Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync master branch with upstream #5

Merged
merged 362 commits into from
Aug 21, 2024
Merged

Sync master branch with upstream #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
362 commits
Select commit Hold shift + click to select a range
58e9706
Memcheck test tweaks and update headers (#448)
lsh123 Nov 27, 2022
3336ab5
fix missing returns and full audit for all errors (issue #449) (#450)
lsh123 Nov 28, 2022
d8e57a7
update docs
lsh123 Nov 28, 2022
50a74bb
add xmlsec-1_2_x branch to github workflows
lsh123 Nov 28, 2022
1219d41
add xmlsec-1_2_x branch to github workflows
lsh123 Nov 28, 2022
f4fa094
update docs (#453)
lsh123 Nov 28, 2022
701fb64
make pedantic default; add gcc flags to avoid undefined behaiviour (#…
lsh123 Nov 30, 2022
5a16c8b
update readme for openssl3
lsh123 Dec 8, 2022
c5469cf
fix libressl (#456)
lsh123 Dec 12, 2022
2f9010b
Update weak test rsa keys (#458)
lsh123 Dec 13, 2022
bf30bcd
update rsa key and tests (#459)
lsh123 Dec 13, 2022
fd87b54
add css folder
lsh123 Dec 18, 2022
ad26433
Enable templatized output filename (#462)
lsh123 Jan 6, 2023
763ba2d
xmldsigverify: Include xmlsec/parser.h (#463)
kraj Jan 20, 2023
34c9df7
Ensure 'make check' works correctly when dynamic crypto loading is di…
lsh123 Jan 30, 2023
a215c39
ensure linking against GCrypt libraries for xmlsec-gnutls (#468)
lsh123 Jan 30, 2023
f3bb6c2
Re-encode the p12 keys with new algorithms to make it work with newer…
lsh123 Jan 30, 2023
15a4877
refactor openssl rsa signatures to prepare for support of RSS-PSS pad…
lsh123 Feb 1, 2023
86bb03b
Support for OpenSSL RSA PSS SHA* signatures (#472)
lsh123 Feb 1, 2023
c11143c
Support RSA PSS SHA* for xmlsec-mscng (#473)
lsh123 Feb 2, 2023
40abe44
Implement RSA-PSS-SHA* for NSS (#474)
lsh123 Feb 2, 2023
856e1df
Implement RSA-PSS-SHA* for xmlsec-gcrypt and xmlsec-gnutls (#475)
lsh123 Feb 2, 2023
8cd0f9b
Implement RSA-PKCS1.5 key transport for xmlsec-gcrypt and xmlsec-gnut…
lsh123 Feb 3, 2023
b1e722b
Implemented RSA-OAEP for xmlsec-gcrypt and xmlsec-gnutls (#477)
lsh123 Feb 3, 2023
8c74580
Implement ecdsa keys for gcrypt (#479)
lsh123 Feb 4, 2023
bac561f
Implement DSA using gnutls directly without gcrypt (#480)
lsh123 Feb 6, 2023
b8217d9
Implement native RSA PKCS1.5 for GnuTLS (#481)
lsh123 Feb 6, 2023
d61229d
Implement native digests for GnuTLS (#482)
lsh123 Feb 6, 2023
03c1dfd
Implement HMAC natively on GnuTLS
lsh123 Feb 6, 2023
acfd85c
Centralize hmac code for writing and verifying results (#483)
lsh123 Feb 6, 2023
3f1e660
update docs (#484)
lsh123 Feb 6, 2023
bd84cb4
Convert ciphers to native gnutls implementation (#485)
lsh123 Feb 6, 2023
aeef3fe
Implement native GnuTLS AES and DES KW transforms (#486)
lsh123 Feb 6, 2023
613b4fd
Removed GCrypt dependency for xmlsec-gnutls (#487)
lsh123 Feb 7, 2023
2101478
Update docs (#488)
lsh123 Feb 7, 2023
9de03b0
Enable gcrypt / gnutls builds (#489)
lsh123 Feb 7, 2023
ac98700
Implement ECDSA on GnuTLS, added more tests, and fixed ECDSA GCrypt b…
lsh123 Feb 7, 2023
79089bc
Implemented AES GCM on GnuTLS (#491)
lsh123 Feb 7, 2023
7074330
update xmldsig interop report
lsh123 Feb 7, 2023
c699c73
update XML Enc
lsh123 Feb 7, 2023
d136ea2
update downloads and news
lsh123 Feb 7, 2023
48cf4d8
update readme files
lsh123 Feb 7, 2023
05d22b7
Xmlenc11 interop tests (#494)
lsh123 Feb 7, 2023
0be8521
Added xmldsig11 interop (#495)
lsh123 Feb 8, 2023
c46cf4c
Fail tests on low success rate (#496)
lsh123 Feb 8, 2023
4265ea2
remove skeleton app -- stale code tends to go bad (#497)
lsh123 Feb 8, 2023
1b9de4f
