nokogiri-xmlsec1 0.0.6

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c07016a5857118879d16b8be6611ec84ca176c70
+  data.tar.gz: 575ccb28ced4c1774cda99086ba9984e2f75052b
+SHA512:
+  metadata.gz: cf48ed1086682b75a90ee4d62bb5171bcb2ec784f5e2018fb72367f1ad4c9d1379cca35d42b8b1d299fbadb26e2fe46ba55653310c8f36e9e9f3e40d2b14b42b
+  data.tar.gz: 3224de060fa1f0d6253069e0368f2900ac149b7c46a6287c6adec38b3f36acddd1eaf13cb75af7cd6a4809cced59920625fa7e56af674b203cb66a778b9e151b

data/.gitignore

@@ -0,0 +1,22 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+ports/archives
+ports/*-*-*
+ports/*.installed
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+spec/old
+*.so

data/.rspec

@@ -0,0 +1,2 @@
+--color
+

data/.travis.yml

@@ -0,0 +1,11 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1.2
+  - ruby-head
+  - rbx
+
+matrix:
+  allow_failures:
+    - rvm: rbx

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in xmlsec.gemspec
+gemspec

data/Guardfile

@@ -0,0 +1,13 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard 'rake', :task => 'default' do
+  watch(/^ext\//)
+end
+
+guard 'rspec' do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+  # watch(/^ext\//)               { "spec" }
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 TODO: Write your name
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,133 @@
+# nokogiri-xmlsec1
+
+This is a fork of nokogiri-xmlsec. This fork uses mini_portile to improve code
+predictiveness and allow heroku deploys.
+
+This gem adds support to Ruby for encrypting, decrypting, signing and validating
+the signatures of XML documents, according to the [XML Encryption Syntax and
+Processing](http://www.w3.org/TR/xmlenc-core/) standard, by wrapping around the
+[xmlsec1](http://www.aleksey.com/xmlsec) C library and adding relevant methods
+to `Nokogiri::XML::Document`.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'nokogiri-xmlsec1'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install nokogiri-xmlsec1
+
+## Usage
+
+Several methods are added to `Nokogiri::XML::Document` which expose this gem's
+functionality.
+
+### Signing
+
+The `sign!` method adds a digital signature to the XML document so that it can
+later be determined whether the document itself has been tampered with. If the
+document changes, the signature will be invalid.
+
+Signing a document will add XML nodes directly to the document itself, and
+then returns itself.
+
+    # First, get an XML document
+    doc = Nokogiri::XML("<doc><greeting>Hello, World!</greeting></doc>")
+
+    # Sign the document with a certificate, a key, and a key name
+    doc.sign! certificate: 'certificate data',
+              key: 'private key data',
+              name: 'private key name'
+
+You only need one of `certificate` or `key`, but you can pass both. If you do,
+the certificate will be included as part of the signature, so that it can be
+later verified by certificate instead of by key.
+
+The `name` is implicitly converted into a string. Thus it is effectively
+optional, since `nil` converts to `""`, and its value only matters if you plan
+to verify the signature with any of a set of keys, as in the following example:
+
+### Signature verification
+
+Verification of signatures always returns `true` if successful, `false`
+otherwise.
+
+    # Verify the document's signature to ensure it has not been tampered with
+    doc.verify_with({
+      'key-name-1' => 'public key contents',
+      'key-name-2' => 'another public key content'
+    })
+
+In the above example, the `name` field from the signing process will be used
+to determine which key to validate with. If you plan to always verify with the
+same key, you can do it like so, effectively ignoring the `name` value:
+
+    # Verify the document's signature with a specific key
+    doc.verify_with key: 'public key contents'
+
+Finally, you can also verify with a certificate:
+
+    # Verify the document's signature with a single certificate
+    doc.verify_with certificate: 'certificate data'
+
+    # Verify the document's signature with multiple certificates. Any one match
+    # will pass verification.
+    doc.verify_with certificates: [ 'cert1', 'cert2', 'cert3' ]
+
+If the certificate has been installed to your system certificates, then you can
+verify signatures like so:
+
+    # Verify with installed CA certificates
+    doc.verify_signature
+
+### Encryption & Decryption
+
+Encrypted documents can only be decrypted with the private key that corresponds
+to the public key that was used to encrypt it. Thus, the party that encrypted
+the document can be sure that the document will only be readable by its intended
+recipient.
+
+Both encryption and decryption of a document manipulates the XML nodes of the
+document in-place. Both methods return the original document, after the changes
+have been made to it.
+
+To encrypt a document, use a public key:
+
+    doc.encrypt! key: 'public key content'
+
+To decrypt a document, use a private key:
+
+    doc.decrypt! key: 'private key content'
+
+
+## Limitations and Known Issues
+
+Following is a list of limitations and/or issues I know about, but have no
+immediate plan to resolve. This is probably because I haven't needed the
+functionality, and no one has sent a pull request. (Hint, hint!)
+
+- Currently, it is not possible to operate on individual XML nodes. The
+  `nokogiri-xmlsec1` operations must be performed on the entire document.
+- Support for jruby and rubinius.
+
+## Contributing
+
+First of all, **thank you** for wanting to help and reading this!
+
+1. [Fork the project](https://help.github.com/articles/fork-a-repo).
+2. Create a feature branch - `git checkout -b adding_magic`
+3. Add some tests, and make your changes!
+4. Check that the tests pass - `bundle exec rake`
+5. Commit your changes - `git commit -am "Added some magic"`
+6. Push the branch to Github - `git push origin adding_magic`
+7. Send a [pull request](https://help.github.com/articles/using-pull-requests)! :heart: :sparkling_heart: :heart:
+
+## License
+
+MIT. See [LICENSE.txt](LICENSE.txt) for further details.

