3MQsw
|
||||||
|
-CQYDVQQGEwJGUjEQMA4GA1UEChMHUkVOQVRFUjFWMFQGA1UEAxNNQ2VydGlmaWNh
|
||||||
|
-dCBkZSBzaWduYXR1cmUgZGVzIG1ldGEgZG9ubmVlcyBkZSBsYSBmZWRlcmF0aW9u
|
||||||
|
-IEVkdWNhdGlvbi1SZWNoZXJjaGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
|
||||||
|
-AJBXcLIguokGiytYSOrgmU6fN+1DXK4eaquvFGMaswuhcRPD4tXtSs8CGxPP8/VF
|
||||||
|
-Mpcry04lfPA3mpwDis47hsvmLqGJVmfSuvkDsPx+I325h4WqGzEV8kfttkJSi8D0
|
||||||
|
-QLKk9wseA+BHzoBpU6e5uWmGqfWJgbZlcUuYKCIE2nL/AgMBAAEwDQYJKoZIhvcN
|
||||||
|
-AQEFBQADgYEAT0rUS5GTtqW9a0pAv0PjieSS6bW3KG3Mtn0jC1dmav6X9fbhhmFL
|
||||||
|
-1XSC9WnCU2UD3986EWWYKhN2INHghHE/fQGveVwdcVSSt601OpAsUF18tx0vHqkf
|
||||||
|
-Shcj7mteq59Gv4hOE8U1Urd/pSRaIO3G42X6/L/AlXeDkicfGZHhq7Q=
|
||||||
|
------END CERTIFICATE-----
|
||||||
|
diff --git a/tests/data/metadata/renater-metadata.xml b/tests/data/metadata/renater-metadata.xml
|
||||||
|
index 868f9259..70517100 100644
|
||||||
|
--- a/tests/data/metadata/renater-metadata.xml
|
||||||
|
+++ b/tests/data/metadata/renater-metadata.xml
|
||||||
|
@@ -1,4 +1,5 @@
|
||||||
|
-<?xml version="1.0" encoding="UTF-8"?><EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="https://federation.renater.fr/" validUntil="2011-05-23T14:24:02Z" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
+<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="https://federation.renater.fr/" validUntil="2011-05-23T14:24:02Z" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
<ds:SignedInfo>
|
||||||
|
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
||||||
|
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
||||||
|
@@ -11,36 +12,50 @@
|
||||||
|
<ds:DigestValue>AIDrFyG3G6IpXdapls2LeP2Awt8=</ds:DigestValue>
|
||||||
|
</ds:Reference>
|
||||||
|
</ds:SignedInfo>
|
||||||
|
-<ds:SignatureValue>
|
||||||
|
-Mb7C8CsvA6UNnLN+LHCoOG7+c1CYQtUMm+o3p31niDfRcDcCDtuZ521FGM6p6ki6fS8HlncK0Q+h
|
||||||
|
-7rpXNeD2dY12FU94vI5wfF6m89pRs6QYE4O13HPDDZvhRZY+BX4+fqg6tsRz8NRaFS/xvxSzzPzO
|
||||||
|
-dsOrE6R2/QhrcaF1PnA=
|
||||||
|
-</ds:SignatureValue>
|
||||||
|
+<ds:SignatureValue>a47ZynaE+fXQFr2QkjjNsPoWhG0Lbed36MZ2/1jNygD2Ck3zYNSBxFTNI0bhZSi+
|
||||||
|
+sYefYhnYDqpz785/90Ym3hVL+olMZ8z7NLlkeDKCScNCi1436j/W4voR0jez3BkA
|
||||||
|
+IrMW2p4eUtSwfTHRazMtRacQrwTk3JAbShXuWU7fVnRI4t8oa8t43rf2hz+rRG8F
|
||||||
|
+SizMOyyHMak13jaVCmX5qoaO4OWmqs2GhXsx8hRfzJ8o6w417InTLWcuIRNw1/zm
|
||||||
|
+6O6H1as6nmKv34SppCiwdGrTpT6i3/zB3j9Hw7iyuvTF5bbaF+7MMsW/pjw5VOF8
|
||||||
|
+lmNqhsCFdu+JsaTFBIB2Fg==</ds:SignatureValue>
|
||||||
|
<ds:KeyInfo>
|
||||||
|
<ds:KeyValue>
|
||||||
|
<ds:RSAKeyValue>
|
||||||
|
<ds:Modulus>
|
||||||
|
-kFdwsiC6iQaLK1hI6uCZTp837UNcrh5qq68UYxqzC6FxE8Pi1e1KzwIbE8/z9UUylyvLTiV88Dea
|
||||||
|
-nAOKzjuGy+YuoYlWZ9K6+QOw/H4jfbmHhaobMRXyR+22QlKLwPRAsqT3Cx4D4EfOgGlTp7m5aYap
|
||||||
|
-9YmBtmVxS5goIgTacv8=
|
||||||
|
+4hL9YBMYwmy/s6+CuOliYBbdGaiNWnhweLTXsd6VZVnlp1ffNKWN5yalvVRBwE3M
|
||||||
|
+QNvXm06c07vTw73h8UtaJZF+NhZrVBg4uRnqQcBHbIlOSEE1CXfboroGcmRagKwS
|
||||||
|
+uRdrXrTz7r6tdH70pyEH+UtJjcOqHwvo3uyoT7HIPVnwczeYez0IzhysikI9pnzT
|
||||||
|
+/I18E+o8DZm/i4gGvBIXfas+eHVyIm4gpCCOcJA5ooLaP5WzK2C2GuIjQ9VHMLtY
|
||||||
|
+8AlF5Brrk3+LvbWMbqs95zBVwJL0bpyYb6ymroYRFR7ucVV01nmxHM2wa4OkR2Z4
|
||||||
|
+JLWkI+1baG5+by+q+3D1mQ==
|
||||||
|
</ds:Modulus>
|
||||||
|
-<ds:Exponent>AQAB</ds:Exponent>
|
||||||
|
+<ds:Exponent>
|
||||||
|
+AQAB
|
||||||
|
+</ds:Exponent>
|
||||||
|
</ds:RSAKeyValue>
|
||||||
|
</ds:KeyValue>
|
||||||
|
