OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libsoup?expand=0&rev=5

2007-08-06 19:32:54 +00:00 · 2007-08-06 19:32:54 +00:00 · 14c56c1e5c
commit 14c56c1e5c
parent 1d2bbbbf2e
4 changed files with 4626 additions and 4 deletions
--- a/libsoup-2.2.100-r924.patch
+++ b/libsoup-2.2.100-r924.patch
--- a/libsoup-334021.patch
+++ b/libsoup-334021.patch
@ -0,0 +1,302 @@
+
+Index: configure.in
+===================================================================
+--- configure.in	(revision 924)
+++ configure.in	(working copy)
+@@ -140,6 +140,11 @@
+ 	if test "$have_ssl" = "yes"; then
+ 		AC_DEFINE(HAVE_SSL, 1, [Defined if you have SSL support])
+ 		SSL_REQUIREMENT="gnutls"
+
+		old_LDFLAGS="$LDFLAGS"
+		LDFLAGS="$LDFLAGS $LIBGNUTLS_LIBS $LIBGCRYPT_LIBS"
+		AC_CHECK_FUNCS(gnutls_certificate_client_set_sign_function)
+		LDFLAGS="$old_LDFLAGS"
+ 	else
+ 		if test "$enable_ssl" = "auto"; then
+ 			AC_MSG_WARN(Disabling SSL support);
+Index: libsoup/soup-ssl.h
+===================================================================
+--- libsoup/soup-ssl.h	(revision 924)
+++ libsoup/soup-ssl.h	(working copy)
+@@ -44,4 +44,24 @@
+ 	SOUP_SSL_ERROR_CERTIFICATE,
+ } SoupSocketError;
+ 
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+#include <gnutls/gnutls.h>
+
+typedef int (*SoupGnuTLSCertificateRequestFunc) (const gnutls_datum_t *req_ca_rdn,
+						 int nreqs,
+						 gnutls_datum_t **cert_ret,
+						 int *cert_ret_len,
+						 gpointer user_data);
+
+typedef int (*SoupGnuTLSSignDataFunc) (gnutls_datum_t *cert_der,
+				       const gnutls_datum_t *hash_data,
+				       gnutls_datum_t *sign_data,
+				       gpointer user_data);
+
+void soup_gnutls_set_callbacks (SoupSSLCredentials *creds,
+				SoupGnuTLSCertificateRequestFunc cert_func,
+				SoupGnuTLSSignDataFunc sign_func,
+				gpointer user_data);
+#endif /* HAVE_GNUTLS... */
+
+ #endif /* SOUP_SSL_H */
+Index: libsoup/soup-gnutls.c
+===================================================================
+--- libsoup/soup-gnutls.c	(revision 924)
+++ libsoup/soup-gnutls.c	(working copy)
+@@ -33,6 +33,12 @@
+ struct SoupSSLCredentials {
+ 	gnutls_certificate_credentials creds;
+ 	gboolean have_ca_file;
+
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+	SoupGnuTLSCertificateRequestFunc cert_func;
+	SoupGnuTLSSignDataFunc sign_func;
+	gpointer auth_data;
+#endif
+ };
+ 
+ typedef struct {
+@@ -411,6 +417,7 @@
+ 		gnutls_dh_set_prime_bits (session, DH_BITS);
+ 
+ 	gnutls_transport_set_ptr (session, GINT_TO_POINTER (sockfd));
+	gnutls_session_set_ptr (session, creds);
+ 
+ 	chan = g_new0 (SoupGNUTLSChannel, 1);
+ 	chan->fd = sockfd;
+@@ -451,6 +458,111 @@
+ 	soup_gnutls_inited = TRUE;
+ }
+ 
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+static int
+soup_ssl_retrieve_cert (gnutls_session_t session,
+			const gnutls_datum_t *req_ca_rdn, int nreqs,
+			const gnutls_pk_algorithm_t *sign_algos,
+			int sign_algos_length, gnutls_retr_st * st)
+{
+	SoupSSLCredentials *creds;
+	int cert_ret_len = 0;
+	gnutls_datum_t *cert_ret;
+	gnutls_x509_crt_t *gnutls_cert;
+	int i;
+	int ret;
+
+	creds = gnutls_session_get_ptr (session);
+	if (!creds)
+		return -1;
+
+	g_return_val_if_fail (creds->cert_func != NULL, -1);
+
+	if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
+		return -1;
+
+	ret = creds->cert_func (req_ca_rdn, nreqs,
+				&cert_ret, &cert_ret_len,
+				creds->auth_data);
+
+	if (ret != 0)
+		return -1;
+
+	if (cert_ret_len == 0)
+		return 0;
+
+	gnutls_cert = gnutls_malloc (sizeof (gnutls_x509_crt_t) * cert_ret_len);
+	for (i = 0; i < cert_ret_len; i++) {
+		if (ret == 0) {
+			gnutls_x509_crt_init (&gnutls_cert[i]);
+			ret = gnutls_x509_crt_import (gnutls_cert[i],
+						      &cert_ret[i],
+						      GNUTLS_X509_FMT_DER);
+			if (ret != 0) {
+				int j;
+				for (j = 0; i < i; j++)
+					gnutls_x509_crt_deinit (gnutls_cert[j]);
+			}
+		}
+		gnutls_free (cert_ret[i].data);
+	}
+	gnutls_free (cert_ret);
+
+	if (ret != 0) {
+		gnutls_free (gnutls_cert);
+		return -1;
+	}
+
+	st->type = GNUTLS_CRT_X509;
+	st->cert.x509 = gnutls_cert;
+	st->ncerts = cert_ret_len;
+	st->key.x509 = NULL;
+	st->deinit_all = 1;
+
+	return 0;
+}
+
+static int
+soup_ssl_sign_data (gnutls_session_t session,
+		    gnutls_datum_t * cert,
+		    gnutls_certificate_type_t cert_type,
+		    const gnutls_datum_t *hash_concat,
+		    gnutls_datum_t * signature)
+{
+	SoupSSLCredentials *creds;
+	int ret;
+
+	creds = gnutls_session_get_ptr (session);
+	if (!creds)
+		return -1;
+
+	g_return_val_if_fail (creds->sign_func != NULL, -1);
+	g_return_val_if_fail (cert_type == GNUTLS_CRT_X509, -1);
+
+	ret = creds->sign_func (cert, hash_concat, signature,
+				creds->auth_data);
+
+	return ret;
+}
+
+void
+soup_gnutls_set_callbacks (SoupSSLCredentials *creds,
+			   SoupGnuTLSCertificateRequestFunc cert_func,
+			   SoupGnuTLSSignDataFunc sign_func,
+			   gpointer user_data)
+{
+	creds->cert_func = cert_func;
+	creds->sign_func = sign_func;
+	creds->auth_data = user_data;
+
+	if (cert_func)
+		gnutls_certificate_client_set_retrieve_function (creds->creds, soup_ssl_retrieve_cert);
+
+	if (sign_func)
+		gnutls_certificate_client_set_sign_function (creds->creds, soup_ssl_sign_data);
+}
+#endif /* HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION */
+
+ /**
+  * soup_ssl_get_client_credentials:
+  * @ca_file: path to a file containing X509-encoded Certificate
+Index: libsoup/soup-session.c
+===================================================================
+--- libsoup/soup-session.c	(revision 924)
+++ libsoup/soup-session.c	(working copy)
+@@ -89,6 +89,8 @@
+ enum {
+ 	AUTHENTICATE,
+ 	REAUTHENTICATE,
+	CERTIFICATE_REQUESTED,
+	SIGN_DATA,
+ 	LAST_SIGNAL
+ };
+ 
+@@ -292,6 +294,35 @@
+ 			      G_TYPE_POINTER,
+ 			      G_TYPE_POINTER);
+ 
+	/* This signal is not part of SoupSession's public API, and
+	 * *will* disappear without warning in the future.
+	 */
+	signals[CERTIFICATE_REQUESTED] =
+		g_signal_new ("certificate-requested",
+			      G_OBJECT_CLASS_TYPE (object_class),
+			      G_SIGNAL_RUN_LAST,
+			      0, NULL, NULL,
+			      soup_marshal_INT__POINTER_INT_POINTER_POINTER,
+			      G_TYPE_INT, 4,
+			      G_TYPE_POINTER,
+			      G_TYPE_INT,
+			      G_TYPE_POINTER,
+			      G_TYPE_POINTER);
+
+	/* This signal is not part of SoupSession's public API, and
+	 * *will* disappear without warning in the future.
+	 */
+	signals[SIGN_DATA] =
+		g_signal_new ("sign-data",
+			      G_OBJECT_CLASS_TYPE (object_class),
+			      G_SIGNAL_RUN_LAST,
+			      0, NULL, NULL,
+			      soup_marshal_INT__POINTER_POINTER_POINTER,
+			      G_TYPE_INT, 3,
+			      G_TYPE_POINTER,
+			      G_TYPE_POINTER,
+			      G_TYPE_POINTER);
+
+ 	/* properties */
+ 	g_object_class_install_property (
+ 		object_class, PROP_PROXY_URI,
+@@ -550,6 +581,46 @@
+ 	return strcmp (one->host, two->host) == 0;
+ }
+ 
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+static int
+soup_session_ssl_certificate_requested (const gnutls_datum_t *req_ca_rdn,
+					int nreqs,
+					gnutls_datum_t **cert_ret,
+					int *cert_ret_len,
+					gpointer user_data)
+{
+	SoupSession *session = user_data;
+	int ret = 0;
+
+	g_return_val_if_fail (SOUP_IS_SESSION (user_data), -1);
+
+	g_signal_emit (session, signals[CERTIFICATE_REQUESTED], 0,
+		       req_ca_rdn, nreqs,
+		       cert_ret, cert_ret_len,
+		       &ret);
+
+	return ret;
+}
+
+static int
+soup_session_ssl_sign_data (gnutls_datum_t *cert_der,
+			    const gnutls_datum_t *hash_data,
+			    gnutls_datum_t *sign_data,
+			    gpointer user_data)
+{
+	SoupSession *session = user_data;
+	int ret = 0;
+
+	g_return_val_if_fail (SOUP_IS_SESSION (user_data), -1);
+
+	g_signal_emit (session, signals[SIGN_DATA], 0,
+		       cert_der, hash_data, sign_data,
+		       &ret);
+
+	return ret;
+}
+#endif
+
+ static SoupSessionHost *
+ soup_session_host_new (SoupSession *session, const SoupUri *source_uri)
+ {
+@@ -563,6 +634,12 @@
+ 	    !priv->ssl_creds) {
+ 		priv->ssl_creds =
+ 			soup_ssl_get_client_credentials (priv->ssl_ca_file);
+#ifdef HAVE_GNUTLS_CERTIFICATE_CLIENT_SET_SIGN_FUNCTION
+		soup_gnutls_set_callbacks (priv->ssl_creds,
+					   soup_session_ssl_certificate_requested,
+					   soup_session_ssl_sign_data,
+					   session);
+#endif
+ 	}
+ 
+ 	return host;
+Index: libsoup/soup-marshal.list
+===================================================================
+--- libsoup/soup-marshal.list	(revision 924)
+++ libsoup/soup-marshal.list	(working copy)
+@@ -2,3 +2,5 @@
+ NONE:INT
+ NONE:OBJECT
+ NONE:OBJECT,STRING,STRING,POINTER,POINTER
+INT:POINTER,INT,POINTER,POINTER
+INT:POINTER,POINTER,POINTER
--- a/libsoup.changes
+++ b/libsoup.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Aug  6 19:55:21 CEST 2007 - jberkman@novell.com
+
+- export new smartcard functionality from gnutls for evo-exchange (gnome bug
+  #334021)
+
 -------------------------------------------------------------------
 Mon Feb 19 14:47:15 CST 2007 - maw@suse.de

