Version bump (bug #277876).

(Portage version: 13851-svn/cvs/Linux x86_64)
author: Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> 2009-07-29 16:37:41 +0000
committer: Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> 2009-07-29 16:37:41 +0000
commit: dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c (patch)
tree: 65bb89c04b8bfabea7003ceffc6e3cc77183efcd /dev-libs/xmlsec
parent: Remove vulnerable version(s), bug 271708 (diff)
download: gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.tar.gz
gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.tar.bz2
gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.zip
4 files changed, 413 insertions, 1 deletions
diff --git a/dev-libs/xmlsec/ChangeLog b/dev-libs/xmlsec/ChangeLog
index e3af27f2627e..37cdfa716d20 100644
--- a/dev-libs/xmlsec/ChangeLog
+++ b/dev-libs/xmlsec/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for dev-libs/xmlsec
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/xmlsec/ChangeLog,v 1.16 2009/05/03 18:08:54 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/xmlsec/ChangeLog,v 1.17 2009/07/29 16:37:41 arfrever Exp $
+
+*xmlsec-1.2.12 (29 Jul 2009)
+
+  29 Jul 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>
+  +xmlsec-1.2.12.ebuild,
+  +files/xmlsec-1.2.12-fix_implicit_declaration.patch,
+  +files/xmlsec-1.2.12-min_hmac_size.patch:
+  Version bump (bug #277876).
 
   03 May 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>
   xmlsec-1.2.11.ebuild, +files/xmlsec-1.2.11-gnutls.patch:
diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.12-fix_implicit_declaration.patch b/dev-libs/xmlsec/files/xmlsec-1.2.12-fix_implicit_declaration.patch
new file mode 100644
index 000000000000..2f6cfd6e02b0
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.12-fix_implicit_declaration.patch
@@ -0,0 +1,10 @@
+--- src/openssl/hmac.c
++++ src/openssl/hmac.c
+@@ -24,6 +24,7 @@
+ 
+ #include <openssl/hmac.h>
+ 
++#include <xmlsec/base64.h>
+ #include <xmlsec/xmlsec.h>
+ #include <xmlsec/xmltree.h>
+ #include <xmlsec/keys.h>
diff --git a/dev-libs/xmlsec/files/xmlsec-1.2.12-min_hmac_size.patch b/dev-libs/xmlsec/files/xmlsec-1.2.12-min_hmac_size.patch
new file mode 100644
index 000000000000..a6cdeebae841
--- /dev/null
+++ b/dev-libs/xmlsec/files/xmlsec-1.2.12-min_hmac_size.patch
@@ -0,0 +1,334 @@
+http://git.gnome.org/cgit/xmlsec/commit/?id=c07c1961dc8a08d81dad6c1fd984acd09ae99028
+
+--- src/gnutls/hmac.c
++++ src/gnutls/hmac.c
+@@ -23,8 +23,9 @@
+ #include <xmlsec/gnutls/app.h>
+ #include <xmlsec/gnutls/crypto.h>
+ 
+-#define XMLSEC_GNUTLS_MIN_HMAC_SIZE		40
+-#define XMLSEC_GNUTLS_MAX_HMAC_SIZE		128
++/* sizes in bits */
++#define XMLSEC_GNUTLS_MIN_HMAC_SIZE		80
++#define XMLSEC_GNUTLS_MAX_HMAC_SIZE		(128 * 8)
+ 
+ /**************************************************************************
+  *
+@@ -65,7 +66,7 @@ typedef struct _xmlSecGnuTLSHmacCtx		xmlSecGnuTLSHmacCtx, *xmlSecGnuTLSHmacCtxPt
+ struct _xmlSecGnuTLSHmacCtx {
+     int			digest;
+     GcryMDHd		digestCtx;
+-    xmlSecByte	 	dgst[XMLSEC_GNUTLS_MAX_HMAC_SIZE];
++    xmlSecByte	 	dgst[XMLSEC_GNUTLS_MAX_HMAC_SIZE / 8];
+     xmlSecSize		dgstSize;	/* dgst size in bits */
+ };	    
+ 
+--- src/nss/hmac.c
++++ src/nss/hmac.c
+@@ -26,8 +26,9 @@
+ #include <xmlsec/nss/app.h>
+ #include <xmlsec/nss/crypto.h>
+ 
+-#define XMLSEC_NSS_MIN_HMAC_SIZE		40
+-#define XMLSEC_NSS_MAX_HMAC_SIZE		128
++/* sizes in bits */
++#define XMLSEC_NSS_MIN_HMAC_SIZE		80
++#define XMLSEC_NSS_MAX_HMAC_SIZE		(128 * 8)
+ 
+ /**************************************************************************
+  *
+@@ -68,7 +69,7 @@ typedef struct _xmlSecNssHmacCtx		xmlSecNssHmacCtx, *xmlSecNssHmacCtxPtr;
+ struct _xmlSecNssHmacCtx {
+     CK_MECHANISM_TYPE	digestType;
+     PK11Context*	digestCtx;
+-    xmlSecByte 		dgst[XMLSEC_NSS_MAX_HMAC_SIZE];
++    xmlSecByte 		dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
+     xmlSecSize		dgstSize;	/* dgst size in bits */
