From 400747c64ca12f627890282e4fc8f6a6ddda932b Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 16 Nov 2022 15:38:35 +0100
Subject: [PATCH 3/4] Adapt lasso_base64_decode to the deprecation of
 xmlSecBase64Decode (#71313)

We now use the non-deprecated new API (since xmlsec 1.2.35) xmlSecBase64Decode_ex.
---
 lasso/xml/tools.c | 54 ++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 42 insertions(+), 12 deletions(-)

diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
index dc54971f..35f9ce38 100644
--- a/lasso/xml/tools.c
+++ b/lasso/xml/tools.c
@@ -73,6 +73,7 @@
 #include <stdarg.h>
 #include <ctype.h>
 #include "../lasso_config.h"
+#include "config.h"
 
 /**
  * SECTION:saml2_utils
@@ -2521,24 +2522,53 @@ cleanup:
 gboolean
 lasso_base64_decode(const char *from, char **buffer, int *buffer_len)
 {
-	size_t len = strlen(from);
-	int ret;
+	int fromlen = 0;
+	xmlChar *out = NULL;
+	xmlSecSize outlen = 0;
+	xmlSecSize decodedlen = 0;
+	int rc = TRUE;
+	int ret = 0;
+
+	if (! from) {
+		return FALSE;
+	}
+
+	fromlen = strlen(from);
 
 	/* base64 map 4 bytes to 3 */
-	len = len / 4 + (len % 4 ? 1 : 0);
-	len *= 3;
-	len += 1; /* zero byte */
-	*buffer = g_malloc0(len);
+	outlen = fromlen / 4 + (fromlen % 4 ? 1 : 0);
+	outlen *= 3;
+	outlen += 1; /* zero byte */
+	out = g_malloc0(outlen);
 
+#if LASSO_XMLSEC_VERSION_NUMBER >= 0x010223
 	xmlSecErrorsDefaultCallbackEnableOutput(FALSE);
-	ret = xmlSecBase64Decode(BAD_CAST from, BAD_CAST *buffer, len);
+	ret = xmlSecBase64Decode_ex(BAD_CAST from, out, outlen, &decodedlen);
 	xmlSecErrorsDefaultCallbackEnableOutput(TRUE);
-	if (ret <= 0) {
-		lasso_release_string(*buffer);
-		return FALSE;
+	if (ret == 0) {
+		out[outlen - 1] = 0;
+		lasso_transfer_string(*buffer, *((char**)&out));
+		*buffer_len = decodedlen;
+	} else {
+		rc = FALSE;
 	}
-	*buffer_len = ret;
-	return TRUE;
+#else
+	xmlSecErrorsDefaultCallbackEnableOutput(FALSE);
+	ret = xmlSecBase64Decode(BAD_CAST from, out, outlen);
+	xmlSecErrorsDefaultCallbackEnableOutput(TRUE);
+
+	if (ret >= 0) {
+		out[outlen - 1] = 0;
+		lasso_transfer_string(*buffer, *((char**)&out));
+		*buffer_len = ret;
+	} else {
+		rc = FALSE;
+	}
+#endif
+	if (out) {
+		lasso_release_string(out);
+	}
+	return rc;
 }
 
 /**
-- 
2.37.2