compatibilité libxmlsec1 1.3.x (#85339) #10
|
|
@ -90,7 +90,7 @@ fi
|
|||
dnl
|
||||
dnl Check for programs
|
||||
dnl
|
||||
CFLAGS="$CFLAGS -Werror=implicit-function-declaration"
|
||||
CFLAGS="$CFLAGS -Werror=undef -Werror=implicit-function-declaration"
|
||||
AC_PROG_CC
|
||||
AM_CFLAGS=""
|
||||
AC_HEADER_STDC
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@ lasso_xmlsec_errors_callback(const char *file G_GNUC_UNUSED, int line G_GNUC_UNU
|
|||
const char *errorObject G_GNUC_UNUSED, const char *errorSubject G_GNUC_UNUSED, int reason G_GNUC_UNUSED,
|
||||
const char *msg)
|
||||
{
|
||||
g_log("libxmlsec", G_LOG_LEVEL_DEBUG, "libxmlsec: %s:%d:%s:%s:%s:%s:%s", file, line, func, errorObject, errorSubject, xmlSecErrorsGetMsg(reason), msg);
|
||||
g_log("libxmlsec", G_LOG_LEVEL_INFO, "libxmlsec: %s:%d:%s:%s:%s:%s:%s", file, line, func, errorObject, errorSubject, xmlSecErrorsGetMsg(reason), msg);
|
||||
}
|
||||
|
||||
static int
|
||||
|
|
|
|||
|
|
@ -128,14 +128,10 @@ get_xmlNode(LassoNode *node, gboolean lasso_dump)
|
|||
lasso_foreach(it, other_session_index) {
|
||||
xmlNode *child = xmlSecAddChild(xmlnode, BAD_CAST SESSION_INDEX,
|
||||
BAD_CAST LASSO_SAML2_PROTOCOL_HREF);
|
||||
#if (XMLSEC_MAJOR > 1) || (XMLSEC_MAJOR == 1 && XMLSEC_MINOR > 2) || (XMLSEC_MAJOR == 1 && XMLSEC_MINOR == 2 && XMLSEC_SUBMINOR > 12)
|
||||
xmlSecNodeEncodeAndSetContent(child, BAD_CAST it->data);
|
||||
#else
|
||||
xmlChar *content;
|
||||
content = xmlEncodeSpecialChars(child->doc, BAD_CAST it->data);
|
||||
xmlNodeSetContent(child, content);
|
||||
xmlFree(content);
|
||||
#endif
|
||||
}
|
||||
((LassoSamlp2LogoutRequest*)node)->SessionIndex = keep_session_index;
|
||||
lasso_release_list_of_strings(other_session_index);
|
||||
|
|
|
|||
|
|
@ -64,6 +64,7 @@
|
|||
#include <glib.h>
|
||||
#include "xml.h"
|
||||
#include "xml_enc.h"
|
||||
#include "../id-ff/server.h"
|
||||
#include "saml-2.0/saml2_assertion.h"
|
||||
#include <unistd.h>
|
||||
#include "../debug.h"
|
||||
|
|
@ -309,8 +310,13 @@ xmlSecKeyPtr lasso_get_public_key_from_pem_file(const char *file) {
|
|||
pub_key = lasso_get_public_key_from_pem_cert_file(file);
|
||||
break;
|
||||
case LASSO_PEM_FILE_TYPE_PUB_KEY:
|
||||
#if LASSO_XMLSEC_VERSION_NUMBER >= 0x010300
|
||||
|
bdauvergne marked this conversation as resolved
Outdated
|
||||
pub_key = xmlSecCryptoAppKeyLoadEx(file, xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate,
|
||||
xmlSecKeyDataFormatPem, NULL, NULL, NULL);
|
||||
#else
|
||||
pub_key = xmlSecCryptoAppKeyLoad(file,
|
||||
xmlSecKeyDataFormatPem, NULL, NULL, NULL);
|
||||
#endif
|
||||
break;
|
||||
case LASSO_PEM_FILE_TYPE_PRIVATE_KEY:
|
||||
pub_key = lasso_get_public_key_from_private_key_file(file);
|
||||
|
|
@ -378,8 +384,13 @@ lasso_get_public_key_from_pem_cert_file(const char *pem_cert_file)
|
|||
static xmlSecKeyPtr
|
||||
lasso_get_public_key_from_private_key_file(const char *private_key_file)
|
||||
{
|
||||
#if LASSO_XMLSEC_VERSION_NUMBER >= 0x010300
