After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 118636 - xmlsec-nss: writing complex X509Data nodes is not supported
xmlsec-nss: writing complex X509Data nodes is not supported
Status: RESOLVED FIXED
Product: xmlsec
Classification: Other
Component: xmlsec-nss
1.1.0
Other Linux
: Normal normal
: ---
Assigned To: Aleksey Sanin
Aleksey Sanin
Depends on: 118633
Blocks:
 
 
Reported: 2003-07-30 03:31 UTC by Aleksey Sanin
Modified: 2010-04-26 21:46 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
the fix for xmlsec-nss (33.13 KB, patch)
2003-08-05 02:48 UTC, Aleksey Sanin
none Details | Review

Description Aleksey Sanin 2003-07-30 03:31:15 UTC
Need to implement support for X509Data node children in the template as it
is done in xmlsec-openssl:

  - Read X509Data node and create a bits mask of its children
  (cert, subject, serial, ski, crl).
  - If mask is 0 (no children) then set cert and crl bits to simulate
  current behaiviour (write certs and crls in empty X509Data node).
  - Remove X509Data node content.
  - Walk thru the list of certificates and write cert and/or subject and/or
  serial and/or ski according to bits mask.
  - If crls bit is set walk thru the list of crls and write them out.
  

I.e., we want support templates like:
Comment 1 Aleksey Sanin 2003-07-30 03:31:50 UTC
Templates like: 

<X509Data>
   <X509SubjectName/>
</X509Data>
Comment 2 Roumen Petrov 2003-07-30 10:36:50 UTC
Implementation should remove X509Data SUBnode only when its content is
white-space string.
Comment 3 Aleksey Sanin 2003-08-05 02:48:00 UTC
Created attachment 18914 [details] [review]
the fix for xmlsec-nss
Comment 4 Aleksey Sanin 2003-08-05 02:49:27 UTC
The fix above does most of the job. The final step requires some
changes in NSS which are tracked in bug #118633. The patch is checked
in the trunk and should be in xmlsec 1.1.1 release.

Checking in ChangeLog;
/cvs/gnome/xmlsec/ChangeLog,v  <--  ChangeLog
new revision: 1.126; previous revision: 1.125
done
Checking in include/xmlsec/Makefile.am;
/cvs/gnome/xmlsec/include/xmlsec/Makefile.am,v  <--  Makefile.am
new revision: 1.35; previous revision: 1.34
done
Checking in include/xmlsec/x509.h;
/cvs/gnome/xmlsec/include/xmlsec/x509.h,v  <--  x509.h
new revision: 1.23; previous revision: 1.22
done
Checking in src/Makefile.am;
/cvs/gnome/xmlsec/src/Makefile.am,v  <--  Makefile.am
new revision: 1.39; previous revision: 1.38
done
Checking in src/x509.c;
/cvs/gnome/xmlsec/src/x509.c,v  <--  x509.c
new revision: 1.23; previous revision: 1.22
done
Checking in src/nss/README;
/cvs/gnome/xmlsec/src/nss/README,v  <--  README
new revision: 1.4; previous revision: 1.3
done
Checking in src/nss/x509.c;
/cvs/gnome/xmlsec/src/nss/x509.c,v  <--  x509.c
new revision: 1.3; previous revision: 1.2
done
Checking in src/openssl/x509.c;
/cvs/gnome/xmlsec/src/openssl/x509.c,v  <--  x509.c
new revision: 1.40; previous revision: 1.39
done
Checking in tests/keys.xml;
/cvs/gnome/xmlsec/tests/keys.xml,v  <--  keys.xml
new revision: 1.170; previous revision: 1.169
done
Checking in win32/Makefile.msvc;
/cvs/gnome/xmlsec/win32/Makefile.msvc,v  <--  Makefile.msvc
new revision: 1.18; previous revision: 1.17
done
Comment 5 Aleksey Sanin 2010-04-26 21:46:35 UTC
fixed