From e4769f04a99ad8c734b0067ee25f7141e970f850 Mon Sep 17 00:00:00 2001 From: zyppe <210hcl@gmail.com> Date: Thu, 29 Feb 2024 16:03:45 +0800 Subject: [PATCH] Initialize for xmlsec1 --- .gitignore | 1 + .xmlsec1.metadata | 1 + xmlsec1-1.2.37.tar.gz.sig | Bin 0 -> 566 bytes xmlsec1-rpmlintrc | 7 ++ xmlsec1.changes | 147 +++++++++++++++++++++++ xmlsec1.keyring | 28 +++++ xmlsec1.spec | 237 ++++++++++++++++++++++++++++++++++++++ 7 files changed, 421 insertions(+) create mode 100644 .gitignore create mode 100644 .xmlsec1.metadata create mode 100644 xmlsec1-1.2.37.tar.gz.sig create mode 100644 xmlsec1-rpmlintrc create mode 100644 xmlsec1.changes create mode 100644 xmlsec1.keyring create mode 100644 xmlsec1.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2cb57f2 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +xmlsec1-1.2.37.tar.gz diff --git a/.xmlsec1.metadata b/.xmlsec1.metadata new file mode 100644 index 0000000..643e30f --- /dev/null +++ b/.xmlsec1.metadata @@ -0,0 +1 @@ +868003baf6354d93c13f9b251cf2a27aeb7c73ca74684e0f1cb21bb3ea37ca30 xmlsec1-1.2.37.tar.gz diff --git a/xmlsec1-1.2.37.tar.gz.sig b/xmlsec1-1.2.37.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..b8b3033df3a832f466234a2948096f14637380b3 GIT binary patch literal 566 zcmV-60?GY}0y6{v0SW*e79j)x{nn@7xEzS{OPlcKKF#l*9fF<(0%L_MApi;q5avG3 z@17lko^a(4`vhjB!-bIgQJdL2x1r}fgVds1FpA9X#7)dETPQy*KnoLq#N50X0VfUs zixE-b-Vlx$Vos#YV0->A@r4}q9{0hPY^K~AF6&nbf@-HM^D|Q=@FErix0HHHyOWL! zHye3tX%a!`gQ?g@hofEuFJE$q4F6#fnD*Q z4k{>IcrOh&QU@76lyqz|3cWZGc~Q71W~J8hv_y=P``L3X1<7ync6983>nvtFR|=6v z&|GkN|K!;GcN~-5i6YvYsWl9L6X_`~jlI+_<=aWzg+Gb1($^0rdH!?<5Zh_9#rlg) z0^7P&Po?5pUU5&M%m;=SC9C^XBcesGed}Xm1`<~e!Fh?H7DxI0E3Nn=ix*H+>f!pC ztDmgKOcq*Dg!cRnV+p7iD8vzoN1E-bYECb)t{TUjV6}!_o`frm4|ksRgFKBtJLU~j zR+n2(u9w_Ma0eBp*fAR8kf?352uN!;8CkGTsYZn)w%z0xS=BIs{~p)-SC;@zwy>3` zzC8*|oad(%pfP`1+CHttR;)pH%a%XAnyZIvc?d5p_Wt`BiF>vboa|(IH5hJQ-@9dv zJ~&R3BJ2AUb)qbLtvqD?N2roA^bZtXl$oP2Pn|NC1lWY3m)&TsRQDvnyhzq)GL=b1 Eb1`2DUjP6A literal 0 HcmV?d00001 diff --git a/xmlsec1-rpmlintrc b/xmlsec1-rpmlintrc new file mode 100644 index 0000000..6ac6e22 --- /dev/null +++ b/xmlsec1-rpmlintrc @@ -0,0 +1,7 @@ +# This is not devel, those so files are loaded as plugins and there is no +# actual versioning there +addFilter("devel-file-in-non-devel-package") +# Again the packages do not link yet as these are modules they are useless +# without the main library +addFilter("shlib-fixed-dependency") + diff --git a/xmlsec1.changes b/xmlsec1.changes new file mode 100644 index 0000000..7d6caaa --- /dev/null +++ b/xmlsec1.changes @@ -0,0 +1,147 @@ +* Wed Feb 1 2023 dmueller@suse.com +- switch to pkgconfig(zlib) to allow alternative providers as well +* Sat Dec 3 2022 dmueller@suse.com +- update to 1.2.37: + Fixed two regressions from 1.2.36 release +* Fri Nov 4 2022 pmonreal@suse.com +- Update to 1.2.36: + * Retired the XMLSec mailing list "xmlsec@aleksey.com" and the + XMLSec Online Signature Verifier. +- Update to 1.2.35: + * Migration to OpenSSL 3.0 API (based on PR by @snargit). Note + that OpenSSL engines are disabled by default when XMLSec + library is compiled against OpenSSL 3.0. To re-enable OpenSSL + engines, use "--enable-openssl3-engines" configure flag (there + will be a lot of deprecation warnings). + * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now + deprecated and will be removed in the future versions of + XMLSec Library. + * Refactored all the integer casts to ensure cast-safety. Fixed + all warnings and enabled "-Werror" and "-pedantic" flags on + CI