<ds:X509Data>
|
||||||
|
-<ds:X509Certificate>
|
||||||
|
-MIICZTCCAc6gAwIBAgIEScn+qTANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJGUjEQMA4GA1UE
|
||||||
|
-ChMHUkVOQVRFUjFWMFQGA1UEAxNNQ2VydGlmaWNhdCBkZSBzaWduYXR1cmUgZGVzIG1ldGEgZG9u
|
||||||
|
-bmVlcyBkZSBsYSBmZWRlcmF0aW9uIEVkdWNhdGlvbi1SZWNoZXJjaGUwHhcNMDkwMzI1MDk1MTM3
|
||||||
|
-WhcNMTkwMzIzMDk1MTM3WjB3MQswCQYDVQQGEwJGUjEQMA4GA1UEChMHUkVOQVRFUjFWMFQGA1UE
|
||||||
|
-AxNNQ2VydGlmaWNhdCBkZSBzaWduYXR1cmUgZGVzIG1ldGEgZG9ubmVlcyBkZSBsYSBmZWRlcmF0
|
||||||
|
-aW9uIEVkdWNhdGlvbi1SZWNoZXJjaGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJBXcLIg
|
||||||
|
-uokGiytYSOrgmU6fN+1DXK4eaquvFGMaswuhcRPD4tXtSs8CGxPP8/VFMpcry04lfPA3mpwDis47
|
||||||
|
-hsvmLqGJVmfSuvkDsPx+I325h4WqGzEV8kfttkJSi8D0QLKk9wseA+BHzoBpU6e5uWmGqfWJgbZl
|
||||||
|
-cUuYKCIE2nL/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAT0rUS5GTtqW9a0pAv0PjieSS6bW3KG3M
|
||||||
|
-tn0jC1dmav6X9fbhhmFL1XSC9WnCU2UD3986EWWYKhN2INHghHE/fQGveVwdcVSSt601OpAsUF18
|
||||||
|
-tx0vHqkfShcj7mteq59Gv4hOE8U1Urd/pSRaIO3G42X6/L/AlXeDkicfGZHhq7Q=
|
||||||
|
-</ds:X509Certificate>
|
||||||
|
+<ds:X509Certificate>MIID6zCCAdMCFALT+lN2uLJWF7p2xOo65/5KwxixMA0GCSqGSIb3DQEBCwUAMEUx
|
||||||
|
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
||||||
|
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwIBcNMTkwNjExMDc0NTU2WhgPMjI5MzAzMjUw
|
||||||
|
+NzQ1NTZaMB0xCzAJBgNVBAYTAkZSMQ4wDAYDVQQDDAVMYXNzbzCCASIwDQYJKoZI
|
||||||
|
+hvcNAQEBBQADggEPADCCAQoCggEBAOIS/WATGMJsv7OvgrjpYmAW3RmojVp4cHi0
|
||||||
|
+17HelWVZ5adX3zSljecmpb1UQcBNzEDb15tOnNO708O94fFLWiWRfjYWa1QYOLkZ
|
||||||
|
+6kHAR2yJTkhBNQl326K6BnJkWoCsErkXa1608+6+rXR+9KchB/lLSY3Dqh8L6N7s
|
||||||
|
+qE+xyD1Z8HM3mHs9CM4crIpCPaZ80/yNfBPqPA2Zv4uIBrwSF32rPnh1ciJuIKQg
|
||||||
|
+jnCQOaKC2j+VsytgthriI0PVRzC7WPAJReQa65N/i721jG6rPecwVcCS9G6cmG+s
|
||||||
|
+pq6GERUe7nFVdNZ5sRzNsGuDpEdmeCS1pCPtW2hufm8vqvtw9ZkCAwEAATANBgkq
|
||||||
|
+hkiG9w0BAQsFAAOCAgEAfbHk+QNvLYDNlqwwlu5+88/3CcEx+s1voXOBTxgyIAR2
|
||||||
|
+NVKkO7dAW5me51jPPZhy+xC4i+AAeLW5JGwirM5LDgU+9P02JBsZ4OoZI3pBAZ5m
|
||||||
|
+GrmxrMm6q+9mJ+6bMHolfBNN6hoaWeJiknvc1Id7o0Dh4PbdV7r6ISuXisDb/1je
|
||||||
|
+tmzxoFuXhmDwwHMTG7eUORVFEgS8V5NNKMv16BeWNDohJVP6icxwoi5JswUl+vfO
|
||||||
|
+rvIwx2GAJ2EQAbSZv5ADFQ4/vxeopULgLnblc3BwVG4RTT7plNgT2iXP8YwmEGKb
|
||||||
|
+JDHRVFUo1tX6EKkBUI9AgETrdUnLq6XxP11JmrqNL9oOHw+hGb5vT1wyn6FFxZo2
|
||||||
|
+BVgfqdiGbjcs1bTKeQAZKuhaW90oV6+yYD6WtWn/LfHnftAJivALkmUk+XaSqqbO
|
||||||
|
+FxuyRsz9C/yq0azr6IkCWhGwBYoLvf2CrvovSYpPXefeQ+1yXNDW7bvfAQfOO9xk
|
||||||
|
+SqQi4cYJw9hNqTk2f61x6UX/o8wKVhXEHyaCr9lVLNpCK0Uy07f3zkubx1mW5PST
|
||||||
|
+ITSnD8sPD7iMyGOJa5tQJ8W5u2NJT6qo52Jubgc8PapkOoYyEhUaTQEb8RN6D3oD
|
||||||
|
+xc8cCKn4HUtpkJKgxYhQDtsomJp2RK7lzjVPXAlFUmld88WgqdJwp9GSvMEktA0=</ds:X509Certificate>
|
||||||
|
</ds:X509Data>
|
||||||
|
</ds:KeyInfo>
|
||||||
|
</ds:Signature>
|
||||||
|
@@ -1277,7 +1292,7 @@ Ugr24VE4pUTqq2xGSOazVN0EKSqULXvM9ZHupGDCJmRH4P3H/X4w8Cq5Y6c0pDtJ
|
||||||
|
|
||||||
|
<!-- source : http://idpdisc.tge-adonis.fr/exportmetadata.xml -->
|
||||||
|
|
||||||
|
- <EntityDescriptor entityID="https://opensso.tge-adonis.fr:8443/opensso" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
|
||||||
|
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://opensso.tge-adonis.fr:8443/opensso">
|
||||||
|
<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||||
|
<KeyDescriptor use="signing">
|
||||||
