Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to check the correct
latest stable verison.
Before the patch:
$ devtool latest-version xmlsec1
INFO: Current version: 1.3.7
INFO: Latest version:
After the patch:
$ devtool latest-version xmlsec1
INFO: Current version: 1.3.7
INFO: Latest version: 1.3.9
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix do_package_qa error by removing ${RECIPE_SYSROOT} from the installed xmlsec1-gnutls.pc file.
This ensures the generated .pc file does not leak build-time paths, complying with QA checks.
Fixes QA error:
ERROR: xmlsec1-1.3.7-r0.wr2500 do_package_qa: QA Issue: File /usr/lib/pkgconfig/xmlsec1-gnutls.pc in package xmlsec1-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This ensures that we do not have to do the toggling from
releases to old-release in LTS release branches
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Jiaying Song <jiaying.song.cn@windriver.com>
Changelog:
============
-(xmlsec-openssl) Support cert dates before unix epoch start.
-(xmlsec-openssl) Fix build for LibreSSL or BoringSSL.
-(xmlsec-nss) Ensure NSS algorithms are initialized.
-Several other small fixes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-nss-nspr-fix-for-multilib.patch
change-finding-path-of-nss.patch
ensure-search-path-non-host.patch
fix-ltmain.sh.patch
refreshed for 1.3.3
Changelog
========
-Disabled KeyValue and DEREncodedKeyValue XML nodes by default. Use the
'--enabled-key-data' option for the xmlsec command line utility or update
the 'keyInfoCtx->enabledKeyData' parameter if you need to re-enable these
nodes (also see question 3.5 in the FAQ).
-Removed '--enable-size-t' ('size_t' for MSVC builds) option and made
'xmlSecSize' to always be the same as 'size_t'.
-Removed previously deprecated functions, defines, etc.
-Fixed build for libxml2 v2.12.0.
-Removed support for OpenSSL 1.1.0 (end of life in Aug 2016).
The minimum OpenSSL supported version is 1.1.1; the version 3.0.0 or greater is recommended.
-Added runtime check for the enabled algorithms in NSS.
-Removed NT4 support.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is a typo when compared to examples/Makefile check target
Fixes
Failed ptests:
{'xmlsec1': ['verify-keys-manager']}
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog;
Fixed two regressions from 1.2.36 release: issue #437 and issue #449.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
makefile-ptest.patch
xmlsec1-examples-allow-build-in-separate-dir.patch
refreshed for new version.
Changelog:
===========
Retired the XMLSec mailing list "xmlsec@aleksey.com" and the XMLSec Online Signature Verifier.
Migration to OpenSSL 3.0 API (based on PR by @snargit). Note that OpenSSL engines are disabled by default when XMLSec library is compiled against OpenSSL 3.0. To re-enable OpenSSL engines, use "--enable-openssl3-engines" configure flag (there will be a lot of deprecation warnings).
The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now deprecated and will be removed in the future versions of XMLSec Library.
Refactored all the integer casts to ensure cast-safety. Fixed all warnings and enabled "-Werror" and "-pedantic" flags on CI builds.
Added configure flag to use size_t for xmlSecSize (currently disabled by default for backward compatibility).
Moved all CI builds to GitHub actions.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The configure script contains hardcoded lookup paths to /usr and other
paths that might interfere with the host. These are overwritten with the
staging dir locations for Poky compatibility.
Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In case PACKAGECONFIG[nss] is not set, in case system includes
nss or nspr, it will still try to compile using system libraries.
To avoid that, this change explicitely uses --with-nss=no and
--with-nspr=no so configure does not try to find those libraries
if they are disabled.
Signed-off-by: Jose Dapena Paz <jdapena@igalia.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
With previous change of nss/nspr in this recipe, multilib build
failure at do_configure.
Fix it by not using hardcoded /lib/.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* the --with-nspr/--with-nss should be just ${prefix} as mentioned in:
https://www.aleksey.com/pipermail/xmlsec/2005/007172.html
remove the change-finding-path-of-nss.patch parts handling nspr and
handling incorrect --with-nspr/--with-nss value in the recipe missing
"/usr" prefix
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is not a security tool, it is a support library that
is needed for vgauth in open-vm-tools and can also be used
by libreoffice.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