Implements AES GCM on NSS, refactor GnuTLS AES GCM/CBC, and update ke…
lsh123 Feb 8, 2023
913f353
Enable reading PEM/DER keys for GnuTLS (#499)
lsh123 Feb 8, 2023
8a69d39
adding tests for reading keys from various file formats (#503)
lsh123 Feb 8, 2023
b98be50
Restore RIPEMD160 and update docs (#507)
lsh123 Feb 9, 2023
5629c7e
Fix most of the gcrypt errors for xmldsig11-interop (#508)
lsh123 Feb 9, 2023
42e07c2
Implement the DSA-SHA256 signatures for GnuTLS and fix it for OpenSSL…
lsh123 Feb 9, 2023
e6507a2
implement pkcs8 for gnutls (#510)
lsh123 Feb 10, 2023
6e0649b
fix windows static library build (#511)
hannesmahringer Feb 10, 2023
7d34e77
Add static win builds (#512)
lsh123 Feb 11, 2023
ebf21d2
xmlenc11 derivedkey and concatkdf implementation (core + openssl) (#513)
lsh123 Feb 11, 2023
aa98f93
Implement ECKeyValue for OpenSSL, rename KeyValueEcdsa->KeyValueEc ev…
lsh123 Feb 13, 2023
7705f29
implement eckeyvalue for GnuTLS (#518)
lsh123 Feb 13, 2023
524a0bb
Implement ECKeyValue for NSS (#519)
lsh123 Feb 13, 2023
fd2e135
Implement ECKeyValue for gcrypt (#520)
lsh123 Feb 14, 2023
c2aaf89
Implement ECKeyValue for mscng (#521)
lsh123 Feb 14, 2023
39b42e9
Rename KeyDataEcdsa -> KeyDataEc (#522)
lsh123 Feb 14, 2023
a9936c3
Implemented ECDH Key AgreementMethod for OpenSSL (#523)
lsh123 Feb 15, 2023
ee42998
update docs
lsh123 Feb 15, 2023
2a77f51
Implement PBKDF2 for OpenSSL (#525)
lsh123 Feb 16, 2023
799288f
implement pbdkf2 for gnutls (#526)
lsh123 Feb 16, 2023
abf168b
bump gnutls to 3.6.13
lsh123 Feb 16, 2023
9312291
Implement PBKDF2 for NSS (#527)
lsh123 Feb 16, 2023
fb4bba6
Fix macosx actions (#529)
lsh123 Feb 16, 2023
9dab9ca
Refactor PBKDF2 implementations for simplicity
lsh123 Feb 16, 2023
c078831
fix build
lsh123 Feb 16, 2023
08052fd
fix build
lsh123 Feb 16, 2023
69a8a89
pbkdf2 framework
lsh123 Feb 16, 2023
2daff0e
implement pbkdf2
lsh123 Feb 17, 2023
1618819
updated docs
lsh123 Feb 17, 2023
fc328cc
Implement ConcatKDF for MSCNG (#531)
lsh123 Feb 18, 2023
c13f37e
Fix ecdh key selection (#532)
lsh123 Feb 20, 2023
9dbb9ff
Implement ECDH for MSCng (#533)
lsh123 Feb 21, 2023
23c1269
Implemented ECDSA with Ripemd160 for OpenSSL (#534)
lsh123 Feb 22, 2023
cd7c52b
Implement SHA3 digests, ECDSA-SHA3 signatures, and RSA-PSS-SHA3 signa…
lsh123 Feb 22, 2023
766cd38
Add SHA3 and ECDSA-SHA3 supprot for GnuTLS (#537)
lsh123 Feb 22, 2023
e6155a3
Implement SHA3, ECDSA-SHA3, RSA-PSS-SHA3 for GCrypt (#538)
lsh123 Feb 22, 2023
af94761
Implement KeyInfoReference element (#539)
lsh123 Feb 23, 2023
0f4dc3a
Added support for DEREncodedKeyValue to OpenSSL (#540)
lsh123 Feb 23, 2023
8059cd2
Added support for DEREncodedValue for GnuTLS (#542)
lsh123 Feb 23, 2023
2f61c64
Implement DEREncodedKeyValue for NSS (#543)
lsh123 Feb 23, 2023
fa284d6
Implement DEREncodedKeyValue for MSCng (#544)
lsh123 Feb 23, 2023
28156c0
Fix x509data->keyCert when loading a key from a cert (#546)
lsh123 Feb 23, 2023
af97768
DH-ES implementation for OpenSSL (#547)
lsh123 Feb 24, 2023
b16f456
Openssl x509digest support (#548)
lsh123 Feb 25, 2023
dc7571d
OpenSSL: fix memory leak in PBKDF (#550)
lsh123 Feb 25, 2023
bf10869
Implement X509Digest for NSS; add --exact-key-search option for xmlse…
lsh123 Feb 25, 2023
4c91a34
Change key search to the 'strict' mode (only use keys directly refere…
lsh123 Feb 26, 2023
7f35411
fix memory leak in nss der encoded keys
lsh123 Feb 26, 2023
fc5b9ba
Implement X509Digest for GnuTLS (#553)
lsh123 Feb 26, 2023
6e19707
Adding more tests for ECDH, ConcatKDF, PBKDF2, ... (#554)
lsh123 Feb 26, 2023
a48a3f1
Ensure key cert is written to XML first
lsh123 Feb 27, 2023
31c6114
