diff --git a/0001-Fix-compilation-with-xmlsec-1.3.patch b/0001-Fix-compilation-with-xmlsec-1.3.patch deleted file mode 100644 index 46582ec..0000000 --- a/0001-Fix-compilation-with-xmlsec-1.3.patch +++ /dev/null @@ -1,202 +0,0 @@ -From 3e9549fbbf3de4db6d7aa74466d6070dcd715d9a Mon Sep 17 00:00:00 2001 -From: Mattias Ellert -Date: Tue, 25 Apr 2023 16:36:22 +0200 -Subject: [PATCH 1/2] Fix compilation with xmlsec 1.3 - ---- - src/hed/libs/xmlsec/XmlSecUtils.cpp | 23 ++++++++++--- - src/hed/libs/xmlsec/saml_util.cpp | 51 ++++++++++++++++------------- - 2 files changed, 47 insertions(+), 27 deletions(-) - -diff --git a/src/hed/libs/xmlsec/XmlSecUtils.cpp b/src/hed/libs/xmlsec/XmlSecUtils.cpp -index 58512dd1e..f64fdb5d0 100644 ---- a/src/hed/libs/xmlsec/XmlSecUtils.cpp -+++ b/src/hed/libs/xmlsec/XmlSecUtils.cpp -@@ -19,6 +19,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -36,6 +37,15 @@ - - #include "XmlSecUtils.h" - -+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 2 ) || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR == 2 && XMLSEC_VERSION_SUBMINOR < 35 ) -+static int -+xmlSecBase64Decode_ex(const xmlChar* str, xmlSecByte* out, xmlSecSize outSize, xmlSecSize* outWritten) { -+ int rc = xmlSecBase64Decode(str, out, outSize); -+ if (outWritten) *outWritten = (rc < 0) ? 0 : rc; -+ return (rc < 0) ? rc : 0; -+} -+#endif -+ - namespace Arc { - - int passphrase_callback(char* buf, int size, int /* rwflag */, void *) { -@@ -79,6 +89,10 @@ bool init_xmlsec(void) { - * xmlsec-crypto library. - */ - #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING -+#ifndef XMLSEC_CRYPTO -+ // XMLSEC_CRYPTO macro removed in xmlsec1 1.3.0 (deprecated in 1.2.21) -+#define XMLSEC_CRYPTO (xmlSecGetDefaultCrypto()) -+#endif - if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { - std::cerr<<"Unable to load default xmlsec-crypto library. Make sure" - "that you have it installed and check shared libraries path" -@@ -168,7 +182,7 @@ xmlSecKey* get_key_from_keystr(const std::string& value) {//, const bool usage) - (xmlSecKeyDataFormat)0 - }; - -- int rc; -+ xmlSecSize len; - - //We need to remove the "BEGIN RSA PRIVATE KEY" and "END RSA PRIVATE KEY" - //if they exit in the input parameter -@@ -191,14 +205,13 @@ xmlSecKey* get_key_from_keystr(const std::string& value) {//, const bool usage) - xmlSecByte* tmp_str = new xmlSecByte[v.size()]; - memset(tmp_str,0,v.size()); - -- rc = xmlSecBase64Decode((const xmlChar*)(v.c_str()), tmp_str, v.size()); -- if (rc < 0) { -+ if (xmlSecBase64Decode_ex((const xmlChar*)(v.c_str()), tmp_str, v.size(), &len) < 0) { - //bad base-64 - memcpy(tmp_str,v.c_str(),v.size()); -- rc = v.size(); -+ len = v.size(); - } - for (int i=0; key_formats[i] && key == NULL; i++) { -- key = xmlSecCryptoAppKeyLoadMemory(tmp_str, rc, key_formats[i], NULL, NULL, NULL); -+ key = xmlSecCryptoAppKeyLoadMemory(tmp_str, len, key_formats[i], NULL, NULL, NULL); - } - delete[] tmp_str; - xmlSecErrorsDefaultCallbackEnableOutput(TRUE); -diff --git a/src/hed/libs/xmlsec/saml_util.cpp b/src/hed/libs/xmlsec/saml_util.cpp -index 98d4d48a8..c92205aca 100644 ---- a/src/hed/libs/xmlsec/saml_util.cpp -+++ b/src/hed/libs/xmlsec/saml_util.cpp -@@ -22,6 +22,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -34,6 +35,15 @@ - #include "XmlSecUtils.h" - #include "saml_util.h" - -+#if XMLSEC_VERSION_MAJOR < 1 || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR < 2 ) || ( XMLSEC_VERSION_MAJOR == 1 && XMLSEC_VERSION_MINOR == 2 && XMLSEC_VERSION_SUBMINOR < 35 ) -+static int -+xmlSecBase64Decode_ex(const xmlChar* str, xmlSecByte* out, xmlSecSize outSize, xmlSecSize* outWritten) { -+ int rc = xmlSecBase64Decode(str, out, outSize); -+ if (outWritten) *outWritten = (rc < 0) ? 