data/Rakefile

@@ -0,0 +1,30 @@
+require "bundler/gem_tasks"
+require 'rake/extensiontask'
+require 'rspec/core/rake_task'
+
+Rake::ExtensionTask.new('nokogiri_ext_xmlsec')
+
+RSpec::Core::RakeTask.new :rspec
+
+desc 'clean out build files'
+task :clean do
+  rm_rf File.expand_path('../tmp', __FILE__)
+end
+
+task :default => [:clean, :compile, :rspec]
+
+desc 'code statistics, cause im a stats junky'
+task :stats do
+  def count(glob)
+    Dir[glob].inject(0) do |count, fi|
+      next unless File.file?(fi)
+      count + File.read(fi).lines.length
+    end
+  end
+
+  rb_lines = count 'lib/**/*.rb'
+  c_lines  = count 'ext/**/*.{c,h}'
+
+  puts "Lines of Ruby: #{rb_lines}"
+  puts "Lines of C:    #{c_lines}"
+end

data/dependencies.yml

@@ -0,0 +1,3 @@
+libxml2: "2.8.0"
+libxslt: "1.1.28"
+xmlsec1: "1.2.20"

data/ext/nokogiri_ext_xmlsec/extconf.rb

@@ -0,0 +1,489 @@
+# :stopdoc:
+
+require 'mkmf'
+
+ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..', '..'))
+
+################################################################################
+# functions
+
+def lib_a(ldflag)
+  case ldflag
+  when /\A-l(.+)/
+    "lib#{$1}.#{$LIBEXT}"
+  end
+end
+
+def asplode(lib)
+  abort "-----\n#{lib} is missing."
+end
+
+def do_help
+  print <<HELP
+usage: ruby #{$0} [options]
+
+    --disable-static
+        Do not statically link bundled libraries.
+
+    --with-iconv-dir=DIR
+        Use the iconv library placed under DIR.
+
+    --with-zlib-dir=DIR
+        Use the zlib library placed under DIR.
+
+    --use-system-libraries
+        Use system libraries intead of building and using the bundled
+        libraries.
+
+    --with-xmlsec1-dir=DIR / --with-xmlsec1-config=CONFIG
+    --with-xml2-dir=DIR / --with-xml2-config=CONFIG
+    --with-xslt-dir=DIR / --with-xslt-config=CONFIG
+    --with-exslt-dir=DIR / --with-exslt-config=CONFIG
+        Use xmlsec1/libxml2/libxslt/libexslt as specified.
+
+    --enable-cross-build
+        Do cross-build.
+HELP
+  exit! 0
+end
+
+def do_clean
+  exit! 0
+end
+
+def preserving_globals
+  values = [
+    $arg_config,
+    $CFLAGS, $CPPFLAGS,
+    $LDFLAGS, $LIBPATH, $libs
+  ].map(&:dup)
+  yield
+ensure
+  $arg_config,
+  $CFLAGS, $CPPFLAGS,
+  $LDFLAGS, $LIBPATH, $libs =
+    values
+end
+
+def have_iconv?
+  have_header('iconv.h') or return false
+  %w{ iconv_open libiconv_open }.any? do |method|
+    have_func(method, 'iconv.h') or
+      have_library('iconv', method, 'iconv.h')
+  end
+end
+
+def each_iconv_idir
+  # If --with-iconv-dir or --with-opt-dir is given, it should be
+  # the first priority
+  %w[iconv opt].each { |config|
+    idir = preserving_globals {
+      dir_config(config)
+    }.first and yield idir
+  }
+
+  # Try the system default
+  yield "/usr/include"
+
+  cflags, = preserving_globals {
+    pkg_config('libiconv')
+  }
+  if cflags
+    cflags.shellsplit.each { |arg|
+      arg.sub!(/\A-I/, '') and
+      yield arg
+    }
+  end
+
+  nil
+end
