Bug#837526: marked as done (libshibsp7: needs rebuild before testing migration)

Debian Bug Tracking System Wed, 14 Sep 2016 00:22:34 -0700

Your message dated Wed, 14 Sep 2016 09:19:47 +0200
with message-id <878tuv7xt8....@lant.ki.iif.hu>
and subject line The rebuild is done
has caused the Debian Bug report #837526,
regarding libshibsp7: needs rebuild before testing migration
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
837526: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837526
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: shibboleth-sp2-common
Version: 2.6.0+dfsg1-3
Severity: important
Tags: patch

Dear Maintainer,

   * What led up to the situation?

      Updated shibboleth from previous 2.5.x; two packages refused to
install due to configuration errors.


   * What was the result of updating?

         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/catalog.xml'
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/saml20-catalog.xml'
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/saml11-catalog.xml'
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         2016-09-06 17:31:45 WARN XMLTooling.ParserPool : warning on
line 0, column 0, message: unable to open primary document entity
'/usr/share/xml/shibboleth/xmldsig-core-schema.xsd'
         2016-09-06 17:31:45 WARN XMLTooling.ParserPool : warning on
line 0, column 0, message: unable to open primary document entity
'/usr/share/xml/shibboleth/xml.xsd'
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 143, column 56, message: namespace
'http://www.w3.org/XML/1998/namespace' is referenced without import
declaration
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 254, column 56, message: namespace
'http://www.w3.org/2000/09/xmldsig#' is referenced without import
declaration
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 254, column 56, message: referenced element 'ds:Signature' not
found
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 277, column 31, message: namespace
'http://www.w3.org/2000/09/xmldsig#' is referenced without import
declaration
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 277, column 31, message: referenced element 'ds:KeyInfo' not
found
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 291, column 48, message: namespace
'http://www.w3.org/2000/09/xmldsig#' is referenced without import
declaration
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : error on
line 291, column 48, message: referenced element 'ds:Signature' not
found
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : fatal error
on line 1, column 1, message: invalid document structure
         2016-09-06 17:31:45 ERROR XMLTooling.ParserPool : fatal error
on line 9, column 154, message: fatal error during schema scan
         2016-09-06 17:31:45 ERROR Shibboleth.Config : error while
loading resource (/etc/shibboleth/shibboleth2.xml): XML error(s)
during parsing, check log for specifics
         2016-09-06 17:31:45 FATAL Shibboleth.Config : caught
exception while loading configuration: XML error(s) during parsing,
check log for specifics
         <3>configuration is invalid, check console for specific problems


   * What exactly did you do to try and address the situation?

      I used "/usr/sbin/shibd -t" to test the configuration changes I
added this to console.logger to debug the problem:

         log4j.category.XMLTooling.ParserPool=DEBUG

      Finally, modified the /usr/share/xml/shibboleth/catalog.xml file
to add the six required lines:

         <system systemId="http://www.w3.org/XML/1998/namespace";
uri="/usr/share/xml/xmltooling/xml.xsd"/>
         <system systemId="http://www.w3.org/2001/04/xmlenc#";
uri="/usr/share/xml/xmltooling/xenc-schema.xsd"/>
         <system systemId="http://www.w3.org/2000/09/xmldsig#";
uri="/usr/share/xml/xmltooling/xmldsig-core-schema.xsd"/>

         <system systemId="urn:oasis:names:tc:SAML:2.0:assertion"
uri="/usr/share/xml/opensaml/saml-schema-assertion-2.0.xsd"/>
         <system systemId="urn:oasis:names:tc:SAML:2.0:protocol"
uri="/usr/share/xml/opensaml/saml-schema-protocol-2.0.xsd"/>
         <system systemId="urn:oasis:names:tc:SAML:2.0:metadata"
uri="/usr/share/xml/opensaml/saml-schema-metadata-2.0.xsd"/>


   * What was the outcome from this action?

      The service started successfully, despite some suspicious error messages.

         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/catalog.xml'
         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/saml20-catalog.xml'
         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : fatal error
on line 0, column 0, message: unable to open primary document entity
'/saml11-catalog.xml'
         2016-09-06 17:33:03 ERROR XMLTooling.ParserPool : catalog
loader caught exception: XML error(s) during parsing, check log for
specifics
         overall configuration is loadable, check console for non-fatal problems


   * What else would you like the maintainer to know?

      There were a few other suspicious messages at the DEBUG level:

         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve 
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
with baseURI /usr/share/xml/shibboleth/shibboleth-2.0-afp.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve classpath:/schema/shibboleth-2.0-afp.xsd with baseURI
/usr/share/xml/shibboleth/shibboleth-2.0-afp-mf-basic.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(classpath:/schema/shibboleth-2.0-afp.xsd), blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve classpath:/schema/shibboleth-2.0-afp.xsd with baseURI
/usr/share/xml/shibboleth/shibboleth-2.0-afp-mf-saml.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(classpath:/schema/shibboleth-2.0-afp.xsd), blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve 
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
with baseURI /usr/share/xml/opensaml/saml-schema-assertion-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd
with baseURI /usr/share/xml/opensaml/saml-schema-assertion-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve 
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
with baseURI /usr/share/xml/opensaml/saml-schema-protocol-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve 
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
with baseURI /usr/share/xml/opensaml/saml-schema-metadata-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd
with baseURI /usr/share/xml/opensaml/saml-schema-metadata-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request
(http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd),
blocking it
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool : asked to
resolve http://www.w3.org/2001/xml.xsd with baseURI
/usr/share/xml/opensaml/saml-schema-metadata-2.0.xsd
         2016-09-06 17:33:03 DEBUG XMLTooling.ParserPool :
unauthorized entity request (http://www.w3.org/2001/xml.xsd), blocking
it

      I'm not sure what the correct solution is, but I was able to
make those messages go away, by removing the file path from the
schemaLocation and leaving only the filename.


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- Configuration Files:
/etc/shibboleth/attribute-map.xml changed [not included]
/etc/shibboleth/shibboleth2.xml changed [not included]

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/share/xml/shibboleth/catalog.xml (from
shibboleth-sp2-common package)

--- End Message ---

--- Begin Message ---

Version: 2.6.0+dfsg1-3+b1

#836941 was taken care of, the rebuilds happened and the resulting
2.6.0+dfsg1-3+b1 works for me.  Please upgrade and retest in your setup.
This upgrade WILL NOT overwrite your changes in
/usr/share/xml/shibboleth/catalog.xml, so please remove them manually or
reinstall shibboleth-sp2-common as well.
-- 
Thanks,
Feri

--- End Message ---

Bug#837526: marked as done (libshibsp7: needs rebuild before testing migration)

Reply via email to