OpenSAML build test failures

Tue Aug 7 11:32:36 EDT 2018

Hi,

OpenSAML 3.0.0 samltest exits with ten failures under current Debian
unstable:

pristine/opensaml-3.0.0$ cat samltest/test-suite.log 
=============================================
   opensaml 3.0.0: samltest/test-suite.log
=============================================

# TOTAL: 1
# PASS:  0
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: samltest
==============

Running cxxtest tests (316 tests)........
In EncryptedAssertionTest::testEncryptedAssertion:
./internal.h:104: Error: Test failed: Unmarshalled assertion does not match
./internal.h:104: Error: Assertion failed: false
In SAML1AssertionTest::testSignature:
./internal.h:104: Error: Test failed: Unmarshalled assertion does not match
./internal.h:104: Error: Assertion failed: false
In SAML1RequestTest::testSignature:
./internal.h:104: Error: Test failed: Unmarshalled request does not match
./internal.h:104: Error: Assertion failed: false
In SAML1ResponseTest::testSignature:
./internal.h:104: Error: Test failed: Unmarshalled response does not match
./internal.h:104: Error: Assertion failed: false
In SAML2AssertionTest::testSignature:
./internal.h:104: Error: Test failed: Unmarshalled assertion does not match
./internal.h:104: Error: Assertion failed: false
.1533653579 ERROR XMLTooling.TrustEngine.PKIX : certificate name was not acceptable
...............................................1533653579 ERROR OpenSAML.MessageDecoder.SAML1Artifact decode: replay detected of artifact (AAGmvK93AsWGNdEuCU9RCaIIqlHJZoxc3B9VA+1gEdQJOl8/FR0Ou7rQ
)
.1533653579 ERROR OpenSAML.SecurityPolicyRule.MessageFlow decode: replay detected of message ID (_60e113ea8afab6cc0be97197a9de8def)
.1533653579 ERROR OpenSAML.SecurityPolicyRule.AudienceRestriction : unacceptable AudienceRestrictionCondition in assertion (<saml:AudienceRestrictionCondition xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
            <saml:Audience>https://sp.example.org</saml:Audience>
        </saml:AudienceRestrictionCondition>)
.................................................................................................................................................................................................................................................1533653579 ERROR OpenSAML.MessageDecoder.SAML2Artifact decode: replay detected of artifact (AAQAAaa8r3cCxYY10S4JT1EJogiqUclmm5hvv+g8gVGt14tPTteasIBMnYE=
)
.1533653579 ERROR OpenSAML.SecurityPolicyRule.MessageFlow decode: replay detected of message ID (_ae17707ff55c1f22035c563bfb72e532)
.1533653579 ERROR OpenSAML.SecurityPolicyRule.MessageFlow decode: replay detected of message ID (_8fb1a70154472d90a41a8a41b8dde272)
.1533653579 ERROR OpenSAML.SecurityPolicyRule.MessageFlow decode: replay detected of message ID (_7de46880548fa109271de653443de7a8)
.1533653579 ERROR XMLTooling.ParserPool : fatal error on line 1, column 103, message: invalid document structure
1533653579 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (../samltest/data/saml2/metadata/InCommon-metadata.xml): XML error(s) during parsing, check log for specifics

In XMLMetadataProviderTest::testBadSig:
saml2/metadata/XMLMetadataProviderTest.h:56: Error: Test failed: XML error(s) during parsing, check log for specifics
1533653579 ERROR OpenSAML.MetadataProvider.Chaining : MetadataProvider child element of type MetadataFilter ignored
1533653579 ERROR OpenSAML.MetadataProvider.Chaining : MetadataProvider child element of type MetadataFilter ignored
.1533653579 ERROR XMLTooling.ParserPool : fatal error on line 1, column 103, message: invalid document structure
1533653579 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (../samltest/data/saml2/metadata/InCommon-metadata.xml): XML error(s) during parsing, check log for specifics

In XMLMetadataProviderTest::testXMLProvider:
saml2/metadata/XMLMetadataProviderTest.h:96: Error: Test failed: XML error(s) during parsing, check log for specifics
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 151441516 in ../crypto/pem/pem_lib.c, line 691
1533653579 ERROR OpenSSL MetadataProvider: error data: Expecting: CERTIFICATE
1533653579 ERROR OpenSSL MetadataProvider: error code: 33558530 in ../crypto/bio/bss_file.c, line 292
1533653579 ERROR OpenSSL MetadataProvider: error data: fopen('../../../samltest/data/incommon.pem','r')
1533653579 ERROR OpenSSL MetadataProvider: error code: 537346050 in ../crypto/bio/bss_file.c, line 294
In XMLMetadataProviderTest::testHTTPProvider:
saml2/metadata/XMLMetadataProviderTest.h:139: Error: Test failed: Unable to load certificate(s) from file (../../../samltest/data/incommon.pem).
1533653579 ERROR XMLTooling.ParserPool : fatal error on line 1, column 103, message: invalid document structure
1533653579 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (../samltest/data/saml2/metadata/InCommon-metadata.xml): XML error(s) during parsing, check log for specifics
In XMLMetadataProviderTest::testXMLWithBlacklists:
saml2/metadata/XMLMetadataProviderTest.h:184: Error: Test failed: XML error(s) during parsing, check log for specifics
1533653579 ERROR XMLTooling.ParserPool : fatal error on line 1, column 103, message: invalid document structure
1533653579 ERROR OpenSAML.MetadataProvider.XML : error while loading resource (../samltest/data/saml2/metadata/InCommon-metadata.xml): XML error(s) during parsing, check log for specifics
In XMLMetadataProviderTest::testXMLWithWhitelists:
saml2/metadata/XMLMetadataProviderTest.h:215: Error: Test failed: XML error(s) during parsing, check log for specifics
1533653579 ERROR OpenSAML.SecurityPolicyRule.AudienceRestriction : unacceptable AudienceRestriction in assertion (<saml:AudienceRestriction xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
            <saml:Audience>https://sp.example.org</saml:Audience>
        </saml:AudienceRestriction>)
1533653579 ERROR OpenSAML.SecurityPolicyRule.BearerConfirmation : bearer confirmation failed with request correlation mismatch
..
Failed 10 and Skipped 0 of 316 tests
Success rate: 96%
FAIL samltest (exit status: 10)

While I'm trying to find out myself, I'd be grateful for tips to what
could be wrong here.
-- 
Thanks,
Feri