|
||||
return xmlSecCryptoAppKeyLoadEx(private_key_file, xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic,
|
||||
xmlSecKeyDataFormatPem, NULL, NULL, NULL);
|
||||
#else
|
||||
return xmlSecCryptoAppKeyLoad(private_key_file,
|
||||
xmlSecKeyDataFormatPem, NULL, NULL, NULL);
|
||||
#endif
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -2704,7 +2715,7 @@ cleanup:
|
|||
xmlSecKeyPtr
|
||||
lasso_xmlsec_load_key_info(xmlNode *key_descriptor)
|
||||
{
|
||||
xmlSecKeyPtr key, result = NULL;
|
||||
xmlSecKeyPtr key = NULL, result = NULL;
|
||||
xmlNodePtr key_info = NULL;
|
||||
xmlSecKeyInfoCtx ctx = {0};
|
||||
xmlSecKeysMngr *keys_mngr = NULL;
|
||||
|
|
@ -2738,6 +2749,17 @@ lasso_xmlsec_load_key_info(xmlNode *key_descriptor)
|
|||
ctx.keyReq.keyUsage = xmlSecKeyDataUsageAny;
|
||||
ctx.certsVerificationDepth = 0;
|
||||
|
||||
if((xmlSecPtrListAdd(&ctx.enabledKeyData, BAD_CAST xmlSecKeyDataX509Id) < 0) ||
|
||||
(xmlSecPtrListAdd(&ctx.enabledKeyData, BAD_CAST xmlSecKeyDataValueId) < 0) ||
|
||||
(xmlSecPtrListAdd(&ctx.enabledKeyData, BAD_CAST xmlSecKeyDataRsaId) < 0) ||
|
||||
(xmlSecPtrListAdd(&ctx.enabledKeyData, BAD_CAST xmlSecKeyDataDsaId) < 0) ||
|
||||
(xmlSecPtrListAdd(&ctx.enabledKeyData, BAD_CAST xmlSecKeyDataHmacId) < 0)) {
|
||||
message(G_LOG_LEVEL_CRITICAL, "Could not enable needed KeyData");
|
||||
goto next;
|
||||
}
|
||||
|
||||
|
||||
|
||||
key = xmlSecKeyCreate();
|
||||
if (lasso_flag_pem_public_key) {
|
||||
xmlSecErrorsDefaultCallbackEnableOutput(FALSE);
|
||||
|
|
|
|||
|
|
@ -44,6 +44,7 @@
|
|||
#include <xmlsec/openssl/crypto.h>
|
||||
#include <xmlsec/openssl/x509.h>
|
||||
|
||||
#include <config.h>
|
||||
#include "xml.h"
|
||||
#include "xml_enc.h"
|
||||
#include "saml_name_identifier.h"
|
||||
|
|
@ -620,6 +621,12 @@ lasso_node_encrypt(LassoNode *lasso_node, xmlSecKey *encryption_public_key,
|
|||
goto cleanup;
|
||||
}
|
||||
|
||||
#if LASSO_XMLSEC_VERSION_NUMBER >= 0x010300
|
||||
enc_ctx->keyInfoWriteCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH;
|
||||
enc_ctx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH;
|
||||
enc_ctx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH;
|
||||
#endif
|
||||
|
||||
/* generate a symetric key */
|
||||
switch (encryption_sym_key_type) {
|
||||
case LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_256:
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Cette méthode a été introduite dans la branche 1.3 de xmlsec, donc ce test rend lasso incompatible avec xmlsec 1.2.25 à 1.2.39.
Plutôt
>= 0x010300du coup.J'ai regardé le dépôt git de xmlsec parce que je ne voyais rien dans le changelog et elle est apparue après la release 1.2.36 (d'où le 0x010224).
Non finalement t'as raison elle apparaît après le tag xmlsec-1_2_36 mais elle n'est incluse qu'à partir du tag xmlsec_1_3_0, branche à jour.
Tu as laissé un > pour ce fichier, ce qui empêche l'utilisation de cette fonction avec xmlsec 1.3.0, c'est voulu ?
Non, j'ai corrigé.