[xmlsec] fix build for openssl 1.0.0-beta and cleanup configure.in/tests
- From: Aleksey Sanin <aleksey src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [xmlsec] fix build for openssl 1.0.0-beta and cleanup configure.in/tests
- Date: Thu, 6 Aug 2009 23:21:07 +0000 (UTC)
commit 3516d6d6b9ee8e619c31b41cdd2053e891920414
Author: Aleksey Sanin <aleksey aleksey com>
Date: Thu Aug 6 16:20:22 2009 -0700
fix build for openssl 1.0.0-beta and cleanup configure.in/tests
ChangeLog | 5 +++++
Makefile.am | 15 ++++++++-------
configure.in | 33 ++++++++++++++++++++++++++++-----
src/openssl/x509vfy.c | 35 +++++++++++++++++++++--------------
tests/testDSig.sh | 2 ++
5 files changed, 64 insertions(+), 26 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 3f5a0d9..497ec97 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2009-08-06 Aleksey Sanin <aleksey aleksey com>
+ * fix build for openssl 1.0 (based on patch from Roumen Petrov)
+ * cleanup test invocation scripts
+ * cleanup configure.in
+
2009-07-29 Aleksey Sanin <aleksey aleksey com>
* fix a couple minor issues (based on patch from Arfrever
Frehtes Taifersar Arahesis)
diff --git a/Makefile.am b/Makefile.am
index 78ace1c..778bc45 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -69,6 +69,7 @@ CHECK_CRYPTO_LIST = \
$(XMLSEC_CRYPTO_LIST) \
$(NULL)
endif
+ABS_SRCDIR=$(shell pwd)
docs: docs-man
@(cd docs && $(MAKE) docs)
@@ -85,9 +86,9 @@ check-all: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
for i in $(CHECK_CRYPTO_LIST) ; do \
echo "=================== Checking xmlsec-$$i =================================" && \
- $(SHELL) ./tests/testKeys.sh $$i ./tests $$ABS_BUILDDIR/$(TEST_APP) der && \
- $(SHELL) ./tests/testDSig.sh $$i ./tests $$ABS_BUILDDIR/$(top_builddir)/$(TEST_APP) der && \
- $(SHELL) ./tests/testEnc.sh $$i ./tests $$ABS_BUILDDIR/$(TEST_APP) der ; \
+ $(SHELL) ./tests/testKeys.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
+ $(SHELL) ./tests/testDSig.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
+ $(SHELL) ./tests/testEnc.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der ; \
done; )
check-info:
@@ -102,19 +103,19 @@ check-info:
check-km: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
- $(SHELL) ./tests/testKeys.sh default tests $$ABS_BUILDDIR/$(TEST_APP) der)
+ $(SHELL) ./tests/testKeys.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
check-dsig: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
- $(SHELL) ./tests/testDSig.sh default tests $$ABS_BUILDDIR/$(top_builddir)/$(TEST_APP) der)
+ $(SHELL) ./tests/testDSig.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
check-xkms: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
- $(SHELL) ./tests/testXKMS.sh default tests $$ABS_BUILDDIR/$(top_builddir)/$(TEST_APP) der)
+ $(SHELL) ./tests/testXKMS.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
check-enc: $(TEST_APP)
@($(PRECHECK_COMMANDS) && \
- $(SHELL) ./tests/testEnc.sh default tests $$ABS_BUILDDIR/$(TEST_APP) der)
+ $(SHELL) ./tests/testEnc.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
memcheck-res:
@grep -i lost /tmp/*.log | sed 's/==.*== *//' | sort -u
diff --git a/configure.in b/configure.in
index e0bcfd8..fe68981 100644
--- a/configure.in
+++ b/configure.in
@@ -68,7 +68,7 @@ dnl - without dynamic xmlsec-crypto loading
dnl ==========================================================================
AC_MSG_CHECKING(for development environment)
AC_ARG_ENABLE(development, [ --enable-development enable development environment (no)])
-if test "z$enable_development" = "zyes" -o "z${LOGNAME}" = "zaleksey" ; then
+if test "z$enable_development" = "zyes" ; then
enable_debuging="yes"
enable_pedantic="yes"
enable_static_linking="yes"
@@ -88,7 +88,12 @@ dnl should separate extra LDFLAGS for xmlsec and crypto libs ?