Implement X509Digest for MSCng (SHA1 only) + more tests (#557)
lsh123 Feb 27, 2023
3065355
Change semantic of AdoptKeyCert to automatically add the key cert to …
lsh123 Feb 27, 2023
8bf4939
Fix build (#560)
lsh123 Feb 28, 2023
3b98102
change keyCert for mscng; enable memcheck for win (#561)
lsh123 Feb 28, 2023
e6ab5c8
Fix gnutls memleak (#563)
lsh123 Feb 28, 2023
d35cc8d
Trim the dsig:KeyName content (#565)
lsh123 Mar 1, 2023
7846b47
xmlsec-openssl: added support for loading private keys through ossl-s…
lsh123 Mar 1, 2023
5e06ee0
Migrate OpenSSL 3.x to use EVP_signatures (ECDSA for OpenSSL 1.1.x st…
lsh123 Mar 1, 2023
e47ea70
Added --pubkey-openssl-engine and --pubkey-openssl-store command lin…
lsh123 Mar 2, 2023
90c7adc
Automatically set key name from PKCS12 name (openssl, gnutls, nss, ms…
lsh123 Mar 2, 2023
905ea45
Added --transform-binary-chunk-size and fixed all issues with small c…
lsh123 Mar 3, 2023
40ad102
Refactor block cipher implementation on mscng (split cbc and gcm); fi…
lsh123 Mar 3, 2023
31d4d5e
fix mingw build (#574)
lsh123 Mar 3, 2023
440d54d
Fix ecdsa-ripemd160 href (#575)
lsh123 Mar 3, 2023
75931a2
Refactor OpenSSL certs verification; add ability to load CRLs into th…
lsh123 Mar 4, 2023
25a46d7
Added options to enable/disable local files, HTTP, and FTP support. F…
lsh123 Mar 4, 2023
1213647
Implement CRLs loading for GnuTLS; fix CRLs checks for GnuTLS and Ope…
lsh123 Mar 4, 2023
ad7827b
Added support for loading CRLs into NSS keys manager (#580)
lsh123 Mar 4, 2023
15542de
Implement keys verification in OpenSSL (issue #558) (#581)
lsh123 Mar 5, 2023
440a6ab
Don't base CRL validity on last/next update timestamps and use cert r…
lsh123 Mar 6, 2023
045c12f
xmlsec-openssl: check if key matches key cert when loading from memor…
lsh123 Mar 6, 2023
565fb59
Update docs for release (#589)
lsh123 Mar 7, 2023
23d8a8b
Fix errors reported by coverity scan (#590)
lsh123 Mar 7, 2023
8e286f7
Remove exports from private functions (#591)
lsh123 Mar 7, 2023
fb0b516
Docs update (#592)
lsh123 Mar 7, 2023
697deec
Update readme and add missed file (#594)
lsh123 Mar 7, 2023
443a28b
Win64 binaries (#596)
lsh123 Mar 7, 2023
686026b
Fix nss certificate search (#597)
lsh123 Mar 8, 2023
1f50c1a
xmlsec-nss: ensure that private keys are loaded with certificate; opt…
lsh123 Mar 9, 2023
fea1538
Simpify code that ensures the key cert is the first one (#599)
lsh123 Mar 9, 2023
2cfeca7
Added failure reason to xmlSecDSigCtx and --verbose option to the xml…
lsh123 Mar 10, 2023
4f85f95
Deduplicate certs in key data; do not write X509Data children if temp…
lsh123 Mar 10, 2023
ddba5b9
Added encrypt/decrypt failure reason (#605)
lsh123 Mar 10, 2023
a8fed76
Fix enc failure reason (#608)
lsh123 Mar 11, 2023
f432bb7
xmlsec-nss: enable self signed certs (#609)
lsh123 Mar 11, 2023
83c1b0b
Update docs (#611)
lsh123 Mar 21, 2023
fa96c5b
Fix build script (#613)
lsh123 Mar 21, 2023
e1b4507
Fix minor coverity errors (unreachable code, comparison always true, …
lsh123 Mar 21, 2023
e541849
Fix gcrypt ECDSA-SHA384 by avoiding leading zeros with %M (issue #504…
lsh123 Mar 22, 2023
9634992
Support broken Java signatures (issue #228) (#617)
lsh123 Mar 24, 2023
21f92d6
xmlsec-mscng: support broken Java signatures (issue #228) (#618)
lsh123 Mar 24, 2023
9b193c0
Enable MD5 for OpenSSL cert verification (#620)
lsh123 Apr 11, 2023
1aebc93
Update docs (#621)
lsh123 Apr 12, 2023
a2dcc19
Update release date (#622)
lsh123 Apr 12, 2023
7c904cb
Update README.md (#624)
lsh123 Apr 12, 2023
7296990
Update to 1.3.1 (#625)
lsh123 Apr 12, 2023
0682c1d
Add newline (#628)
lsh123 Apr 13, 2023
a2c8cad
Fix prototype (#629)
