[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Alon Bar-Lev]

commit:     4ee1e630aca57b00bfaaa1e1b1c8921c4a6e25b5
Author:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Mon Apr  1 04:09:15 2019 +0000
Commit:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Mon Apr  1 04:11:49 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ee1e630

dev-libs/xmlsec: support SHA-1 signed certificates with gnutls-3.6

Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
RepoMan-Options: --force

 dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch   | 47 ++++++++++++++++++++++
 ...mlsec-1.2.27.ebuild => xmlsec-1.2.27-r1.ebuild} |  4 ++
 2 files changed, 51 insertions(+)

diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch b/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch
new file mode 100644
index 00000000000..2837420e0dc
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch
@@ -0,0 +1,47 @@
+From 321e62add243cf8f024d6278da4c5ff030bae3b9 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Mon, 1 Apr 2019 01:28:18 +0300
+Subject: [PATCH] gnutls: allow SHA-1 signed certificate when not in strict
+ checks (#250) (#251)
+
+This is required for gnutls-3.6.x.
+
+Allow tests to use no strict checks until all certificates will be converted
+to stronger signature than SHA-1.
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ src/gnutls/x509vfy.c | 3 +++
+ tests/testrun.sh     | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/gnutls/x509vfy.c b/src/gnutls/x509vfy.c
+index a9c956a3..4c753344 100644
+--- a/src/gnutls/x509vfy.c
++++ b/src/gnutls/x509vfy.c
+@@ -295,6 +295,9 @@ xmlSecGnuTLSX509StoreVerify(xmlSecKeyDataStorePtr store,
+     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0) {
+         flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2;
+         flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
++#if GNUTLS_VERSION_NUMBER >= 0x030600
++        flags |= GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1;
++#endif
+     }
+ 
+     /* We are going to build all possible cert chains and try to verify them */
+diff --git a/tests/testrun.sh b/tests/testrun.sh
+index 02484d09..ea65802b 100755
+--- a/tests/testrun.sh
++++ b/tests/testrun.sh
+@@ -59,7 +59,7 @@ if [ "z$XMLSEC_DEFAULT_CRYPTO" != "z" ] ; then
+ elif [ "z$crypto" != "z" ] ; then
+     xmlsec_params="$xmlsec_params --crypto $crypto"
+ fi
+-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
++xmlsec_params="$xmlsec_params --X509-skip-strict-checks --crypto-config $crypto_config"
+ 
+ #
+ # Setup keys config
+-- 
+2.21.0
+

diff --git a/dev-libs/xmlsec/xmlsec-1.2.27.ebuild b/dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild
similarity index 97%
rename from dev-libs/xmlsec/xmlsec-1.2.27.ebuild
rename to dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild
index 80b76456dd6..e56570b8002 100644
--- a/dev-libs/xmlsec/xmlsec-1.2.27.ebuild
+++ b/dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild
@@ -38,6 +38,10 @@ BDEPEND="virtual/pkgconfig
 
 S="${WORKDIR}/${PN}1-${PV}"
 
+PATCHES=(
+	"${FILESDIR}/${P}-gnutls.patch"
+)
+
 src_prepare() {
 	default
 	# conditionally install extra documentation

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Alon Bar-Lev]

commit:     82c2c9b4e9de553e3eaefeb1e2a378aec55af893
Author:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 16 20:23:29 2019 +0000
Commit:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Tue Apr 16 20:24:59 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82c2c9b4

dev-libs/xmlsec: version bump

Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11

 dev-libs/xmlsec/Manifest                           |   1 +
 dev-libs/xmlsec/files/xmlsec-1.2.28-test.patch     | 121 +++++++++++++++++++++
 dev-libs/xmlsec/xmlsec-1.2.26.ebuild               |   2 +-
 .../{xmlsec-1.2.26.ebuild => xmlsec-1.2.28.ebuild} |  30 ++---
 4 files changed, 140 insertions(+), 14 deletions(-)

diff --git a/dev-libs/xmlsec/Manifest b/dev-libs/xmlsec/Manifest
index 7b78da91ee1..e8c42b63e1d 100644
--- a/dev-libs/xmlsec/Manifest
+++ b/dev-libs/xmlsec/Manifest
@@ -1,2 +1,3 @@
 DIST xmlsec1-1.2.26.tar.gz 1922183 BLAKE2B 8cb8557a7d24df756655a7dfa45091445adc89cb67169a7620d9d1116f3fb3d982ea45199a53475e29300478c07e8e1168cec79cf9c3b5ff1dd6c840123b982b SHA512 1e3dc3c8c192eefee7b055787bef52ce3bcfafa786224f68af065aa45f4d7da93232da973359b3135615c5981ad4df7c124047d3934e552ab78439472685a7a4
 DIST xmlsec1-1.2.27.tar.gz 2013651 BLAKE2B fa46a25e3aaef432134d1c98a0e7bf0aba83f2ef6d1aff3774d6d37c5f6f392d1c2c11a0fe433ee910c39b56400c96b74ab061577948622b14a1116fa1ec2947 SHA512 01f7231d7d7ac8037aecc1f922acc572cbfe0903abf5bd5879d836438c36684e23402b803d20806fff6b1cdc5ad9af114d1341b10b336f71c0bce28b4716f920
+DIST xmlsec1-1.2.28.tar.gz 1995599 BLAKE2B 5d90646d9a72024856da2638adb6d0d00d5142f8d3eaa5b12a993e2e6ae78ad49aab69822ebe331191bf1fc5b98431b85e113545aec84e2bb7d5c5add9028df0 SHA512 17fa59e4ffee5e024caa4895e8ed21d1435f14e3a37d0ed781b1dd216333ae3b6099c460efd45d4a8097d0202522150b7b0ad543b47c1596d8473b6922270480

diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.28-test.patch b/dev-libs/xmlsec/files/xmlsec-1.2.28-test.patch
new file mode 100644
index 00000000000..fa1fa60a6df
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.28-test.patch
@@ -0,0 +1,121 @@
+From 9d5f2d172ab91fd9fb2c2eddaee86ba62eab2d67 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Tue, 16 Apr 2019 23:07:08 +0300
+Subject: [PATCH] tests: workout test --X509-skip-strict-checks
+
+The --X509-skip-strict-checks parameter is not accepted by all commands,
+result of skipping many tests.
+
+Reduce impact of the --X509-skip-strict-checks to a workaround to gnutls only.
+
+Filter double --X509-skip-strict-checks commands as cli does not accept
+multiple instances.
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ tests/testrun.sh | 37 ++++++++++++++++++++++---------------
+ 1 file changed, 22 insertions(+), 15 deletions(-)
+
+diff --git a/tests/testrun.sh b/tests/testrun.sh
+index ea65802b..35f4a780 100755
+--- a/tests/testrun.sh
++++ b/tests/testrun.sh
+@@ -59,7 +59,11 @@ if [ "z$XMLSEC_DEFAULT_CRYPTO" != "z" ] ; then
+ elif [ "z$crypto" != "z" ] ; then
+     xmlsec_params="$xmlsec_params --crypto $crypto"
+ fi
+-xmlsec_params="$xmlsec_params --X509-skip-strict-checks --crypto-config $crypto_config"
++xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
++xmlsec_x509_params=
++if [ "z${crypto}" = zgnutls ]; then
++    xmlsec_x509_params="--X509-skip-strict-checks"
++fi
+ 
+ #
+ # Setup keys config
+@@ -218,8 +222,8 @@ execKeysTest() {
+     if [ -f $keysfile ] ; then
+         params="$params --keys-file $keysfile"
+     fi
+-    echo "$VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile" >>  $curlogfile 
+-    $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $curlogfile 2>> $curlogfile
++    echo "$VALGRIND $xmlsec_app keys $params $xmlsec_x509_params $xmlsec_params $keysfile" >>  $curlogfile
++    $VALGRIND $xmlsec_app keys $params $xmlsec_x509_params $xmlsec_params $keysfile >> $curlogfile 2>> $curlogfile
+     printRes $expected_res $?
+     if [ $? != 0 ]; then
+         failures=`expr $failures + 1`
+@@ -307,9 +311,10 @@ execDSigTest() {
+ 
+     # run tests
+     if [ -n "$params1" ] ; then
++        echo "$params1" | grep -q -- "$xmlsec_x509_params" && _xmlsec_x509_params= || _xmlsec_x509_params="$xmlsec_x509_params"
+         printf "    Verify existing signature                            "
+-        echo "$VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $curlogfile
+-        $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $curlogfile 2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app verify $_xmlsec_x509_params $xmlsec_params $params1 $full_file.xml" >> $curlogfile
++        $VALGRIND $xmlsec_app verify $_xmlsec_x509_params $xmlsec_params $params1 $full_file.xml >> $curlogfile 2>> $curlogfile
+         printRes $expected_res $?
+         if [ $? != 0 ]; then
+             failures=`expr $failures + 1`
+@@ -317,9 +322,10 @@ execDSigTest() {
+     fi
+ 
+     if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
++        echo "$params2" | grep -q -- "$xmlsec_x509_params" && _xmlsec_x509_params= || _xmlsec_x509_params="$xmlsec_x509_params"
+         printf "    Create new signature                                 "
+-        echo "$VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
+-        $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app sign $_xmlsec_x509_params $_xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $curlogfile
++        $VALGRIND $xmlsec_app sign $_xmlsec_x509_params $_xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
+         printRes $res_success $?
+         if [ $? != 0 ]; then
+             failures=`expr $failures + 1`
+@@ -327,9 +333,10 @@ execDSigTest() {
+     fi
+ 
+     if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
++        echo "$params3" | grep -q -- "$xmlsec_x509_params" && _xmlsec_x509_params= || _xmlsec_x509_params="$xmlsec_x509_params"
+         printf "    Verify new signature                                 "
+-        echo "$VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $curlogfile
+-        $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $curlogfile 2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app verify $_xmlsec_x509_params $xmlsec_params $params3 $tmpfile" >> $curlogfile
++        $VALGRIND $xmlsec_app verify $_xmlsec_x509_params $xmlsec_params $params3 $tmpfile >> $curlogfile 2>> $curlogfile
+         printRes $res_success $?
+         if [ $? != 0 ]; then
+             failures=`expr $failures + 1`
+@@ -406,8 +413,8 @@ execEncTest() {
+     if [ -n "$params1" ] ; then
+         rm -f $tmpfile
+         printf "    Decrypt existing document                            "
+-        echo "$VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml" >>  $curlogfile 
+-        $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 --output $tmpfile $full_file.xml >> $curlogfile  2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app decrypt $xmlsec_x509_params $xmlsec_params $params1 $full_file.xml" >>  $curlogfile
++        $VALGRIND $xmlsec_app decrypt $xmlsec_x509_params $xmlsec_params $params1 --output $tmpfile $full_file.xml >> $curlogfile  2>> $curlogfile
+         res=$?
+         echo "=== TEST RESULT: $res; expected: $expected_res" >> $curlogfile
+         if [ $res = 0 -a "$expected_res" = "$res_success" ]; then
+@@ -428,8 +435,8 @@ execEncTest() {
+     if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+         rm -f $tmpfile
+         printf "    Encrypt document                                     "
+-        echo "$VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >>  $curlogfile 
+-        $VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app encrypt $xmlsec_x509_params $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >>  $curlogfile
++        $VALGRIND $xmlsec_app encrypt $xmlsec_x509_params $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $curlogfile 2>> $curlogfile
+         printRes $res_success $?
+         if [ $? != 0 ]; then
+             failures=`expr $failures + 1`
+@@ -439,8 +446,8 @@ execEncTest() {
+     if [ -n "$params3" -a -z "$PERF_TEST" ] ; then 
+         rm -f $tmpfile.2
+         printf "    Decrypt new document                                 "
+-        echo "$VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >>  $curlogfile
+-        $VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile >> $curlogfile 2>> $curlogfile
++        echo "$VALGRIND $xmlsec_app decrypt $xmlsec_x509_params $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >>  $curlogfile
++        $VALGRIND $xmlsec_app decrypt $xmlsec_x509_params $xmlsec_params $params3 --output $tmpfile.2 $tmpfile >> $curlogfile 2>> $curlogfile
+         res=$?
+         if [ $res = 0 ]; then
+             if [ "z$outputTransform" != "z" ] ; then
+-- 
+2.21.0
+

diff --git a/dev-libs/xmlsec/xmlsec-1.2.26.ebuild b/dev-libs/xmlsec/xmlsec-1.2.26.ebuild
index f8f0ce257d5..16f8db947c1 100644
--- a/dev-libs/xmlsec/xmlsec-1.2.26.ebuild
+++ b/dev-libs/xmlsec/xmlsec-1.2.26.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Authors
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7

diff --git a/dev-libs/xmlsec/xmlsec-1.2.26.ebuild b/dev-libs/xmlsec/xmlsec-1.2.28.ebuild
similarity index 71%
copy from dev-libs/xmlsec/xmlsec-1.2.26.ebuild
copy to dev-libs/xmlsec/xmlsec-1.2.28.ebuild
index f8f0ce257d5..1e5834c6fbb 100644
--- a/dev-libs/xmlsec/xmlsec-1.2.26.ebuild
+++ b/dev-libs/xmlsec/xmlsec-1.2.28.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Authors
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -11,18 +11,18 @@ SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
 
 LICENSE="MIT"
 SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ppc ~ppc64 ~sparc x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
 IUSE="doc gcrypt gnutls libressl nss +openssl static-libs test"
 REQUIRED_USE="|| ( gcrypt gnutls nss openssl )
 	gnutls? ( gcrypt )"
 
-RDEPEND=">=dev-libs/libxml2-2.7.4
-	>=dev-libs/libxslt-1.0.20
-	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:0 )
-	gnutls? ( >=net-libs/gnutls-2.8.0 )
+RDEPEND=">=dev-libs/libxml2-2.7.4:=
+	>=dev-libs/libxslt-1.0.20:=
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:0= )
+	gnutls? ( >=net-libs/gnutls-2.8.0:= )
 	nss? (
-		>=dev-libs/nspr-4.4.1
-		>=dev-libs/nss-3.9
+		>=dev-libs/nspr-4.4.1:=
+		>=dev-libs/nss-3.9:=
 	)
 	openssl? (
 		!libressl? ( dev-libs/openssl:0= )
@@ -38,6 +38,10 @@ BDEPEND="virtual/pkgconfig
 
 S="${WORKDIR}/${PN}1-${PV}"
 
+PATCHES=(
+	"${FILESDIR}/${P}-test.patch"
+)
+
 src_prepare() {
 	default
 	# conditionally install extra documentation
@@ -52,11 +56,11 @@ src_configure() {
 		--enable-pkgconfig \
 		--with-html-dir=/usr/share/doc/${PF}/html \
 		$(use_enable static-libs static) \
-		$(use_with gcrypt gcrypt "") \
-		$(use_with gnutls gnutls "") \
-		$(use_with nss nspr "") \
-		$(use_with nss nss "") \
-		$(use_with openssl openssl "") \
+		$(use_with gcrypt) \
+		$(use_with gnutls) \
+		$(use_with nss) \
+		$(use_with nss nspr) \
+		$(use_with openssl) \
 		$(use_enable openssl aes)
 }
 

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Alon Bar-Lev]

commit:     ec3f8d5dc3cf3748f0f93196088cdd12ae7e1b40
Author:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Tue Jun  4 15:28:10 2019 +0000
Commit:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Tue Jun  4 15:28:24 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ec3f8d5d

dev-libs/xmlsec: cleanup old

Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11

 dev-libs/xmlsec/Manifest                         |  1 -
 dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch | 47 ---------------
 dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild          | 74 ------------------------
 3 files changed, 122 deletions(-)

diff --git a/dev-libs/xmlsec/Manifest b/dev-libs/xmlsec/Manifest
index 8a0d3bf81fb..80e759b5df2 100644
--- a/dev-libs/xmlsec/Manifest
+++ b/dev-libs/xmlsec/Manifest
@@ -1,2 +1 @@
-DIST xmlsec1-1.2.27.tar.gz 2013651 BLAKE2B fa46a25e3aaef432134d1c98a0e7bf0aba83f2ef6d1aff3774d6d37c5f6f392d1c2c11a0fe433ee910c39b56400c96b74ab061577948622b14a1116fa1ec2947 SHA512 01f7231d7d7ac8037aecc1f922acc572cbfe0903abf5bd5879d836438c36684e23402b803d20806fff6b1cdc5ad9af114d1341b10b336f71c0bce28b4716f920
 DIST xmlsec1-1.2.28.tar.gz 1995599 BLAKE2B 5d90646d9a72024856da2638adb6d0d00d5142f8d3eaa5b12a993e2e6ae78ad49aab69822ebe331191bf1fc5b98431b85e113545aec84e2bb7d5c5add9028df0 SHA512 17fa59e4ffee5e024caa4895e8ed21d1435f14e3a37d0ed781b1dd216333ae3b6099c460efd45d4a8097d0202522150b7b0ad543b47c1596d8473b6922270480

diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch b/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch
deleted file mode 100644
index 2837420e0dc..00000000000
--- a/dev-libs/xmlsec/files/xmlsec-1.2.27-gnutls.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 321e62add243cf8f024d6278da4c5ff030bae3b9 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Mon, 1 Apr 2019 01:28:18 +0300
-Subject: [PATCH] gnutls: allow SHA-1 signed certificate when not in strict
- checks (#250) (#251)
-
-This is required for gnutls-3.6.x.
-
-Allow tests to use no strict checks until all certificates will be converted
-to stronger signature than SHA-1.
-
-Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
----
- src/gnutls/x509vfy.c | 3 +++
- tests/testrun.sh     | 2 +-
- 2 files changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/gnutls/x509vfy.c b/src/gnutls/x509vfy.c
-index a9c956a3..4c753344 100644
---- a/src/gnutls/x509vfy.c
-+++ b/src/gnutls/x509vfy.c
-@@ -295,6 +295,9 @@ xmlSecGnuTLSX509StoreVerify(xmlSecKeyDataStorePtr store,
-     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0) {
-         flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2;
-         flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
-+#if GNUTLS_VERSION_NUMBER >= 0x030600
-+        flags |= GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1;
-+#endif
-     }
- 
-     /* We are going to build all possible cert chains and try to verify them */
-diff --git a/tests/testrun.sh b/tests/testrun.sh
-index 02484d09..ea65802b 100755
---- a/tests/testrun.sh
-+++ b/tests/testrun.sh
-@@ -59,7 +59,7 @@ if [ "z$XMLSEC_DEFAULT_CRYPTO" != "z" ] ; then
- elif [ "z$crypto" != "z" ] ; then
-     xmlsec_params="$xmlsec_params --crypto $crypto"
- fi
--xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-+xmlsec_params="$xmlsec_params --X509-skip-strict-checks --crypto-config $crypto_config"
- 
- #
- # Setup keys config
--- 
-2.21.0
-

