AUR (en) - shibboleth-sp

Git Clone URL:	https://aur.archlinux.org/shibboleth-sp.git (read-only, click to copy)
Package Base:	shibboleth-sp
Description:	Shibboleth SAML2 Service Provider (including Apache mod_shib)
Upstream URL:	https://wiki.shibboleth.net/confluence/display/SP3/Home
Keywords:	authentication sso
Licenses:	Apache
Submitter:	grawity
Maintainer:	grawity
Last Packager:	grawity
Votes:	0
Popularity:	0.000000
First Submitted:	2021-03-20 23:30 (UTC)
Last Updated:	2023-01-11 06:24 (UTC)

Latest Comments

v01ver commented on 2023-03-15 12:02 (UTC)

[SOLVED] No openssl 3.x support - rebuild xml-security-c, xmltooling and opensaml

Thank you very much :D!

grawity commented on 2023-03-15 10:03 (UTC) (edited on 2023-03-15 10:08 (UTC) by grawity)

Force a rebuild of the xml-security-c package first. The main SP software doesn't link against OpenSSL at all – only xml-security-c and xmltooling do (and they both support OpenSSL 3), so it could be that you have a mixed installation where /usr/lib/libxml-security-c.so.20 hasn't been rebuilt for the new libcrypto.

$ lddtree /usr/bin/shibd
/usr/bin/shibd (interpreter => /lib64/ld-linux-x86-64.so.2)
    libshibsp.so.11 => /usr/lib/libshibsp.so.11
        libxml-security-c.so.20 => /usr/lib/libxml-security-c.so.20
            libcrypto.so.3 => /usr/lib/libcrypto.so.3
        libxmltooling.so.10 => /usr/lib/libxmltooling.so.10
            libssl.so.3 => /usr/lib/libssl.so.3

v01ver commented on 2023-03-15 09:53 (UTC) (edited on 2023-03-15 09:58 (UTC) by v01ver)

No openssl 3.x support

Not able to build with openssl version 3.x. It looks like it support libcrypto.so.1.1 version what is a part of openssl 1.1.

./shibboleth-sp makepkg

Error message:

/usr/bin/ld: warning: libcrypto.so.1.1, needed by /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../lib/libxml-security-c.so, not found (try using -rpath or -rpath-link)
/usr/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../lib/libxml-security-c.so: undefined reference to `BN_bin2bn@OPENSSL_1_1_0'
/usr/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../lib/libxml-security-c.so: undefined reference to `DSA_do_verify@OPENSSL_1_1_0'
...
..
.
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:521: shibd] Error 1
make[1]: *** [Makefile:660: all-recursive] Error 1
make: *** [Makefile:564: all] Error 2
==> ERROR: Error in function build().

Package of libcrypto.so.1.1 file

pacman -F /usr/lib/libcrypto.so.1.1
usr/lib/libcrypto.so.1.1 is owned by core/openssl-1.1 1.1.1.s-4

My current openssl version:

pacman -Q openssl
openssl 3.0.8-1

ls -l /usr/lib/libcrypto*
/usr/lib/libcrypto.so -> libcrypto.so.3
/usr/lib/libcrypto.so.3

Arch Linux User Repository

Search Criteria

Package Details: shibboleth-sp 3.4.1-1

Package Actions

Dependencies (18)

Required by (0)

Sources (6)

Latest Comments

v01ver commented on 2023-03-15 12:02 (UTC)

grawity commented on 2023-03-15 10:03 (UTC) (edited on 2023-03-15 10:08 (UTC) by grawity)

v01ver commented on 2023-03-15 09:53 (UTC) (edited on 2023-03-15 09:58 (UTC) by v01ver)

No openssl 3.x support