Hello community,
here is the log from the commit of package libsoup
checked in at Mon Aug 6 21:32:54 CEST 2007.
--------
--- GNOME/libsoup/libsoup.changes 2007-02-19 21:48:50.000000000 +0100
+++ /mounts/work_src_done/STABLE/libsoup/libsoup.changes 2007-08-06 19:56:57.324453000 +0200
@@ -1,0 +2,6 @@
+Mon Aug 6 19:55:21 CEST 2007 - jberkman@novell.com
+
+- export new smartcard functionality from gnutls for evo-exchange (gnome bug
+ #334021)
+
+-------------------------------------------------------------------
New:
----
libsoup-2.2.100-r924.patch
libsoup-334021.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsoup.spec ++++++
--- /var/tmp/diff_new_pack.S30932/_old 2007-08-06 21:32:47.000000000 +0200
+++ /var/tmp/diff_new_pack.S30932/_new 2007-08-06 21:32:47.000000000 +0200
@@ -14,13 +14,15 @@
BuildRequires: glib2-devel gnutls-devel gtk-doc libxml2-devel
# We do not need these dependencies needed only for tests.
#BuildRequires: apache2-mod_php5 php5-xmlrpc
-License: GNU Library General Public License v. 2.0 and 2.1 (LGPL)
+License: LGPL v2 or later
Group: Development/Libraries/GNOME
Autoreqprov: on
Summary: Simple Object Access Protocol (SOAP)
Version: 2.2.100
-Release: 1
+Release: 32
Source: ftp://ftp.gnome.org/pub/GNOME/stable/sources/libsoup/2.2/%{name}-%{version}.tar.bz2
+Patch1: libsoup-2.2.100-r924.patch
+Patch2: libsoup-334021.patch
URL: http://www.gnome.org
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -52,7 +54,7 @@
%package devel
Summary: Include Files and Libraries mandatory for Development.
Group: Development/Libraries/GNOME
-Requires: %{name} = %{version} glib2-devel gnutls-devel
+Requires: %{name} = %{version} glib2-devel gnutls-devel libxml2-devel
%description devel
Soup is a SOAP (Simple Object Access Protocol) implementation in C. It
@@ -100,6 +102,8 @@
%prep
%setup -q
+%patch1 -p1
+%patch2 -p0
%build
%configure\
@@ -120,7 +124,7 @@
%files
%defattr(-,root,root)
-%doc README COPYING ChangeLog NEWS AUTHORS INSTALL
+%doc README COPYING ChangeLog NEWS AUTHORS
%{_libdir}/*.so.*
%files devel
@@ -135,6 +139,9 @@
%{_datadir}/gtk-doc/html/libsoup
%changelog
+* Mon Aug 06 2007 - jberkman@novell.com
+- export new smartcard functionality from gnutls for evo-exchange (gnome bug
+ [#334021])
* Mon Feb 19 2007 - maw@suse.de
- Update to version 2.2.100
- Remove header-parsing.patch which is now upstream.
++++++ libsoup-2.2.100-r924.patch ++++++
++++ 4307 lines (skipped)
++++++ libsoup-334021.patch ++++++
Index: configure.in
===================================================================
--- configure.in (revision 924)
+++ configure.in (working copy)
@@ -140,6 +140,11 @@
if test "$have_ssl" = "yes"; then
AC_DEFINE(HAVE_SSL, 1, [Defined if you have SSL support])
SSL_REQUIREMENT="gnutls"
+
+ old_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $LIBGNUTLS_LIBS $LIBGCRYPT_LIBS"
+ AC_CHECK_FUNCS(gnutls_certificate_client_set_sign_function)
+ LDFLAGS="$old_LDFLAGS"
else
if test "$enable_ssl" = "auto"; then
AC_MSG_WARN(Disabling SSL support);
Index: libsoup/soup-ssl.h
===================================================================
--- libsoup/soup-ssl.h (revision 924)
+++ libsoup/soup-ssl.h (working copy)
@@ -44,4 +44,24 @@
SOUP_SSL_ERROR_CERTIFICATE,
} SoupSocketError;
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+#include
+
+typedef int (*SoupGnuTLSCertificateRequestFunc) (const gnutls_datum_t *req_ca_rdn,
+ int nreqs,
+ gnutls_datum_t **cert_ret,
+ int *cert_ret_len,
+ gpointer user_data);
+
+typedef int (*SoupGnuTLSSignDataFunc) (gnutls_datum_t *cert_der,
+ const gnutls_datum_t *hash_data,
+ gnutls_datum_t *sign_data,
+ gpointer user_data);
+
+void soup_gnutls_set_callbacks (SoupSSLCredentials *creds,
+ SoupGnuTLSCertificateRequestFunc cert_func,
+ SoupGnuTLSSignDataFunc sign_func,
+ gpointer user_data);
+#endif /* HAVE_GNUTLS... */
+
#endif /* SOUP_SSL_H */
Index: libsoup/soup-gnutls.c
===================================================================
--- libsoup/soup-gnutls.c (revision 924)
+++ libsoup/soup-gnutls.c (working copy)
@@ -33,6 +33,12 @@
struct SoupSSLCredentials {
gnutls_certificate_credentials creds;
gboolean have_ca_file;
+
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+ SoupGnuTLSCertificateRequestFunc cert_func;
+ SoupGnuTLSSignDataFunc sign_func;
+ gpointer auth_data;
+#endif
};
typedef struct {
@@ -411,6 +417,7 @@
gnutls_dh_set_prime_bits (session, DH_BITS);
gnutls_transport_set_ptr (session, GINT_TO_POINTER (sockfd));
+ gnutls_session_set_ptr (session, creds);
chan = g_new0 (SoupGNUTLSChannel, 1);
chan->fd = sockfd;
@@ -451,6 +458,111 @@
soup_gnutls_inited = TRUE;
}
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+static int
+soup_ssl_retrieve_cert (gnutls_session_t session,
+ const gnutls_datum_t *req_ca_rdn, int nreqs,
+ const gnutls_pk_algorithm_t *sign_algos,
+ int sign_algos_length, gnutls_retr_st * st)
+{
+ SoupSSLCredentials *creds;
+ int cert_ret_len = 0;
+ gnutls_datum_t *cert_ret;
+ gnutls_x509_crt_t *gnutls_cert;
+ int i;
+ int ret;
+
+ creds = gnutls_session_get_ptr (session);
+ if (!creds)
+ return -1;
+
+ g_return_val_if_fail (creds->cert_func != NULL, -1);
+
+ if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
+ return -1;
+
+ ret = creds->cert_func (req_ca_rdn, nreqs,
+ &cert_ret, &cert_ret_len,
+ creds->auth_data);
+
+ if (ret != 0)
+ return -1;
+
+ if (cert_ret_len == 0)
+ return 0;
+
+ gnutls_cert = gnutls_malloc (sizeof (gnutls_x509_crt_t) * cert_ret_len);
+ for (i = 0; i < cert_ret_len; i++) {
+ if (ret == 0) {
+ gnutls_x509_crt_init (&gnutls_cert[i]);
+ ret = gnutls_x509_crt_import (gnutls_cert[i],
+ &cert_ret[i],
+ GNUTLS_X509_FMT_DER);
+ if (ret != 0) {
+ int j;
+ for (j = 0; i < i; j++)
+ gnutls_x509_crt_deinit (gnutls_cert[j]);
+ }
+ }
+ gnutls_free (cert_ret[i].data);
+ }
+ gnutls_free (cert_ret);
+
+ if (ret != 0) {
+ gnutls_free (gnutls_cert);
+ return -1;
+ }
+
+ st->type = GNUTLS_CRT_X509;
+ st->cert.x509 = gnutls_cert;
+ st->ncerts = cert_ret_len;
+ st->key.x509 = NULL;
+ st->deinit_all = 1;
+
+ return 0;
+}
+
+static int
+soup_ssl_sign_data (gnutls_session_t session,
+ gnutls_datum_t * cert,
+ gnutls_certificate_type_t cert_type,
+ const gnutls_datum_t *hash_concat,
+ gnutls_datum_t * signature)
+{
+ SoupSSLCredentials *creds;
+ int ret;
+
+ creds = gnutls_session_get_ptr (session);
+ if (!creds)
+ return -1;
+
+ g_return_val_if_fail (creds->sign_func != NULL, -1);
+ g_return_val_if_fail (cert_type == GNUTLS_CRT_X509, -1);
+
+ ret = creds->sign_func (cert, hash_concat, signature,
+ creds->auth_data);
+
+ return ret;
+}
+
+void
+soup_gnutls_set_callbacks (SoupSSLCredentials *creds,
+ SoupGnuTLSCertificateRequestFunc cert_func,
+ SoupGnuTLSSignDataFunc sign_func,
+ gpointer user_data)
+{
+ creds->cert_func = cert_func;
+ creds->sign_func = sign_func;
+ creds->auth_data = user_data;
+
+ if (cert_func)
+ gnutls_certificate_client_set_retrieve_function (creds->creds, soup_ssl_retrieve_cert);
+
+ if (sign_func)
+ gnutls_certificate_client_set_sign_function (creds->creds, soup_ssl_sign_data);
+}
+#endif /* HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION */
+
/**
* soup_ssl_get_client_credentials:
* @ca_file: path to a file containing X509-encoded Certificate
Index: libsoup/soup-session.c
===================================================================
--- libsoup/soup-session.c (revision 924)
+++ libsoup/soup-session.c (working copy)
@@ -89,6 +89,8 @@
enum {
AUTHENTICATE,
REAUTHENTICATE,
+ CERTIFICATE_REQUESTED,
+ SIGN_DATA,
LAST_SIGNAL
};
@@ -292,6 +294,35 @@
G_TYPE_POINTER,
G_TYPE_POINTER);
+ /* This signal is not part of SoupSession's public API, and
+ * *will* disappear without warning in the future.