lsh123 Apr 13, 2023
0fc9283
Force brew paths on macosx (#630)
lsh123 Apr 13, 2023
8ec82ae
xmlsec-openssl: fix GOST (#633)
lsh123 Apr 19, 2023
47aa1fa
Fix examples (#635)
lsh123 Apr 19, 2023
b7407da
Detect clang to set compiler flags correctly (#637)
lsh123 Apr 25, 2023
f4533f7
remove CertCloseStore flags from one function (#639)
postboy Apr 26, 2023
d124f0b
fix CRL_CONTEXT leak (#640)
postboy Apr 26, 2023
3a5cd27
fix leaks in *AdoptCrl functions for WinAPI (#641)
postboy Apr 26, 2023
ea77f8e
xmlsec-mscrypto: fix CRL_CONTEXT leaks from EnumCrl (#644)
postboy Apr 26, 2023
64f81b2
Bump min NSS to 3.52 (#646)
lsh123 Apr 26, 2023
8cc25bb
xmlsec-mscrypto/mscng: fix leaks in *StoreAdoptCert, fix CERT_CONTEXT…
postboy Apr 26, 2023
6f6f43d
xmlsec-mscng: fix CERT_CONTEXT leaks (#647)
postboy Apr 26, 2023
9a9b54d
xmlsec-mscrypto: fix CERT_CONTEXT leaks (#643)
postboy Apr 26, 2023
86a1208
xmlsec-mscrypto/mscng: fix CERT_CONTEXT leaks (#648)
postboy Apr 27, 2023
eb2a2ab
xmlsec-mscrypto: remove CERT_CLOSE_STORE_FORCE_FLAG (#649)
postboy Apr 27, 2023
269c51c
Switch to macos-13 for github actions (#651)
lsh123 May 4, 2023
4c75002
Added --with-libltdl option (#653)
lsh123 May 5, 2023
dfdf981
openssl_compat.h: Update LibreSSL UI_null() compat (#654)
orbea May 30, 2023
fb58825
Remove usage of CERT_CLOSE_STORE_CHECK_FLAG in non-debug builds (#657)
lsh123 May 30, 2023
fd7baf0
Fix base64 for large files (issue #655) (#656)
lsh123 May 30, 2023
2b6c732
Update docs for 1.3.1 release (#658)
lsh123 May 31, 2023
aeb6095
configure: Fix AC_LANG_PROGRAM macro usage (#661)
BobIsOnFire May 31, 2023
2d12ad6
configure: Switch to OPENSSL_init_crypto in test program (#662)
BobIsOnFire Jun 1, 2023
00434e6
Restore support for NSS 3.35 or above (#664)
lsh123 Jun 2, 2023
1ee1754
Fix Libressl support and bump min version to 3.6 (issue #665) (#666)
lsh123 Jun 3, 2023
c9b0dcd
Downgrade to LibreSSL 3.5 (#667)
lsh123 Jun 3, 2023
3b67fdb
Final docs update for 1.3.1 (#660)
lsh123 Jun 3, 2023
7d1dda2
Use OpenSSL3 functions to get key size (#677)
lsh123 Jun 24, 2023
512442e
Force static linking for libraries when --enable-static-linking is sp…
lsh123 Jun 25, 2023
fa101b8
Bump version to 1.3.2 (#681)
lsh123 Jun 25, 2023
11763d0
Add Static MinGW build and move mscrypto down in the default libray s…
lsh123 Jun 25, 2023
3425bdb
Fix serializing non-UTF-8 encoded XML data
hendrikdonner Jun 27, 2023
95b9c3a
Switch away from deprecated LibXML2 API (#686)
lsh123 Jul 4, 2023
1f2d229
Add test for content encryption with non-utf8 encoding (#688)
lsh123 Jul 5, 2023
c5dabbf
Workaround broken 'brew update' (#689)
lsh123 Jul 5, 2023
1f858af
Fix missing libltdl and disabled md5 (#690)
lsh123 Jul 5, 2023
83f00f5
(xmlsec-gnutls) Added support for GOST 2001 keys, digests, and signat…
lsh123 Jul 11, 2023
1f099db
(xmlsec-gnutls) Added support for GOST 2012 (#693)
lsh123 Jul 11, 2023
a2b10f4
(xmlsec-nss) Added support for reading PEM certificates (#694)
lsh123 Jul 12, 2023
6e1c100
(xmlsec-nss) Added a check to ensure that the key certificate matches…
lsh123 Jul 13, 2023
7884d21
(xmlsec-gnutls) Added a check to ensure that the key certificat match…
lsh123 Jul 13, 2023
a1f8dfd
(MSVC build) Added 'ftp' and 'http' options to control FTP and HTTP s…
lsh123 Jul 13, 2023
e1ee54e
(xmlsec-gnutls) Added support for xmlsec command line tool '--verify-…
lsh123 Jul 14, 2023
737de36
(xmlsec-nss) Added support for xmlsec command line tool '--verify-key…
lsh123 Jul 17, 2023
2a7a203
(xmlsec-mscng, xmlsec-mscrypto) Cleaned up includes and replaced wind…
lsh123 Jul 18, 2023
8689a89
(xmlsec-mscng) Added support for xmlsec command line tool '--verify-k…
