Hello,
The profile.c if from the lasso module ->
https://github.com/adieu/lasso/blob/master/lasso/saml-2.0/profile.c
We need to find which lasso function in SOGoSAML2Session.m (I assume, it may be
another file) is called and make that error, then check the arguments given.
Quentin
-----Original Message-----
From: users-requ...@sogo.nu <users-requ...@sogo.nu> On Behalf Of Claas Hilbrecht
Sent: mardi 27 juin 2023 20:55
To: users@sogo.nu
Subject: Re: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm
Hi,
I recompiled the sogo 5.8.4 package from Debian sid and added some NSLog
outputs. So I can confirm that the SAML response is really ok and the content
is fine. But it seems something in my setup is wrong.
SOGo writes the current session to the sogo_sessions_folder. This works fine,
the content in stored in the mysql db. But after storing the session two errors
get logged:
---
(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24
(profile.c/:913) Trying to unref a non GObject pointer
file=profile.c:913 pointerbybname=profile->identity
pointer=0x55c2ab612ec0
(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24
(profile.c/:916) Trying to unref a non GObject pointer
file=profile.c:916 pointerbybname=profile->session
pointer=0x55c2ab547c90
---
I can't find the profile.c source code for now but I assumed sogo
tried to read from the table sogo_user_profile the users profile. But
even after creating this entry
INSERT INTO `sogo_user_profile` (`c_uid`, `c_defaults`, `c_settings`) VALUES
('claas.hilbre...@example.com', '{}', '{}');
I still get the above error... So what I'm missing?
---
Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "GET
/SOGo//claas.hilbre...@example.com HTTP/1.1" 302 0/0 0.015 - - 0 - 13
Jun 27 18:45:24 sogod [20775]: |SOGo| starting method 'POST' on uri
'/SOGo/saml2-signon-post'
2023-06-27 18:45:24.643 sogod[20775:20775] loginA: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] loginB: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] loginC: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] assertionA: <saml:Assertion
xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="ID_21fcb575-9d92-4539-889e-40cf22767fd0"
IssueInstant="2023-06-27T18:45:24.511Z"
Version="2.0"><saml:Issuer>https://auth.example.com/realms/master</saml:Issuer><dsig:Signature
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><dsig:Reference
URI="#ID_21fcb575-9d92-4539-889e-40cf22767fd0"><dsig:Transforms><dsig:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>KNo7JjLw1k6KyvJCzBkw6firW3TO2IvMr9Z+NiIeJqE=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>aDvUyS7iFXxi9ILF6byZeh1wbmqu2928G2KNa7zWGGEK0bDTv6udgHtoVnaBJ1+s4JE7G5QCBc/0KdmK+qveGwITcTXLSaSZHZuKfF3Nd1Q8HbA/m7YX9F0E8qFHBQkBCGvbSiR2Jttn2YXkGsxy+T455dV24Fl840KkM9ENiG4e2kHExHdM1aFMQbgBMxdJcWhBTkatnawBvSv5PpTvG8u0bU4UX7RlsdGnK+OnWCCe8tH1aKLUUaDRANuiEzroyVdBLbXEnmiYLru8QIx9ycckrx6NuIw6kNX73g07S5uQUS9fxemYs6BRNcHUHboL/aRPdq1XrgUDdBsTdDiFdQ==</dsig:SignatureValue><dsig:KeyInfo><dsig:KeyName>lW-L-g3kaWfrc5goQbcyY8W77J3-dWbKGA1joPXW19M</dsig:KeyName><dsig:X509Data><dsig:X509Certificate>MIICmzCCAYMCBgGAiWAFjDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwNTAzMTAwMTUzWhcNMzIwNTAzMTAwMzMzWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKbGwTJIDI7FURSwl83/CH15MTTVXN9ieRRcJ6Bd/tXogpNLMpqKCbMT3gdn7mF9XR+xNryKCwPIcDO2TMOE9yXxyLe4SQvj06zR+dK/v63sJk783rRO7APLFmoamQtONDc5nfqz3DpKbTCO0AqIK8Ki44TzQviEYaMzidApMI46bDl0ep5o/zCgzmNlVIZFdah4wp7c1wRw3+RVlrgJonT3dY7C+mHhLYrQ+pZsWb/6hmt1mvglf+Vh6iQrt6/I7uCMHH9LxxdRyaCCLZly6Zdei0qjlmp+VRTm+EMscct6kmeOgAXX5KCSh6n+flx7neL+MlQ0fgtGaBrnaxLzPDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOhSwEHfHPbBk/QmyYfIvvMekDEj6iZCx/mrLRY0QuZzimsGgTFGM4kHH3kBwRvrswiB/VFloUrAtSBK6/NLc7CGNAdZ+pazOYcD/b0FtmoeGNixQluXVPdzsLYLVVvxHC/XrHS7C9Ne2bfwal+OP5c/emuNuV6PSmqo8XZhSP3025TapoDph+07DKRZUiJbCYcKgWrW+/UbaLCi0enf7qY2q7f8ztCwMxkClNN1RxQb/Fh78CG8eIW5hypyP/FLMlcOiDMLynwoSxSuinuIT/pzS8KW5nh8CftevPh8peCrlLv6Xzux7Ys3FANnXOhUEKsgM1c+PTen87Nq3JZ6RM=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><saml:Subject><saml:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">G-2594070f-2a5d-452d-8a25-97a59350d785</saml:NameID><saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData
InResponseTo="_B242FC97294F0C92067C5F0410D67BB8"
NotOnOrAfter="2023-06-27T18:46:22.511Z"
Recipient="https://sogo.example.com/SOGo/saml2-signon-post"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions
NotBefore="2023-06-27T18:45:22.511Z"
NotOnOrAfter="2023-06-27T18:46:22.511Z"><saml:AudienceRestriction><saml:Audience>https://sogo.example.com/SOGo/saml2-metadata</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement
AuthnInstant="2023-06-27T18:45:24.511Z"
SessionIndex="16413760-ecf9-4e38-9b82-266b51046c5c::1e9f2cf8-cfb8-4f57-a147-7eb92f5825c6"
SessionNotOnOrAfter="2023-06-28T04:45:24.511Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute
FriendlyName="email" Name="email"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue
xmlns:xs="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:type="xs:string">claas.hilbre...@example.com</saml:AttributeValue></saml:Attribute><saml:Attribute
FriendlyName="username" Name="username"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue
xmlns:xs="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:type="xs:string">clahil</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>
2023-06-27 18:45:24.643 sogod[20775:20775] identifierA:
G-2594070f-2a5d-452d-8a25-97a59350d785
2023-06-27 18:45:24.645 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:
SELECT t1.c_creationdate, t1.c_id, t1.c_lastseen, t1.c_value FROM
sogo_sessions_folder t1 WHERE t1.c_id='AY9zox6L6tlqhvTT';
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query
has results, entering fetch-mode.
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:
ROLLBACK;
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:
INSERT INTO sogo_sessions_folder (c_lastseen, c_creationdate, c_value,
c_id) VALUES (1687891524, 1687891524,