+
+def iconv_prefix
+  # Make sure libxml2 is built with iconv
+  each_iconv_idir { |idir|
+    next unless File.file?(File.join(idir, 'iconv.h'))
+
+    prefix, dir = File.split(idir)
+    next unless dir == 'include'
+
+    preserving_globals {
+      # Follow the way libxml2's configure uses a value given with
+      # --with-iconv[=DIR]
+      $CPPFLAGS = "-I#{idir}".quote << ' ' << $CPPFLAGS
+      $LIBPATH.unshift(File.join(prefix, "lib"))
+      have_iconv?
+    } and break prefix
+  } or asplode "libiconv"
+end
+
+def message!(important_message)
+  message important_message
+  if !$stdout.tty? && File.chardev?('/dev/tty')
+    File.open('/dev/tty', 'w') { |tty|
+      tty.print important_message
+    }
+  end
+rescue Errno::ENXIO
+end
+
+def process_recipe(name, version, static_p, cross_p)
+  MiniPortile.new(name, version).tap do |recipe|
+    recipe.target = portsdir = File.join(ROOT, "ports")
+    # Prefer host_alias over host in order to use i586-mingw32msvc as
+    # correct compiler prefix for cross build, but use host if not set.
+    recipe.host = RbConfig::CONFIG["host_alias"].empty? ? RbConfig::CONFIG["host"] : RbConfig::CONFIG["host_alias"]
+    recipe.patch_files = Dir[File.join(portsdir, "patches", name, "*.patch")].sort
+
+    yield recipe
+
+    env = Hash.new { |hash, key|
+      hash[key] = "#{ENV[key]}"  # (ENV[key].dup rescue '')
+    }
+
+    recipe.configure_options.flatten!
+
+    recipe.configure_options.delete_if { |option|
+      case option.shellsplit.first
+      when /\A(\w+)=(.*)\z/
+        env[$1] = $2
+        true
+      else
+        false
+      end
+    }
+
+    if static_p
+      recipe.configure_options += [
+        "--disable-shared",
+        "--enable-static",
+      ]
+      env['CFLAGS'] = "-fPIC #{env['CFLAGS']}"
+    else
+      recipe.configure_options += [
+        "--enable-shared",
+        "--disable-static",
+      ]
+    end
+
+    if cross_p
+      recipe.configure_options += [
+        "--target=#{recipe.host}",
+        "--host=#{recipe.host}",
+      ]
+    end
+
+    if RbConfig::CONFIG['target_cpu'] == 'universal'
+      %w[CFLAGS LDFLAGS].each { |key|
+        unless env[key].shellsplit.include?('-arch')
+          env[key] << ' ' << RbConfig::CONFIG['ARCH_FLAG']
+        end
+      }
+    end
+
+    recipe.configure_options += env.map { |key, value|
+      "#{key}=#{value}".shellescape
+    }
+
+    if recipe.patch_files.empty?
+      message! "Building #{name}-#{version} for nokogiri-xmlsec1.\n"
+    else
+      message! "Building #{name}-#{version} for nokogiri-xmlsec1 with the following patches applied:\n"
+
+      recipe.patch_files.each { |patch|
+        message! "\t- %s\n" % File.basename(patch)
+      }
+    end
+
+    message! <<-"EOS"
+************************************************************************
+IMPORTANT! nokogiri-xmlsec1 builds and uses a packaged version of #{name}.
+
+If this is a concern for you and you want to use the system library