diff --git a/dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild b/dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild
deleted file mode 100644
index 56460816acf..00000000000
--- a/dev-libs/xmlsec/xmlsec-1.2.27-r1.ebuild
+++ /dev/null
@@ -1,74 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools
-
-DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
-HOMEPAGE="https://www.aleksey.com/xmlsec"
-SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ppc ppc64 ~sparc x86"
-IUSE="doc gcrypt gnutls libressl nss +openssl static-libs test"
-REQUIRED_USE="|| ( gcrypt gnutls nss openssl )
-	gnutls? ( gcrypt )"
-
-RDEPEND=">=dev-libs/libxml2-2.7.4:=
-	>=dev-libs/libxslt-1.0.20:=
-	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:0= )
-	gnutls? ( >=net-libs/gnutls-2.8.0:= )
-	nss? (
-		>=dev-libs/nspr-4.4.1:=
-		>=dev-libs/nss-3.9:=
-	)
-	openssl? (
-		!libressl? ( dev-libs/openssl:0= )
-		libressl? ( dev-libs/libressl:0= )
-	)"
-DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig
-	test? (
-		nss? (
-			>=dev-libs/nss-3.9[utils]
-		)
-	)"
-
-S="${WORKDIR}/${PN}1-${PV}"
-
-PATCHES=(
-	"${FILESDIR}/${P}-gnutls.patch"
-)
-
-src_prepare() {
-	default
-	# conditionally install extra documentation
-	if ! use doc ; then
-		sed -i '/^SUBDIRS/s/docs//' Makefile.am || die
-		eautoreconf
-	fi
-}
-
-src_configure() {
-	econf \
-		--enable-pkgconfig \
-		--with-html-dir=/usr/share/doc/${PF}/html \
-		$(use_enable static-libs static) \
-		$(use_with gcrypt) \
-		$(use_with gnutls) \
-		$(use_with nss) \
-		$(use_with nss nspr) \
-		$(use_with openssl) \
-		$(use_enable openssl aes)
-}
-
-src_test() {
-	emake TMPFOLDER="${T}" check
-}
-
-src_install() {
-	default
-	find "${D}" -name '*.la' -delete || die
-}

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Sam James]

commit:     03615d27a5ab502bbb7a011f546b1b2a9da376a2
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Feb  2 15:24:06 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Feb  2 15:24:24 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=03615d27

dev-libs/xmlsec: fix tests with >=dev-libs/nss-5.59

MD5 was removed upstream.

Closes: https://bugs.gentoo.org/764437
Package-Manager: Portage-3.0.14, Repoman-3.0.2
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../xmlsec/files/xmlsec-1.2.31-fix-nss-3.59.patch  | 29 ++++++++++++++++++++++
 dev-libs/xmlsec/xmlsec-1.2.31.ebuild               |  6 ++++-
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.31-fix-nss-3.59.patch b/dev-libs/xmlsec/files/xmlsec-1.2.31-fix-nss-3.59.patch
new file mode 100644
index 00000000000..b70b8cf2d61
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.31-fix-nss-3.59.patch
@@ -0,0 +1,29 @@
+https://bugs.gentoo.org/764437
+https://github.com/lsh123/xmlsec/commit/f3a59c721e38a663405093e2bbb30e2bf45853a2.patch
+From f3a59c721e38a663405093e2bbb30e2bf45853a2 Mon Sep 17 00:00:00 2001
+From: lsh123 <aleksey@aleksey.com>
+Date: Fri, 18 Dec 2020 16:22:40 -0800
+Subject: [PATCH] Remove MD5 for NSS 3.59 and above; enable nss test on osx and
+ mingw (issue #305) (#306)
+
+---
+ include/xmlsec/nss/crypto.h      | 6 ++++++
+ 2 files changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
+index 223c1d85..614ac931 100644
+--- a/include/xmlsec/nss/crypto.h
++++ b/include/xmlsec/nss/crypto.h
+@@ -19,6 +19,12 @@
+ #include <xmlsec/transforms.h>
+ #include <xmlsec/dl.h>
+ 
++
++/* MD5 was removed from NSS */
++#if (NSS_VMAJOR > 3) || ((NSS_VMAJOR == 3) && (NSS_VMINOR > 58))
++#define XMLSEC_NO_MD5 1
++#endif /* (NSS_VMAJOR > 3) || ((NSS_VMAJOR == 3) && (NSS_VMINOR > 58)) */
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif /* __cplusplus */

diff --git a/dev-libs/xmlsec/xmlsec-1.2.31.ebuild b/dev-libs/xmlsec/xmlsec-1.2.31.ebuild
index 2da2a8e15d6..671ed055d22 100644
--- a/dev-libs/xmlsec/xmlsec-1.2.31.ebuild
+++ b/dev-libs/xmlsec/xmlsec-1.2.31.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -36,6 +36,10 @@ BDEPEND="virtual/pkgconfig
 		)
 	)"
 
+PATCHES=(
+	"${FILESDIR}/${P}-fix-nss-3.59.patch"
+)
+
 src_configure() {
 	# Bash because of bug #721128
 	CONFIG_SHELL=${BASH} econf \

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Sam James]

commit:     99b4921ca3674983fb5471f83b14f6658254051a
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Apr 15 05:32:05 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Apr 15 05:40:16 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99b4921c

dev-libs/xmlsec: add 1.3.0

Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/xmlsec/Manifest                           |  1 +
 .../files/xmlsec-1.3.0-strict-prototypes.patch     | 21 ++++++
 dev-libs/xmlsec/metadata.xml                       |  1 +
 dev-libs/xmlsec/xmlsec-1.3.0.ebuild                | 85 ++++++++++++++++++++++
 4 files changed, 108 insertions(+)