'+6v3UAlzw1Uopz6KfBucDF/undxmEMWLRwYITYMMPL/WfB8aZiYjLw4LS+IqAGZDf4awmijbrXRySJkvBVBUMogRfMQi1DhmW1eqsfBRM/jTWF0w7UZdT4TccirJ+6vqoATWvjNiNFKxo9TXHXC6uSbom3iDukBubHvqO4gJsAis9kq+DvE/B4onJZU1GsYOC2mAclvhO0feGN/0HhNDUQ6UsQRHnbFourjAcZ2qBbwwIe3EvY8hzor/+d0530RAVgL+XQ6ztdHhJEisomlqBTQ8GkM/gyZJSjRnPP2yvTxvFOb1Qk+zQdkB6fzAoF4uZfOtZttcdyVsbflb+zPr760YiqHnybtQ57bZio73p40iyda/Q6elpkiyFwMQm7uBvhErfUc92P06fKYmoBdduGsnZOVJpDxHYL/ooSxxeD+oexo4gnXlMMlJ5Dbgm5kiN1Gtf6VZwIlljk4xyUu6lmzaYG0b22A1Ioqjyaj6OLignMPuk1tlfIqcZ2PHg2We+TlYZnXhh4k2PbK2jrbqrc8EmUdehTqJ9IE2qSKUvfpNLCNHzk5OdUg1BQFNRw+TAKx3AX8MoPS6fZnHNUzHduzT4NCmb6gLsPeHZqWVdYWskXyUblZwGJMh0es8VvhTMa86c1ePJb+Z+eQfojmSHk35UKIApZefJzxSXTwZrr6CEtNrNc/nKXhQgfdgvq+YzHLcZZdAFnugaLm+pUoIFLmticYvgn1VpCb1k2GL6kf1Uqt40R1tTyQ7TwPR1WTyHxt0yjWPX13a0cj5SU22nMkB8Q9wDuBfP1mtIssXDyHZINvo+U0U3K5/VJcm/imXHJinVfQXgpdjeKn0MACHpZv4Duk7OyCL3uaJAsk02LgDuK54eghp3StIE5zQGGAxr4k1zIYsLIuUiL+jGPUi2A2S4x2ZN1htAxWemOgN2N0fVp0QjhMt3Gv/YJcMYdOplNjOtkvMbayBhMsftehJ+/3lq9IGXIr8/qjvZ
wWy9WXuvgzzOAnmXOdlLXn8wb8c
HVVi6fVWp0X4+PQRxypEtpd2h9qzMX2ulwrugE0WOm67zsPnibH/mrrg7KV+G+WkGIGZlbXVWbXHre2+VeQ0YYZcStgKFK8oO6hgsHxjBm858ppgsxHegBXCg9vFIqku/0AF/+hScH/+s0mMLYs5oJK64t+aknIRUYYT/W1luKTKskuEYpp5ida1yKqshi96YCKn/DiYxaDZN0DaHVYlapzRxgsp6P1v4wSkEyS6bpquOw3vRKiKrDCbUurIQiD04PQY1M15SjfqjF14dKC6ejt0EJ/DF/zP8LzWIxi8vmS9tfQlnhONoVjBtyltYsOjDHsPr+WVhSpcgTnzRJaJIpJsUy4Nc4nBTYuEvh1v7okug+QyNmRMalDI0p98PwDbxjzoBX0A6mEBRuyhMeLR5qmXD5blXrvSgPEeRQPw1uJwhkaOej8gi3qek1g8IajgeCWbWw4eSQrT4ZW07AVOkh1q8sYpMRr+IyFUev5lDfnlsatPATOP30ISST8sGrWS8drpMd0xKmxg9iqaj4Ux3L6/QcSU2ZX6ogZ/9ggQhwofmM4ed2AZHgzq8A79rnZ4fXr8MGRCRx8N1W4p0eIhptc3r3oL/yp1UzVZe46NTJBLerRn2m40kfy+cTlL3kL9sJyebuv62MF22ycExyEYVQA/SOePpvhxdYFhEgKBAJ6Wl2nWi0ZZou0XAQgXtxHHOCTAUw1jCvfDoyZrqZLfTzpqtBOShAnNRkErXfPgKszn/qQBgow0CyO7gtQO8PKHMMdns5jJq/Q0xBo5CtLYTlfT77jHRGcJxUjFjE7rbRrkv6c4thYWPZpbyu9BohRQj1VBh++gyR4K/z2GD9m1eiitevSnyfVfTrqX9FyYN4GBKcOsikBhWdMGFNBO6B16CFBR8ZwBbY07PG1aKWIPpFi28iOl7I1F8f2Ci0bCmHWOiyLfOD2rzUf90kjSxEm3QRZhALKiqSNxcUbgRoZbrMBaItljyU4lNdhkIT
eYftskjaNLUfh2iNxOjg43PDLU
iV1gDKi2CNp1bKLtFCLeJZjYBStRQ9tTL9ZpJso1CAzoKpBpjxZq', 'AY9zox6L6tlqhvTT');
2023-06-27 18:45:24.647 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query
has no results.
2023-06-27 18:45:24.647 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:
COMMIT;
2023-06-27 18:45:24.647 sogod[20775:20775]
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query
has no results.
Jun 27 18:45:24 sogod [20775]: |SOGo| constructed root-url: /SOGo/
Jun 27 18:45:24 sogod [20775]: |SOGo| setting root-url in context: /SOGo/
Jun 27 18:45:24 sogod [20775]: |SOGo| ROOT baseURL(no container, name=(null)):
own: /SOGo/
attribute->Name: email == email (loginAttribue)
textNode->content: claas.hilbre...@example.com
(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24
(profile.c/:913) Trying to unref a non GObject pointer
file=profile.c:913 pointerbybname=profile->identity
pointer=0x55c2ab612ec0
(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24
(profile.c/:916) Trying to unref a non GObject pointer
file=profile.c:916 pointerbybname=profile->session
pointer=0x55c2ab547c90
Jun 27 18:45:24 sogod [20775]: |SOGo| request took 0.087479 seconds to execute
Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "POST
/SOGo/saml2-signon-post HTTP/1.1" 302 0/12977 0.089 - - 28K - 13
---