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
@@ -8584,7 +8599,7 @@ f6ou5oRTltOZOUJfXI1XMhAUNnU7zQvrFeoGrRzGv3zq8AieXbRyWhXY1Eo1mPpS
|
||||||
|
$Id: renater.xml,v 1.4 2011/03/30 13:23:00 rdc Exp $
|
||||||
|
generated at Wed Mar 30 14:18:20 2011
|
||||||
|
by %Id: shib-config,v 1.6 2010/09/10 15:10:15 pmh Exp %
|
||||||
|
- --><EntityDescriptor entityID="https://ticket.iop.org/shibboleth" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
|
||||||
|
+ --><EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ticket.iop.org/shibboleth">
|
||||||
|
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
|
||||||
|
<KeyDescriptor use="signing">
|
||||||
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
@@ -15545,7 +15560,7 @@ oZQx
|
||||||
|
|
||||||
|
<!-- source : http://science.thomsonreuters.com/m/xml/SP-Metadata.xml -->
|
||||||
|
|
||||||
|
- <!-- Thomson Reuters 23.08.2010 --><!-- *************************************** --><!-- SP https://sp.tshhosting.com/shibboleth --><!-- *************************************** --><EntityDescriptor entityID="https://sp.tshhosting.com/shibboleth" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
|
||||||
|
+ <!-- Thomson Reuters 23.08.2010 --><!-- *************************************** --><!-- SP https://sp.tshhosting.com/shibboleth --><!-- *************************************** --><EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sp.tshhosting.com/shibboleth">
|
||||||
|
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
|
||||||
|
<Extensions>
|
||||||
|
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.isiknowledge.com/" index="1"/>
|
||||||
|
@@ -30065,4 +30080,4 @@ ihb/MX5UR6g83EMmqZsFt57ANEORMNQywxFa4Q==
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
-</EntitiesDescriptor>
|
||||||
|
\ No newline at end of file
|
||||||
|
+</EntitiesDescriptor>
|
||||||
|
diff --git a/tests/data/rootCA.crt b/tests/data/rootCA.crt
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..a31c99a2
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/rootCA.crt
|
||||||
|
@@ -0,0 +1,32 @@
|
||||||
|
+-----BEGIN CERTIFICATE-----
|
||||||
|
+MIIFbTCCA1WgAwIBAgIUJD9pAmQfrAv6NLPnweO4XUdIbzkwDQYJKoZIhvcNAQEL
|
||||||
|
+BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
|
||||||
|
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0xOTA2MTEwNzQzNTVaGA8yMjkz
|
||||||
|
+MDMyNTA3NDM1NVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
|
||||||
|
+ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAiIwDQYJKoZIhvcN
|
||||||
|
+AQEBBQADggIPADCCAgoCggIBAJuPnHwxmpRquFkFok4VkO39j5NT2a8+Wfp8zYnh
|
||||||
|
+qLt3CG3oDyFftWyF97NJYoxDPbio2fVYJiBKutDOMYPsJfrd4SoqcDOGOAdfkNl9
|
||||||
|
+SEhCnzrzlOj6ZcDoNTG0IvKh+NzLgfpU1wggyLW2ZXwvwf8hNGW9YR1i8XY5TSmt
|
||||||
|
+0z9Dawsg2QAyYjoemUeDOVWEFWISmXySC2osXGANcOaaFMEv1Ryj5HWHzcCVZZ0g
|
||||||
|
+UBG9iDZqewDvPg+SRvC2k16coeRjsSstHzVqBxOWpp5Oium39K8jXV6jG+JkFn49
|
||||||
|
+C2RBldpajbPhvHKOdtJeID20njgmfCRZB/KfQGPPf8xXk4wBTxPU9L8wKy370unZ
|
||||||
|
+P4WD1vq35KfPsiUdlavzqYkOkI20iWIZO6853oSPlJ4zmBVNXP8VhQm0h2VovNH+
|
||||||
|
+Zde4vaPtQXPwwNbCvBItu5m1uaigPgRycBJV8M0gdliAICfCMeSwQDrhkX6ck17n
|
||||||
|
+uBpxBTCn9GEFN/+7miNH/roH03NHU3vciqTAi1MrDA3jfOZkYBC/Cd5AmsMc6NTO
|
||||||
|
+Xc57mFwuZ+BmQI6w1ddL5e+5Y/DA57VexfTdG+/TpS+D9oBJUmaczkAG+27YKs8f
|
||||||
|
+mJKoTSPULjXK8pwwcBMk8HuS5bt6fBBmqbJb8bwXceEHCBg7WCYNmXy5lXwUUwAh
|
||||||
|
+NDwDAgMBAAGjUzBRMB0GA1UdDgQWBBRWppx3mP/hCh9ZLKZfwGBeg1wiPjAfBgNV
|
||||||
|
+HSMEGDAWgBRWppx3mP/hCh9ZLKZfwGBeg1wiPjAPBgNVHRMBAf8EBTADAQH/MA0G
|
||||||
|
+CSqGSIb3DQEBCwUAA4ICAQAWfNrX65UUI55f0A8svSIUVy8c7YjX8P70xMWq7Cpe
|
||||||
|
+tRPo8C98JCr8MtUaAx6VFx4sjHyCPmEIIf+u7aDxRhrxpqAQAQl5me8OxqwmOxKu
|
||||||
|
+I7WeRrjAvOux52xfjqtm36fx9SUDu94ox5LdG+NNtG29AbLZeAs4pe4qVqH1GQb9
|
||||||
|
+fw3lvxwKV+AovpVZ7eXyscfSvKWi4rgzVJl27me/rgLZsVYJ2gAjTI77vGN1G0ro
|
||||||
|
+q2iaTvEALHlzhKepVg1IAJAGJLSZegcK3zwWOqZzkL77De6Z3+zbxwNopcy/CGEs
|
||||||
|
+9v9gDyL1LeAJ3o/dehvPiqMWogTVO6X77sNIiiu41sdaWSTiFllmyO+hQqS69R68
|
||||||
|
+NOe+uAP1+taLhD16kp7XHS0MIXEPaQbEgrXtqb163oMJSAaok3xXNyRJ7ZNMS4CT
|
||||||
|
+0QJE15PpnbRYoQOf4QrrsDmpl2ybU7MR9uOj64qVSvUtBcq1w7ljPStbkN7F7OOU
|
||||||
|
+pepVvNaWe820kgQ/l9tu1WY9D7PFGP6iWY4AwdxcpWwlJnIr104X3PQ0Y5/msYVs
|
||||||
|
+zEnqaNiEOnbmTZUvn5jJOwh8DWUo+LffRQx/PoZlhZ/L/L3RtpGUV2E+E5Gzqs7W
|
||||||
|
+gey9iG11CVcvK/wdCj0zhW/XpesQuwinIMawGS6G92igHo+AFjJoGaGiw3jYdep8
|
||||||
|
+CA==
|
||||||
|
+-----END CERTIFICATE-----
|
||||||
|
diff --git a/tests/data/rootCA.key b/tests/data/rootCA.key
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..6b39fb45
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/rootCA.key
|
||||||
|
@@ -0,0 +1,51 @@
|
||||||
|
+-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
+MIIJJwIBAAKCAgEAm4+cfDGalGq4WQWiThWQ7f2Pk1PZrz5Z+nzNieGou3cIbegP
|
||||||
|
+IV+1bIX3s0lijEM9uKjZ9VgmIEq60M4xg+wl+t3hKipwM4Y4B1+Q2X1ISEKfOvOU
|
||||||
|
+6PplwOg1MbQi8qH43MuB+lTXCCDItbZlfC/B/yE0Zb1hHWLxdjlNKa3TP0NrCyDZ
|
||||||
|
+ADJiOh6ZR4M5VYQVYhKZfJILaixcYA1w5poUwS/VHKPkdYfNwJVlnSBQEb2INmp7
|
||||||
|
+AO8+D5JG8LaTXpyh5GOxKy0fNWoHE5amnk6K6bf0ryNdXqMb4mQWfj0LZEGV2lqN
|
||||||
|
+s+G8co520l4gPbSeOCZ8JFkH8p9AY89/zFeTjAFPE9T0vzArLfvS6dk/hYPW+rfk
|
||||||
|
+p8+yJR2Vq/OpiQ6QjbSJYhk7rznehI+UnjOYFU1c/xWFCbSHZWi80f5l17i9o+1B
|
||||||
|
+c/DA1sK8Ei27mbW5qKA+BHJwElXwzSB2WIAgJ8Ix5LBAOuGRfpyTXue4GnEFMKf0
|
||||||
|
+YQU3/7uaI0f+ugfTc0dTe9yKpMCLUysMDeN85mRgEL8J3kCawxzo1M5dznuYXC5n
|
||||||
|
+4GZAjrDV10vl77lj8MDntV7F9N0b79OlL4P2gElSZpzOQAb7btgqzx+YkqhNI9Qu
|
||||||
|
+NcrynDBwEyTwe5Llu3p8EGapslvxvBdx4QcIGDtYJg2ZfLmVfBRTACE0PAMCAwEA
|
||||||
|
+AQKCAgBPPweu1O40cXFcGFyofqAIPUWo/exFM/ROgMmMViLI7UikBLXAgKtBj7Wx
|
||||||
|
+5c6IObD1oz71l2REyw0EViYvWFu4wtNz0Y67EML2Lp7xzLrH5PiM5Y2UagrwDNsc
|
||||||
|
+aPHsvMq0YA/k4NdyUpEs0LA+ZW3kdJvmwGT6vW7YlTRT6TNWZRfg4WjqisAzb2cS
|
||||||
|
+YS0R/WmPPn5mUVfzTIn6fJ5pO1EbYSylnHBD11zfoLvVIaLohq8fWXsz7Kym7hOp
|
||||||
|
+iLjmV9C5MngM0L23Tj4womxa9RQbIBVMKy3jiiAoYmh7AsoM1sRqKftKCdMgYKbz
|
||||||
|
+X/P4u0xmumQ/eANue+YncoteI7cLrjps1RUeodmRgxLt0KHbTW4X35Fd6yI+Nxts
|
||||||
|
+13aA6J/WusELQYigBXG3cHOfxfOMkqjdVozReF+QzsAJFXQwV4lQhsdlkVjnMWB9
|
||||||
|
+iotUVj9X8SWHktBnCHmuyuQoyJIxwM6cBLv1bJCpdiGcJJrtPgTwI3ybjVDlsVpE
|
||||||
|
+A2EaWiH2UDnzmI2OXy2BaOmLoYzV3kYLhd1zG2q2rLDd70kzOHJJmTOp8xFzZVOA
|
||||||
|
+74IbdWb6J3C6o7F8IFK+1strw6ADDINEyg+zoIbNUGVyvGI90Xak+7k8KgGWSplw
|
||||||
|
+318k0xyh6hu9HU/wWHE2WObjIWKnzDHnt917dJkyMazyC2x3wQKCAQEAy4gAWJNM
|
||||||
|
+/mVa4sr2NLUNPQpVfxhSF/jhxdD3b5Z5A/PD+spUcF1WZSpBj8BmNOWilJ2pBMkv
|
||||||
|
+Yp7o2s4MbLIFx1HMgVI/cTo1/kk8hvCBdX9n1Dum3dRNTaxBUaZNDdBZ61b4an/V
|
||||||
|
+lrK20Tx3RY23qInoOUsBFENF+UJUAkujXH3tBv5d//yfX9z75sesQl/HKVr1UAI6
|
||||||
|
+I7a76sO+0bCnDAxooIQH0sLzmWa9JliiFd8gWeY7Yd+/jCw4toptkgtXUUm1dFLL
|
||||||
|
+8s7Eah+P0ORZ17+eBWub/4gOzbgfOh4EKNU/lLI9r2L6RH0F9C3Symm6mu7EBpEC
|
||||||
|
+SzDyHnYqzpAh8wKCAQEAw6nSmp+HBz7AhW+tEiXt1KjvCRgslVMGQ/UTFbU8TqLd
|
||||||
|
+rECn5wKO45EHV4at6jazJUhwIBVty39duiOmmEWOtpCxX3OgdM11s8/LACXv4/B4
|
||||||
|
+pWHqzhJgrwISOLLoxEoM+A3odXoEw95phOy7seBkVxJ6Idq3obpZli0ilDHfFT2R
|
||||||
|
+B+kANrCI5D9d43XdoEBaS6EWvd0TrIbkrfwWrQtbmGuXsmj/ZpOntPixUaZO+go1
|
||||||
|
+P0eDrUZlRcfVWBGNRiEHiGr0InOWrK93OtjoGB3SjtnQkRP5JJSN/2QOCw7LvmZj
|
||||||
|
+GA/KdQxef0Rh5cKLd3LBzwTzGwl+4MMME+WL0M3xsQKCAQAg8bKco7sismUzsIaJ
|
||||||
|
+oYSzDKkqGVWwa6ifzGNAvKp56UsfnQBt7628UkqqagohJcpbI+nnzGjPHcmzIQcB
|
||||||
|
+0Q7+ZE8l35pFSZbTwib58JQD4Mt9nuozndmlaOxpuvFd+wuS/FDZbDe2XNcapx7n
|
||||||
|
+Mzk3HptoKqvSC9GXtxTCClw27GshZqrwdIOXkL11bXyEgdxK5V4vxSyD+2APb//D
|
||||||
|
+EUT4vklxMe3SP5wOiIK1YkNaJvOlmY6jGQR4O/AyG9YAfbV0gunMGlrIwo8oXlN5
|
||||||
|
+DH0+XtXFKtXlVrCOu+7SCWnC8kGIYBF8AhlgXJxKGeC0wshhq6QvK+mjIhkOtTHY
|
||||||
|
+nZvhAoIBAHbQBKcIAAKSRG3CpqHCjmz4OE6Zc1kplUBm7TPdXcWSeHFEwbAxiXr+
|
||||||
|
+cirgCXOTy6z0E8InwQg1S0DgrSUB9+s8abjAicrjiHmr0GVCpC0RtPEYSHDiD/u1
|
||||||
|
+kkMDwPyQytdF+sZ7VbFquUCSUFdvHv8QpUExgxieBBCBT+IVdpV7UTowboTHJhkT
|
||||||
|
+sXuR8waAjVQneZvJR00YjHxp+4sQvooLq44W3B/5wXjPGz2tc3+5+yN11au+d3is
|
||||||
|
+JAzae6L+I4jfCWhyMCikVA5T8HvUgCtmcJPoQP3Jh4BxzWVBks8HdV0DGbmBzVAS
|
||||||
|
+wi+2tuHNuYpwQv9EANuTFR5v4TrmE8ECggEAMXp5rfHt2hKLtkIwqYE7C8IVGQ9q
|
||||||
|
+BcjKAJSuDYkyBpfSp9uxkiyvnND5tEj0uOcMCVZlntSIxWx+HXFu5rL0Ax5ZmSal
|
||||||
|
+uoWpwDXbKYgHF9zlGXqYulsODqZC0cjJpUogXFC0B4pRDUVzuZXO9ACuS5azXYqh
|
||||||
|
+G6Rw0O6rDTHVgkmazJtxreO8v4NpfIbBbFfQgU5xeHdS6ky9LqG+yUKJ5FWkGWcU
|
||||||
|
+SqpZX3yxXM4q/cA1KBN31K3V2xvjVPcEwzkZDGDbLg33DASVF7RV/WYymhDuxE+w
|
||||||
|
+vHDz9Q7dk4pTzCdNiQgomBSjOkLDKWuOvaInQwYWJgavpPGWr31hDyi5Kw==
|
||||||
|
+-----END RSA PRIVATE KEY-----
|
||||||
|
diff --git a/tests/data/rootCA.srl b/tests/data/rootCA.srl
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..8c619f27
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/data/rootCA.srl
|
||||||
|
@@ -0,0 +1 @@
|
||||||
|
+02D3FA5376B8B25617BA76C4EA3AE7FE4AC318B1
|
||||||
|
--
|
||||||
|
2.20.1
|
||||||
|
|
@ -0,0 +1,329 @@
|
|||||||
|
From 642182bdf49c9c93a86b093ad7335c8a7a5ae8cc Mon Sep 17 00:00:00 2001
|
||||||
|
From: John Dennis <jdennis@redhat.com>
|
||||||
|
Date: Wed, 9 Jan 2019 17:23:09 -0500
|
||||||
|
Subject: [PATCH] Fix ECP signature not found error when only assertion is
|
||||||
|
signed (#26828)
|
||||||
|
|
||||||
|
With a SAML Authn Response either the message or the assertion
|
||||||
|
contained in the response message or both can be signed. Most IdP's
|
||||||
|
sign the message. This fixes a bug when processing an ECP authn
|
||||||
|
response when only the assertion is signed.
|
||||||
|
|
||||||
|
lasso_saml20_profile_process_soap_response_with_headers() performs a
|
||||||
|
signature check on the SAML message. A signature can also appear on
|
||||||
|
the assertion which is checked by
|
||||||
|
lasso_saml20_login_process_response_status_and_assertion() The problem
|
||||||
|
occurred when the message was not signed and
|
||||||
|
lasso_saml20_profile_process_soap_response_with_headers() returned
|
||||||
|
LASSO_DS_ERROR_SIGNATURE_NOT_FOUND as an error code which is not
|
||||||
|
actually an error because we haven't checked the signature on the
|
||||||
|
assertion yet. We were returning the first
|
||||||
|
LASSO_DS_ERROR_SIGNATURE_NOT_FOUND error when in fact the subsequent
|
||||||
|
signature check in
|
||||||
|
lasso_saml20_login_process_response_status_and_assertion() succeeded.