0 : rc; -+ return (rc < 0) ? rc : 0; -+} -+#endif -+ - namespace Arc { - - std::string SignQuery(std::string query, SignatureMethod sign_method, std::string& privkey_file) { -@@ -152,8 +162,7 @@ namespace Arc { - std::string sig_alg = str0.substr(f+8); - - int key_size; -- RSA *rsa = NULL; -- DSA *dsa = NULL; -+ EVP_PKEY *pKey = NULL; - char* usig_alg = NULL; - usig_alg = xmlURIUnescapeString(sig_alg.c_str(), 0, NULL); - -@@ -161,22 +170,22 @@ namespace Arc { - if (sender_public_key->value->id != xmlSecOpenSSLKeyDataRsaId) { - xmlFree(usig_alg); return false; - } -- rsa = xmlSecOpenSSLKeyDataRsaGetRsa(sender_public_key->value); -- if (rsa == NULL) { -+ pKey = xmlSecOpenSSLKeyDataRsaGetEvp(sender_public_key->value); -+ if (pKey == NULL) { - xmlFree(usig_alg); return false; - } -- key_size = RSA_size(rsa); -- } -+ key_size = EVP_PKEY_size(pKey); -+ } - else if (strcmp(usig_alg, (char*)xmlSecHrefDsaSha1) == 0) { - if (sender_public_key->value->id != xmlSecOpenSSLKeyDataDsaId) { - xmlFree(usig_alg); return false; - } -- dsa = xmlSecOpenSSLKeyDataDsaGetDsa(sender_public_key->value); -- if (dsa == NULL) { -+ pKey = xmlSecOpenSSLKeyDataDsaGetEvp(sender_public_key->value); -+ if (pKey == NULL) { - xmlFree(usig_alg); return false; - } -- key_size = DSA_size(dsa); -- } -+ key_size = EVP_PKEY_size(pKey); -+ } - else { - xmlFree(usig_alg); - return false; -@@ -192,7 +201,7 @@ namespace Arc { - signature = (unsigned char*)(xmlMalloc(key_size+1)); - b64_signature = (char*)xmlURIUnescapeString(sig_str.c_str(), 0, NULL); - -- xmlSecBase64Decode((xmlChar*)b64_signature, signature, key_size+1); -+ xmlSecBase64Decode_ex((xmlChar*)b64_signature, signature, key_size+1, NULL); - - /* compute signature digest */ - xmlChar* md; -@@ -208,14 +217,12 @@ namespace Arc { - - int status = 0; - -- if (rsa) { -- status = RSA_verify(NID_sha1, (unsigned char*)digest, 20, signature, key_size, rsa); -- } -- else if (dsa) { -- status = DSA_verify(NID_sha1, (unsigned char*)digest, 20, signature, key_size, dsa); -- } -+ EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pKey, NULL); -+ EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha1()); -+ status = EVP_PKEY_verify(ctx, signature, key_size, (unsigned char*)digest, 20); -+ EVP_PKEY_CTX_free(ctx); - -- if (status == 0) { -+ if (status <= 0) { - std::cout<<"Signature of the query is not valid"<= 0) b64 = true; -+ int r = xmlSecBase64Decode_ex((xmlChar*)(msg.c_str()), (xmlChar*)str, msg.length(), NULL); -+ if (r == 0) b64 = true; - else { - free(str); - str = (char*)(msg.c_str()); --- -2.40.1 - diff --git a/0002-Fix-test-failure-with-xmlsec-1.3.patch b/0002-Fix-test-failure-with-xmlsec-1.3.patch deleted file mode 100644 index 6e99da5..0000000 --- a/0002-Fix-test-failure-with-xmlsec-1.3.