dnl should --enable-runtime-pseudo-reloc for mingw and cygwin ?
xmlsec_sharedlib_hack="no"
-XMLSEC_SHLIBSFX="$shrext"
+if test -n "$shrext"; then
+ XMLSEC_SHLIBSFX="$shrext"
+else
+ dnl changed in libtool (between 1.5.2 and 1.5.14)
+ XMLSEC_SHLIBSFX="$shrext_cmds"
+fi
case "${host}" in
*aix* )
CFLAGS="${CFLAGS} -D_ALL_SOURCE"
@@ -192,15 +197,16 @@ AC_ARG_WITH(libxml-src,
[ --with-libxml-src=[PFX] not installed yet libxml2 location]
)
-if test "z$with_libxml" = "zno" -o test "z$with_libxml_src" = "zno"; then
+if test "z$with_libxml" = "zno" -o "z$with_libxml_src" = "zno"; then
AC_MSG_CHECKING(for libxml2 libraries >= $LIBXML_MIN_VERSION)
AC_MSG_ERROR(libxml2 >= $LIBXML_MIN_VERSION is required for $XMLSEC_PACKAGE)
elif test "z$with_libxml_src" != "z" ; then
+ AC_MSG_CHECKING(for libxml2 libraries >= $LIBXML_MIN_VERSION)
CWD=`pwd`
if cd "$with_libxml_src" ; then
SRC_DIR=`pwd`
LIBXML_CONFIG=${SRC_DIR}/xml2-config
- LIBXML_LIBS="-L${SRC_DIR} -lxml2"
+ LIBXML_LIBS="-L${SRC_DIR}/.libs -lxml2"
LIBXML_CFLAGS="-I${SRC_DIR}/include"
LIBXML_FOUND="yes"
cd $CWD
@@ -259,11 +265,12 @@ if test "z$with_libxslt" = "zno" -o "z$with_libxslt_src" = "zno" ; then
AC_MSG_RESULT(no)
LIBXSLT_FOUND="without"
elif test "z$with_libxslt_src" != "z" ; then
+ AC_MSG_CHECKING(for libxslt libraries >= $LIBXSLT_MIN_VERSION)
CWD=`pwd`
if cd "$with_libxslt_src" ; then
SRC_DIR=`pwd`
LIBXSLT_CONFIG=${SRC_DIR}/xslt-config
- LIBXSLT_LIBS="-L${SRC_DIR} -lxslt"
+ LIBXSLT_LIBS="-L${SRC_DIR}/.libs -lxslt"
LIBXSLT_CFLAGS="-I${SRC_DIR}/include"
LIBXSLT_FOUND="yes"
cd $CWD
@@ -428,6 +435,19 @@ if test "z$OPENSSL_FOUND" = "zyes" -a "z$OPENSSL_VERSION" = "z" ; then
if test "z$OPENSSL_VERSION" = "z" ; then
AC_EGREP_CPP(yes,[
#include <openssl/opensslv.h>
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ yes
+ #endif
+ ],[
+ OPENSSL_VERSION="1.0.0"
+ ],[
+ OPENSSL_VERSION=""
+ ])
+ fi
+
+ if test "z$OPENSSL_VERSION" = "z" ; then
+ AC_EGREP_CPP(yes,[
+ #include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
yes
#endif
@@ -483,6 +503,9 @@ if test "z$OPENSSL_FOUND" = "zyes" ; then
if test "z$OPENSSL_VERSION" = "z0.9.8" ; then
OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_098=1"
fi
+ if test "z$OPENSSL_VERSION" = "z1.0.0" ; then
+ OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_100=1"
+ fi
OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_CRYPTO_OPENSSL=1"
dnl first crypto library is default one
diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c
index 3201da7..d711d25 100644
--- a/src/openssl/x509vfy.c
+++ b/src/openssl/x509vfy.c
@@ -48,7 +48,7 @@ struct _xmlSecOpenSSLX509StoreCtx {
X509_STORE* xst;
STACK_OF(X509)* untrusted;
STACK_OF(X509_CRL)* crls;
-
+
#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
X509_VERIFY_PARAM * vpm;
#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
@@ -173,7 +173,7 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
xmlSecOpenSSLX509StoreCtxPtr ctx;
STACK_OF(X509)* certs2 = NULL;