builds. + * Added configure flag to use size_t for xmlSecSize (currently + disabled by default for backward compatibility). + * Moved all CI builds to GitHub actions. +* Thu Sep 8 2022 bjorn.lie@gmail.com +- Add export CFLAGS/CXXFLAGS="-Wno-error=deprecated-declarations" + inbefore configure. We pass --enable-werror to configure, and + that leads to warnings about deprecations failing build. As + deprecations is mainly a consern for upstream, stop failing on + those. +* Mon May 23 2022 dmueller@suse.com +- update to 1.2.34: + * Support for OpenSSL compiled with OPENSSL_NO_ERR. + * Full support for LibreSSL 3.5.0 and above + * Several other small fixes +* Sun Nov 28 2021 dmueller@suse.com +- update to 1.2.33: + * Fix decrypting session key for two recipients + * Added --privkey-openssl-engine option to enhance openssl engine support +* Sun May 9 2021 andreas.stieger@gmx.de +- update to 1.2.32: + + Remove MD5 for NSS 3.59 and above + + Fix PKCS12_parse return code handling + + Fix OpenSSL lookup + + xmlSecX509DataGetNodeContent(): don't return 0 for non-empty + elements - fix for LibreOffice +- add upstream signing key and validate source signature +- put license text into all subpackages +- treat all compiler warnings as errors +* Wed Feb 17 2021 pmonreal@suse.com +- Relax the crypto policies for the test-suite. This allows the + tests using certificates with small key lengths to pass. +* Thu Dec 17 2020 dimstar@opensuse.org +- Update to version 1.2.31: + + Unload error strings in OpenSSL shutdown. + + Make userData available when executing preExecCallback + function. + + Add an option to use secure memset. +- Pass --disable-md5 to configure: The cryptographic strength of + the MD5 algorithm is sufficiently doubtful that its use is + discouraged at this time. It is not listed as an algorithm in + [XMLDSIG-CORE1] + https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1 +* Thu Jun 18 2020 tchvatal@suse.com +- Update to 1.2.30: + * Enabled XML_PARSE_HUGE for all xml parsers. + * Various build and tests fixes and improvements. + * Move remaining private header files away from xmlsec/include/ folder. +* Thu Apr 25 2019 tchvatal@suse.com +- Update to 1.2.28: + * Added BoringSSL support (chenbd). + * Added gnutls-3.6.x support (alonbl). + * Added DSA and ECDSA key size getter for MSCNG (vmiklos). + * Added --enable-mans configuration option (alonbl). + * Added coninuous build integration for MacOSX (vmiklos). + * Several other small fixes (more details). +* Fri Dec 7 2018 tchvatal@suse.com +- Make sure to recommend at least one backend when you install + just xmlsec1 +* Wed Oct 31 2018 tchvatal@suse.com +- Drop the gnutls backend as based on the tests it is quite borked: + * We still have nss and openssl backend for people to use +* Wed Oct 31 2018 tchvatal@suse.com +- Version update to 1.2.27: + * Added AES-GCM support for OpenSSL and MSCNG (snargit). + * Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos). + * Added RSA-OAEP support for MSCNG (vmiklos). + * Continuous build integration in Travis and Appveyor. + * Several other small fixes (more details). +* Thu Aug 16 2018 tchvatal@suse.com +- Add rplintrc to avoid bogus errors: + * xmlsec1-rpmlintrc +* Tue Aug 14 2018 kallan@suse.com +- Fixed (bsc#1104876). Added: Requires: %%{libname} = %%{version} to each module + in the spec file. This will ensure that when one of the modules is installed + the corresponding version of libxmlsec1-1 will also be installed/upgraded. +* Tue Jun 5 2018 vmiklos@collabora.co.uk +- Version update to 1.2.26: + * Added xmlsec-mscng module based on Microsoft Cryptography API: Next + Generation + * Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R + 34.10-2001 in xmlsec-mscrypto + * Added LibreSSL 2.7 support + * Upgraded documentation build process to support the latest gtk-doc +* Thu Nov 30 2017 tchvatal@suse.com +- Version update to 1.2.25: + * Various small fixes + * Coverity cleanups + * Removed support for old openssl +* Thu Apr 20 2017 vmiklos@collabora.co.uk +- Version update to 1.2.24: + * Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support + for xmlsec-nss. + * Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS + handling. + * Disabled external entities loading by xmlsec utility app by + default to prevent XXE attacks. + * Improved OpenSSL version and features detection. + * Cleaned up, simplified, and standardized internal error + reporting. + * Fixed a few Coverity-discovered bugs. + * Marked as deprecated all the functions in xmlsec/soap.h file + and a couple other functions no longer required by xmlsec. + These functions will be removed in the future releases. + * Several other small fixes (see commit log for more details). +* Thu Mar 23 2017 pmonrealgonzalez@suse.com +- Fixed dependencies with libraries (bsc#1012246): + * libxmlsec1-openssl.so + * libxmlsec1-gcrypt.so + * libxmlsec1-gnutls.so + * libxmlsec1-nss.so +* Mon Nov 28 2016 tchvatal@suse.com +- Version update to 1.2.23: + * Full support for OpenSSL 1.1.0 + * Several other small fixes +* Wed May 25 2016 tchvatal@suse.com +- Version update to 1.2.22 (fate#320861): + * see the ChangeLog for most detailed output + * openssl 1.1 support + * Few features from libreoffice for integrated + * Run the testsuite +* Thu Sep 3 2015 astieger@suse.com +- update to 1.2.20: + * fix a number of miscellaneous bugs + * update expired or soon-to-be-expired certificates in test suite +* Tue Jan 7 2014 mvyskocil@suse.com +- Initial packaging of xmlsec1 for SUSE diff --git a/xmlsec1.keyring b/xmlsec1.keyring new file mode 100644 index 0000000..8e43fe7 --- /dev/null +++ b/xmlsec1.keyring @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFMEGxgBEACqZVhbddfj2gWIIrsd+NpSy6ptqGkpLYoJcWu1Xgwwg6o2C4mt +17lmxeSjQ7bfkqwhijvyf9Qx6oJw3uU2fol4LgC6JUxL60ne8aJ2tmXa9xg6p5Ea +TzwuSFt83Ylnui6bG7zqUSR/PpN+5s/dV/KufREiWnV1wx08MU5Byw5CxVnUeuRq +59Lvydd5xThKzMskJGyzbd/uGJFYLkaOnuvgvQXoWzkfvwY2jBvax7GZmQKKn1/z +mq6HnHsxIOV55txrYSTnCfYcWEeqA6Wy6D4IdcWaEpdxMdey/ydJ5iDnZvqYKiZt +GZtmdyYoJAOzM/pH5ulwOlHsJfI004aHc2v1yLllmhen5QVNYOgqgTdUHUzdyMc7 +WH8yYhoeDN9ClSOLlYGWzIPS4za00KjrZZAvZvd/TpyHOExQ7gPN7QcFJPPqpluj +7gnIEjAn5ZUyXJWEga5nb+O/erV+JTnEqPVbak1TMxNDSrzMC4kH7gsVrMg+vjYJ +cVc/zV6FO19BCI1JjXc6xsceZNWYU/fYAYYj1EU/Nz5nEuMtfTWdolZDqGfNmNy8 +fXN/8OZmdNkrJjJA4Lhi6QWeWt/U9dB3eBYucC5XXYOCEgeL6xBgJT38N//VNG7W +STaKEsL3bHGeoji3FnTolecVsIF/pk0qMsZi+Tzmz5qi35kJCUz3MvyCGQARAQAB +tCNBbGVrc2V5IFNhbmluIDxhbGVrc2V5QGFsZWtzZXkuY29tPokCPQQTAQoAJwUC +UwQbGAIbAwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDmPs3vnh2C +ngPKEACjYw/H5sWhO+MsCQ2Rl/hbtTk6Jn8sshhR9HIyD+gjvuWAKu5QVezlSpp5 +jY9qtMD161XjOAYRMJtxb3jbbDk6gfTPWO85S0jlBE6AdQR9DiPQQH0xlcAvveMD +FxuCj2Br081ZRVCdQQQhMxMmiRJMAUivsNgI1vXPnKOozePUN6THeAJ+ht1WBe72 +7Z9W7AlH+Q4nZ7dz36tU6nWr6qgEsLD+B++ZbqCYj5Ctq/z1+Kaacsco/alqsa2o +e74ntEc3+hNFtpoUbAcPQrPU9uRDxyd2D2VASB3YzmWPlZjCKutZtiNmWGH/bwDz +3CTNrWXNO4joqL9gr/B6zyzNtTZExRw38Ayn5Jv8urTZv9raxZvU1ZJjZ3uKJzLb +sHeRctG4AWGzMGayac3LgAvH/wUzD7Q5p+Rwc/9o/Qg6gklHUr6XPBQmtbK980DI ++si0fuh2RfBIQ1NmYl1AanmVgBZgNqyrsU4Xz5oZTS4YNJUsAN7YHC36utAsDq8q +2xFkgQSf21aUhop/eLWW+c3w0LOSdwKPxeakwB5dOOjYoDVzbKV8pDulq6iKljir +K9y87QxcvBtc+jt0Qgl3P0wcQ5cf+gQvMAFLX5/df4+JPjQmzIDh8Ky2IKl3dbCe +lxFtaIKnN7bn0qxZ8KAQ9vLNyuwV6PLVKgL+RFqjPlwFtkBKqQ== +=CTc5 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/xmlsec1.spec b/xmlsec1.spec new file mode 100644 index 0000000..f7758af --- /dev/null +++ b/xmlsec1.spec @@ -0,0 +1,237 @@ +# +# spec file for package xmlsec1 +# +# Copyright (c) 2022-2023 ZhuningOS +# + + +%{!?make_build:%global make_build make %{?_smp_mflags}} +%global libname libxmlsec1-1 +%global libopenssl libxmlsec1-openssl1 +%global libgcrypt libxmlsec1-gcrypt1 +%global libgnutls libxmlsec1-gnutls1 +%global libnss libxmlsec1-nss1 +Name: xmlsec1 +Version: 1.2.37 +Release: 150400.14.3.4 +Summary: Library providing support for "XML Signature" and "XML Encryption" standards +License: MIT +URL: https://www.aleksey.com/xmlsec/ +Source0: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz +Source1: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.sig#/xmlsec1-%{version}.tar.gz.sig +Source2: %{name}.keyring +Source99: xmlsec1-rpmlintrc +BuildRequires: gcc7 +BuildRequires: libgcrypt-devel +BuildRequires: libtool +# Needed certutil for tests +BuildRequires: mozilla-nss-tools +BuildRequires: pkgconfig +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(libxslt) +BuildRequires: pkgconfig(nspr) +BuildRequires: pkgconfig(nss) +BuildRequires: pkgconfig(openssl) >= 1.1 +Recommends: %{libopenssl} + +%description +XML Security Library is a C library based on LibXML2 and OpenSSL. +The library was created with a goal to support major XML security +standards "XML Digital Signature" and "XML Encryption". + +%package -n %{libname} +Summary: Library providing support for "XML Signature" and "XML Encryption" standards + +%description -n %{libname} +XML Security Library is a C library based on LibXML2 and OpenSSL. +The library was created with a goal to support major XML security +standards "XML Digital Signature" and "XML Encryption". + +%package -n %{libgcrypt} +Summary: GCrypt crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libgcrypt} +GCrypt plugin for XML Security Library provides GCrypt based crypto services +for the xmlsec library. + +%package -n %{libgnutls} +Summary: GNUTls crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libgnutls} +GNUTls plugin for XML Security Library provides GNUTls based crypto services +for the xmlsec library. + +%package -n %{libnss} +Summary: NSS crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libnss} +NSS plugin for XML Security Library provides NSS based crypto services +for the xmlsec library. + +%package -n %{libopenssl} +Summary: OpenSSL crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libopenssl} +OpenSSL plugin for XML Security Library provides OpenSSL based crypto services +for the xmlsec library. + +%package devel +Summary: Libraries, includes for XML Signatures/Encryption +Requires: %{libname} = %{version} +Requires: libxml2-devel >= 2.6.0 +Requires: libxslt-devel >= 1.1.0 +Requires: openssl-devel >= 0.9.6 +Requires: pkgconfig(zlib) + +%description devel +Libraries, includes, etc. you can use to develop applications with XML Digital +Signatures and XML Encryption support. + +%package openssl-devel +Summary: OpenSSL crypto plugin for XML Security Library +Requires: %{libopenssl} = %{version} +Requires: %{name}-devel = %{version} + +%description openssl-devel +Libraries, includes, etc. for developing XML Security applications with OpenSSL + +%package gcrypt-devel +Summary: GCrypt crypto plugin for