diff --git a/dev-libs/xmlsec/Manifest b/dev-libs/xmlsec/Manifest
index 63c3df8407c1..d0d51ac9b01d 100644
--- a/dev-libs/xmlsec/Manifest
+++ b/dev-libs/xmlsec/Manifest
@@ -1,2 +1,3 @@
 DIST xmlsec1-1.2.36.tar.gz 2005656 BLAKE2B 617f7532f3e0401357261d1294f7f497e81f79538b223616433b007a5d3132e9e4ec7a40f36e909759f996754b95c060386ec9740165fb1b045809142e9fae35 SHA512 7545935d33236bc8ec79b9173c8c0967df5c96bb9e2d5c8edacfb5ffb366ff8d087eada0cebb1de81a477f93d40544bf0a12abcdbc60874ecaecb9c8dd33dfe3
 DIST xmlsec1-1.2.37.tar.gz 2009175 BLAKE2B 19f43ba6bf6eb49428b9c5563baecbab21476f326cceee13785ae16769afa258f100732831c0f3f7d160543bd075cdcfdc5cbf11b7406637ee6c2f0e27c07f30 SHA512 99220cb28a346ffac0023f9f177d6a7be3ddcea04bea434b7dc926c1f0aaa5564d75f74f92896ac100179c04d77e001f688ddf46fed4e0a0b4f20b7b87c24900
+DIST xmlsec1-1.3.0.tar.gz 2425729 BLAKE2B a83d0117aaf1824a8a8f597f73ab1b76bcd1a9f0bb5d160df6c775f70cd2485f8e09c250f4ddbb4d42ba35549f9617d06f5470a91306757b4d5d54fdc0684f3c SHA512 ac1b1b88336959f54ef7fcfd6b9ff0feb2ba00a966a8e5b4efb97e802a1f9bb7adf5f4524c7f169344a1b7258377b5a7e879a0ab5ce25cfae3b05eac9b54729d

diff --git a/dev-libs/xmlsec/files/xmlsec-1.3.0-strict-prototypes.patch b/dev-libs/xmlsec/files/xmlsec-1.3.0-strict-prototypes.patch
new file mode 100644
index 000000000000..be8377efbfa4
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.3.0-strict-prototypes.patch
@@ -0,0 +1,21 @@
+https://github.com/lsh123/xmlsec/issues/627
+https://github.com/lsh123/xmlsec/commit/a2c8cad6215d89ce4454adcde5e84ffb12901a7a
+
+From a2c8cad6215d89ce4454adcde5e84ffb12901a7a Mon Sep 17 00:00:00 2001
+From: lsh123 <aleksey@aleksey.com>
+Date: Thu, 13 Apr 2023 10:30:13 -0400
+Subject: [PATCH] Fix prototype (#629)
+
+Issue #627
+--- a/src/nss/crypto.c
++++ b/src/nss/crypto.c
+@@ -412,7 +412,7 @@ xmlSecNssKeysMngrInit(xmlSecKeysMngrPtr mngr) {
+  * Returns: internal key slot and initializes it if needed.
+  */
+ PK11SlotInfo *
+-xmlSecNssGetInternalKeySlot()
++xmlSecNssGetInternalKeySlot(void)
+ {
+     PK11SlotInfo *slot = NULL;
+     SECStatus rv;
+

diff --git a/dev-libs/xmlsec/metadata.xml b/dev-libs/xmlsec/metadata.xml
index 0b35867adc08..0f981c3c9b18 100644
--- a/dev-libs/xmlsec/metadata.xml
+++ b/dev-libs/xmlsec/metadata.xml
@@ -5,6 +5,7 @@
 	<use>
 		<flag name="gcrypt">Install xmlsec-gcrypt library</flag>
 		<flag name="gnutls">Install xmlsec-gnutls library</flag>
+		<flag name="http">Allow fetching over HTTP via libxml2.</flag>
 		<flag name="nss">Install xmlsec-nss library</flag>
 		<flag name="openssl">Install xmlsec-openssl library</flag>
 	</use>

diff --git a/dev-libs/xmlsec/xmlsec-1.3.0.ebuild b/dev-libs/xmlsec/xmlsec-1.3.0.ebuild
new file mode 100644
index 000000000000..ca8bb9084b40
--- /dev/null
+++ b/dev-libs/xmlsec/xmlsec-1.3.0.ebuild
@@ -0,0 +1,85 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
+HOMEPAGE="https://www.aleksey.com/xmlsec"
+SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
+S="${WORKDIR}/${PN}1-${PV}"
+
+LICENSE="MIT"
+# Upstream consider major version bumps to be changes in either X or Y in X.Y.Z
+SLOT="0/$(ver_cut 1-2)"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="doc gcrypt gnutls http nss +openssl static-libs test"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="
+	|| ( gnutls nss openssl )
+"
+
+RDEPEND="
+	>=dev-libs/libxml2-2.7.4
+	>=dev-libs/libxslt-1.0.20
+	dev-libs/libltdl
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:= )
+	gnutls? ( >=net-libs/gnutls-3.6.13:= )
+	nss? (
+		>=dev-libs/nspr-4.4.1
+		>=dev-libs/nss-3.9
+	)
+	openssl? ( dev-libs/openssl:= )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	virtual/pkgconfig
+	test? (
+		nss? (
+			>=dev-libs/nss-3.9[utils]
+		)
+	)
+"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-strict-prototypes.patch
+)
+
+src_configure() {
+	local myeconfargs=(
+		$(use_enable doc docs)
+		$(use_enable static-libs static)
+		$(use_with gcrypt)
+		$(use_with gnutls)
+		$(use_with nss nspr)
+		$(use_with nss)
+		$(use_with openssl)
+
+		--disable-werror
+		--enable-mans
+		--enable-pkgconfig
+
+		--enable-concatkdf
+		--enable-pbkdf2
+		--enable-ec
+		--enable-dh
+		--enable-sha3
+
+		--enable-files
+		$(use_enable http)
+		--disable-ftp
+	)
+
+	# Bash because of bug #721128
+	CONFIG_SHELL="${BROOT}"/bin/bash econf "${myeconfargs[@]}"
+}
+
+src_test() {
+	# See https://github.com/lsh123/xmlsec/issues/280 for TZ=UTC
+	TZ=UTC SHELL="${BROOT}"/bin/bash emake TMPFOLDER="${T}" check
+}
+
+src_install() {
+	default
+
+	find "${ED}" -name '*.la' -delete || die
+}

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Sam James]

commit:     a70936797b3e090b9e7396bd1765134d11a91a1c
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 17 00:50:33 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Apr 17 00:50:48 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7093679

dev-libs/xmlsec: respect CFLAGS

Don't force -O.

Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/xmlsec/files/xmlsec-1.3.0-optimisation.patch         | 11 +++++++++++
 .../xmlsec/{xmlsec-1.3.0.ebuild => xmlsec-1.3.0-r1.ebuild}    |  9 +++++++++
 2 files changed, 20 insertions(+)

diff --git a/dev-libs/xmlsec/files/xmlsec-1.3.0-optimisation.patch b/dev-libs/xmlsec/files/xmlsec-1.3.0-optimisation.patch
new file mode 100644
index 000000000000..2cd0401e019d
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.3.0-optimisation.patch
@@ -0,0 +1,11 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -2482,7 +2482,7 @@ AC_ARG_ENABLE([pedantic], [AS_HELP_STRING([--enable-pedantic],[enable pedantic c
+ if test "z$enable_pedantic" = "zno" ; then
+     AC_MSG_RESULT([disabled])
+ else
+-    CFLAGS="$CFLAGS -O -std=c99 -pedantic -pedantic-errors -W -Wall -Wextra"
++    CFLAGS="$CFLAGS -std=c99 -pedantic -W -Wall -Wextra"
+     CFLAGS="$CFLAGS -fno-inline -Wnull-dereference -Wdouble-promotion"
+     CFLAGS="$CFLAGS -Wformat=2 -Wformat-security -Wformat-nonliteral"
+     CFLAGS="$CFLAGS -Wconversion -Wunused -Wshadow -Wpointer-arith -Wcast-align"

diff --git a/dev-libs/xmlsec/xmlsec-1.3.0.ebuild b/dev-libs/xmlsec/xmlsec-1.3.0-r1.ebuild
similarity index 94%
rename from dev-libs/xmlsec/xmlsec-1.3.0.ebuild
rename to dev-libs/xmlsec/xmlsec-1.3.0-r1.ebuild
index e0191245d162..e90f0e76d9e9 100644
--- a/dev-libs/xmlsec/xmlsec-1.3.0.ebuild
+++ b/dev-libs/xmlsec/xmlsec-1.3.0-r1.ebuild
@@ -3,6 +3,8 @@
 
 EAPI=8
 
+inherit autotools
+
 DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
 HOMEPAGE="https://www.aleksey.com/xmlsec"
 SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
@@ -43,8 +45,15 @@ BDEPEND="
 PATCHES=(
 	"${FILESDIR}"/${P}-strict-prototypes.patch
 	"${FILESDIR}"/${P}-clang.patch
+	"${FILESDIR}"/${P}-optimisation.patch
 )
 
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
 src_configure() {
 	local myeconfargs=(
 		$(use_enable doc docs)

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Sam James]

commit:     e1e2b092d919a5303afac98fb77f9bc809229e13
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Wed May 31 14:29:27 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Jun 14 06:07:16 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1e2b092

dev-libs/xmlsec: add upstream libressl patches

These patches add compatiblity for LibreSSL.

Bug: https://bugs.gentoo.org/903001
Upstream-PR: https://github.com/lsh123/xmlsec/pull/456
Upstream-Commit: https://github.com/lsh123/xmlsec/commit/c5469cfc8443c57a25a8783f0bd669f71e29bb04
Upstream-PR: https://github.com/lsh123/xmlsec/pull/654
Upstream-Commit: https://github.com/lsh123/xmlsec/commit/dfdf981f3522e4059170b504fb6fd40b37c9d70f
Upstream-Issue: https://github.com/lsh123/xmlsec/issues/665
Upstream-PR: https://github.com/lsh123/xmlsec/pull/666
Upstream-Commit: https://github.com/lsh123/xmlsec/commit/1ee1754c5ab8f0071adbde92d3a007729df7c5a7
Upstream-PR: https://github.com/lsh123/xmlsec/pull/667
Upstream-Commit: https://github.com/lsh123/xmlsec/commit/c9b0dcd01af1ecaed828269b734861cb93edeae3
Signed-off-by: orbea <orbea <AT> riseup.net>
Closes: https://github.com/gentoo/gentoo/pull/31246
Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/xmlsec/files/xmlsec-1.2.37-libressl.patch | 40 +++++++++++++
 dev-libs/xmlsec/xmlsec-1.2.37-r1.ebuild            | 66 ++++++++++++++++++++++
 2 files changed, 106 insertions(+)

diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.37-libressl.patch b/dev-libs/xmlsec/files/xmlsec-1.2.37-libressl.patch
new file mode 100644
index 000000000000..acdb535ba552
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.37-libressl.patch
@@ -0,0 +1,40 @@
+https://github.com/lsh123/xmlsec/pull/456
+https://github.com/lsh123/xmlsec/commit/c5469cfc8443c57a25a8783f0bd669f71e29bb04
+https://github.com/lsh123/xmlsec/pull/654
+https://github.com/lsh123/xmlsec/commit/dfdf981f3522e4059170b504fb6fd40b37c9d70f
+
+From c5469cfc8443c57a25a8783f0bd669f71e29bb04 Mon Sep 17 00:00:00 2001
+From: lsh123 <aleksey@aleksey.com>
+Date: Mon, 12 Dec 2022 10:34:56 -0500
+Subject: [PATCH] fix libressl (#456)
+
+---
+ src/openssl/openssl_compat.h | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+From d113d1e6355c4841fd03c6aa797d33bde1d064f3 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Mon, 29 May 2023 07:46:58 -0700
+Subject: [PATCH] openssl_compat.h: Update LibreSSL UI_null() compat
+
+LibreSSL added UI_null() in 3.7.1.
+---
+ src/openssl/openssl_compat.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/src/openssl/openssl_compat.h
++++ b/src/openssl/openssl_compat.h
+@@ -123,6 +123,13 @@ static inline int xmlSecOpenSSLCompatRand(unsigned char *buf, xmlSecSize size) {
+  * LibreSSL 2.7 compatibility (implements most of OpenSSL 1.1 API)
+  *
+  *****************************************************************************/
++#if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x3070200fL)
++
++/* Needed for Engine initialization */
++#define UI_null()                          NULL
++
++#endif /* defined(LIBRESSL_VERSION_NUMBER) */
++
+ #if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x30500000L) && defined(XMLSEC_OPENSSL_API_110)
+ /* EVP_CIPHER_CTX stuff */
+ #define EVP_CIPHER_CTX_encrypting(x)       ((x)->encrypt)

