git: ff87b2584732 - main - security/shibboleth-sp: Reintroduce direct dependencies to silent Q/A.
Palle Girgensohn
girgen at FreeBSD.org
Fri Apr 23 19:04:48 UTC 2021
The branch main has been updated by girgen:
URL: https://cgit.FreeBSD.org/ports/commit/?id=ff87b258473211ee848d3aba7bea1246fcf44f3c
commit ff87b258473211ee848d3aba7bea1246fcf44f3c
Author: Palle Girgensohn <girgen at FreeBSD.org>
AuthorDate: 2021-04-23 16:42:28 +0000
Commit: Palle Girgensohn <girgen at FreeBSD.org>
CommitDate: 2021-04-23 19:04:42 +0000
security/shibboleth-sp: Reintroduce direct dependencies to silent Q/A.
The dependencies where previously added indirectly through the
dependency chain via opensaml, bust the Q/A disapproved of that.
Add patch to check for missing DataSealer during cookie recovery.
---
security/shibboleth-sp/Makefile | 14 +++++++---
...atch-shibsp_impl_StorageServiceSessionCache.cpp | 31 ++++++++++++++++++++++
2 files changed, 42 insertions(+), 3 deletions(-)
diff --git a/security/shibboleth-sp/Makefile b/security/shibboleth-sp/Makefile
index 35d763f065d2..1fe26dee2eaa 100644
--- a/security/shibboleth-sp/Makefile
+++ b/security/shibboleth-sp/Makefile
@@ -2,6 +2,7 @@
PORTNAME= shibboleth-sp
PORTVERSION= 3.2.1
+PORTREVISION= 1
CATEGORIES= security www
MASTER_SITES= http://shibboleth.net/downloads/service-provider/${PORTVERSION}/
@@ -11,9 +12,16 @@ COMMENT= C++ Shibboleth Service Provider (Internet2) for Apache
LICENSE= APACHE20
BUILD_DEPENDS= boost-libs>=0:devel/boost-libs
-LIB_DEPENDS= libsaml.so:security/opensaml
-
-USES= gmake tar:bzip2 cpe pkgconfig libtool
+LIB_DEPENDS= libsaml.so:security/opensaml \
+ liblog4shib.so:devel/log4shib \
+ libxerces-c-3.2.so:textproc/xerces-c3 \
+ libxml-security-c.so:security/apache-xml-security-c \
+ libxmltooling.so:devel/xmltooling \
+ libapr-1.so:devel/apr1 \
+ libgdbm.so:databases/gdbm \
+ libexpat.so:textproc/expat2
+
+USES= gmake tar:bzip2 cpe pkgconfig libtool bdb
GNU_CONFIGURE= yes
MAKE_ENV= NOKEYGEN=YES
USE_LDCONFIG= yes
diff --git a/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp b/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp
new file mode 100644
index 000000000000..7cb55f5f16d5
--- /dev/null
+++ b/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp
@@ -0,0 +1,31 @@
+From 5a47c3b9378f4c49392dd4d15189b70956f9f2ec Mon Sep 17 00:00:00 2001
+From: Scott Cantor <cantor.2 at osu.edu>
+Date: Thu, 22 Apr 2021 15:58:43 -0400
+Subject: [PATCH] SSPCPP-927 - Check for missing DataSealer during cookie recovery
+
+https://issues.shibboleth.net/jira/browse/SSPCPP-927
+
+--- shibsp/impl/StorageServiceSessionCache.cpp.orig 2020-12-07 20:51:12.000000000 +0000
++++ shibsp/impl/StorageServiceSessionCache.cpp 2021-04-23 16:17:00.398821000 +0000
+@@ -1148,6 +1148,12 @@
+ else {
+ // We're out of process, so we can recover the session.
+ #ifndef SHIBSP_LITE
++ const DataSealer* sealer = XMLToolingConfig::getConfig().getDataSealer();
++ if (!sealer) {
++ m_log.warn("can't attempt recovery of session (%s), no DataSealer configured", key);
++ return false;
++ }
++
+ m_log.debug("checking for revocation of session (%s)", key);
+ try {
+ if (m_storage_lite->readString("Revoked", key) > 0) {
+@@ -1174,7 +1180,7 @@
+ try {
+ dup = strdup(data);
+ XMLToolingConfig::getConfig().getURLEncoder()->decode(dup);
+- unwrapped = XMLToolingConfig::getConfig().getDataSealer()->unwrap(dup);
++ unwrapped = sealer->unwrap(dup);
+ free(dup);
+
+ stringstream str(unwrapped);
More information about the dev-commits-ports-all
mailing list