-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update monkey patch for python-saml #1421
Comments
https://pypi.python.org/pypi/dm.xmlsec.binding/1.3.3
That's the closest I can get to change changed in that lib |
The segfault seems to be pretty easy to create inside the tools_awx container
|
The segfault can also be reproduced by running Adding the |
Is the monkey patch still needed? |
…-form Prevent user from selecting an invalid JT when adding/editing a wfjt node
I've been digging through some history, and it looks like the git requirements are not needed anymore, because of how this problem was resolved: |
Here's the story, the
__init__.py
of the sso app has some heroic logic (written by @cchurch) in order to avoid a segmentation fault in CentOS triggered in a library that it uses.awx/awx/sso/__init__.py
Lines 4 to 23 in f907995
Related issue for the library SAML-Toolkits/python-saml#30 (comment)
Within the current batch of dependencies, it was found that a segmentation fault occurred (borking the entire app) on version 2.2.3 of python-saml, but not version 2.2.2. This is what changed between the versions.
SAML-Toolkits/python-saml@v2.2.2...v2.2.3
Note that the monkeypatch changed things with the
dm.xmlsec.binding
, and that the upgrade of python-saml upgradeddm.xmlsec.binding
.Clearly these things are connected.
It looks like we need to alter the monkeypatch logic in
awx/sso/__init__.py
to be compatible with python-saml>=2.2.3 (specifically its updated dependency,dm.xmlsec.binding
1.3.3).I'm carding this out separately so it doesn't hold up the timeframe of the rest of dependency updates.
The text was updated successfully, but these errors were encountered: