Package: liblasso3 Version: 2.5.0-5+b1 Severity: important Dear Maintainer,
I installed liblasso3 (a requirement for mod_auth_mellon). Configured to use ADFS as authsource. When signing of claims is enabled liblasso3 dies with signal 11 sigsegv. If I disable signing of claims everything works. Also see : https://github.com/Uninett/mod_auth_mellon/issues/203 (gdb) run -X -k start Starting program: /usr/sbin/apache2 -X -k start [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00007ffff3a33a1e in RSA_sign () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 (gdb) bt #0 0x00007ffff3a33a1e in RSA_sign () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 #1 0x00007ffff54b11ea in ?? () from /usr/lib/liblasso.so.3 #2 0x00007ffff54f66d0 in ?? () from /usr/lib/liblasso.so.3 #3 0x00007ffff54f6894 in ?? () from /usr/lib/liblasso.so.3 #4 0x00007ffff54f4d74 in ?? () from /usr/lib/liblasso.so.3 #5 0x00007ffff54f54ac in ?? () from /usr/lib/liblasso.so.3 #6 0x00007ffff54fb628 in ?? () from /usr/lib/liblasso.so.3 #7 0x00007ffff54d312a in lasso_login_build_authn_request_msg () from /usr/lib/liblasso.so.3 #8 0x00007ffff5eb6b8d in am_init_authn_request_common (r=r@entry=0x7fffddfae0a0, login_return=login_return@entry=0x7fffffffdea0, idp=idp@entry=0x7fffddfaa770 "http://adfs.arcada.fi/adfs/services/trust", http_method=http_method@entry=LASSO_HTTP_METHOD_REDIRECT, destination_url=destination_url@entry=0x555555bd31a0 "https://adfs.arcada.fi/adfs/ls/", assertion_consumer_service_url=assertion_consumer_service_url@entry=0x555555bb7840 "https://asta.arcada.fi/endpoint/postResponse", return_to_url=0x7fffddfaa5f0 "https://asta.arcada.fi/", is_passive=0) at auth_mellon_handler.c:2945 #9 0x00007ffff5eb77b4 in am_send_login_authn_request (r=r@entry=0x7fffddfae0a0, idp=0x7fffddfaa770 "http://adfs.arcada.fi/adfs/services/trust", return_to_url=return_to_url@entry=0x7fffddfaa5f0 "https://asta.arcada.fi/", is_passive=0) at auth_mellon_handler.c:3151 #10 0x00007ffff5eb8f92 in am_handle_login (r=0x7fffddfae0a0) at auth_mellon_handler.c:3282 #11 am_handler (r=0x7fffddfae0a0) at auth_mellon_handler.c:3540 #12 0x00005555555abd60 in ap_run_handler (r=r@entry=0x7fffddfae0a0) at config.c:170 #13 0x00005555555ac2f6 in ap_invoke_handler (r=r@entry=0x7fffddfae0a0) at config.c:434 #14 0x00005555555c3f33 in ap_process_async_request (r=0x7fffddfae0a0) at http_request.c:436 #15 0x00005555555c4040 in ap_process_request (r=r@entry=0x7fffddfae0a0) at http_request.c:471 #16 0x00005555555c00fd in ap_process_http_sync_connection (c=0x7fffe58be290) at http_core.c:210 #17 ap_process_http_connection (c=0x7fffe58be290) at http_core.c:251 #18 0x00005555555b5bd0 in ap_run_process_connection (c=c@entry=0x7fffe58be290) at connection.c:42 #19 0x00005555555b6120 in ap_process_connection (c=c@entry=0x7fffe58be290, csd=) at connection.c:226 #20 0x00007fffeaf456bf in child_main (child_num_arg=child_num_arg@entry=0, child_bucket=child_bucket@entry=0) at prefork.c:723 #21 0x00007fffeaf458da in make_child (s=0x7ffff7fc34a0, slot=slot@entry=0) at prefork.c:768 #22 0x00007fffeaf46dfd in prefork_run (_pconf=, plog=0x7ffff7fbe028, s=0x7ffff7fc34a0) at prefork.c:975 #23 0x000055555558f0fe in ap_run_mpm (pconf=0x7ffff7ff0028, plog=0x7ffff7fbe028, s=0x7ffff7fc34a0) at mpm_common.c:94 #24 0x0000555555587cfd in main (argc=, argv=) at main.c:783 -- System Information: Debian Release: 9.8 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages liblasso3 depends on: ii libc6 2.24-11+deb9u4 ii libglib2.0-0 2.50.3-2 ii libssl1.0.2 1.0.2r-1~deb9u1 ii libxml2 2.9.4+dfsg1-2.2+deb9u2 ii libxmlsec1 1.2.23-0.1 ii libxmlsec1-openssl 1.2.23-0.1 ii libxslt1.1 1.1.29-2.1 ii zlib1g 1:1.2.8.dfsg-5 liblasso3 recommends no packages. liblasso3 suggests no packages. -- no debconf information