lsh123 Jul 18, 2023
0b6f4f4
(xmlsec command line tool) Added option to control the base64 encodi…
lsh123 Aug 25, 2023
66910c1
Add fingerprint for signatures (#709)
lsh123 Oct 22, 2023
6c6c56e
Update release notes for 1.3.2 release (#710)
lsh123 Oct 22, 2023
9b08217
fix typo in docs (#711)
lsh123 Oct 22, 2023
641b8f4
Add foolproof protections to ensure test scripts are not used standal…
lsh123 Oct 30, 2023
9a4403e
Bump version to 1.3.3; update docs (#717)
lsh123 Oct 30, 2023
611c3c3
(msvc build) Enable msvc builds with multiple crypto libraries (#718)
lsh123 Oct 31, 2023
1a49032
(xmlsec-core) Removed '--enable-size-t' ('size_t' for MSVC builds) op…
lsh123 Oct 31, 2023
114f580
(xmlsec-core) Removed previously deprecated functions, defines, etc. …
lsh123 Oct 31, 2023
d162517
(xmlsec-openssl) Removed support for OpenSSL 1.1.0 (#721)
lsh123 Oct 31, 2023
b34c3bf
(xmlsec-mscrypto) Removed NT4 support. (#722)
lsh123 Nov 1, 2023
f2f173f
(xmlsec-core) Disabled KeyValue and DEREncodedKeyValue data by defaul…
lsh123 Nov 2, 2023
2763eae
Update FAQ page, regenerate API docs, minor updates to other pages (#…
lsh123 Nov 2, 2023
325132b
Fix missed docs/css folder in tar release (#727)
lsh123 Nov 7, 2023
ffb3273
Fix libxml2 v2.12.0 includes (#729)
lsh123 Nov 20, 2023
8fc21b2
(xmlsec-nss) Added runtime check for the enabled algorithms in NSS (i…
lsh123 Dec 21, 2023
f44dab7
Added legacy 1.2.39 release to docs (#740)
lsh123 Dec 21, 2023
bb9185d
(xmlsec-nss) Disable NSS policies in tests (#744)
lsh123 Dec 21, 2023
5a90d96
(xmlsec-nss) Init secitem to avoid debug asserts (#743)
lsh123 Dec 21, 2023
46c01ed
Prepare for xmlsec 1.3.3 release (#745)
lsh123 Dec 22, 2023
95ba31b
fix html in docs and add second tag for releases (#746)
lsh123 Dec 22, 2023
3265f3b
Address minor issues reported by coverity scan
lsh123 Dec 24, 2023
80c3027
Fix build script and docs (#749)
lsh123 Jan 4, 2024
42503e3
Migrate windows build to use the windows xmlsec release archive (#751)
lsh123 Jan 4, 2024
6ec8dd4
Cleanup windows actions (#753)
lsh123 Jan 4, 2024
356fdcf
(xmlsec-nss) Ensure NSS algorithms are initialized (#754)
lsh123 Jan 13, 2024
8262167
Fix typo with xmlSecKeyDataEcGetKlass in app.h include (#755)
ayakael Jan 14, 2024
de5251a
configure.ac: fix the build with slibtool (#756)
orbea Jan 31, 2024
5843d34
Fix -OutFile param (#757)
lsh123 Jan 31, 2024
8976168
Fix date (#760)
lsh123 Feb 13, 2024
d706d58
(xmlsec-openssl) Support cert dates before unix epoch start (#767)
lsh123 Mar 8, 2024
67778c3
Fix gnutls error code check; don't autoupdate for brew install (#772)
lsh123 Mar 27, 2024
bf4a1bb
Prepare for xmlsec 1.3.4 release (#771)
lsh123 Mar 27, 2024
8e1f115
Update to version 1.3.4 (#773)
lsh123 Mar 27, 2024
3d55f9e
Bump version to 1.3.5 (#778)
lsh123 Apr 9, 2024
39a45da
(xmlsec-all) Add configure options to disable RSA-PKCS#1.5 and RSA-O…
lsh123 Apr 13, 2024
d12e5db
Create SECURITY.md (#782)
lsh123 Apr 15, 2024
c4fb6ae
(xmlsec-core) Replace old LibXML2 functions with newer versions (#785)
lsh123 May 4, 2024
34ed489
(xmlsec-gcrypt) Fix memory leak in xmlSecGCryptAsymKeyDataAdoptKey (#…
lsh123 May 13, 2024
cc0bb74
(xmlsec-tests) Ensure tests can run with -jN (#789)
lsh123 May 13, 2024
bfebe70
(xmlsec-mingw) Fix build and tests (#791)
lsh123 May 15, 2024
c866f7f
Update README.md (#793)
lsh123 May 16, 2024
243afff
(xmlsec-gcrypt) Fix double free in xmlSecGCryptAsymKeyDataGenerate (#…
lsh123 May 17, 2024
548c71e
(xmlsec-core) Fix deprecated functions in LibXML2 2.13.1 including di…
lsh123 Jun 29, 2024
ea542d2
(xmlsec-openssl) Fix memory leak if file doesn't exist (#803)
