[Bug 1897117] Re: [SRU] liblasso3 on Bionic fails to process the ECP authn response

Mon, 05 Oct 2020 02:51:18 -0700 

** Description changed:

  [Impact]
  
-  * liblasso3 fails when processing an ECP authn response
+  * liblasso3 fails when processing an ECP authn response
  
-  * ECP authn responses are required to make Keystone <-> Keystone
+  * ECP authn responses are required to make Keystone <-> Keystone
  federation work
  
  [Test Case]
  
- TBD
+ Follow setup guide at
+ https://github.com/ionutbalutoiu/juju-keystone-federation to validate that 
the Keystone <-> Keystone federattion works after this update.
  
  [Regression Potential]
  
  Minimal. There are very few other packages that depend on it, and the
  change is trivial. There are fixes in handling SAML responses in which
  only the assertions are signed, in addition to a couple of fixes around
  handling assertion hints unexpectedly aborting.
  
  -------------------------------------------------------------------
  
  The liblasso3 package (dependency of libapache2-mod-auth-mellon) fails
  when processing a ECP authn response.
  
  Error message given by the Apache2 Mellon auth module:
  [auth_mellon:error] Error processing ECP authn response. Lasso error: [101] 
Signature element not found.
  
  This issue can be reproduced into an OpenStack environment with Keystone
  to Keystone federation, using Apache2 Mellon module for the SP (service
  provider).
  
  I managed to reproduce this on:
  * Ubuntu 18.04 (Bionic) with liblasso3 2.5.1-0ubuntu1.1
  * Ubuntu 20.04 (Focal) with liblasso3 2.6.0-7ubuntu1
  
  This was fixed in the upstream Lasso project
  (https://dev.entrouvert.org/issues/26828), and it is shipped with
  versions 2.6.1 or newer.
  
  I tested liblasso3 2.6.1 on both Bionic and Focal and it fixes the
  problem.

** Changed in: lasso (Ubuntu Focal)
       Status: Incomplete => New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1897117

Title:
  [SRU] liblasso3 on Bionic fails to process the ECP authn response

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lasso/+bug/1897117/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to