|
||||||
|
|
||||||
|
The ECP unit tests were enhanced to cover these cases.
|
||||||
|
|
||||||
|
The enhanced unit test revealed a problem in two switch statements
|
||||||
|
operating on the return value of
|
||||||
|
lasso_profile_get_signature_verify_hint() which were missing a case
|
||||||
|
statement for LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE which caused
|
||||||
|
an abort due to an unknown enumeration value.
|
||||||
|
|
||||||
|
Fixes Bug: 26828
|
||||||
|
License: MIT
|
||||||
|
Signed-off-by: John Dennis <jdennis@redhat.com>
|
||||||
|
---
|
||||||
|
lasso/saml-2.0/login.c | 29 ++++++++----
|
||||||
|
lasso/saml-2.0/profile.c | 2 +
|
||||||
|
tests/login_tests_saml2.c | 97 +++++++++++++++++++++++++++++----------
|
||||||
|
3 files changed, 95 insertions(+), 33 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c
|
||||||
|
index 028ffb31..91ff302d 100644
|
||||||
|
--- a/lasso/saml-2.0/login.c
|
||||||
|
+++ b/lasso/saml-2.0/login.c
|
||||||
|
@@ -1107,18 +1107,31 @@ lasso_saml20_login_process_paos_response_msg(LassoLogin *login, gchar *msg)
|
||||||
|
{
|
||||||
|
LassoSoapHeader *header = NULL;
|
||||||
|
LassoProfile *profile;
|
||||||
|
- int rc1, rc2;
|
||||||
|
+ int rc;
|
||||||
|
|
||||||
|
lasso_null_param(msg);
|
||||||
|
|
||||||
|
profile = LASSO_PROFILE(login);
|
||||||
|
|
||||||
|
- rc1 = lasso_saml20_profile_process_soap_response_with_headers(profile, msg, &header);
|
||||||
|
+ /*
|
||||||
|
+ * lasso_saml20_profile_process_soap_response_with_headers()
|
||||||
|
+ * performs a signature check on the SAML message. A signature
|
||||||
|
+ * can also appear on the assertion which is checked by
|
||||||
|
+ * lasso_saml20_login_process_response_status_and_assertion()
|
||||||
|
+ * (below). Therefore if the error is SIGNATURE_NOT_FOUND we
|
||||||
|
+ * proceed because
|
||||||
|
+ * lasso_saml20_login_process_response_status_and_assertion()
|
||||||
|
+ * will test the signature on the assertion.
|
||||||
|
+ */
|
||||||
|
+ rc = lasso_saml20_profile_process_soap_response_with_headers(profile, msg, &header);
|
||||||
|
+ if (rc != 0 && rc != LASSO_DS_ERROR_SIGNATURE_NOT_FOUND) {
|
||||||
|
+ return rc;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If the SOAP message contained a header check for the optional
|
||||||
|
- * paos:Response and ecp:RelayState elements, if they exist extract their
|
||||||
|
- * values into the profile.
|
||||||
|
+ * paos:Response and ecp:RelayState elements, if they exist extract their
|
||||||
|
+ * values into the profile.
|
||||||
|
*/
|
||||||
|
if (header) {
|
||||||
|
GList *i = NULL;
|
||||||
|
@@ -1142,12 +1155,8 @@ lasso_saml20_login_process_paos_response_msg(LassoLogin *login, gchar *msg)
|
||||||
|
lasso_release_gobject(header);
|
||||||
|
}
|
||||||
|
|
||||||
|
- rc2 = lasso_saml20_login_process_response_status_and_assertion(login);
|
||||||
|
- if (rc1) {
|
||||||
|
- return rc1;
|
||||||
|
- }
|
||||||
|
- return rc2;
|
||||||
|
-
|
||||||
|
+ rc = lasso_saml20_login_process_response_status_and_assertion(login);
|
||||||
|
+ return rc;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
diff --git a/lasso/saml-2.0/profile.c b/lasso/saml-2.0/profile.c
|
||||||
|
index 8171e79e..22a4e08c 100644
|
||||||
|
--- a/lasso/saml-2.0/profile.c
|
||||||
|
+++ b/lasso/saml-2.0/profile.c
|
||||||
|
@@ -398,6 +398,7 @@ lasso_saml20_profile_process_artifact_resolve(LassoProfile *profile, const char
|
||||||
|
|
||||||
|
switch (lasso_profile_get_signature_verify_hint(profile)) {
|
||||||
|
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||||||
|
+ case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
|
||||||
|
rc = profile->signature_status;
|
||||||
|
break;
|
||||||
|
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
|
||||||
|
@@ -1559,6 +1560,7 @@ lasso_saml20_profile_process_soap_response_with_headers(LassoProfile *profile,
|
||||||
|
remote_provider, response_msg, "ID", LASSO_MESSAGE_FORMAT_SOAP);
|
||||||
|
switch (lasso_profile_get_signature_verify_hint(profile)) {
|
||||||
|
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE:
|
||||||
|
+ case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE:
|
||||||
|
rc = profile->signature_status;
|
||||||
|
break;
|
||||||
|
case LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE:
|
||||||
|
diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c
|
||||||
|
index 54c7fb63..e331c07a 100644
|
||||||
|
--- a/tests/login_tests_saml2.c
|
||||||
|
+++ b/tests/login_tests_saml2.c
|
||||||
|
@@ -1090,42 +1090,42 @@ START_TEST(test08_test_authnrequest_flags)
|
||||||
|
make_context(sp_context, "sp5-saml2", "", LASSO_PROVIDER_ROLE_IDP, "idp5-saml2", "")
|
||||||
|
|
||||||
|
block_lasso_logs;
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.use_assertion_consumer_service_idx = 1,
|
||||||
|
.assertion_consumer_service_idx = 0,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.assertion_consumer_service_url = "http://sp5/singleSignOnPost",
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.protocol_binding = LASSO_SAML2_METADATA_BINDING_ARTIFACT,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.assertion_consumer_service_url = "http://sp5/singleSignOnPost",