+instead, abort this installation process and reinstall nokogiri-xmlsec1
+as follows:
+
+    gem install nokogiri-xmlsec1 -- --use-system-libraries
+
+If you are using Bundler, tell it to use the option:
+
+    bundle config build.nokogiri-xmlsec1 --use-system-libraries
+    bundle install
+************************************************************************
+    EOS
+
+    checkpoint = "#{recipe.target}/#{recipe.name}-#{recipe.version}-#{recipe.host}.installed"
+    unless File.exist?(checkpoint)
+      recipe.cook
+      FileUtils.touch checkpoint
+    end
+    recipe.activate
+  end
+end
+
+# Workaround for nokogiri issue #1102
+def monkey_patch_mini_portile
+  MiniPortile.class_eval do
+    def patch
+      @patch_files.each do |full_path|
+        next unless File.exists?(full_path)
+        output "Running patch with #{full_path}..."
+        execute('patch', %Q(patch -p1 < #{full_path}))
+      end
+    end
+  end
+end
+
+################################################################################
+# main
+
+case
+when arg_config('--help')
+  do_help
+when arg_config('--clean')
+  do_clean
+end
+
+RbConfig::MAKEFILE_CONFIG['CC'] = ENV['CC'] if ENV['CC']
+
+if defined?(RUBY_ENGINE) && RUBY_ENGINE == 'macruby'
+  $LIBRUBYARG_STATIC.gsub!(/-static/, '')
+end
+
+$CFLAGS << " #{ENV["CFLAGS"]}"
+$LIBS << " #{ENV["LIBS"]}"
+
+case RbConfig::CONFIG['target_os']
+when 'mingw32', /mswin/
+  windows_p = true
+  $CFLAGS << " -DXP_WIN -DXP_WIN32 -DUSE_INCLUDED_VASPRINTF"
+when /solaris/
+  $CFLAGS << " -DUSE_INCLUDED_VASPRINTF"
+else
+  $CFLAGS << " -g -DXP_UNIX"
+end
+
+if RUBY_PLATFORM =~ /mingw/i
+  # Work around a character escaping bug in MSYS by passing an arbitrary
+  # double quoted parameter to gcc. See https://sourceforge.net/p/mingw/bugs/2142
+  $CPPFLAGS << ' "-Idummypath"'
+end
+
+if RbConfig::MAKEFILE_CONFIG['CC'] =~ /gcc/
+  $CFLAGS << " -O3" unless $CFLAGS[/-O\d/]
+  $CFLAGS << " -Wall -Wwrite-strings -Wmissing-noreturn -Winline"
+end
+
+case
+when arg_config('--use-system-libraries', !!ENV['NOKOGIRI_XMLSEC_USE_SYSTEM_LIBRARIES'])
+  message! "Building nokogiri-xmlsec1 using system libraries.\n"
+
+  dir_config('zlib')
+
+  # Using system libraries means we rely on the system libxml2 with
+  # regard to the iconv support.
+
+  dir_config('xml2').any?    or pkg_config('libxml-2.0')
+  dir_config('xslt').any?    or pkg_config('libxslt')
+  dir_config('exslt').any?   or pkg_config('libexslt')
+  dir_config('xmlsec1').any? or pkg_config('xmlsec-openssl')
+
+  try_cpp(<<-SRC) or abort "libxml2 version 2.6.21 or later is required!"
+#include <libxml/xmlversion.h>
+
+#if LIBXML_VERSION < 20621
+#error libxml2 is too old
+#endif
+  SRC
+
+  try_cpp(<<-SRC) or warn "libxml2 version 2.9.0 and later is not yet supported, but proceeding anyway."
+#include <libxml/xmlversion.h>
+
+#if LIBXML_VERSION >= 20900
+#error libxml2 is too new
+#endif
+  SRC
+else