+ };	    
+ 
+--- src/openssl/hmac.c
++++ src/openssl/hmac.c
+@@ -32,7 +32,9 @@
+ 
+ #include <xmlsec/openssl/crypto.h>
+ 
+-#define XMLSEC_OPENSSL_MIN_HMAC_SIZE		40
++/* sizes in bits */
++#define XMLSEC_OPENSSL_MIN_HMAC_SIZE		80
++#define XMLSEC_OPENSSL_MAX_HMAC_SIZE		(EVP_MAX_MD_SIZE * 8)
+ 
+ /**************************************************************************
+  *
+@@ -74,7 +76,7 @@ struct _xmlSecOpenSSLHmacCtx {
+     const EVP_MD*	hmacDgst;
+     HMAC_CTX		hmacCtx;
+     int			ctxInitialized;
+-    xmlSecByte 		dgst[EVP_MAX_MD_SIZE];
++    xmlSecByte 		dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
+     xmlSecSize		dgstSize;	/* dgst size in bits */
+ };	    
+ 
+@@ -380,6 +382,14 @@ xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform,
+     
+     /* compare the digest size in bytes */
+     if(dataSize != ((ctx->dgstSize + 7) / 8)){
++	/* NO COMMIT */
++	xmlChar* a;
++	mask = last_byte_masks[ctx->dgstSize % 8];
++	ctx->dgst[dataSize - 1] &= mask;
++	a = xmlSecBase64Encode(ctx->dgst, (ctx->dgstSize + 7) / 8, -1);
++	fprintf(stderr, "%s\n", a);
++	xmlFree(a);
++
+ 	xmlSecError(XMLSEC_ERRORS_HERE, 
+ 		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ 		    NULL,
+--- tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+--- tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+       <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>j202k+irNYE=</SignatureValue>
++  <SignatureValue>8woIGhwIlkw9Gw==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+--- tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+       <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>+TxC/QCigpQ=</SignatureValue>
++  <SignatureValue>cAAf5NRMJvdO9w==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+--- tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+       <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>f/uhIfsfFeg=</SignatureValue>
++  <SignatureValue>xjqFz/yYQRTOrw==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha224">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+--- tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha224">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+       <DigestValue>azpKU6mkkPqPdDdtDXlEzVb0Xo2HgZMfuJ8KBw==</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>ULeTuYfbvSc=</SignatureValue>
++  <SignatureValue>lZnrOj6ykWj7Zg==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+--- tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+       <DigestValue>iDhYt78o294fA6pzQ7k44+eejrQMi+WX3l3UrUdtL1Q=</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>BSM2P+9soOk=</SignatureValue>
++  <SignatureValue>zDqLw++TOXixpw==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+--- tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml
+@@ -3,13 +3,13 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+       <DigestValue>uTx8AeqrTmv+nijRsWW7TOs1pCIuCudsFRVloP6hPin8Q4x9fFX2j/zj53XB37OG</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>azErzRgKjtM=</SignatureValue>
++  <SignatureValue>ZgeAT9hZEkXlyQ==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl
++++ tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+--- tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml
++++ tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+     <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512">
+-      <HMACOutputLength>64</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+@@ -11,6 +11,6 @@
+ XDnbRaf22WqerzX1vL0QzA==</DigestValue>
+     </Reference>
+   </SignedInfo>
+-  <SignatureValue>rQcObPRcpOc=</SignatureValue>
++  <SignatureValue>shktZYjrs58vuA==</SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl
++++ tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+-      <HMACOutputLength>40</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+--- tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
++++ tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
