File: 0001-Fixes-for-xmlsec-1.3.patch

package info (click to toggle)
nordugrid-arc 7.0.0-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 29,660 kB
  • sloc: cpp: 136,314; python: 12,444; perl: 12,313; php: 11,408; sh: 10,820; ansic: 3,295; makefile: 3,149; xml: 180; sql: 130; javascript: 53; sed: 30
file content (100 lines) | stat: -rw-r--r-- 4,754 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
From 2f9f5678e71b098810945e558302366ab3189068 Mon Sep 17 00:00:00 2001
From: Mattias Ellert <mattias.ellert@physics.uu.se>
Date: Tue, 10 Jun 2025 17:16:44 +0200
Subject: [PATCH] Fixes for xmlsec 1.3

Fixes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106895
---
 src/hed/libs/ws-security/SAMLToken.cpp | 9 +++++++++
 src/hed/libs/ws-security/X509Token.cpp | 6 +++++-
 src/hed/libs/xmlsec/XMLSecNode.cpp     | 5 +++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/hed/libs/ws-security/SAMLToken.cpp b/src/hed/libs/ws-security/SAMLToken.cpp
index 958d5f4a8..717ffb0f5 100644
--- a/src/hed/libs/ws-security/SAMLToken.cpp
+++ b/src/hed/libs/ws-security/SAMLToken.cpp
@@ -18,6 +18,7 @@
 #include <xmlsec/xmlenc.h>
 #include <xmlsec/templates.h>
 #include <xmlsec/crypto.h>
+#include <xmlsec/version.h>
 
 #include <xmlsec/openssl/app.h>
 #include <openssl/bio.h>
@@ -313,7 +314,11 @@ SAMLToken::SAMLToken(SOAPEnvelope& soap, const std::string& certfile, const std:
       //Sign the assertion
       xmlSecDSigCtx *dsigCtx = xmlSecDSigCtxCreate(NULL);
       //load private key, assuming there is no need for passphrase
+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 3 )
       dsigCtx->signKey = xmlSecCryptoAppKeyLoad(keyfile.c_str(), xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#else
+      dsigCtx->signKey = xmlSecCryptoAppKeyLoadEx(keyfile.c_str(), xmlSecKeyDataTypePrivate, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#endif
       if(dsigCtx->signKey == NULL) {
         xmlSecDSigCtxDestroy(dsigCtx);
         std::cerr<<"Can not load key"<<std::endl; return;
@@ -384,7 +389,11 @@ SAMLToken::SAMLToken(SOAPEnvelope& soap, const std::string& certfile, const std:
     //Sign the assertion
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     //load private key, assuming there is no need for passphrase
+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 3 )
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(keyfile.c_str(), xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#else
+    dsigCtx->signKey = xmlSecCryptoAppKeyLoadEx(keyfile.c_str(), xmlSecKeyDataTypePrivate, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#endif
     if(dsigCtx->signKey == NULL) {
       xmlSecDSigCtxDestroy(dsigCtx);
       std::cerr<<"Can not load key"<<std::endl; return;
diff --git a/src/hed/libs/ws-security/X509Token.cpp b/src/hed/libs/ws-security/X509Token.cpp
index fd6eff9e1..ecbc82b8d 100644
--- a/src/hed/libs/ws-security/X509Token.cpp
+++ b/src/hed/libs/ws-security/X509Token.cpp
@@ -19,6 +19,7 @@
 #include <xmlsec/xmlenc.h>
 #include <xmlsec/templates.h>
 #include <xmlsec/crypto.h>
+#include <xmlsec/version.h>
 
 #include <xmlsec/openssl/app.h>
 #include <openssl/bio.h>
@@ -359,8 +360,11 @@ X509Token::X509Token(SOAPEnvelope& soap, const std::string& certfile, const std:
     //Sign the SOAP message
     xmlSecDSigCtx *dsigCtx = xmlSecDSigCtxCreate(NULL);
     //load private key, assuming there is no need for passphrase
+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 3 )
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(keyfile.c_str(), xmlSecKeyDataFormatPem, NULL, NULL, NULL);
-    //dsigCtx->signKey = xmlSecCryptoAppKeyLoad(keyfile.c_str(), xmlSecKeyDataFormatPem, NULL, (void*)passphrase_callback, NULL);
+#else
+    dsigCtx->signKey = xmlSecCryptoAppKeyLoadEx(keyfile.c_str(), xmlSecKeyDataTypePrivate, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#endif
     if(dsigCtx->signKey == NULL) {
       xmlSecDSigCtxDestroy(dsigCtx);
       std::cerr<<"Can not load key"<<std::endl; return;
diff --git a/src/hed/libs/xmlsec/XMLSecNode.cpp b/src/hed/libs/xmlsec/XMLSecNode.cpp
index b3b3108b7..2e3c9faed 100644
--- a/src/hed/libs/xmlsec/XMLSecNode.cpp
+++ b/src/hed/libs/xmlsec/XMLSecNode.cpp
@@ -12,6 +12,7 @@
 #include <xmlsec/xmldsig.h>
 #include <xmlsec/xmlenc.h>
 #include <xmlsec/templates.h>
+#include <xmlsec/version.h>
 
 //#include <xmlsec/openssl/app.h>
 #include <openssl/bio.h>
@@ -89,7 +90,11 @@ bool XMLSecNode::SignNode(const std::string& privkey_file, const std::string& ce
     std::cerr<<"Can not allocate key"<<std::endl; return false;
   }
   //load private key, assuming there is no need for passphrase
+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 3 )
   dsigCtx->signKey = xmlSecCryptoAppKeyLoad(privkey_file.c_str(), xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#else
+  dsigCtx->signKey = xmlSecCryptoAppKeyLoadEx(privkey_file.c_str(), xmlSecKeyDataTypePrivate, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+#endif
   if(dsigCtx->signKey == NULL) {
     xmlSecDSigCtxDestroy(dsigCtx);
     std::cerr<<"Can not load key"<<std::endl; return false;
-- 
2.49.0