diff --git a/dev-libs/xmlsec/xmlsec-1.2.37-r1.ebuild b/dev-libs/xmlsec/xmlsec-1.2.37-r1.ebuild
new file mode 100644
index 000000000000..f5ed4f8c1c07
--- /dev/null
+++ b/dev-libs/xmlsec/xmlsec-1.2.37-r1.ebuild
@@ -0,0 +1,66 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
+HOMEPAGE="https://www.aleksey.com/xmlsec"
+SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
+S="${WORKDIR}/${PN}1-${PV}"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="doc gcrypt gnutls nss +openssl static-libs test"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="|| ( gcrypt gnutls nss openssl )
+	gnutls? ( gcrypt )"
+
+RDEPEND=">=dev-libs/libxml2-2.7.4[ftp(+)]
+	>=dev-libs/libxslt-1.0.20
+	dev-libs/libltdl
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:= )
+	gnutls? ( >=net-libs/gnutls-2.8.0:= )
+	nss? (
+		>=dev-libs/nspr-4.4.1
+		>=dev-libs/nss-3.9
+	)
+	openssl? (
+		dev-libs/openssl:=
+	)"
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig
+	test? (
+		nss? (
+			>=dev-libs/nss-3.9[utils]
+		)
+	)"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-libressl.patch #903001
+)
+
+src_configure() {
+	# Bash because of bug #721128
+	CONFIG_SHELL="${BROOT}"/bin/bash econf \
+		$(use_enable doc docs) \
+		$(use_enable static-libs static) \
+		$(use_with gcrypt) \
+		$(use_with gnutls) \
+		$(use_with nss nspr) \
+		$(use_with nss) \
+		$(use_with openssl) \
+		--enable-mans \
+		--enable-pkgconfig
+}
+
+src_test() {
+	# See https://github.com/lsh123/xmlsec/issues/280 for TZ=UTC
+	TZ=UTC SHELL="${BROOT}"/bin/bash emake TMPFOLDER="${T}" check
+}
+
+src_install() {
+	default
+
+	find "${ED}" -name '*.la' -delete || die
+}

[gentoo-commits] repo/gentoo:master commit in: dev-libs/xmlsec/, dev-libs/xmlsec/files/

[Sam James]

commit:     ea17c1e92e82313ced2b7bc8b7eca46a510c6268
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 25 00:50:53 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Nov 25 00:54:44 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ea17c1e9

dev-libs/xmlsec: add 1.3.2

Closes: https://bugs.gentoo.org/917525
Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/xmlsec/Manifest                           |   1 +
 .../xmlsec-1.3.2-libxml2-2.12.0-includes.patch     | 114 +++++++++++++++++++++
 dev-libs/xmlsec/xmlsec-1.3.2.ebuild                |  94 +++++++++++++++++
 3 files changed, 209 insertions(+)

diff --git a/dev-libs/xmlsec/Manifest b/dev-libs/xmlsec/Manifest
index 3c2ede1438c2..c1fd7521877a 100644
--- a/dev-libs/xmlsec/Manifest
+++ b/dev-libs/xmlsec/Manifest
@@ -1,3 +1,4 @@
 DIST xmlsec1-1.2.37.tar.gz 2009175 BLAKE2B 19f43ba6bf6eb49428b9c5563baecbab21476f326cceee13785ae16769afa258f100732831c0f3f7d160543bd075cdcfdc5cbf11b7406637ee6c2f0e27c07f30 SHA512 99220cb28a346ffac0023f9f177d6a7be3ddcea04bea434b7dc926c1f0aaa5564d75f74f92896ac100179c04d77e001f688ddf46fed4e0a0b4f20b7b87c24900
 DIST xmlsec1-1.2.38.tar.gz 2036578 BLAKE2B 03f7e1b5e659793bf1984c5a59582d9459089ce913620d5cc1e5a5d0eb65557580cd23fa190db277298fd7cc55bd41563b93cf61a37c8b7521a4690cd2ca3489 SHA512 724089777caae95db27e67f24381c066eaae23a9d64819a18bb04837c1ab1b380d19be2c7ee25659ca481d9eab96fcbe8027a430a0ac1630ad3b073cddd20fac
 DIST xmlsec1-1.3.1.tar.gz 2432943 BLAKE2B 1dafdffd959579add5c579e3fa9c9f9ddc73ce4aadc6fc2139506e6e64ffcd1bbe7298786e414900eb9f33f93b0a47da64e686c499e48d4c80d81b256db6692e SHA512 7f30c15c3edcafe70fa5febaa0ba39f73f8d30525ee102b5961a658dd2842fbc58e63f7595f15b150d71bf735bfa7688c3694a191b0d475776ca26902d90d25f
+DIST xmlsec1-1.3.2.tar.gz 2437263 BLAKE2B d11953c6e2a263a6742ef62309c2f29e2ba5761d58bee5f8cc761965d0e16fea148811ac3d8036d271400840a62ff2a7fff947bb5331170d3bcc598c558b2a95 SHA512 328f3d27cc1dadee27e5ee4649f6c5a094203cc27f42f1fe98fd429f7dd5630eaadff0e8bf14616016fc3530482ed8bcee4870289a41a083f6dd9bd603782a92

