-AUX CVE-2009-0217-fix.patch 3674 RMD160 8d21c8e111dc28b28c668d9c1ceef4df11eecc35 SHA1 7856a29cfd5af2b9dc56420c1bbb3339fb1f65f0 SHA256 bbaee8b06cacb71df1ac4c4bae8b133acb1c9ea61b3522909fa8069655820403
-DIST xml-security-c-1.5.0.tar.gz 957148 RMD160 d40be42ee7f12f48509b2fa31d5029475be398de SHA1 f4c3fe56deac2461bd97ebda1b0b39f70fb20a04 SHA256 a790b6a2e4d5e204184aecc76fb2f0b40bedfd2a643532a7cadec7151dd78475
-EBUILD xml-security-c-1.5.0.ebuild 743 RMD160 1784e3564d6cbb923eb069f31d4b74c0c6750ffe SHA1 833496eef5484861d758003ea156a23dc44b9159 SHA256 4c1daf0b3bb3808ceef716ec6f5294116e2ab2f2ccb14e909491cf9e23047e69
-MISC ChangeLog 799 RMD160 bbde71eaef243080233e75270587c69a3d1c28e5 SHA1 25fdf1ad5543def5cb5cc1a79f7ee51285f5ad99 SHA256 e241eab79831c95650bda8e7163d04913ea9b490c7c56f37cac8337cbb8b8614
+AUX 1.5.1-parallel_build.patch 631 RMD160 e42186615618834a43674e71abb309d46a5ad0e7 SHA1 7d49e2b1725c0ed44e2f61743af1ee720c4ce4c2 SHA256 5985d4b938482cc6ae77c7bc172629c8db19d52af3891fae3db57d3668aba8e7
+DIST xml-security-c-1.5.1.tar.gz 957928 RMD160 eadeb25398d6a0fa6cd22d531470bc1dea1632d3 SHA1 e51d3dca7f32cfcc2090d4d20cf8a1d032d95d79 SHA256 f31d7efbc1a2d708e82fb7237dca29e4e5552d8a4ca510cfe94c9998055b801f
+EBUILD xml-security-c-1.5.1.ebuild 877 RMD160 82cebb8bc964d7f4394f9286d32be46d27fa99fa SHA1 a952ab9d183e0486f924a995f3c0da519fcea8ab SHA256 c67a9f2525f7457913e74d9c9c3ab469fe529c9cfef2586adbd4021050a5c959
+MISC ChangeLog 1112 RMD160 2a3d4181720f0972964110baa5a3c2fac130f10a SHA1 69e97cbe683c6016f9fae8b5b11963656f142daa SHA256 516cfede126dd2e8d0c37e0e7848054162412ce15f68efedc3f2db85104857a4
MISC metadata.xml 290 RMD160 a31bb9468300ba7321320de317d3130291b7b156 SHA1 69a4c0e652258ebc2bc5da5df525bad3923ebc7f SHA256 69e4f84c4ff607b175fad5627e93fbcd02c729b7df2b5f759b256bbc07092527
+++ /dev/null
---- src/dsig/DSIGAlgorithmHandlerDefault.cpp 2009/07/14 18:55:07 794016
-+++ src/dsig/DSIGAlgorithmHandlerDefault.cpp 2009/07/14 19:03:52 794017
-@@ -459,6 +459,12 @@
- }
-
- // Signature already created, so just translate to base 64 and enter string
-+
-+ // FIX: CVE-2009-0217
-+ if (outputLength > 0 && (outputLength < 80 || outputLength < hashLen / 2)) {
-+ throw XSECException(XSECException::AlgorithmMapperError,
-+ "HMACOutputLength set to unsafe value.");
-+ }
-
- convertRawToBase64String(b64SB,
- hash,
-@@ -560,7 +566,14 @@
- case (XSECCryptoKey::KEY_HMAC) :
-
- // Already done - just compare calculated value with read value
-- sigVfyRet = compareBase64StringToRaw(sig,
-+
-+ // FIX: CVE-2009-0217
-+ if (outputLength > 0 && (outputLength < 80 || outputLength < hashLen / 2)) {
-+ throw XSECException(XSECException::AlgorithmMapperError,
-+ "HMACOutputLength set to unsafe value.");
-+ }
-+
-+ sigVfyRet = compareBase64StringToRaw(sig,
- hash,
- hashLen,
- outputLength);
---- src/dsig/DSIGSignature.cpp 2009/07/14 18:55:07 794016
-+++ src/dsig/DSIGSignature.cpp 2009/07/14 19:03:52 794017
-@@ -1042,6 +1042,13 @@
-
- }
-
-+ // FIX: CVE-2009-0217
-+
-+ if (mp_signedInfo->getHMACOutputLength() > 0 && mp_signedInfo->getHMACOutputLength() < 80) {