+  message! "Building nokogiri-xmlsec1 using packaged libraries.\n"
+
+  require 'mini_portile'
+  monkey_patch_mini_portile
+  require 'yaml'
+
+  static_p = enable_config('static', true) or
+    message! "Static linking is disabled.\n"
+
+  dependencies = YAML.load_file(File.join(ROOT, "dependencies.yml"))
+
+  cross_build_p = enable_config("cross-build")
+  if cross_build_p || windows_p
+    zlib_recipe = process_recipe("zlib", dependencies["zlib"], static_p, cross_build_p) do |recipe|
+      recipe.files = ["http://zlib.net/#{recipe.name}-#{recipe.version}.tar.gz"]
+      class << recipe
+        attr_accessor :cross_build_p
+
+        def configure
+          Dir.chdir work_path do
+            mk = File.read 'win32/Makefile.gcc'
+            File.open 'win32/Makefile.gcc', 'wb' do |f|
+              f.puts "BINARY_PATH = #{path}/bin"
+              f.puts "LIBRARY_PATH = #{path}/lib"
+              f.puts "INCLUDE_PATH = #{path}/include"
+              mk.sub!(/^PREFIX\s*=\s*$/, "PREFIX = #{host}-") if cross_build_p
+              f.puts mk
+            end
+          end
+        end
+
+        def configured?
+          Dir.chdir work_path do
+            !! (File.read('win32/Makefile.gcc') =~ /^BINARY_PATH/)
+          end
+        end
+
+        def compile
+          execute "compile", "make -f win32/Makefile.gcc"
+        end
+
+        def install
+          execute "install", "make -f win32/Makefile.gcc install"
+        end
+      end
+      recipe.cross_build_p = cross_build_p
+    end
+
+    libiconv_recipe = process_recipe("libiconv", dependencies["libiconv"], static_p, cross_build_p) do |recipe|
+      recipe.files = ["http://ftp.gnu.org/pub/gnu/libiconv/#{recipe.name}-#{recipe.version}.tar.gz"]
+      recipe.configure_options += [
+        "CPPFLAGS='-Wall'",
+        "CFLAGS='-O2 -g'",
+        "CXXFLAGS='-O2 -g'",
+        "LDFLAGS="
+      ]
+    end
+  end
+
+  libxml2_recipe = process_recipe("libxml2", dependencies["libxml2"], static_p, cross_build_p) do |recipe|
+    recipe.files = ["ftp://ftp.xmlsoft.org/libxml2/#{recipe.name}-#{recipe.version}.tar.gz"]
+    recipe.configure_options += [
+      "--without-python",
+      "--without-readline",
+      "--with-iconv=#{libiconv_recipe ? libiconv_recipe.path : iconv_prefix}",
+      "--with-c14n",
+      "--with-debug",
+      "--with-threads"
+    ]
+  end
+
+  libxslt_recipe = process_recipe("libxslt", dependencies["libxslt"], static_p, cross_build_p) do |recipe|
+    recipe.files = ["ftp://ftp.xmlsoft.org/libxml2/#{recipe.name}-#{recipe.version}.tar.gz"]
+    recipe.configure_options += [
+      "--without-python",
+      "--without-crypto",
+      "--with-debug",
+      "--with-libxml-prefix=#{libxml2_recipe.path}"
+    ]
+  end
+
+  xmlsec1_recipe = process_recipe("xmlsec1", dependencies["xmlsec1"], static_p, cross_build_p) do |recipe|
+    recipe.files = ["http://www.aleksey.com/xmlsec/download/#{recipe.name}-#{recipe.version}.tar.gz"]