diff --git a/dev-libs/xmlsec/files/xmlsec-1.3.2-libxml2-2.12.0-includes.patch b/dev-libs/xmlsec/files/xmlsec-1.3.2-libxml2-2.12.0-includes.patch
new file mode 100644
index 000000000000..e4b7ec4d7f68
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.3.2-libxml2-2.12.0-includes.patch
@@ -0,0 +1,114 @@
+https://github.com/lsh123/xmlsec/commit/ffb327376f5bb69e8dfe7f805529e45a40118c2b
+
+From ffb327376f5bb69e8dfe7f805529e45a40118c2b Mon Sep 17 00:00:00 2001
+From: lsh123 <aleksey@aleksey.com>
+Date: Mon, 20 Nov 2023 11:50:43 -0500
+Subject: [PATCH] Fix libxml2 v2.12.0 includes  (#729)
+
+--- a/apps/crypto.c
++++ b/apps/crypto.c
+@@ -12,6 +12,7 @@
+ #endif
+ 
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #include <xmlsec/xmlsec.h>
+ #include <xmlsec/keys.h>
+--- a/apps/xmlsec.c
++++ b/apps/xmlsec.c
+@@ -22,6 +22,7 @@
+ #include <libxml/xmlmemory.h>
+ #include <libxml/parser.h>
+ #include <libxml/xpath.h>
++#include <libxml/xmlsave.h>
+ #include <libxml/xpathInternals.h>
+ 
+ #ifndef XMLSEC_NO_XSLT
+@@ -3030,7 +3031,7 @@ xmlSecAppInit(void) {
+     /* Init libxml */
+     xmlInitParser();
+     LIBXML_TEST_VERSION
+-    xmlTreeIndentString = "\t";
++    xmlThrDefTreeIndentString("\t");
+ #ifndef XMLSEC_NO_XSLT
+     xmlIndentTreeOutput = 1;
+ #endif /* XMLSEC_NO_XSLT */
+--- a/include/xmlsec/xmlsec.h
++++ b/include/xmlsec/xmlsec.h
+@@ -12,6 +12,7 @@
+ #define __XMLSEC_H__
+ 
+ #include <libxml/tree.h>
++#include <libxml/parser.h>
+ 
+ #include <xmlsec/version.h>
+ #include <xmlsec/exports.h>
+--- a/src/errors_helpers.h
++++ b/src/errors_helpers.h
+@@ -136,7 +136,7 @@ extern "C" {
+  */
+ #define xmlSecXmlError(errorFunction, errorObject) \
+     {                                                 \
+-        xmlErrorPtr error = xmlGetLastError();        \
++        const xmlError * error = xmlGetLastError();        \
+         int code = (error != NULL) ? error->code : 0; \
+         const char* message = (error != NULL) ? error->message : NULL; \
+         xmlSecError(XMLSEC_ERRORS_HERE,               \
+@@ -159,7 +159,7 @@ extern "C" {
+  */
+ #define xmlSecXmlError2(errorFunction, errorObject, msg, param) \
+     {                                                 \
+-        xmlErrorPtr error = xmlGetLastError();        \
++        const xmlError * error = xmlGetLastError();        \
+         int code = (error != NULL) ? error->code : 0; \
+         const char* message = (error != NULL) ? error->message : NULL; \
+         xmlSecError(XMLSEC_ERRORS_HERE,               \
+@@ -181,7 +181,7 @@ extern "C" {
+  */
+ #define xmlSecXmlParserError(errorFunction, ctxt, errorObject) \
+     {                                                 \
+-        xmlErrorPtr error = xmlCtxtGetLastError(ctxt);\
++        const xmlError * error = xmlCtxtGetLastError(ctxt);\
+         int code = (error != NULL) ? error->code : 0; \
+         const char* message = (error != NULL) ? error->message : NULL; \
+         xmlSecError(XMLSEC_ERRORS_HERE,               \
+@@ -205,7 +205,7 @@ extern "C" {
+  */
+ #define xmlSecXmlParserError2(errorFunction, ctxt, errorObject, msg, param) \
+     {                                                 \
+-        xmlErrorPtr error = xmlCtxtGetLastError(ctxt);\
++        const xmlError * error = xmlCtxtGetLastError(ctxt);\
+         int code = (error != NULL) ? error->code : 0; \
+         const char* message = (error != NULL) ? error->message : NULL; \
+         xmlSecError(XMLSEC_ERRORS_HERE,               \
+@@ -227,7 +227,7 @@ extern "C" {
+  */
+ #define xmlSecXsltError(errorFunction, ctxt, errorObject) \
+     {                                                 \
+-        xmlErrorPtr error = xmlGetLastError();        \
++        const xmlError * error = xmlGetLastError();        \
+         int code = (error != NULL) ? error->code : 0; \
+         const char* message = (error != NULL) ? error->message : NULL; \
+         xmlSecError(XMLSEC_ERRORS_HERE,               \
+--- a/src/mscrypto/certkeys.c
++++ b/src/mscrypto/certkeys.c
+@@ -18,6 +18,7 @@
+ #include "globals.h"
+ 
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #ifndef XMLSEC_NO_GOST
+ #include "csp_oid.h"
+--- a/src/mscrypto/signatures.c
++++ b/src/mscrypto/signatures.c
+@@ -17,6 +17,7 @@
+ #include "globals.h"
+ 
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #ifndef XMLSEC_NO_GOST
+ #include "csp_calg.h"
+

diff --git a/dev-libs/xmlsec/xmlsec-1.3.2.ebuild b/dev-libs/xmlsec/xmlsec-1.3.2.ebuild
new file mode 100644
index 000000000000..c999cba77c0c
--- /dev/null
+++ b/dev-libs/xmlsec/xmlsec-1.3.2.ebuild
@@ -0,0 +1,94 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
+HOMEPAGE="https://www.aleksey.com/xmlsec"
+SRC_URI="https://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
+S="${WORKDIR}/${PN}1-${PV}"
+
+LICENSE="MIT"
+# Upstream consider major version bumps to be changes in either X or Y in X.Y.Z
+SLOT="0/$(ver_cut 1-2)"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="doc gcrypt gnutls http nss +openssl static-libs test"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="
+	|| ( gnutls nss openssl )
+"
+
+RDEPEND="
+	>=dev-libs/libxml2-2.7.4
+	>=dev-libs/libxslt-1.0.20
+	dev-libs/libltdl
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.0:= )
+	gnutls? ( >=net-libs/gnutls-3.6.13:= )
+	nss? (
+		>=dev-libs/nspr-4.4.1
+		>=dev-libs/nss-3.9
+	)
+	openssl? ( dev-libs/openssl:= )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	virtual/pkgconfig
+	test? (
+		nss? (
+			>=dev-libs/nss-3.9[utils]
+		)
+	)
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.3.0-optimisation.patch
+	"${FILESDIR}"/${P}-libxml2-2.12.0-includes.patch
+)
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		$(use_enable doc docs)
+		$(use_enable static-libs static)
+		$(use_with gcrypt)
+		$(use_with gnutls)
+		$(use_with nss nspr)
+		$(use_with nss)
+		$(use_with openssl)
+
+		--disable-werror
+		--enable-mans
+		--enable-pkgconfig
+
+		--enable-concatkdf
+		--enable-pbkdf2
+		--enable-ec
+		--enable-dh
+		--enable-sha3
+
+		--enable-files
+		$(use_enable http)
+		--disable-ftp
+	)
+
+	# Bash because of bug #721128
+	CONFIG_SHELL="${BROOT}"/bin/bash econf "${myeconfargs[@]}"
+}
+
+src_test() {
+	# See https://github.com/lsh123/xmlsec/issues/280 for TZ=UTC
+	TZ=UTC SHELL="${BROOT}"/bin/bash emake TMPFOLDER="${T}" check
+}
+
+src_install() {
+	default
+
+	find "${ED}" -name '*.la' -delete || die
+}