+@@ -3,7 +3,7 @@
+   <SignedInfo>
+     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+-      <HMACOutputLength>40</HMACOutputLength>
++      <HMACOutputLength>80</HMACOutputLength>
+     </SignatureMethod>
+     <Reference URI="#object">
+       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+@@ -11,7 +11,7 @@
+     </Reference>
+   </SignedInfo>
+   <SignatureValue>
+-    HHiqvCU=
++    xjqFz/yYQRTOrw==
+   </SignatureValue>
+   <Object Id="object">some text</Object>
+ </Signature>
+--- tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml
++++ tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml
+@@ -1 +1 @@
+-<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"><dsig:HMACOutputLength>40</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>D8A3AYM=</dsig:SignatureValue></dsig:Signature>
+\ No newline at end of file
++<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"><dsig:HMACOutputLength>80</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>e/Cz41h/IJocTg==</dsig:SignatureValue></dsig:Signature>
+\ No newline at end of file
+--- tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
++++ tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
+@@ -1 +1 @@
+-<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"><dsig:HMACOutputLength>40</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>awZmh2c=</dsig:SignatureValue></dsig:Signature>
+\ No newline at end of file
++<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"><dsig:HMACOutputLength>80</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>iuQK6TvAjMciIw==</dsig:SignatureValue></dsig:Signature>
+\ No newline at end of file
diff --git a/dev-libs/xmlsec/xmlsec-1.2.12.ebuild b/dev-libs/xmlsec/xmlsec-1.2.12.ebuild
new file mode 100644
index 000000000000..64e4688819fd
--- /dev/null
+++ b/dev-libs/xmlsec/xmlsec-1.2.12.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/xmlsec/xmlsec-1.2.12.ebuild,v 1.1 2009/07/29 16:37:41 arfrever Exp $
+
+EAPI="2"
+
+inherit autotools eutils flag-o-matic
+
+DESCRIPTION="Command line tool for signing, verifying, encrypting and decrypting XML"
+HOMEPAGE="http://www.aleksey.com/xmlsec"
+SRC_URI="http://www.aleksey.com/xmlsec/download/${PN}1-${PV}.tar.gz"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="gnutls mozilla ssl"
+
+RDEPEND=">=dev-libs/libxslt-1.0.20
+	ssl? ( >=dev-libs/openssl-0.9.7 )
+	gnutls? ( >=net-libs/gnutls-0.8.1 )
+	mozilla? ( >=dev-libs/nspr-4.0
+		>=dev-libs/nss-3.2 )"
+DEPEND="${RDEPEND}
+	>=dev-libs/libxml2-2.6.12
+	dev-util/pkgconfig"
+
+S="${WORKDIR}/${PN}1-${PV}"
+
+src_prepare() {
+	epatch "${FILESDIR}/${P}-min_hmac_size.patch"
+	epatch "${FILESDIR}/${P}-fix_implicit_declaration.patch"
+
+	sed -i \
+		-e '/^XMLSEC_SHLIBSFX=/s/\(XMLSEC_SHLIBSFX=\).*/\1".so"/' \
+		-e '/sha1.*pkgconfig/s/sha1/pkgconfig/' \
+		-e '/^AC_LIB_LTDL$/d' configure.in || die "sed configure.in failed"
+	eautoreconf
+}
+
+src_configure() {
+	append-cppflags '-DLTDL_OBJDIR=\".libs\"' '-DLTDL_SHLIB_EXT=\".so\"'
+	local myconf
+	use gnutls || myconf="--without-gnutls"
+	econf \
+		--enable-pkgconfig \
+		--enable-xkms \
+		$(use_enable ssl aes) \
+		$(use_with ssl openssl /usr) \
+		--with-html-dir=/usr/share/doc/${PF} \
+		${myconf}
+}
+
+src_test() {
+	TMPFOLDER="${T}" emake check || die "emake check failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "install failed"
+	dodoc AUTHORS README NEWS
+}
author	Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>	2009-07-29 16:37:41 +0000
committer	Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>	2009-07-29 16:37:41 +0000
commit	dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c (patch)
tree	65bb89c04b8bfabea7003ceffc6e3cc77183efcd /dev-libs/xmlsec
parent	Remove vulnerable version(s), bug 271708 (diff)
download	gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.tar.gz gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.tar.bz2 gentoo-2-dfa62b261ea2e3d2c80d0f1afb0faabf13c9a79c.zip