+ */
+ signals[CERTIFICATE_REQUESTED] =
+ g_signal_new ("certificate-requested",
+ G_OBJECT_CLASS_TYPE (object_class),
+ G_SIGNAL_RUN_LAST,
+ 0, NULL, NULL,
+ soup_marshal_INT__POINTER_INT_POINTER_POINTER,
+ G_TYPE_INT, 4,
+ G_TYPE_POINTER,
+ G_TYPE_INT,
+ G_TYPE_POINTER,
+ G_TYPE_POINTER);
+
+ /* This signal is not part of SoupSession's public API, and
+ * *will* disappear without warning in the future.
+ */
+ signals[SIGN_DATA] =
+ g_signal_new ("sign-data",
+ G_OBJECT_CLASS_TYPE (object_class),
+ G_SIGNAL_RUN_LAST,
+ 0, NULL, NULL,
+ soup_marshal_INT__POINTER_POINTER_POINTER,
+ G_TYPE_INT, 3,
+ G_TYPE_POINTER,
+ G_TYPE_POINTER,
+ G_TYPE_POINTER);
+
/* properties */
g_object_class_install_property (
object_class, PROP_PROXY_URI,
@@ -550,6 +581,46 @@
return strcmp (one->host, two->host) == 0;
}
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+static int
+soup_session_ssl_certificate_requested (const gnutls_datum_t *req_ca_rdn,
+ int nreqs,
+ gnutls_datum_t **cert_ret,
+ int *cert_ret_len,
+ gpointer user_data)
+{
+ SoupSession *session = user_data;
+ int ret = 0;
+
+ g_return_val_if_fail (SOUP_IS_SESSION (user_data), -1);
+
+ g_signal_emit (session, signals[CERTIFICATE_REQUESTED], 0,
+ req_ca_rdn, nreqs,
+ cert_ret, cert_ret_len,
+ &ret);
+
+ return ret;
+}
+
+static int
+soup_session_ssl_sign_data (gnutls_datum_t *cert_der,
+ const gnutls_datum_t *hash_data,
+ gnutls_datum_t *sign_data,
+ gpointer user_data)
+{
+ SoupSession *session = user_data;
+ int ret = 0;
+
+ g_return_val_if_fail (SOUP_IS_SESSION (user_data), -1);
+
+ g_signal_emit (session, signals[SIGN_DATA], 0,
+ cert_der, hash_data, sign_data,
+ &ret);
+
+ return ret;
+}
+#endif
+
static SoupSessionHost *
soup_session_host_new (SoupSession *session, const SoupUri *source_uri)
{
@@ -563,6 +634,12 @@
!priv->ssl_creds) {
priv->ssl_creds =
soup_ssl_get_client_credentials (priv->ssl_ca_file);
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+ soup_gnutls_set_callbacks (priv->ssl_creds,
+ soup_session_ssl_certificate_requested,
+ soup_session_ssl_sign_data,
+ session);
+#endif
}
return host;
Index: libsoup/soup-marshal.list
===================================================================
--- libsoup/soup-marshal.list (revision 924)
+++ libsoup/soup-marshal.list (working copy)
@@ -2,3 +2,5 @@
NONE:INT
NONE:OBJECT
NONE:OBJECT,STRING,STRING,POINTER,POINTER
+INT:POINTER,INT,POINTER,POINTER
+INT:POINTER,POINTER,POINTER
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org