From: sangwan.kwon Date: Thu, 28 Jul 2016 06:17:14 +0000 (+0900) Subject: Merge branch 'upstream' into tizen X-Git-Tag: accepted/tizen/common/20160811.150157~7 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F57%2F81757%2F1;p=platform%2Fupstream%2Fxmlsec1.git Merge branch 'upstream' into tizen Change-Id: Iacc73c9ed5e9cfd188df62c405426bfa89bf4e51 --- 1ca1a139b4c1a00de4d72f64b7411e118111a161 diff --cc src/openssl/x509vfy.c index b5273a4,5560526..155e1ab --- a/src/openssl/x509vfy.c +++ b/src/openssl/x509vfy.c @@@ -329,13 -326,8 +326,12 @@@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyD ret = X509_verify_cert(&xsc); err_cert = X509_STORE_CTX_get_current_cert(&xsc); err = X509_STORE_CTX_get_error(&xsc); - depth = X509_STORE_CTX_get_error_depth(&xsc); X509_STORE_CTX_cleanup (&xsc); + if(ret != 1 && keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN){ + ret = 1; + keyInfoCtx->flags2 |= XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN; + } if(ret == 1) { res = cert; diff --cc src/xmldsig.c index d48a2ca,faf5545..ff340f7 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@@ -36,31 -36,23 +36,35 @@@ * xmlSecDSigCtx * *************************************************************************/ - static int xmlSecDSigCtxProcessSignatureNode (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node); - static int xmlSecDSigCtxProcessSignedInfoNode (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node); - static int xmlSecDSigCtxProcessKeyInfoNode (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node); - static int xmlSecDSigCtxProcessObjectNode (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node); - static int xmlSecDSigCtxProcessManifestNode (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node); - static int xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node, int noHash, void* pList); - static int xmlSecDSigCtxProcessSignedInfoNodeEx (xmlSecDSigCtxPtr dsigCtx, - xmlNodePtr node, int noHash, void* pList); - static int xmlSecDSigReferenceCtxProcessNodeEx (xmlSecDSigReferenceCtxPtr dsigRefCtx, - xmlNodePtr node, int noHash, void* pList); - + static int xmlSecDSigCtxProcessSignatureNode (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr node); + static int xmlSecDSigCtxProcessSignedInfoNode (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr node, + xmlNodePtr * firstReferenceNode); + static int xmlSecDSigCtxProcessKeyInfoNode (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr node); + static int xmlSecDSigCtxProcessObjectNode (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr node); + static int xmlSecDSigCtxProcessManifestNode (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr node); - + static int xmlSecDSigCtxProcessReferences (xmlSecDSigCtxPtr dsigCtx, + xmlNodePtr firstReferenceNode); + ++/* Tizen : Support for various validation mode */ ++static int xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx, ++ xmlNodePtr node, int noHash, void* pList); ++static int xmlSecDSigCtxProcessSignedInfoNodeEx (xmlSecDSigCtxPtr dsigCtx, ++ xmlNodePtr node, int noHash, void* pList); ++static int xmlSecDSigReferenceCtxProcessNodeEx (xmlSecDSigReferenceCtxPtr dsigRefCtx, ++ xmlNodePtr node, int noHash, void* pList); + /* The ID attribute in XMLDSig is 'Id' */ -static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL }; +static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL }; + + +#define _start //xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER," >> start "); +#define _end //xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER," >> end "); +static char logMsg[1024]; /** * xmlSecDSigCtxCreate: