test13_test_lasso_server_load_metadata: Don't verify signature if lasso is not configured with sha-1 (#54037)

This commit is contained in:
Jakub Hrozek 2021-06-18 18:45:38 +02:00 committed by Benjamin Dauvergne
parent f70eee9ef7
commit 1b0000e016
1 changed files with 9 additions and 1 deletions

View File

@ -1974,6 +1974,14 @@ START_TEST(test13_test_lasso_server_load_metadata)
LassoServer *server = NULL;
GList *loaded_entity_ids = NULL;
GList blacklisted_1 = { .data = "https://identities.univ-jfc.fr/idp/prod", .next = NULL };
const gchar *trusted_roots = TESTSDATADIR "/rootCA.crt";
/* The IDP metadata file is signed with rsa-sha1, so verifying it would
* fail incase sha1 is not available
*/
if (lasso_get_default_signature_method() != LASSO_SIGNATURE_METHOD_RSA_SHA1) {
trusted_roots = NULL;
}
check_not_null(server = lasso_server_new(
TESTSDATADIR "/idp5-saml2/metadata.xml",
@ -1983,7 +1991,7 @@ START_TEST(test13_test_lasso_server_load_metadata)
block_lasso_logs;
check_good_rc(lasso_server_load_metadata(server, LASSO_PROVIDER_ROLE_IDP,
TESTSDATADIR "/metadata/renater-metadata.xml",
TESTSDATADIR "/rootCA.crt",
trusted_roots,
&blacklisted_1, &loaded_entity_ids,
LASSO_SERVER_LOAD_METADATA_FLAG_DEFAULT));
unblock_lasso_logs;