security/lasso (and indirectly www/mod_auth_mellon) broke after security/xmlsec1 upgrade to 1.3.5: Cannot load libexec/apache24/mod_auth_mellon.so into server: /usr/local/lib/liblasso.so.3: Undefined symbol "xmlSecCryptoAppKeyLoad" Reverting to 1.3.2 fixed the issue.
Created attachment 254460 [details] Proposed fix I've applied a version of the upstream patch from https://git.entrouvert.org/entrouvert/lasso/pulls/10 to the version in 2024Q4, and confirmed it passes portlint (with two warnings that were there before) as well as poudriere testport. This also bumps portrevision for lasso to _1. Also tested this on dayjob's (testing) infra with a system known to be configured with saml auth before. Apache cleanly restarts, and saml auth is working. Apologies for weird patch naming, this workflow is a bit weird to me.
Also note the subject of this bug is wrong. It's lasso that's broken, not xmlsec1.
*** Bug 282591 has been marked as a duplicate of this bug. ***
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=e323ac9ae8503ff7936a02cb8bcc114d8d971892 commit e323ac9ae8503ff7936a02cb8bcc114d8d971892 Author: Muhammad Moinur Rahman <bofh@FreeBSD.org> AuthorDate: 2024-11-08 07:07:08 +0000 Commit: Muhammad Moinur Rahman <bofh@FreeBSD.org> CommitDate: 2024-11-08 08:32:25 +0000 security/lasso: Runtime fix after xmlsec1 upgrade - Fix build with upcoming libxml upgrade [1] PR: 282243, 281592[1] Reported by: ray@bellis.me.uk, diizzy[1] security/lasso/Makefile | 10 +++++++++- security/lasso/distinfo | 12 +++++++++++- security/lasso/files/patch-bindings_php5_Makefile.in | 4 ++-- ...h-lasso_xml_saml-2.0_samlp2__logout__request.c (new) | 17 +++++++++++++++++ 4 files changed, 39 insertions(+), 4 deletions(-)