[shibboleth-sp2] 06/23: Remove legacy xmlsec support.

Ferenc Wágner wferi at moszumanska.debian.org
Wed Feb 21 10:57:06 UTC 2018 

This is an automated email from the git hooks/post-receive script.

wferi pushed a commit to branch master
in repository shibboleth-sp2.

commit e90dd8be44287d414d1fac0bc7a075c6b49f9bcf
Author: Scott Cantor <cantor.2 at osu.edu>
Date:   Mon Nov 27 17:29:14 2017 -0500

    Remove legacy xmlsec support.
---
 config_win32.h                     |  7 -------
 configure.ac                       | 10 +++-------
 shibsp/config_pub.h.in             |  3 ---
 shibsp/config_pub_win32.h          |  7 -------
 shibsp/impl/XMLServiceProvider.cpp |  8 --------
 5 files changed, 3 insertions(+), 32 deletions(-)

diff --git a/config_win32.h b/config_win32.h
index d8f8700..1797405 100644
--- a/config_win32.h
+++ b/config_win32.h
@@ -60,13 +60,6 @@
 /* Define if you have POSIX threads libraries and header files. */
 /* #undef HAVE_PTHREAD */
 
-#ifndef SHIBSP_LITE
-# include <xsec/framework/XSECDefs.hpp>
-# if (_XSEC_VERSION_FULL >= 10600)
-#  define SHIBSP_XMLSEC_WHITELISTING 1
-# endif
-#endif
-
 /* Define to 1 if you have the <stdint.h> header file. */
 /* #undef HAVE_STDINT_H */
 
diff --git a/configure.ac b/configure.ac
index f99d718..ac7fd9c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -264,22 +264,18 @@ AC_CHECK_HEADER([xsec/utils/XSECPlatformUtils.hpp],,AC_MSG_ERROR([unable to find
 AC_MSG_CHECKING([XML-Security-C version])
 AC_PREPROC_IFELSE(
     [AC_LANG_PROGRAM([#include <xsec/utils/XSECPlatformUtils.hpp>],
-    [#if XSEC_VERSION_MAJOR > 1 || (XSEC_VERSION_MAJOR == 1 && XSEC_VERSION_MEDIUM > 3)
+    [#if XSEC_VERSION_MAJOR >= 2
 int i = 0;
 #else
-#error need version 1.4.0 or later
+#error need version 2.0.0 or later
 #endif])],
     [AC_MSG_RESULT(OK)],
-    [AC_MSG_FAILURE([XML-Security-C version 1.4.0 or greater is required.])])
+    [AC_MSG_FAILURE([XML-Security version 2.0.0 or greater is required.])])
 AC_LINK_IFELSE(
     [AC_LANG_PROGRAM([[#include <xsec/utils/XSECPlatformUtils.hpp>]],
         [[XSECPlatformUtils::Initialise()]])],,
     [AC_MSG_ERROR([unable to link with XML-Security])])
 
-AC_MSG_CHECKING([whether XML-Security-C supports white/blacklisting of algorithms])
-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <xsec/framework/XSECAlgorithmMapper.hpp>]], [[XSECAlgorithmMapper* mapper; mapper->whitelistAlgorithm(NULL);]])],[AC_MSG_RESULT([yes])
-      AC_DEFINE([SHIBSP_XMLSEC_WHITELISTING],[1],[Define to 1 if XML-Security-C supports white/blacklisting algorithms.])],[AC_MSG_RESULT([no])])
-
 # restore master libs
 LIBS="$save_LIBS"
 
diff --git a/shibsp/config_pub.h.in b/shibsp/config_pub.h.in
index dd4f242..80ee999 100644
--- a/shibsp/config_pub.h.in
+++ b/shibsp/config_pub.h.in
@@ -16,8 +16,5 @@
 /* Define to 1 if log4shib library is used. */
 #undef SHIBSP_LOG4SHIB
 
-/* Define to 1 if XML-Security-C supports white/blacklisting algorithms. */
-#undef SHIBSP_XMLSEC_WHITELISTING
-
 /* Define to 1 if you have the <sys/socket.h> header file. */
 #undef SHIBSP_HAVE_SYS_SOCKET_H
diff --git a/shibsp/config_pub_win32.h b/shibsp/config_pub_win32.h
index 16afa67..d8c83ad 100644
--- a/shibsp/config_pub_win32.h
+++ b/shibsp/config_pub_win32.h
@@ -35,10 +35,3 @@
 
 /* Define to 1 if log4shib library is used. */
 #define SHIBSP_LOG4SHIB 1
-
-#ifndef XMLTOOLING_NO_XMLSEC
-# include <xsec/framework/XSECDefs.hpp>
-# if (_XSEC_VERSION_FULL >= 10600)
-#  define SHIBSP_XMLSEC_WHITELISTING 1
-# endif
-#endif
diff --git a/shibsp/impl/XMLServiceProvider.cpp b/shibsp/impl/XMLServiceProvider.cpp
index b47c1e7..b48f1c5 100644
--- a/shibsp/impl/XMLServiceProvider.cpp
+++ b/shibsp/impl/XMLServiceProvider.cpp
@@ -2155,19 +2155,14 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, XMLConfig* outer,
 
     if (first) {
         if (!m_policy->getAlgorithmWhitelist().empty()) {
-#ifdef SHIBSP_XMLSEC_WHITELISTING
             for (vector<xstring>::const_iterator white = m_policy->getAlgorithmWhitelist().begin();
                     white != m_policy->getAlgorithmWhitelist().end(); ++white) {
                 XSECPlatformUtils::whitelistAlgorithm(white->c_str());
                 auto_ptr_char whitelog(white->c_str());
                 log.info("explicitly whitelisting security algorithm (%s)", whitelog.get());
             }
-#else
-            log.crit("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists");
-#endif
         }
         else if (!m_policy->getDefaultAlgorithmBlacklist().empty() || !m_policy->getAlgorithmBlacklist().empty()) {
-#ifdef SHIBSP_XMLSEC_WHITELISTING
             for (vector<xstring>::const_iterator black = m_policy->getDefaultAlgorithmBlacklist().begin();
                     black != m_policy->getDefaultAlgorithmBlacklist().end(); ++black) {
                 XSECPlatformUtils::blacklistAlgorithm(black->c_str());
@@ -2180,9 +2175,6 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, XMLConfig* outer,
                 auto_ptr_char blacklog(black->c_str());
                 log.info("explicitly blacklisting security algorithm (%s)", blacklog.get());
             }
-#else
-            log.crit("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists");
-#endif
         }
     }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git

More information about the Pkg-shibboleth-devel mailing list