- STACK_OF(X509_CRLS)* crls2 = NULL;
+ STACK_OF(X509_CRL)* crls2 = NULL;
X509* res = NULL;
X509* cert;
X509 *err_cert = NULL;
@@ -545,7 +545,9 @@ xmlSecOpenSSLX509StoreAddCertsPath(xmlSecKeyDataStorePtr store, const char *path
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
"X509_LOOKUP_add_dir",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ "path='%s'",
+ xmlSecErrorsSafeString(path)
+ );
return(-1);
}
return(0);
@@ -587,7 +589,9 @@ xmlSecOpenSSLX509StoreAddCertsFile(xmlSecKeyDataStorePtr store, const char *file
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
"X509_LOOKUP_load_file",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ "file='%s'",
+ xmlSecErrorsSafeString(file)
+ );
return(-1);
}
return(0);
@@ -643,7 +647,9 @@ xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
"X509_LOOKUP_add_dir",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ "path='%s'",
+ xmlSecErrorsSafeString(path)
+ );
return(-1);
}
} else {
@@ -652,7 +658,8 @@ xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
"X509_LOOKUP_add_dir",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ XMLSEC_ERRORS_NO_MESSAGE
+ );
return(-1);
}
}
@@ -802,8 +809,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
return(NULL);
}
- for(i = 0; i < certs->num; ++i) {
- cert = ((X509**)(certs->data))[i];
+ for(i = 0; i < sk_X509_num(certs); ++i) {
+ cert = sk_X509_value(certs, i);
subj = X509_get_subject_name(cert);
if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) {
X509_NAME_free(nm);
@@ -863,8 +870,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
BN_free(bn);
- for(i = 0; i < certs->num; ++i) {
- cert = ((X509**)(certs->data))[i];
+ for(i = 0; i < sk_X509_num(certs); ++i) {
+ cert = sk_X509_value(certs, i);
if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) {
continue;
}
@@ -895,8 +902,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
xmlSecErrorsSafeString(ski));
return(NULL);
}
- for(i = 0; i < certs->num; ++i) {
- cert = ((X509**)(certs->data))[i];
+ for(i = 0; i < sk_X509_num(certs); ++i) {
+ cert = sk_X509_value(certs, i);
index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
if((index >= 0) && (ext = X509_get_ext(cert, index))) {
keyId = X509V3_EXT_d2i(ext);
@@ -982,9 +989,9 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
/*
* Check if the current certificate is revoked by this CRL
*/
- n = sk_num(X509_CRL_get_REVOKED(crl));
+ n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
for (i = 0; i < n; i++) {
- revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i);
+ revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
diff --git a/tests/testDSig.sh b/tests/testDSig.sh
index 1f86f8e..263eed5 100755
--- a/tests/testDSig.sh
+++ b/tests/testDSig.sh
@@ -12,6 +12,8 @@ fi
crypto=$1
file_format=$4
+echo "top -> $topfolder"
+
pub_key_format=$file_format
cert_format=$file_format
priv_key_option="--pkcs12"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