XML Security Library +Requires: %{libgcrypt} = %{version} +Requires: %{name}-devel = %{version} + +%description gcrypt-devel +Libraries, includes, etc. for developing XML Security applications with GCrypt. + +%package gnutls-devel +Summary: GNUTls crypto plugin for XML Security Library +Requires: %{libgnutls} = %{version} +Requires: %{name}-devel = %{version} +Requires: %{name}-openssl-devel = %{version} +Requires: gnutls-devel >= 1.0.20 +Requires: libgcrypt-devel >= 1.2.0 + +%description gnutls-devel +Libraries, includes, etc. for developing XML Security applications with GNUTls. + +%package nss-devel +Summary: NSS crypto plugin for XML Security Library +Requires: %{libnss} = %{version} +Requires: %{name}-devel = %{version} +Requires: mozilla-nspr-devel +Requires: mozilla-nss-devel >= 3.2 + +%description nss-devel +Libraries, includes, etc. for developing XML Security applications with NSS. + +%prep +%autosetup -p1 + +%build +# Allow for deprecations +export CC="gcc-7" +export CXX="g++-7" +export CFLAGS="-Wno-error=deprecated-declarations" +export CXXFLAGS="-Wno-error=deprecated-declarations" +%configure \ + --disable-static \ + --disable-silent-rules \ + --enable-werror \ + --disable-md5 +%make_build + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print + +# move installed docs to include them in -devel package via %%doc magic +rm -rf __tmp_doc ; mkdir __tmp_doc +mv %{buildroot}%{_datadir}/doc/xmlsec1/* __tmp_doc +rmdir %{buildroot}%{_datadir}/doc/xmlsec1 + +%check +# Relax the crypto policies for the test-suite +export GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null +%make_build -j1 check check-keys check-dsig check-enc + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig +%post -n %{libgcrypt} -p /sbin/ldconfig +%postun -n %{libgcrypt} -p /sbin/ldconfig +%post -n %{libgnutls} -p /sbin/ldconfig +%postun -n %{libgnutls} -p /sbin/ldconfig +%post -n %{libnss} -p /sbin/ldconfig +%postun -n %{libnss} -p /sbin/ldconfig +%post -n %{libopenssl} -p /sbin/ldconfig +%postun -n %{libopenssl} -p /sbin/ldconfig + +%files +%license COPYING +%doc README.md ChangeLog +%{_mandir}/man1/xmlsec1.1%{?ext_man} +%{_bindir}/xmlsec1 + +%files -n %{libname} +%license COPYING +%{_libdir}/libxmlsec1.so.* + +%files -n %{libgcrypt} +%license COPYING +%{_libdir}/libxmlsec1-gcrypt.so.* +%{_libdir}/libxmlsec1-gcrypt.so + +%files -n %{libgnutls} +%license COPYING +%{_libdir}/libxmlsec1-gnutls.so.* +%{_libdir}/libxmlsec1-gnutls.so + +%files -n %{libnss} +%license COPYING +%{_libdir}/libxmlsec1-nss.so.* +%{_libdir}/libxmlsec1-nss.so + +%files -n %{libopenssl} +%license COPYING +%{_libdir}/libxmlsec1-openssl.so.* +%{_libdir}/libxmlsec1-openssl.so + +%files devel +%license COPYING +%doc AUTHORS ChangeLog NEWS +%doc HACKING __tmp_doc/* +%{_bindir}/xmlsec1-config +%dir %{_includedir}/xmlsec1 +%dir %{_includedir}/xmlsec1/xmlsec +%{_includedir}/xmlsec1/xmlsec/*.h +%{_libdir}/libxmlsec1.so +%{_libdir}/pkgconfig/xmlsec1.pc +%{_libdir}/xmlsec1Conf.sh +%{_datadir}/aclocal/xmlsec1.m4 +%{_mandir}/man1/xmlsec1-config.1%{?ext_man} + +%files openssl-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/openssl/ +%{_libdir}/pkgconfig/xmlsec1-openssl.pc + +%files gcrypt-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/gcrypt/ +%{_libdir}/pkgconfig/xmlsec1-gcrypt.pc + +%files gnutls-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/gnutls/ +%{_libdir}/pkgconfig/xmlsec1-gnutls.pc + +%files nss-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/nss/ +%{_libdir}/pkgconfig/xmlsec1-nss.pc + +%changelog