+    recipe.configure_options += [
+      "--with-libxml=#{libxml2_recipe.path}",
+      "--with-libxslt=#{libxslt_recipe.path}",
+      "--disable-crypto-dl",
+      "--disable-apps-crypto-dl"
+    ]
+  end
+
+  have_lzma = preserving_globals {
+    have_library('lzma')
+  }
+
+  $libs = $libs.shellsplit.tap { |libs|
+    [libxml2_recipe, libxslt_recipe, xmlsec1_recipe].each { |recipe|
+      libname = recipe.name[/\Alib(.+)\z/, 1] || recipe.name
+      File.join(recipe.path, "bin", "#{libname}-config").tap { |config|
+        # call config scripts explicit with 'sh' for compat with Windows
+        $CPPFLAGS = `sh #{config} --cflags`.strip << ' ' << $CPPFLAGS
+        `sh #{config} --libs`.strip.shellsplit.each { |arg|
+          case arg
+          when /\A-L(.+)\z/
+            # Prioritize ports' directories
+            if $1.start_with?(ROOT + '/')
+              $LIBPATH = [$1] | $LIBPATH
+            else
+              $LIBPATH = $LIBPATH | [$1]
+            end
+          when /\A-l./
+            libs.unshift(arg)
+          else
+            $LDFLAGS << ' ' << arg.shellescape
+          end
+        }
+      }
+
+      case libname
+      when 'xml2'
+        # xslt-config --libs or pkg-config libxslt --libs does not include
+        # -llzma, so we need to add it manually when linking statically.
+        if static_p && have_lzma
+          # Add it at the end; GH #988
+          libs << '-llzma'
+        end
+      when 'xslt'
+        # xslt-config does not have a flag to emit options including
+        # -lexslt, so add it manually.
+        libs.unshift('-lexslt')
+      end
+    }
+  }.shelljoin
+
+  if static_p
+    $libs = $libs.shellsplit.map { |arg|
+      case arg
+      when '-lxml2'
+        File.join(libxml2_recipe.path, 'lib', lib_a(arg))
+      when '-lxslt', '-lexslt'
+        File.join(libxslt_recipe.path, 'lib', lib_a(arg))
+      else
+        arg
+      end
+    }.shelljoin
+  end
+    
+end
+
+{
+  "xml2"  => ['xmlParseDoc',            'libxml/parser.h'],
+  "xslt"  => ['xsltParseStylesheetDoc', 'libxslt/xslt.h'],
+  "exslt" => ['exsltFuncRegister',      'libexslt/exslt.h']
+}.each { |lib, (func, header)|
+  have_func(func, header) ||
+  have_library(lib, func, header) ||
+  have_library("lib#{lib}", func, header) or
+    asplode("lib#{lib}")
+}
+
+xmlsec1_config = File.join(xmlsec1_recipe.path, "bin", "xmlsec1-config")
+xmlsec1_crypto_lib = `sh #{xmlsec1_config} --crypto`.strip
+
+["xmlsec1-#{xmlsec1_crypto_lib}", 'ruby.h'].each { |lib_or_header|
+  have_library(lib_or_header) ||
+  have_header(lib_or_header) or
+    asplode(lib_or_header)
+}
+
+create_makefile('nokogiri_ext_xmlsec')
+
+if enable_config('clean', true)
+  # Do not clean if run in a development work tree.
+  File.open('Makefile', 'at') { |mk|
+    mk.print <<EOF
+all: clean-ports
+
+clean-ports: $(DLLIB)
+	-$(Q)$(RUBY) $(srcdir)/extconf.rb --clean --#{static_p ? 'enable' : 'disable'}-static
+EOF
+  }
+end
+
+# :startdoc: