--- rampart-1.3.0.orig/debian/compat +++ rampart-1.3.0/debian/compat @@ -0,0 +1 @@ +7 --- rampart-1.3.0.orig/debian/README.source +++ rampart-1.3.0/debian/README.source @@ -0,0 +1,15 @@ +Patches Description + +01-destdir.patch +Adds $DESTDIR to Makefile + +02-autoconf-quoting.patch +Fixes quotes + +token-processor-segfault.patch +Fixes segfault + + + -- Kyo Lee Wed, 16 Dec 2009 20:50:33 -0800 + + --- rampart-1.3.0.orig/debian/librampart0.install +++ rampart-1.3.0/debian/librampart0.install @@ -0,0 +1,2 @@ +usr/lib/axis2/lib/*.so.* +usr/lib/axis2/modules --- rampart-1.3.0.orig/debian/librampart-doc.docs +++ rampart-1.3.0/debian/librampart-doc.docs @@ -0,0 +1 @@ +debian/tmp/usr/lib/axis2/docs --- rampart-1.3.0.orig/debian/watch +++ rampart-1.3.0/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://archive.apache.org/dist/ws/rampart/c/([\d_]+)/rampartc-src-([\d\.]+)\.tar\.gz \ No newline at end of file --- rampart-1.3.0.orig/debian/control +++ rampart-1.3.0/debian/control @@ -0,0 +1,51 @@ +Source: rampart +Section: libs +Priority: extra +DM-Upload-Allowed: yes +Uploaders: Graziano Obertelli , Chris Grzegorczyk +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Kyo Lee +Build-Depends: cdbs, debhelper (>= 7), autotools-dev, libxml2-dev, libapr1-dev, apache2-threaded-dev, libaxis2c-dev, quilt +Standards-Version: 3.8.3 +Homepage: http://ws.apache.org/rampart/c/ + +Package: librampart0 +Architecture: any +Depends: libaxis2c0 (>= 1.6.0-0ubuntu7), ${shlibs:Depends}, ${misc:Depends} +Description: Apache web services security engine - Runtime + Apache Rampart/C is the security module for Apache Axis2/C. It + features in many ways to protect SOAP messages exchanged. This + includes SOAP message encryption and signature as specified in + WS-Security Specification. In addition Apache Rampart/C + configurations are based on security policy assertions as per + WS-Security Policy specificatoin + . + This package contains the runtime library files. + +Package: librampart-dev +Architecture: any +Section: libdevel +Depends: librampart0 (= ${binary:Version}), ${misc:Depends} +Description: Apache web services security engine - Development + Apache Rampart/C is the security module for Apache Axis2/C. It + features in many ways to protect SOAP messages exchanged. This + includes SOAP message encryption and signature as specified in + WS-Security Specification. In addition Apache Rampart/C + configurations are based on security policy assertions as per + WS-Security Policy specificatoin + . + This package contains the development files. + +Package: librampart-doc +Architecture: any +Section: doc +Depends: librampart0 (= ${binary:Version}), ${misc:Depends} +Description: Apache web services security engine - Documentation + Apache Rampart/C is the security module for Apache Axis2/C. It + features in many ways to protect SOAP messages exchanged. This + includes SOAP message encryption and signature as specified in + WS-Security Specification. In addition Apache Rampart/C + configurations are based on security policy assertions as per + WS-Security Policy specificatoin + . + This package contains the documentation files. --- rampart-1.3.0.orig/debian/changelog +++ rampart-1.3.0/debian/changelog @@ -0,0 +1,80 @@ +rampart (1.3.0-1ubuntu1.1) maverick-security; urgency=low + + * Add debian/patches/xml-security.patch, thanks to Eucalyptus upstream, + to support XML security. + + -- Kees Cook Tue, 26 Apr 2011 15:57:09 -0700 + +rampart (1.3.0-1ubuntu1) maverick; urgency=low + + * Merging with debian unstable (LP: #590268), remaining changes: + - debian/patches + - rampart-memleak.patch: Fix memory leak in rampart where + for every connection receiver_cert is not freed + - debian/rules + - fix shared library installation with symlinks and + moving the .so files into the correct FHS location + + -- Vikram Dhillon Sat, 05 Jun 2010 19:23:24 -0400 + +rampart (1.3.0-1) unstable; urgency=low + + * Build for debian package based largely on Ubuntu package (#561268) + + -- Kyo Lee Wed, 16 Dec 2009 20:50:33 -0800 + +rampart (1.3.0-0ubuntu7) lucid; urgency=low + + * debian/patches/rampart-memleak.patch: Fix memory leak in rampart where + for every connection receiver_cert is not freed (LP: #460085) + + -- Thierry Carrez Mon, 14 Dec 2009 09:09:58 +0100 + +rampart (1.3.0-0ubuntu6) lucid; urgency=low + + * debian/rules: fix shared library installation with symlinks and + moving the .so files into the correct FHS location + + -- Dustin Kirkland Tue, 01 Dec 2009 14:21:35 -0600 + +rampart (1.3.0-0ubuntu5) karmic; urgency=low + + * Depend on newer libaxis2c0 so that /usr/lib/axis2/lib is no longer a + symlink and upgrade from 1.2 is handled in the right order (LP: #426752) + + -- Thierry Carrez Mon, 12 Oct 2009 11:17:02 +0200 + +rampart (1.3.0-0ubuntu4) karmic; urgency=low + + * Also add file symlinks to the axis2 include dir. + + -- Soren Hansen Fri, 11 Sep 2009 00:02:53 +0200 + +rampart (1.3.0-0ubuntu3) karmic; urgency=low + + * Fixed problem where null check was being made but checked variable + was being referenced later, causing a segfault. + + -- Daniel Nurmi Thu, 03 Sep 2009 12:39:37 -0700 + +rampart (1.3.0-0ubuntu2) karmic; urgency=low + + * Consolidate patches (a.k.a. only apply each change once, a.k.a. + don't break the build). + * Use quilt. + + -- Soren Hansen Fri, 28 Aug 2009 23:09:01 +0000 + +rampart (1.3.0-0ubuntu1) karmic; urgency=low + + * New upstream release (FFe: LP: #420644) + * Add symlinks to please projects that expect the native Axis2/C+Rampart + directory layout (we've made it more FHS friendly in Ubuntu). + + -- Soren Hansen Wed, 19 Aug 2009 16:26:34 +0000 + +rampart (1.2.0-0ubuntu1) jaunty; urgency=low + + * Initial release. Big thanks to Michael Vogt for helping with this! + + -- Soren Hansen Wed, 11 Feb 2009 02:41:39 +0200 --- rampart-1.3.0.orig/debian/librampart-dev.install +++ rampart-1.3.0/debian/librampart-dev.install @@ -0,0 +1,3 @@ +usr/lib/axis2/lib/*.so +usr/lib/axis2/include/* usr/include +#usr/lib/axis2/lib/include/* usr/include --- rampart-1.3.0.orig/debian/rules +++ rampart-1.3.0/debian/rules @@ -0,0 +1,22 @@ +#!