lsh123 Jul 1, 2024
2387bf6
Fix test on macosx (#804)
lsh123 Jul 2, 2024
8e821f9
(xmlsec-core) Remove 'const struct' to avoid problems with some compi…
lsh123 Jul 9, 2024
fc12a6b
Revert "(xmlsec-core) Remove 'const struct' to avoid problems with so…
lsh123 Jul 9, 2024
b916c00
Update SECURITY.md (#809)
lsh123 Jul 10, 2024
8fc175e
Fix test typo (#810)
lsh123 Jul 11, 2024
a91ece7
Update docs for 1.2.40 release (#815)
lsh123 Jul 11, 2024
c1f4524
Update copyright (#817)
lsh123 Jul 12, 2024
9f76374
(xmlsec-mscng, xmlsec-mscrypto, xmlsec-gnutls) Improve cert verificat…
lsh123 Jul 18, 2024
d76b77b
Preparation for xmlsec 1.3.5 (#821)
lsh123 Jul 18, 2024
3e92e7c
Bump version to 1.3.6 release (#826)
lsh123 Jul 18, 2024
cd9609f
(xmlsec-mscng, xmlsec-mscrypto) Support multiple trusted certs with t…
lsh123 Jul 18, 2024
1b01b9a
(xmlsec-openssl) Fix build if OpenSSL 3.0 doesn't have engines (#829)
lsh123 Jul 29, 2024
5e6f3ac
(windows) Disabled iconv support by default (#834)
lsh123 Aug 7, 2024
f0f6088
Switch to "-latest" versions of runners (#836)
lsh123 Aug 7, 2024
7c58ec7
Update SECURITY.md (#838)
lsh123 Aug 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
261 changes: 207 additions & 54 deletions .github/workflows/make-check.yml
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,13 @@ name: Make Check

on:
push:
branches: [ master ]
branches:
- master
- xmlsec-1_2_x
pull_request:
branches: [ master ]
branches:
- master
- xmlsec-1_2_x

jobs:
check-ubuntu:
Expand All @@ -13,54 +17,124 @@ jobs:
fail-fast: false
matrix:
include:
- static_linking: true
- static_linking: false
- config_flags:
- config_flags: --enable-static --enable-static-linking --disable-openssl3-engines --without-nss --without-gcrypt --without-gnutls
- config_flags: --enable-static --enable-static-linking --enable-ftp --enable-md5 --enable-gost --enable-gost2012 --without-openssl --without-nss --without-gcrypt
steps:
- name: install dependencies
run: |
sudo apt update
sudo apt install automake autoconf libtool libtool-bin libltdl-dev libltdl7
sudo apt install libxml2 libxml2-dev libxslt1.1 libxslt1-dev
sudo apt install libssl1.0.0 libssl-dev libnspr4 libnspr4-dev libnss3 libnss3-dev libnss3-tools libgcrypt20 libgcrypt20-dev libgnutls28-dev
sudo apt install libssl1.1 libssl-dev libnspr4 libnspr4-dev libnss3 libnss3-dev libnss3-tools libgcrypt20 libgcrypt20-dev libgnutls28-dev
- uses: actions/checkout@v2
- run: mkdir build
- name: create-build-dirs
run: |
mkdir build.dir install.dir
- name: configure
working-directory: build
run: ../autogen.sh --enable-werror --enable-static-linking=${{ matrix.static_linking }}
working-directory: build.dir
run: |
../autogen.sh --prefix=${GITHUB_WORKSPACE}/install.dir --enable-werror --enable-pedantic ${{ matrix.config_flags }}
- name: make
working-directory: build
run: make
working-directory: build.dir
run: |
make
- name: make check
working-directory: build
run: make check

working-directory: build.dir
run: |
make check
- name: make install
working-directory: build.dir
run: |
make install

check-ubuntu-openssl-111:
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
include:
- config_flags:
- config_flags: --enable-static-linking=yes --without-nss --without-gcrypt --without-gnutls
steps:
- name: install dependencies
run: |
sudo apt update
sudo apt install automake autoconf libtool libtool-bin libltdl-dev libltdl7
sudo apt install libxml2 libxml2-dev libxslt1.1 libxslt1-dev
sudo apt install wget
- uses: actions/checkout@v2
- name: create-build-dirs
run: |
mkdir build.dir install.dir
- name: configure
working-directory: build.dir
run: |