|
||||||
|
.protocol_binding = LASSO_SAML2_METADATA_BINDING_POST,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.assertion_consumer_service_url = "http://sp5/singleSignOnArtifact",
|
||||||
|
.protocol_binding = LASSO_SAML2_METADATA_BINDING_ARTIFACT,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.assertion_consumer_service_url = "http://sp5/singleSignOnPostAndArtifact",
|
||||||
|
.protocol_binding = LASSO_SAML2_METADATA_BINDING_ARTIFACT,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
});
|
||||||
|
- sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
- (SsoSettings) {
|
||||||
|
+ sso_initiated_by_sp2(idp_context, sp_context,
|
||||||
|
+ (SsoSettings) {
|
||||||
|
.assertion_consumer_service_url = "http://sp5/singleSignOnPostAndArtifact",
|
||||||
|
.protocol_binding = LASSO_SAML2_METADATA_BINDING_POST,
|
||||||
|
.stop_after_build_assertion = 1,
|
||||||
|
@@ -1278,7 +1278,9 @@ static void validate_idp_list(LassoEcp *ecp, EcpIdpListVariant ecpIDPListVariant
|
||||||
|
check_str_equals((char*)g_list_nth(ecp->known_idp_entity_ids_supporting_ecp, 0)->data, "http://idp5/metadata");
|
||||||
|
}
|
||||||
|
|
||||||
|
-void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
+void test_ecp(EcpIdpListVariant ecpIDPListVariant,
|
||||||
|
+ LassoProfileSignatureHint signature_hint,
|
||||||
|
+ LassoProfileSignatureVerifyHint signature_verify_hint)
|
||||||
|
{
|
||||||
|
char *serviceProviderContextDump = NULL, *identityProviderContextDump = NULL;
|
||||||
|
LassoServer *spContext = NULL, *ecpContext=NULL, *idpContext = NULL;
|
||||||
|
@@ -1286,7 +1288,7 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
LassoEcp *ecp = NULL;
|
||||||
|
LassoSamlp2AuthnRequest *request = NULL;
|
||||||
|
gboolean is_passive = FALSE;
|
||||||
|
- char *provider_name = NULL;
|
||||||
|
+ char *provider_name = NULL;
|
||||||
|
char *relayState = NULL;
|
||||||
|
char *messageID = NULL;
|
||||||
|
char *extracted_messageID = NULL;
|
||||||
|
@@ -1296,7 +1298,7 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
char *ecpPaosResponseMsg = NULL;
|
||||||
|
char *spLoginDump = NULL;
|
||||||
|
LassoSaml2Assertion *assertion;
|
||||||
|
- LassoSamlp2IDPList *idp_list = NULL;
|
||||||
|
+ LassoSamlp2IDPList *idp_list = NULL;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* SAML2 Profile for ECP (Section 4.2) defines these steps for an ECP
|
||||||
|
@@ -1322,6 +1324,8 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
spContext = lasso_server_new_from_dump(serviceProviderContextDump);
|
||||||
|
spLoginContext = lasso_login_new(spContext);
|
||||||
|
check_not_null(spLoginContext);
|
||||||
|
+ lasso_profile_set_signature_hint(LASSO_PROFILE(spLoginContext), signature_hint);
|
||||||
|
+ lasso_profile_set_signature_verify_hint(LASSO_PROFILE(spLoginContext), signature_verify_hint);
|
||||||
|
|
||||||
|
check_good_rc(lasso_login_init_authn_request(spLoginContext, "http://idp5/metadata",
|
||||||
|
LASSO_HTTP_METHOD_PAOS));
|
||||||
|
@@ -1419,6 +1423,8 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
idpContext = lasso_server_new_from_dump(identityProviderContextDump);
|
||||||
|
idpLoginContext = lasso_login_new(idpContext);
|
||||||
|
check_not_null(idpLoginContext);
|
||||||
|
+ lasso_profile_set_signature_hint(LASSO_PROFILE(idpLoginContext), signature_hint);
|
||||||
|
+ lasso_profile_set_signature_verify_hint(LASSO_PROFILE(idpLoginContext), signature_verify_hint);
|
||||||
|
|
||||||
|
/* Parse the ecpSoapRequestMsg */
|
||||||
|
check_good_rc(lasso_login_process_authn_request_msg(idpLoginContext, ecpSoapRequestMsg));
|
||||||
|
@@ -1465,7 +1471,7 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
check_str_equals(ecp->relaystate, relayState);
|
||||||
|
check_str_equals(ecp->issuer->content, "http://sp5/metadata");
|
||||||
|
check_str_equals(ecp->provider_name, provider_name);
|
||||||
|
- check_equals(ecp->is_passive, is_passive);
|
||||||
|
+ check_equals(ecp->is_passive, is_passive);
|
||||||
|
|
||||||
|
/* Validate ECP IdP list info */
|
||||||
|
validate_idp_list(ecp, ecpIDPListVariant, idp_list);
|
||||||
|
@@ -1480,6 +1486,8 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
spContext = lasso_server_new_from_dump(serviceProviderContextDump);
|
||||||
|
spLoginContext = lasso_login_new(spContext);
|
||||||
|
check_not_null(spLoginContext);
|
||||||
|
+ lasso_profile_set_signature_hint(LASSO_PROFILE(spLoginContext), signature_hint);
|
||||||
|
+ lasso_profile_set_signature_verify_hint(LASSO_PROFILE(spLoginContext), signature_verify_hint);
|
||||||
|
|
||||||
|
/* Parse the ecpPaosResponseMsg */
|
||||||
|
check_good_rc(lasso_login_process_paos_response_msg(spLoginContext, ecpPaosResponseMsg));
|
||||||
|
@@ -1515,19 +1523,61 @@ void test_ecp(EcpIdpListVariant ecpIDPListVariant)
|
||||||
|
|
||||||
|
START_TEST(test09_ecp)
|
||||||
|
{
|
||||||
|
- test_ecp(ECP_IDP_LIST_NONE);
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test10_ecp)
|
||||||
|
{
|
||||||
|
- test_ecp(ECP_IDP_LIST_ECP);
|
||||||
|
+ test_ecp(ECP_IDP_LIST_ECP,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test11_ecp)
