OBS-URL: https://build.opensuse.org/package/show/LibreOffice:Factory/xmlsec1?expand=0&rev=52

xmlsec1-1.3.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:10f48384d4fd1afc05fea545b74fbf7c152582f0a895c189f164d55270400c63
-size 2432943

xmlsec1.changes

@@ -1,119 +1,3 @@
--------------------------------------------------------------------
-Thu Aug  3 07:40:48 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
-
-- Update to 1.3.1:
-  * core xmlsec and all xmlsec-crypto libraries:
-    + (ABI breaking change) Added support for the KeyInfoReference Element.
-    + (ABI breaking change) Switched xmlSecSize to use size_t by default.
-      Use "--enable-size-t=no" configure option ("size_t=no" on Windows)
-      to restore the old behaviour (note that support for xmlSecSize
-      being different from size_t will be removed in the future).
-    + (API breaking change) Changed the key search to strict mode: only
-      keys referenced by KeyInfo are used. To restore the old "lax" mode,
-      set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx
-      or use '--lax-key-search' option for XMLSec command line utility.
-    + (API breaking change) The KeyName element content is now trimmed
-      before key search is performed.
-    + (API breaking change) Disabled FTP support by default.
-      Use "--enable-ftp" configure option to restore it. Also added
-      "--enable-http" and "--enable-files" configure options to control
-      support for loading files over HTTP or locally.
-    + (API/ABI breaking change) Disabled MD5 digest method by default.
-      Use "--enable-md5" configure options to re-enable MD5.
-    + (ABI breaking change) Added "failureReason" file to xmlSecDSigCtx
-      and xmlEncCtx to provide more granular operation failure reason.
-    + (ABI breaking change) Removed deprecated functions.
-    + Added support for loading keys through ossl-store interface.
-      Also see '--privkey-openssl-store' and '--pubkey-openssl-store '
-      command line options for XMLSec utility.
-    + Added ability to control transforms binary chunk size to improve
-      performance (see '--transform-binary-chunk-size' command line option
-      for XMLSec utility).
-    + Fixed all potentially unsafe integer conversions and all the
-      other warnings.
-    + Added XML Signature 1.1 interop (2012) and XML Encryption 1.1
-      interop (2012) tests.
-  * xmlsec-openssl library:
-    + Added support for SHA3 digests.
-    + Added support for ECDSA-SHA3 signatures.
-    + Added support for RSA PSS signatures (withtout parameters).
-    + Added support for ConcatKDF key and PBKDF2 derivation algorithms.
-    + (ABI breaking change) Added support for ECDH-ES Key Agreement
-      algorithm.
-    + (ABI breaking change) Added support for DH-ES Key Agreement
-      algorithm with explicit KDF.
-    + Added support for MGF1 algorithm to RSA OAEP key transport.
-    + Added support for X509Digest element and ability to lookup keys
-      using other X509Data elements.
-    + Added support for DEREncodedKeyValue element.
-    + Automatically set key name from PKCS12 key name.
-    + Removed support for OpenSSL 1.0.0 and LibreSSL before 2.7.0.
-  * xmlsec-nss library:
-    + Added support for RSA PSS signatures (withtout parameters).
-    + Added support for RSA OAEP key transport including MGF1 algorithms.
-    + Added support for AES GCM ciphers.
-    + Added support for PBKDF2 derivation algorithm.
-    + Added support for X509Digest element and ability to lookup keys
-      using other X509Data elements.
-    + Added support for DEREncodedKeyValue element.
-    + Automatically set key name from PKCS12 key name.
-  * xmlsec-gnutls library:
-    + (API/ABI breaking change) Removed dependency on xmlsec-gcrypt
-      and libgcrypt libraries (including API functions) to enable
-      support for different GnuTLS backends.
-    + Bumped minimal GnuTLS version to 3.6.13.
-    + Added support for SHA3 digests.
-    + Added support for ECDSA signatures.
-    + Added support for DSA-SHA256 signatures.
-    + Added support for RSA PSS signatures (withtout parameters).
-    + Added support for RSA PKCS 1.5 key transport.
-    + Added support for AES GCM ciphers.
-    + Added support for PBKDF2 derivation algorithm.
-    + Added support for X509Digest element and ability to lookup keys
-      using other X509Data elements.
-    + Added support for DEREncodedKeyValue element.
-    + Automatically set key name from PKCS12 key name.
-  * xmlsec-mscng library:
-    + Added support for RSA PSS signatures (withtout parameters).
-    + Added support for MGF1 algorithm to RSA OAEP key transport.
-    + (ABI breaking change) Added support for ECDH-ES Key Agreement algorithm.
-    + Added support for ConcatKDF key and PBKDF2 derivation algorithms.
-    + Added support for X509Digest element for keys and certificates
-      lookup from the system stores (only SHA1 is supported).
-    + Added support for DEREncodedKeyValue element.
-    + Automatically set key name from PKCS12 key name.
-  * xmlsec-gcrypt library:
-    + In maintenance mode starting from this release.
-    + Added support for SHA3 digests.
-    + Added support for ECDSA signatures.
-    + Added support for RSA PSS signatures (withtout parameters).
-    + Added support for RSA PKCS 1.5 key transport.
-    + Added support for RSA OAEP key transport including MGF1 algorithms.
-  * xmlsec command line utility:
-    + (API breaking change) The XMLSec command line utility is using 'strict' key
-      search mode by default. To restore the old 'lax' key search mode,
-      use the new '--lax-key-search' option.
-    + (API breaking change) The XMLSec command line utility is no longer
-      prints detailed errors by default. To restore the detailed errors,
-      use the new '--verbose' option.
-    + Added '--transform-binary-chunk-size' option to control transforms
-      binary chunk size (increasing the chunk size should improve
-      performance at the expense of memory usage.
-    + Added support for loading keys through ossl-store interface.
-      Also see '--privkey-openssl-store' and '--pubkey-openssl-store'
-      command line options for XMLSec utility.
-    + Added '--enabled-key-info-reference-uris' option to control processing of
-      the the KeyInfoReference Element.
-    + Added '--pbkdf2-key' option for loading PBKDF2 keys.
-    + Added '--concatkdf-key' option for loading ConcatKDF keys.
-    + Added '--hmac-min-out-len' option to control the min accepted HMAC Output length.
-    + Added '--pubkey-openssl-engine' option to load public keys from OpenSSL engine.
-    + Added '--crl-pem' and '--crl-der' options to load CRLs.
-    + Added '--verify-keys' option to verify key's certificate before
-      loading into Keys Manager (only supported for OpenSSL currently).
-    + Enabled templatized output filenames to facilitate batch operations on
-      multiple input files.
-
 -------------------------------------------------------------------
 Wed Feb  1 09:23:37 UTC 2023 - Dirk Müller <dmueller@suse.com>
 

