File xmltooling-1.6.4-fix_build_openssl_111.patch of Package xmltooling.29631

Overview Repositories Revisions Requests Users Attributes Meta

File xmltooling-1.6.4-fix_build_openssl_111.patch of Package xmltooling.29631

This patch is based on the following upstream commit and adds the
same changes (xmltooling:: namespace) for ExplicitKeyTrustEngine.cpp
as well.

From 6feb1baf4f80210e9222d817664c9c792d7979fe Mon Sep 17 00:00:00 2001
From: Rod Widdowson <rdw@steadingsoftware.com>
Date: Sat, 13 Oct 2018 14:21:35 +0100
Subject: [PATCH] CPPXT-137 OpenSSL 1.1.1

https://issues.shibboleth.net/jira/browse/CPPXT-137

OpenSSL 1.1.1 defined functions that we defined for 1.1.0.
Fix the compile by being explicit about the namespace and
add use of the new functions to the support module.
---
 .../security/impl/SecurityHelper.cpp          |  4 ++--
 xmltooling/security/impl/OpenSSLSupport.cpp   | 20 ++++++++++++++-----

Index: xmltooling-1.6.4/xmltooling/security/impl/SecurityHelper.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/SecurityHelper.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/SecurityHelper.cpp
@@ -487,7 +487,7 @@ bool SecurityHelper::matches(const XSECC
             return false;
         const RSA* rsa1 = static_cast<const OpenSSLCryptoKeyRSA&>(key1).getOpenSSLRSA();
         const RSA* rsa2 = static_cast<const OpenSSLCryptoKeyRSA&>(key2).getOpenSSLRSA();
-        return (rsa1 && rsa2 && BN_cmp(RSA_get0_n(rsa1),RSA_get0_n(rsa2)) == 0 && BN_cmp(RSA_get0_e(rsa1),RSA_get0_e(rsa2)) == 0);
+        return (rsa1 && rsa2 && BN_cmp(xmltooling::RSA_get0_n(rsa1), xmltooling::RSA_get0_n(rsa2)) == 0 && BN_cmp(xmltooling::RSA_get0_e(rsa1), xmltooling::RSA_get0_e(rsa2)) == 0);
     }
 
     // For a private key, compare the private half.
@@ -496,7 +496,7 @@ bool SecurityHelper::matches(const XSECC
             return false;
         const RSA* rsa1 = static_cast<const OpenSSLCryptoKeyRSA&>(key1).getOpenSSLRSA();
         const RSA* rsa2 = static_cast<const OpenSSLCryptoKeyRSA&>(key2).getOpenSSLRSA();
-        return (rsa1 && rsa2 && BN_cmp(RSA_get0_n(rsa1),RSA_get0_n(rsa2)) == 0 && BN_cmp(RSA_get0_d(rsa1),RSA_get0_d(rsa2)) == 0);
+        return (rsa1 && rsa2 && BN_cmp(xmltooling::RSA_get0_n(rsa1), xmltooling::RSA_get0_n(rsa2)) == 0 && BN_cmp(xmltooling::RSA_get0_d(rsa1), xmltooling::RSA_get0_d(rsa2)) == 0);
     }
 
     // If one key is public or both, just compare the public key half.
Index: xmltooling-1.6.4/xmltooling/security/impl/OpenSSLSupport.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/OpenSSLSupport.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/OpenSSLSupport.cpp
@@ -73,10 +73,12 @@ const BIGNUM *xmltooling::DSA_get0_pubke
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return dsa->pub_key;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     DSA_get0_key(dsa, &result, NULL);
     return result;
+#else
+    return ::DSA_get0_pub_key(dsa);
 #endif
 }
 
@@ -84,10 +86,12 @@ const BIGNUM *xmltooling::DSA_get0_privk
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return dsa->priv_key;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     DSA_get0_key(dsa, NULL, &result);
     return result;
+#else
+    return ::DSA_get0_priv_key(dsa);
 #endif
 }
 
@@ -95,10 +99,12 @@ const BIGNUM *xmltooling::RSA_get0_n(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->n;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, &result, NULL, NULL);
     return result;
+#else
+    return ::RSA_get0_n(rsa);
 #endif
 }
 
@@ -106,10 +112,12 @@ const BIGNUM *xmltooling::RSA_get0_e(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->e;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, NULL, &result, NULL);
     return result;
+#else
+    return ::RSA_get0_e(rsa);
 #endif
 }
 
@@ -117,9 +125,11 @@ const BIGNUM *xmltooling::RSA_get0_d(con
 {
 #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     return rsa->d;
-#else
+#elif (OPENSSL_VERSION_NUMBER  < 0x10101000L)
     const BIGNUM *result;
     RSA_get0_key(rsa, NULL, NULL, &result);
     return result;
+#else
+    return ::RSA_get0_d(rsa);
 #endif
 }
Index: xmltooling-1.6.4/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
===================================================================
--- xmltooling-1.6.4.orig/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
+++ xmltooling-1.6.4/xmltooling/security/impl/ExplicitKeyTrustEngine.cpp
@@ -264,7 +264,7 @@ bool ExplicitKeyTrustEngine::validate(
                     RSA* rsa = static_cast<OpenSSLCryptoKeyRSA*>(key)->getOpenSSLRSA();
                     EVP_PKEY* evp = X509_PUBKEY_get(X509_get_X509_PUBKEY(certEE));
                     if (rsa && evp && EVP_PKEY_id(evp) == EVP_PKEY_RSA &&
-                            BN_cmp(RSA_get0_n(rsa),RSA_get0_n(EVP_PKEY_get0_RSA(evp))) == 0 && BN_cmp(RSA_get0_e(rsa), RSA_get0_e(EVP_PKEY_get0_RSA(evp))) == 0) {
+                            BN_cmp(xmltooling::RSA_get0_n(rsa), xmltooling::RSA_get0_n(EVP_PKEY_get0_RSA(evp))) == 0 && BN_cmp(xmltooling::RSA_get0_e(rsa), xmltooling::RSA_get0_e(EVP_PKEY_get0_RSA(evp))) == 0) {
                         if (evp)
                             EVP_PKEY_free(evp);
                         log.debug("end-entity certificate matches peer RSA key information");

Places

File xmltooling-1.6.4-fix_build_openssl_111.patch of Package xmltooling.29631

Places