Blame SOURCES/0007-test13_test_lasso_server_load_metadata-Don-t-verify-.patch

0719f5
From 1b0000e0163edc9d831894bf4aac7503f0294062 Mon Sep 17 00:00:00 2001
0719f5
From: Jakub Hrozek <jhrozek@redhat.com>
0719f5
Date: Fri, 18 Jun 2021 18:45:38 +0200
0719f5
Subject: [PATCH 7/7] test13_test_lasso_server_load_metadata: Don't verify
0719f5
 signature if lasso is not configured with sha-1 (#54037)
0719f5
0719f5
---
0719f5
 tests/basic_tests.c | 10 +++++++++-
0719f5
 1 file changed, 9 insertions(+), 1 deletion(-)
0719f5
0719f5
diff --git a/tests/basic_tests.c b/tests/basic_tests.c
0719f5
index 0652abc28..470d64fc6 100644
0719f5
--- a/tests/basic_tests.c
0719f5
+++ b/tests/basic_tests.c
0719f5
@@ -1974,6 +1974,14 @@ START_TEST(test13_test_lasso_server_load_metadata)
0719f5
 	LassoServer *server = NULL;
0719f5
 	GList *loaded_entity_ids = NULL;
0719f5
 	GList blacklisted_1 = { .data = "https://identities.univ-jfc.fr/idp/prod", .next = NULL };
0719f5
+	const gchar *trusted_roots = TESTSDATADIR "/rootCA.crt";
0719f5
+
0719f5
+	/* The IDP metadata file is signed with rsa-sha1, so verifying it would
0719f5
+	 * fail incase sha1 is not available
0719f5
+	 */
0719f5
+	if (lasso_get_default_signature_method() != LASSO_SIGNATURE_METHOD_RSA_SHA1) {
0719f5
+		trusted_roots = NULL;
0719f5
+	}
0719f5
 
0719f5
 	check_not_null(server = lasso_server_new(
0719f5
 			TESTSDATADIR "/idp5-saml2/metadata.xml",
0719f5
@@ -1983,7 +1991,7 @@ START_TEST(test13_test_lasso_server_load_metadata)
0719f5
 	block_lasso_logs;
0719f5
 	check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP,
0719f5
 				TESTSDATADIR "/metadata/renater-metadata.xml",
0719f5
-				TESTSDATADIR "/rootCA.crt",
0719f5
+				trusted_roots,
0719f5
 				&blacklisted_1, &loaded_entity_ids,
0719f5
 				LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT));
0719f5
 	unblock_lasso_logs;
0719f5
-- 
0719f5
2.26.3
0719f5