|
||||||
|
{
|
||||||
|
- test_ecp(ECP_IDP_LIST_BOGUS);
|
||||||
|
+ test_ecp(ECP_IDP_LIST_BOGUS,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE);
|
||||||
|
+}
|
||||||
|
+END_TEST
|
||||||
|
+
|
||||||
|
+START_TEST(test12_ecp)
|
||||||
|
+{
|
||||||
|
+ /* Maybe Sign */
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE);
|
||||||
|
+
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE);
|
||||||
|
+
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_MAYBE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
|
||||||
|
+
|
||||||
|
+ /* Force Sign */
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_FORCE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE);
|
||||||
|
+
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_FORCE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_FORCE);
|
||||||
|
+
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_FORCE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
|
||||||
|
+
|
||||||
|
+ /* Forbid Sign */
|
||||||
|
+ test_ecp(ECP_IDP_LIST_NONE,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_HINT_FORBID,
|
||||||
|
+ LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
|
||||||
|
+
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
|
@@ -1538,7 +1588,7 @@ void check_digest_method(G_GNUC_UNUSED LassoLogin *idp_login_context, LassoLogin
|
||||||
|
lasso_release_string(dump)
|
||||||
|
}
|
||||||
|
|
||||||
|
-START_TEST(test12_sso_sp_with_rsa_sha256_signatures)
|
||||||
|
+START_TEST(test13_sso_sp_with_rsa_sha256_signatures)
|
||||||
|
{
|
||||||
|
LassoServer *idp_context = NULL;
|
||||||
|
LassoServer *sp_context = NULL;
|
||||||
|
@@ -1595,7 +1645,8 @@ login_saml2_suite()
|
||||||
|
tcase_add_test(tc_ecp, test09_ecp);
|
||||||
|
tcase_add_test(tc_ecp, test10_ecp);
|
||||||
|
tcase_add_test(tc_ecp, test11_ecp);
|
||||||
|
- tcase_add_test(tc_spLogin, test12_sso_sp_with_rsa_sha256_signatures);
|
||||||
|
+ tcase_add_test(tc_ecp, test12_ecp);
|
||||||
|
+ tcase_add_test(tc_spLogin, test13_sso_sp_with_rsa_sha256_signatures);
|
||||||
|
return s;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.20.1
|
||||||
|
|
@ -58,7 +58,7 @@
|
|||||||
Summary: Liberty Alliance Single Sign On
|
Summary: Liberty Alliance Single Sign On
|
||||||
Name: lasso
|
Name: lasso
|
||||||
Version: 2.6.0
|
Version: 2.6.0
|
||||||
Release: 4%{?dist}
|
Release: 7%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
|
Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
|
||||||
@ -67,6 +67,8 @@ Patch1: use-specified-python-interpreter.patch
|
|||||||
Patch2: build-scripts-py3-compatible.patch
|
Patch2: build-scripts-py3-compatible.patch
|
||||||
Patch3: duplicate-python-LogoutTestCase.patch
|
Patch3: duplicate-python-LogoutTestCase.patch
|
||||||
Patch4: versioned-python-configure.patch
|
Patch4: versioned-python-configure.patch
|
||||||
|
Patch5: 0005-tests-use-self-generated-certificate-to-sign-federat.patch
|
||||||
|
Patch6: 0006-Fix-ECP-signature-not-found-error-when-only-assertio.patch
|
||||||
|
|
||||||
BuildRequires: libtool autoconf automake
|
BuildRequires: libtool autoconf automake
|
||||||
|
|
||||||
@ -184,7 +186,7 @@ library.
|
|||||||
Summary: Liberty Alliance Single Sign On (lasso) Python bindings
|
Summary: Liberty Alliance Single Sign On (lasso) Python bindings
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
BuildRequires: python3-devel
|
BuildRequires: python3-devel
|
||||||
Requires: python3
|
%{?__python3:Requires: %{__python3}}
|
||||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
|
|
||||||
%description -n python3-%{name}
|
%description -n python3-%{name}
|
||||||
@ -199,6 +201,8 @@ library.
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
%patch6 -p1
|
||||||
|
|
||||||
# Remove any python script shebang lines (unless they refer to python3)
|
# Remove any python script shebang lines (unless they refer to python3)
|
||||||
sed -i -E -e '/^#![[:blank:]]*(\/usr\/bin\/env[[:blank:]]+python[^3]?\>)|(\/usr\/bin\/python[^3]?\>)/d' \
|
sed -i -E -e '/^#![[:blank:]]*(\/usr\/bin\/env[[:blank:]]+python[^3]?\>)|(\/usr\/bin\/python[^3]?\>)/d' \
|
||||||
@ -316,6 +320,18 @@ rm -fr %{buildroot}%{_defaultdocdir}/%{name}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jun 14 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.6.0-7
|
||||||
|
- Resolves: rhbz#1634268 - ECP signature check fails with
|
||||||
|
LASSO_DS_ERROR_SIGNATURE_NOT_FOUND when
|
||||||
|
assertion signed instead of response
|
||||||
|
|
||||||
|
* Thu Jun 13 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.6.0-6
|
||||||
|
- Resolves: rhbz#1719020 - Expired certificate prevents tests from running
|
||||||
|
|
||||||
|
* Tue Sep 25 2018 Tomas Orsava <torsava@redhat.com> - 2.6.0-5
|
||||||
|
- Require the Python interpreter directly instead of using the package name
|
||||||
|
- Resolves: rhbz#1633617
|
||||||
|
|
||||||
* Tue Jul 17 2018 <jdennis@redhat.com> - 2.6.0-4
|
* Tue Jul 17 2018 <jdennis@redhat.com> - 2.6.0-4
|
||||||
- more fixes for py2/py3 build dependencies
|
- more fixes for py2/py3 build dependencies
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user