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 7b75fe4fd0b4b9d9f0d9b66fee6c21c599b80621 Mon Sep 17 00:00:00 2001 -From: Mattias Ellert -Date: Thu, 4 May 2023 10:53:51 +0200 -Subject: [PATCH 2/2] Fix test failure with xmlsec 1.3 - ---- - src/hed/libs/ws-security/X509Token.cpp | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/src/hed/libs/ws-security/X509Token.cpp b/src/hed/libs/ws-security/X509Token.cpp -index 788307720..47f922356 100644 ---- a/src/hed/libs/ws-security/X509Token.cpp -+++ b/src/hed/libs/ws-security/X509Token.cpp -@@ -162,6 +162,11 @@ X509Token::X509Token(SOAPEnvelope& soap, const std::string& keyfile) : SOAPEnvel - return; - } - -+#ifdef XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH -+ encCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH; -+ encCtx->keyInfoWriteCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH; -+#endif -+ - // Decrypt the soap body - xmlSecBufferPtr decrypted_buf; - decrypted_buf = xmlSecEncCtxDecryptToBuffer(encCtx, todecrypt_nd); -@@ -460,6 +465,11 @@ X509Token::X509Token(SOAPEnvelope& soap, const std::string& certfile, const std: - return; - } - -+#ifdef XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH -+ encCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH; -+ encCtx->keyInfoWriteCtx.flags |= XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH; -+#endif -+ - // Generate a Triple DES key - encCtx->encKey = xmlSecKeyGenerate(xmlSecKeyDataDesId, 192, xmlSecKeyDataTypeSession); - if(encCtx->encKey == NULL) { --- -2.40.1 - diff --git a/nordugrid-arc-py-compile.patch b/nordugrid-arc-py-compile.patch deleted file mode 100644 index 3cb9f64..0000000 --- a/nordugrid-arc-py-compile.patch +++ /dev/null @@ -1,62 +0,0 @@ -diff -ur nordugrid-arc-6.17.0.orig/py-compile nordugrid-arc-6.17.0/py-compile ---- nordugrid-arc-6.17.0.orig/py-compile 2022-11-23 12:26:08.817498199 +0100 -+++ nordugrid-arc-6.17.0/py-compile 2023-07-11 16:40:37.105143725 +0200 -@@ -115,8 +115,27 @@ - filetrans="filepath = os.path.normpath('$destdir' + os.sep + path)" - fi - -+python_major=`$PYTHON -V 2>&1 | sed -e 's/.* //;s/\..*$//;1q'` -+if test -z "$python_major"; then -+ echo "$me: could not determine $PYTHON major version, guessing 3" >&2 -+ python_major=3 -+fi -+ -+# The old way to import libraries was deprecated. -+if test "$python_major" -le 2; then -+ import_lib=imp -+ import_test="hasattr(imp, 'get_tag')" -+ import_call=imp.cache_from_source -+ import_arg2=', False' # needed in one call and not the other -+else -+ import_lib=importlib -+ import_test="hasattr(sys.implementation, 'cache_tag')" -+ import_call=importlib.util.cache_from_source -+ import_arg2= -+fi -+ - $PYTHON -c " --import sys, os, py_compile, imp -+import sys, os, py_compile, $import_lib - - files = '''$files''' - -@@ -129,15 +148,15 @@ - continue - sys.stdout.write(file) - sys.stdout.flush() -- if hasattr(imp, 'get_tag'): -- py_compile.compile(filepath, imp.cache_from_source(filepath), path) -+ if $import_test: -+ py_compile.compile(filepath, $import_call(filepath), path) - else: - py_compile.compile(filepath, filepath + 'c', path) - sys.stdout.write('\n')" || exit $? - - # this will fail for python < 1.5, but that doesn't matter ... - $PYTHON -O -c " --import sys, os, py_compile, imp -+import sys, os, py_compile, $import_lib - - # pypy does not use .pyo optimization - if hasattr(sys, 'pypy_translation_info'): -@@ -153,8 +172,8 @@ - continue - sys.stdout.write(file) - sys.stdout.flush() -- if hasattr(imp, 'get_tag'): -- py_compile.compile(filepath, imp.cache_from_source(filepath, False), path) -+ if $import_test: -+ py_compile.compile(filepath, $import_call(filepath$import_arg2), path) - else: - py_compile.compile(filepath, filepath + 'o', path) - sys.stdout.write('\n')" 2>/dev/null || : diff --git a/nordugrid-arc.spec b/nordugrid-arc.spec index 8ec1729..5fc2bd0 100644 --- a/nordugrid-arc.spec +++ b/nordugrid-arc.spec @@ -45,18 +45,15 @@ %global _bashcompdir %(pkg-config --variable=completionsdir bash-completion 2>/dev/null || echo %{_sysconfdir}/bash_completion.d) Name: nordugrid-arc -Version: 6.17.0 -Release: 6%{?dist} +Version: 6.18.0 +Release: 1%{?dist} Summary: Advanced Resource Connector Middleware -License: ASL 2.0 +# Apache-2.0: most files +# CPL-1.0: src/services/acix/core/hashes.py +# MIT: src/external/cJSON/cJSON.c src/external/cJSON/cJSON.h +License: Apache-2.0 AND CPL-1.0 AND MIT URL: http://www.nordugrid.org/ Source: http://download.nordugrid.org/packages/%{name}/releases/%{version}/src/%{name}-%{version}.tar.gz -# Adapt to xmlsec1 1.3.0 -# https://source.coderefinery.org/nordugrid/arc/-/merge_requests/1602 -Patch0: 0001-Fix-compilation-with-xmlsec-1.3.patch -Patch1: 0002-Fix-test-failure-with-xmlsec-1.3.patch -# Update py-compile script for Python 3.12 -Patch2: %{name}-py-compile.patch # Packages dropped without replacements Obsoletes: %{name}-chelonia < 2.0.0 @@ -83,6 +80,9 @@ Obsoletes: %{name}-acix-index < %{version}-%{release} Obsoletes: %{name}-acix-cache < 6.0.0 %endif +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool BuildRequires: make BuildRequires: gcc-c++ BuildRequires: cppunit-devel @@ -92,7 +92,7 @@ BuildRequires: systemd BuildRequires: systemd-devel %endif BuildRequires: libuuid-devel -BuildRequires: gettext +BuildRequires: gettext-devel %if %{with_python2} BuildRequires: python2-devel %endif @@ -802,9 +802,6 @@ management features on the worker nodes (WN). %prep %setup -q -%patch -P 0 -p1 -%patch -P 1 -p1 -%patch -P 2 -p1 %build if pkg-config --atleast-version 2.6 sigc++-2.0 ; then @@ -814,6 +811,7 @@ if pkg-config --atleast-version 2.6 sigc++-2.0 ; then fi fi +autoreconf -v -f -i %configure --disable-static \ %if ! %{with_acix} --disable-acix \ @@ -1762,6 +1760,11 @@ fi %attr(4755,root,root) %{_bindir}/arc-job-cgroup %changelog +* Wed Oct 25 2023 Mattias Ellert - 6.18.0-1 +- Update to version 6.18.0 +- Run autoreconf during build (following upstream) +- Drop xmlsec related patches accepted upstream + * Thu Jul 20 2023 Fedora Release Engineering - 6.17.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild diff --git a/sources b/sources index 0ebf304..625119e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (nordugrid-arc-6.17.0.tar.gz) = 63d9157f4ac21bbb632ecda1ed1faf7afd57545c02d935a960a36f80bafe34856a42af91c0e091da280d9b8426865795a7abd608ddbac7357aef1c490c425ab6 +SHA512 (nordugrid-arc-6.18.0.tar.gz) = 9b609a1c86c2b66e8cfe643e2af1fa158dc552585695fe0430e52881a1136b78da18841301d2f34a8df81990619a5942355cb048f10fbc7074af1c1c2ecbf366