commit xmltooling for openSUSE:Leap:15.2

Mon, 08 Jun 2020 06:12:21 -0700 

Hello community,

here is the log from the commit of package xmltooling for openSUSE:Leap:15.2 
checked in at 2020-06-08 15:11:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/xmltooling (Old)
 and      /work/SRC/openSUSE:Leap:15.2/.xmltooling.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "xmltooling"

Mon Jun  8 15:11:55 2020 rev:33 rq:812552 version:1.6.4

Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/xmltooling/xmltooling.changes  2020-01-15 
16:31:07.324844661 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.xmltooling.new.3606/xmltooling.changes        
2020-06-08 15:11:56.424993533 +0200
@@ -1,0 +2,6 @@
+Fri Jun  5 16:38:00 UTC 2020 - Kristyna Streitova <[email protected]>
+
+- add xmltooling-1.6.4-fix_build_openssl_111.patch to fix build
+  with openSSL 1.1.1 [bsc#1172351]
+
+-------------------------------------------------------------------

New:
----
  xmltooling-1.6.4-fix_build_openssl_111.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xmltooling.spec ++++++
--- /var/tmp/diff_new_pack.wLxdi0/_old  2020-06-08 15:11:57.028995186 +0200
+++ /var/tmp/diff_new_pack.wLxdi0/_new  2020-06-08 15:11:57.032995196 +0200
@@ -61,6 +61,7 @@
 Patch30:        0030-CPPXT-110-OpenSSL-1.1-New-build-mechanisms.patch
 Patch31:        0031-Missed-file-for-OpenSSL1.1-support.patch
 Patch32:        xmltooling-1.6.4-CVE-2019-9628.patch
+Patch33:        xmltooling-1.6.4-fix_build_openssl_111.patch
 BuildRequires:  automake
 BuildRequires:  curl-devel >= 7.10.6
 BuildRequires:  doxygen

++++++ xmltooling-1.6.4-fix_build_openssl_111.patch ++++++
This patch is based on the following upstream commit and adds the
same changes (xmltooling:: namespace) for ExplicitKeyTrustEngine.cpp
as well.

>From 6feb1baf4f80210e9222d817664c9c792d7979fe Mon Sep 17 00:00:00 2001
From: Rod Widdowson <[email protected]>
Date: Sat, 13 Oct 2018 14:21:35 +0100
Subject: [PATCH] CPPXT-137 OpenSSL 1.1.1

https://issues.shibboleth.net/jira/browse/CPPXT-137

OpenSSL 1.1.1 defined functions that we defined for 1.1.0.
Fix the compile by being explicit about the namespace and
add use of the new functions to the support module.
---
 .../security/impl/SecurityHelper.cpp          |  4 ++--
 xmltooling/security/impl/OpenSSLSupport.cpp   | 20 ++++++++++++++-----

Index: xmltooling-1.6.4/xmltooling/security/impl/SecurityHelper.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/SecurityHelper.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/SecurityHelper.cpp
@@ -487,7 +487,7 @@ bool SecurityHelper::matches(const XSECC
             return false;
         const RSA* rsa1 = static_cast<const 
OpenSSLCryptoKeyRSA&>(key1).getOpenSSLRSA();
         const RSA* rsa2 = static_cast<const 
OpenSSLCryptoKeyRSA&>(key2).getOpenSSLRSA();
-        return (rsa1 && rsa2 && BN_cmp(RSA_get0_n(rsa1),RSA_get0_n(rsa2)) == 0 
&& BN_cmp(RSA_get0_e(rsa1),RSA_get0_e(rsa2)) == 0);
+        return (rsa1 && rsa2 && BN_cmp(xmltooling::RSA_get0_n(rsa1), 
xmltooling::RSA_get0_n(rsa2)) == 0 && BN_cmp(xmltooling::RSA_get0_e(rsa1), 
xmltooling::RSA_get0_e(rsa2)) == 0);
     }
 
     // For a private key, compare the private half.
@@ -496,7 +496,7 @@ bool SecurityHelper::matches(const XSECC
             return false;
         const RSA* rsa1 = static_cast<const 
OpenSSLCryptoKeyRSA&>(key1).getOpenSSLRSA();
         const RSA* rsa2 = static_cast<const 
OpenSSLCryptoKeyRSA&>(key2).getOpenSSLRSA();
-        return (rsa1 && rsa2 && BN_cmp(RSA_get0_n(rsa1),RSA_get0_n(rsa2)) == 0 
&& BN_cmp(RSA_get0_d(rsa1),RSA_get0_d(rsa2)) == 0);
+        return (rsa1 && rsa2 && BN_cmp(xmltooling::RSA_get0_n(rsa1), 
xmltooling::RSA_get0_n(rsa2)) == 0 && BN_cmp(xmltooling::RSA_get0_d(rsa1), 
xmltooling::RSA_get0_d(rsa2)) == 0);
     }
 
     // If one key is public or both, just compare the public key half.
Index: xmltooling-1.6.4/xmltooling/security/impl/OpenSSLSupport.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/OpenSSLSupport.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/OpenSSLSupport.cpp
@@ -73,10 +73,12 @@ const BIGNUM *xmltooling::DSA_get0_pubke
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return dsa->pub_key;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     DSA_get0_key(dsa, &result, NULL);
     return result;
+#else
+    return ::DSA_get0_pub_key(dsa);
 #endif
 }
 
@@ -84,10 +86,12 @@ const BIGNUM *xmltooling::DSA_get0_privk
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return dsa->priv_key;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     DSA_get0_key(dsa, NULL, &result);
     return result;
+#else
+    return ::DSA_get0_priv_key(dsa);
 #endif
 }
 
@@ -95,10 +99,12 @@ const BIGNUM *xmltooling::RSA_get0_n(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->n;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, &result, NULL, NULL);
     return result;
+#else
+    return ::RSA_get0_n(rsa);
 #endif
 }
 
@@ -106,10 +112,12 @@ const BIGNUM *xmltooling::RSA_get0_e(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->e;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, NULL, &result, NULL);
     return result;
+#else
+    return ::RSA_get0_e(rsa);
 #endif
 }
 
@@ -117,9 +125,11 @@ const BIGNUM *xmltooling::RSA_get0_d(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->d;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, NULL, NULL, &result);
     return result;
+#else
+    return ::RSA_get0_d(rsa);
 #endif
 }
Index: xmltooling-1.6.4/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
@@ -264,7 +264,7 @@ bool ExplicitKeyTrustEngine::validate(
                     RSA* rsa = 
static_cast<OpenSSLCryptoKeyRSA*>(key)->getOpenSSLRSA();
                     EVP_PKEY* evp = 
X509_PUBKEY_get(X509_get_X509_PUBKEY(certEE));
                     if (rsa && evp && EVP_PKEY_id(evp) == EVP_PKEY_RSA &&
-                            
BN_cmp(RSA_get0_n(rsa),RSA_get0_n(EVP_PKEY_get0_RSA(evp))) == 0 && 
BN_cmp(RSA_get0_e(rsa), RSA_get0_e(EVP_PKEY_get0_RSA(evp))) == 0) {
+                            BN_cmp(xmltooling::RSA_get0_n(rsa), 
xmltooling::RSA_get0_n(EVP_PKEY_get0_RSA(evp))) == 0 && 
BN_cmp(xmltooling::RSA_get0_e(rsa), 
xmltooling::RSA_get0_e(EVP_PKEY_get0_RSA(evp))) == 0) {
                         if (evp)
                             EVP_PKEY_free(evp);
                         log.debug("end-entity certificate matches peer RSA key 
information");

Reply via email to