export LD_LIBRARY_PATH="/usr/local/openssl3/lib:/usr/local/openssl3/lib64:$LD_LIBRARY_PATH"
../autogen.sh --prefix=${GITHUB_WORKSPACE}/install.dir --enable-werror --enable-pedantic ${{ matrix.config_flags }}
- name: make
working-directory: build.dir
run: |
make
- name: make check
working-directory: build.dir
run: |
export LD_LIBRARY_PATH="/usr/local/openssl3/lib:/usr/local/openssl3/lib64:$LD_LIBRARY_PATH"
make check
- name: make install
working-directory: build.dir
run: |
make install

check-osx:
runs-on: macos-latest
strategy:
fail-fast: false
matrix:
include:
- static_linking: true
- static_linking: false
- config_flags:
steps:
- name: Set up Homebrew
id: set-up-homebrew
uses: Homebrew/actions/setup-homebrew@master
- name: install dependencies
run: |
brew update
brew install automake autoconf libtool
# brew install libxml2 libxslt
brew install openssl nspr nss libgcrypt gnutls
HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install automake autoconf pkg-config libtool
HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install libxml2 libxslt
HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install openssl nspr nss libgcrypt gnutls
- uses: actions/checkout@v2
- run: mkdir build
- name: create-build-dirs
run: |
mkdir build.dir install.dir
- name: configure
working-directory: build
run: ../autogen.sh --enable-werror --enable-static-linking=${{ matrix.static_linking }}
working-directory: build.dir
run: |
../autogen.sh --prefix=${GITHUB_WORKSPACE}/install.dir --enable-werror --enable-pedantic \
--with-openssl=`brew --prefix openssl` \
--with-nspr=`brew --prefix nspr` \
--with-nss=`brew --prefix nss` \
--with-gcrypt=`brew --prefix libgcrypt` \
--with-gnutls=`brew --prefix gnutls` \
${{ matrix.config_flags }}
- name: make
working-directory: build
run: make
working-directory: build.dir
run: |
make
- name: make check
working-directory: build
run: make check

working-directory: build.dir
run: |
export PATH=`brew --prefix openssl`/bin:$PATH
export LD_LIBRARY_PATH=`brew --prefix openssl`/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH=`brew --prefix nspr`/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH=`brew --prefix nss`/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH=`brew --prefix libgcrypt`/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH=`brew --prefix gnutls`/lib:$LD_LIBRARY_PATH
make check
- name: make install
working-directory: build.dir
run: |
make install

check-mingw:
runs-on: windows-latest
strategy:
Expand All @@ -69,50 +143,129 @@ jobs:
include:
- msystem: MINGW64
arch: x86_64
unicode: true
static_linking: true
- msystem: MINGW64
arch: x86_64
unicode: true
static_linking: false
- msystem: MINGW64
arch: x86_64
unicode: false
static_linking: true
config_flags: --enable-unicode=yes
- msystem: MINGW64
arch: x86_64
unicode: false
static_linking: false
config_flags: --enable-static --enable-static-linking --enable-unicode=no --enable-md5 --enable-ftp
defaults:
run:
shell: msys2 {0}
shell: msys2 {0}
steps:
- uses: msys2/setup-msys2@v2
with:
msystem: ${{ matrix.msystem }}
release: false
release: false
update: false
install: >-
git
autoconf
automake
base-devel
git
libtool
mingw-w64-${{ matrix.arch }}-toolchain
mingw-w64-${{ matrix.arch }}-libtool
mingw-w64-${{ matrix.arch }}-libxml2
mingw-w64-${{ matrix.arch }}-libxslt
mingw-w64-${{ matrix.arch }}-libltdl
mingw-w64-${{ matrix.arch }}-openssl
mingw-w64-${{ matrix.arch }}-nspr
mingw-w64-${{ matrix.arch }}-nss
mingw-w64-${{ matrix.arch }}-libgcrypt
mingw-w64-${{ matrix.arch }}-gnutls
- run: git config --global core.autocrlf input
- name: configure-git
run: |
git config --global core.autocrlf input
shell: bash
- uses: actions/checkout@v2
- name: create-dirs
run: |
mkdir build.dir install.dir
shell: bash
- uses: actions/checkout@v2
- run: mkdir build
- name: configure
working-directory: build
run: pwd && ../autogen.sh --build="${{ matrix.arch }}-w64-mingw32" --host="${{ matrix.arch }}-w64-mingw32" --enable-unicode=${{ matrix.unicode }} --enable-static-linking=${{ matrix.static_linking }} --enable-mscrypto --enable-mscng
working-directory: build.dir
run: |
../autogen.sh --prefix=`cygpath -u "${GITHUB_WORKSPACE}/install.dir"` --enable-werror --enable-pedantic \
--enable-mscrypto --enable-mscng ${{ matrix.config_flags }} \
--build="${{ matrix.arch }}-w64-mingw32" \
--host="${{ matrix.arch }}-w64-mingw32"
- name: make
working-directory: build
run: make
working-directory: build.dir
run: |
make
- name: make check
working-directory: build
run: make check
working-directory: build.dir
run: |
make check
- name: make install
working-directory: build.dir
run: |
make install

check-msvc:
runs-on: windows-latest
strategy:
fail-fast: false
matrix:
include:
- crypto: mscng
config_flags: unicode=yes with-dl=yes
- crypto: mscng
config_flags: unicode=no with-dl=no static=yes legacy-crypto=yes
- crypto: mscrypto
config_flags: unicode=yes with-dl=yes
- crypto: mscrypto
config_flags: unicode=no with-dl=no static=yes legacy-crypto=yes
- crypto: openssl-300
config_flags: unicode=yes with-dl=yes
- crypto: openssl-300
config_flags: unicode=no with-dl=no static=yes
env:
VISUAL_STUDIO_ROOT: "C:\\Program Files\\Microsoft Visual Studio\\2022\\Enterprise"
INSTALL_FOLDER: c:\install.dir
LIBS_VERSION: 1.3.5
steps:
- name: create-dirs
run: |
mkdir ${{ env.INSTALL_FOLDER }}
- name: install dependencies
shell: pwsh
working-directory: ${{ env.INSTALL_FOLDER }}
env:
LIBS_URL: "https://github.com/lsh123/xmlsec/releases/download/${{ env.LIBS_VERSION }}/xmlsec1-${{ env.LIBS_VERSION }}-win64.zip"
LIBS_FILE: "xmlsec1-${{ env.LIBS_VERSION }}-win64.zip"
run: |
Invoke-WebRequest ${{ env.LIBS_URL }} -OutFile ${{ env.LIBS_FILE }}
Expand-Archive -Path ${{ env.LIBS_FILE }} -DestinationPath "."
- name: configure-git
shell: bash
run: |
git config --global core.autocrlf input
- uses: actions/checkout@v2
- name: configure
working-directory: win32
shell: cmd
run: |
call "${{ env.VISUAL_STUDIO_ROOT }}\VC\Auxiliary\Build\vcvars64.bat"
cscript configure.js pedantic=yes werror=yes static=yes ^
crypto=${{ matrix.crypto }} ${{ matrix.config_flags }} ^
prefix=${{ env.INSTALL_FOLDER }}\xmlsec.build ^
include=${{ env.INSTALL_FOLDER }}\libxml2\include;${{ env.INSTALL_FOLDER }}\libxml2\include\libxml2;${{ env.INSTALL_FOLDER }}\libxslt\include;${{ env.INSTALL_FOLDER }}\openssl\include;%MSSDK_INCLUDE% ^
lib=${{ env.INSTALL_FOLDER }}\libxml2\lib;${{ env.INSTALL_FOLDER }}\libxslt\lib;${{ env.INSTALL_FOLDER }}\openssl\lib;%MSSDK_LIB%
- name: make
working-directory: win32
shell: cmd
run: |
call "${{ env.VISUAL_STUDIO_ROOT }}\VC\Auxiliary\Build\vcvars64.bat"
set PATH=${{ env.INSTALL_FOLDER }}\libxml2\bin;${{ env.INSTALL_FOLDER }}\libxslt\bin;${{ env.INSTALL_FOLDER }}\openssl\bin;%PATH%
nmake
- name: make check
working-directory: win32
shell: cmd
run: |
call "${{ env.VISUAL_STUDIO_ROOT }}\VC\Auxiliary\Build\vcvars64.bat"
set PATH=${{ env.INSTALL_FOLDER }}\libxml2\bin;${{ env.INSTALL_FOLDER }}\libxslt\bin;${{ env.INSTALL_FOLDER }}\openssl\bin;%PATH%
set OPENSSL_MODULES=${{ env.INSTALL_FOLDER }}\lib\ossl-modules
nmake check
- name: make install
working-directory: win32
shell: cmd
run: |
call "${{ env.VISUAL_STUDIO_ROOT }}\VC\Auxiliary\Build\vcvars64.bat"
nmake install
Loading