--- a/libsoup.spec
+++ b/libsoup.spec
@ -14,13 +14,15 @@ Name:           libsoup
 BuildRequires:  glib2-devel gnutls-devel gtk-doc libxml2-devel
 # We do not need these dependencies needed only for tests.
 #BuildRequires:  apache2-mod_php5 php5-xmlrpc
-License:        GNU Library General Public License v. 2.0 and 2.1 (LGPL)
+License:        LGPL v2 or later
 Group:          Development/Libraries/GNOME
 Autoreqprov:    on
 Summary:        Simple Object Access Protocol (SOAP)
 Version:        2.2.100
-Release:        1
+Release:        32
 Source:         ftp://ftp.gnome.org/pub/GNOME/stable/sources/libsoup/2.2/%{name}-%{version}.tar.bz2
+Patch1:         libsoup-2.2.100-r924.patch
+Patch2:         libsoup-334021.patch
 URL:            http://www.gnome.org
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

@ -52,7 +54,7 @@ Authors:
 %package devel
 Summary:        Include Files and Libraries mandatory for Development.
 Group:          Development/Libraries/GNOME
-Requires:       %{name} = %{version} glib2-devel gnutls-devel
+Requires:       %{name} = %{version} glib2-devel gnutls-devel libxml2-devel

 %description devel
 Soup is a SOAP (Simple Object Access Protocol) implementation in C. It
@ -100,6 +102,8 @@ Authors:

 %prep
 %setup -q
+%patch1 -p1
+%patch2 -p0

 %build
 %configure\
@ -120,7 +124,7 @@ rm -rf $RPM_BUILD_ROOT

 %files
 %defattr(-,root,root)
-%doc README COPYING ChangeLog NEWS AUTHORS INSTALL
+%doc README COPYING ChangeLog NEWS AUTHORS
 %{_libdir}/*.so.*

 %files devel
@ -135,6 +139,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/gtk-doc/html/libsoup

 %changelog
+* Mon Aug 06 2007 - jberkman@novell.com
+- export new smartcard functionality from gnutls for evo-exchange (gnome bug
+  [#334021])
 * Mon Feb 19 2007 - maw@suse.de
 - Update to version 2.2.100
 - Remove header-parsing.patch which is now upstream.