-+ throw XSECException(XSECException::SigVfyError,
-+ "DSIGSignature::verify() - HMACOutputLength is unsafe");
-+ }
-+
- // Try to find a key
- if (mp_signingKey == NULL) {
-
---- src/framework/XSECW32Config.hpp 2009/07/14 18:55:07 794016
-+++ src/framework/XSECW32Config.hpp 2009/07/14 19:03:52 794017
-@@ -38,7 +38,7 @@
-
- #define XSEC_VERSION_MAJOR 1
- #define XSEC_VERSION_MEDIUM 5
--#define XSEC_VERSION_MINOR 0
-+#define XSEC_VERSION_MINOR 1
-
- /*
- * Because we don't have a configure script, we need to rely on version
---- configure.ac 2009/07/14 18:55:07 794016
-+++ configure.ac 2009/07/14 19:03:52 794017
-@@ -19,12 +19,12 @@
-
- # Process this file with autoconf to produce a configure script
-
--AC_INIT([[XML-Security-C]], [1.5.0], [security-dev@xml.apache.org], [xml-security-c])
-+AC_INIT([[XML-Security-C]], [1.5.1], [security-dev@xml.apache.org], [xml-security-c])
- AC_CONFIG_AUX_DIR([config])
-
- # kick off automake
-
--AM_INIT_AUTOMAKE(xml-security-c, 1.5.0)
-+AM_INIT_AUTOMAKE(xml-security-c, 1.5.1)
- sinclude(m4/acx_pthread.m4)
- AM_PROG_LIBTOOL
-
---- src/framework/version.rc 2009/07/14 18:55:07 794016
-+++ src/framework/version.rc 2009/07/14 19:03:52 794017
-@@ -54,8 +54,8 @@
- //
-
- VS_VERSION_INFO VERSIONINFO
-- FILEVERSION 1,5,0,0
-- PRODUCTVERSION 1,5,0,0
-+ FILEVERSION 1,5,1,0
-+ PRODUCTVERSION 1,5,1,0
- FILEFLAGSMASK 0x3fL
- #ifdef _DEBUG
- FILEFLAGS 0x1L
-@@ -73,7 +73,7 @@
- VALUE "Comments", "\0"
- VALUE "CompanyName", "The Apache Software Foundation\0"
- VALUE "FileDescription", "XML Security C++ Library\0"
-- VALUE "FileVersion", "1, 5, 0, 0\0"
-+ VALUE "FileVersion", "1, 5, 1, 0\0"
- #ifdef _DEBUG
- VALUE "InternalName", "xsec_1_5D\0"
- #else
-@@ -88,7 +88,7 @@
- #endif
- VALUE "PrivateBuild", "\0"
- VALUE "ProductName", "XML-Security-C - C++ XML Security Library\0"
-- VALUE "ProductVersion", "1, 5, 0, 0\0"
-+ VALUE "ProductVersion", "1, 5, 1, 0\0"
- VALUE "SpecialBuild", "\0"
- END
- END
---- xml-security-c.spec 2009/07/14 18:55:07 794016
-+++ xml-security-c.spec 2009/07/14 19:03:52 794017
-@@ -1,5 +1,5 @@
- Name: xml-security-c
--Version: 1.5.0
-+Version: 1.5.1
- Release: 1
- Summary: C++ XML security library
-
--- /dev/null
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="2"
+
+inherit autotools eutils
+
+DESCRIPTION="Apache C++ XML security libraries."
+HOMEPAGE="http://santuario.apache.org/"
+SRC_URI="http://santuario.apache.org/dist/c-library/${P}.tar.gz"
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="debug examples xalan ssl"
+
+RDEPEND=">=dev-libs/xerces-c-3
+ xalan? ( dev-libs/xalan-c )
+ ssl? ( dev-libs/openssl )"
+DEPEND="${RDEPEND}
+ dev-util/pkgconfig"
+
+src_prepare() {
+ epatch \
+ "${FILESDIR}/${PV}-parallel_build.patch"
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ $(use_enable debug) \
+ $(use_with xalan) \
+ $(use_with ssl openssl)
+}
+
+src_install(){
+ emake DESTDIR="${D}" install || die "emake failed"
+
+ if use examples ; then
+ insinto /usr/share/doc/${PF}/examples
+ doins src/samples/*.cpp
+ fi
+}