/usr/bin/make -f + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/rules/patchsys-quilt.mk +include /usr/share/cdbs/1/class/autotools.mk + +export AXIS2C_HOME=/usr/lib/axis2 +DEB_CONFIGURE_EXTRA_FLAGS := --with-openssl --with-axis2 --prefix=/usr/lib/axis2 + +binary-install/librampart-dev:: + mkdir -p debian/$(cdbs_curpkg)/usr/include/axis2-1.6.0 + mkdir -p debian/$(cdbs_curpkg)/usr/lib/axis2/include/axis2-1.6.0 + cd debian/$(cdbs_curpkg)/usr/lib/axis2/include/axis2-1.6.0 ; for x in ../../../../include/rampart-1.3.0/*; do ln -s $$x; done + cd debian/$(cdbs_curpkg)/usr/include/axis2-1.6.0; for x in ../rampart-1.3.0/*; do ln -s $$x; done + cd debian/$(cdbs_curpkg)/usr/lib ; ln -s axis2/modules/rampart/libmod_rampart.so + +binary-install/librampart0:: + cd debian/$(cdbs_curpkg)/usr/lib ; for x in axis2/modules/rampart/libmod_rampart.so.*; do ln -s $$x; done + mv debian/$(cdbs_curpkg)/usr/lib/axis2/lib/librampart.so.* debian/$(cdbs_curpkg)/usr/lib + +clean:: + find test -name Makefile -print0 | xargs -0 rm || /bin/true --- rampart-1.3.0.orig/debian/copyright +++ rampart-1.3.0/debian/copyright @@ -0,0 +1,64 @@ +This package was debianized by Soren Hansen on +Mon, 26 Jan 2009 11:29:36 +0100. + +It was downloaded from http://archive.apache.org/dist/ws/axis2/c/1_5_0/ + +Upstream Authors: + +Samisa Abeysinghe +Dushshantha Chandradasa +Chris Darroch +Senaka Fernando +Paul Fremantle +Dimuthu Gamage +Sahan Gamage +Lahiru Gunathilake +Nandika Jayawardana +Supun Kamburugamuva +Kaushalye Kapuruge +Damitha Kumarage +Bill Mitchell +Dumindu Pallewela +Milinda Pathirage +Manjula Peiris +Dinesh Premalal +Sanjaya Rathnaweera +Davanum Srinivas +Selvaratnam Uthaiyashankar +Sanjiva Weerawarana +Nabeel Yoosuf + +Copyright: + Copyright 2003-2004 The Apache Software Foundation. + +License: + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +On a Debian system, the license can be found at +/usr/share/common-licenses/Apache-2.0 . + + +The Debian packaging is copyright 2009, Soren Hansen and +is licensed under the GPL, see `/usr/share/common-licenses/GPL'. + +The article below is included in the NOTICE file. + +Apache Rampart/C +Copyright 2005-2009 The Apache Software Foundation + +This product includes software developed at +The Apache Software Foundation (http://www.apache.org/). + --- rampart-1.3.0.orig/debian/README.Debian +++ rampart-1.3.0/debian/README.Debian @@ -0,0 +1,14 @@ +Regarding the Usage of RPATH Issue +------------------------------------ + +The package libaxis2c uses the compiler option '-rpath', which raises a flag +according to the Debian Policy. However: + +In the package libraxis2c, the rpath is set to "/usr/lib/axis2", its private shared library. +And, the only other binaries that reference this library is this package, which is intended to use only with 'libaxis2c'. + +Thus, the usage of RPATH in the package librampart complies with the conditions listed by lintian-info --tags binary-or-shlib-defines-rpath. + + -- Kyo Lee Wed, 16 Dec 2009 20:27:31 -0800 + + --- rampart-1.3.0.orig/debian/patches/01-destdir.patch +++ rampart-1.3.0/debian/patches/01-destdir.patch @@ -0,0 +1,20 @@ +--- rampart-1.3.0.orig/src/rahas/Makefile.am ++++ rampart-1.3.0/src/rahas/Makefile.am +@@ -24,5 +24,5 @@ + @AXIOMINC@ + + install-data-hook: +- mv $(prefix)/modules/rahas/rahas_module.xml $(prefix)/modules/rahas/module.xml ++ mv $(DESTDIR)$(prefix)/modules/rahas/rahas_module.xml $(DESTDIR)$(prefix)/modules/rahas/module.xml + +--- rampart-1.3.0.orig/src/rahas/Makefile.in ++++ rampart-1.3.0/src/rahas/Makefile.in +@@ -592,7 +592,7 @@ + + + install-data-hook: +- mv $(prefix)/modules/rahas/rahas_module.xml $(prefix)/modules/rahas/module.xml ++ mv $(DESTDIR)$(prefix)/modules/rahas/rahas_module.xml $(DESTDIR)$(prefix)/modules/rahas/module.xml + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: --- rampart-1.3.0.orig/debian/patches/token-processor-segfault.patch +++ rampart-1.3.0/debian/patches/token-processor-segfault.patch @@ -0,0 +1,22 @@ +Index: rampart-1.3.0/src/util/rampart_token_processor.c +=================================================================== +--- rampart-1.3.0.orig/src/util/rampart_token_processor.c 2009-09-03 15:26:00.443799473 -0500 ++++ rampart-1.3.0/src/util/rampart_token_processor.c 2009-09-03 15:26:05.863778753 -0500 +@@ -113,6 +113,8 @@ + if(_cert) + { + status = AXIS2_SUCCESS; ++ oxs_x509_cert_copy_to(_cert, env, cert); ++ oxs_x509_cert_free(_cert, env); + } + else + { +@@ -121,8 +123,6 @@ + status = AXIS2_FAILURE; + } + +- oxs_x509_cert_copy_to(_cert, env, cert); +- oxs_x509_cert_free(_cert, env); + _cert = NULL; + + return status; --- rampart-1.3.0.orig/debian/patches/xml-security.patch +++ rampart-1.3.0/debian/patches/xml-security.patch @@ -0,0 +1,74 @@ +Description: support XML security signatures. +Author: Neil Soman + +Index: rampart-1.3.0/src/omxmlsec/c14n/c14n.c +=================================================================== +--- rampart-1.3.0.orig/src/omxmlsec/c14n/c14n.c 2011-04-26 15:40:58.518406296 -0700 ++++ rampart-1.3.0/src/omxmlsec/c14n/c14n.c 2011-04-26 15:41:22.518703783 -0700 +@@ -32,6 +32,7 @@ + #include + #include + #include "c14n_sorted_list.h" ++#include + + #define N_C14N_DEBUG + +@@ -727,6 +728,35 @@ + return AXIS2_SUCCESS; + } + ++ ++static axis2_status_t ++c14n_apply_on_data_source ( ++ const axiom_node_t *node, ++ const c14n_ctx_t *ctx ++) ++{ ++ axiom_data_source_t *src = NULL; ++ src = (axiom_data_source_t *)axiom_node_get_data_element((axiom_node_t *)node, ++ ctx->env); ++ ++ if (src) ++ { ++ axutil_stream_t *stream = axiom_data_source_get_stream(src, ctx->env); ++ ++ if(stream == NULL) ++ return AXIS2_FAILURE; ++ ++ axis2_char_t* buf = axutil_stream_get_buffer(stream, ctx->env); ++ if(buf == NULL) ++ return AXIS2_FAILURE; ++ ++ c14n_output(buf, ctx); ++ buf = NULL; ++ } ++ ++return AXIS2_SUCCESS; ++} ++ + static axis2_status_t + c14n_apply_on_node ( + const axiom_node_t *node, +@@ -748,6 +778,9 @@ + c14n_apply_on_comment(node, ctx); + break; + } ++ case AXIOM_DATA_SOURCE: ++ c14n_apply_on_data_source(node, ctx); ++ break; + case AXIOM_DOCTYPE: + case AXIOM_PROCESSING_INSTRUCTION: + default: +Index: rampart-1.3.0/src/util/rampart_timestamp_token.c +=================================================================== +--- rampart-1.3.0.orig/src/util/rampart_timestamp_token.c 2011-04-26 15:41:13.698594433 -0700 ++++ rampart-1.3.0/src/util/rampart_timestamp_token.c 2011-04-26 15:41:49.619039939 -0700 +@@ -207,7 +207,7 @@ + rampart_set_security_processed_result(env, msg_ctx,RAMPART_SPR_TS_EXPIRES, expires_val); + + /* Check whether time has expired or not */ +- validity = rampart_compare_date_time(env, created_val, expires_val); ++ validity = rampart_compare_date_time(env, current_val, expires_val); + if (validity == AXIS2_FAILURE) + { + /* this means created_value > expires_value. Which is not valid */ --- rampart-1.3.0.orig/debian/patches/rampart-memleak.patch +++ rampart-1.3.0/debian/patches/rampart-memleak.patch @@ -0,0 +1,41 @@ +Index: rampart-1.3.0/src/util/rampart_context.c +=================================================================== +--- rampart-1.3.0.orig/src/util/rampart_context.c 2009-12-03 18:01:22.000000000 +0100 ++++ rampart-1.3.0/src/util/rampart_context.c 2009-12-03 18:01:59.000000000 +0100 +@@ -359,11 +359,11 @@ + } + + /* Free receiver certificate we found when processing incoming security header */ +- /*if(rampart_context->receiver_cert && rampart_context->found_cert_in_shp) +- { ++ if(rampart_context->receiver_cert && rampart_context->found_cert_in_shp) ++ { + oxs_x509_cert_free(rampart_context->receiver_cert, env); + rampart_context->receiver_cert = NULL; +- }*/ ++ } + + if(rampart_context->key_mgr) + { +Index: rampart-1.3.0/src/util/rampart_sec_header_processor.c +=================================================================== +--- rampart-1.3.0.orig/src/util/rampart_sec_header_processor.c 2009-12-03 18:01:49.000000000 +0100 ++++ rampart-1.3.0/src/util/rampart_sec_header_processor.c 2009-12-03 18:01:59.000000000 +0100 +@@ -1435,8 +1435,6 @@ + return AXIS2_FAILURE; + } + +- rampart_context_set_found_cert_in_shp(rampart_context, env, AXIS2_TRUE); +- rampart_context_set_receiver_cert_found_in_shp(rampart_context, env, cert); + status = AXIS2_SUCCESS; + } + else if(0 == axutil_strcmp(str_child_name, OXS_NODE_X509_DATA)) +@@ -1463,8 +1461,6 @@ + return AXIS2_FAILURE; + } + +- rampart_context_set_found_cert_in_shp(rampart_context, env, AXIS2_TRUE); +- rampart_context_set_receiver_cert_found_in_shp(rampart_context, env, cert); + status = AXIS2_SUCCESS; + } + else --- rampart-1.3.0.orig/debian/patches/02-autoconf-quoting.patch +++ rampart-1.3.0/debian/patches/02-autoconf-quoting.patch @@ -0,0 +1,26 @@ +--- rampart-1.3.0.orig/configure.ac ++++ rampart-1.3.0/configure.ac +@@ -80,8 +80,8 @@ + if test -d $withval; then + axis2inc="-I$withval" + dnl else find the axis2inc include dir in $(AXIS2C_HOME)/include +- elif test -d '$(AXIS2C_HOME)/include/axis2-1.6.0'; then +- axis2inc="-I$(AXIS2C_HOME)/include/axis2-1.6.0" ++ elif test -d "${AXIS2C_HOME}/include/axis2-1.6.0"; then ++ axis2inc='-I$(AXIS2C_HOME)/include/axis2-1.6.0' + else + AC_MSG_ERROR(could not find axis2inc. stop) + fi +--- rampart-1.3.0.orig/configure ++++ rampart-1.3.0/configure +@@ -20495,8 +20495,8 @@ + echo "${ECHO_T}$withval" >&6; } + if test -d $withval; then + axis2inc="-I$withval" +- elif test -d '$(AXIS2C_HOME)/include/axis2-1.6.0'; then +- axis2inc="-I$(AXIS2C_HOME)/include/axis2-1.6.0" ++ elif test -d "${AXIS2C_HOME}/include/axis2-1.6.0"; then ++ axis2inc='-I$(AXIS2C_HOME)/include/axis2-1.6.0' + else + { { echo "$as_me:$LINENO: error: could not find axis2inc. stop" >&5 + echo "$as_me: error: could not find axis2inc. stop" >&2;} --- rampart-1.3.0.orig/debian/patches/series +++ rampart-1.3.0/debian/patches/series @@ -0,0 +1,5 @@ +01-destdir.patch +02-autoconf-quoting.patch +token-processor-segfault.patch +rampart-memleak.patch +xml-security.patch