xmlsec1.spec

@@ -23,7 +23,7 @@
 %global libgnutls  libxmlsec1-gnutls1
 %global libnss     libxmlsec1-nss1
 Name:           xmlsec1
-Version:        1.3.1
+Version:        1.2.37
 Release:        0
 Summary:        Library providing support for "XML Signature" and "XML Encryption" standards
 License:        MIT
@@ -38,12 +38,12 @@ BuildRequires:  libtool
 # Needed certutil for tests
 BuildRequires:  mozilla-nss-tools
 BuildRequires:  pkgconfig
-BuildRequires:  pkgconfig(gnutls) >= 3.6.13
+BuildRequires:  pkgconfig(gnutls)
 BuildRequires:  pkgconfig(libxml-2.0)
 BuildRequires:  pkgconfig(libxslt)
 BuildRequires:  pkgconfig(nspr)
-BuildRequires:  pkgconfig(nss) >= 3.35
-BuildRequires:  pkgconfig(openssl) >= 1.1.0
+BuildRequires:  pkgconfig(nss)
+BuildRequires:  pkgconfig(openssl)
 Recommends:     %{libopenssl}
 
 %description
@@ -96,7 +96,7 @@ Summary:        Libraries, includes for XML Signatures/Encryption
 Requires:       %{libname} = %{version}
 Requires:       libxml2-devel >= 2.6.0
 Requires:       libxslt-devel >= 1.1.0
-Requires:       openssl-devel >= 1.1.0
+Requires:       openssl-devel >= 0.9.6
 Requires:       pkgconfig(zlib)
 
 %description devel
@@ -124,7 +124,7 @@ Summary:        GNUTls crypto plugin for XML Security Library
 Requires:       %{libgnutls} = %{version}
 Requires:       %{name}-devel = %{version}
 Requires:       %{name}-openssl-devel = %{version}
-Requires:       gnutls-devel >= 3.6.13
+Requires:       gnutls-devel >= 1.0.20
 Requires:       libgcrypt-devel >= 1.2.0
 
 %description gnutls-devel
@@ -135,7 +135,7 @@ Summary:        NSS crypto plugin for XML Security Library
 Requires:       %{libnss} = %{version}
 Requires:       %{name}-devel = %{version}
 Requires:       mozilla-nspr-devel
-Requires:       mozilla-nss-devel >= 3.35
+Requires:       mozilla-nss-devel >= 3.2
 
 %description nss-devel
 Libraries, includes, etc. for developing XML Security applications with NSS.
@@ -148,8 +148,8 @@ Libraries, includes, etc. for developing XML Security applications with NSS.
 
 %build
 # Allow for deprecations
-export CFLAGS="-Wno-error=deprecated-declarations -Wno-error=redundant-decls"
-export CXXFLAGS="-Wno-error=deprecated-declarations -Wno-error=redundant-decls"
+export CFLAGS="-Wno-error=deprecated-declarations -std=c99"
+export CXXFLAGS="-Wno-error=deprecated-declarations"
 %configure \
     --disable-static \
     --disable-silent-rules \