diff options
| author | Miklos Vajna <vmiklos@collabora.com> | 2024-01-12 08:30:53 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.com> | 2024-01-15 08:09:21 +0100 |
| commit | 8ce222753a43d46e94d351069ce19cc3e2db333c (patch) | |
| tree | 2b704c72e91878b66259b8b661e42e4ee8a35f13 /external/xmlsec/old-nss.patch.1 | |
| parent | 261f758b650cf1c5c16acdad8f4a2dc86616f9e2 (diff) | |
Update libxmlsec to 1.3.3
Extend external/xmlsec/old-nss.patch.1, our bundled NSS in debug builds
has some assert failure in relatively new xmlsec code, just disable it
for now till it's clarified with upstream how to sort that out properly.
E.g. CppunitTest_filter_svg fails like this:
#1 0x00007ffff77503e5 in abort () at /lib64/libc.so.6
#2 0x00007ffff679ca90 in PR_Assert (s=0x7ffff44fbfe5 "oidmechhash != NULL", file=0x7ffff44fbfb6 "secoid.c", ln=2140) at ../../../../pr/src/io/prlog.c:571
#3 0x00007ffff44eaae0 in SECOID_FindOIDByMechanism (mechanism=307) at secoid.c:2140
#4 0x00007ffff6660c65 in PK11_MechanismToAlgtag (type=307) at pk11mech.c:1745
#5 0x00007fffe874e4ea in xmlSecNssCryptoCheckMechanism (type=307) at crypto.c:68
#6 0x00007fffe874ec44 in xmlSecNssUpdateAvailableCryptoTransforms (functions=0x7fffe87ffbc0 <functions>) at crypto.c:401
#7 0x00007fffe874f13d in xmlSecNssInit () at crypto.c:552
#8 0x00007fffe86b2c36 in initXmlSec() () at /home/vmiklos/git/libreoffice/core/xmlsecurity/source/xmlsec/xmlsec_init.cxx:42
#9 0x00007fffdf3c54f2 in DocumentSignatureManager::init() (this=0x7fffffff3970) at /home/vmiklos/git/libreoffice/core/xmlsecurity/source/helper/documentsignaturemanager.cxx:79
#10 0x00007fffdf43e3da in (anonymous namespace)::DocumentDigitalSignatures::ImplVerifySignatures(com::sun::star::uno::Reference<com::sun::star::embed::XStorage> const&, com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&, DocumentSignatureMode)
(this=0x1c07ac0, rxStorage=uno::Reference to (OStorage *) 0x1944e18, xSignStream=empty uno::Reference, eMode=DocumentSignatureMode::Macros)
at /home/vmiklos/git/libreoffice/core/xmlsecurity/source/component/documentdigitalsignatures.cxx:486
#11 0x00007fffdf43da17 in (anonymous namespace)::DocumentDigitalSignatures::verifyScriptingContentSignatures(com::sun::star::uno::Reference<com::sun::star::embed::XStorage> const&, com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&) (this=0x1c07ac0, rxStorage=uno::Reference to (OStorage *) 0x1944e18, xSignInStream=empty uno::Reference)
at /home/vmiklos/git/libreoffice/core/xmlsecurity/source/component/documentdigitalsignatures.cxx:373
#12 0x00007fffe6fa06df in SfxObjectShell::GetDocumentSignatureInformation(bool, com::sun::star::uno::Reference<com::sun::star::security::XDocumentDigitalSignatures> const&)
(this=0x188c280, bScriptingContent=true, xSigner=empty uno::Reference) at /home/vmiklos/git/libreoffice/core/sfx2/source/doc/objserv.cxx:1847
Change-Id: I36dee0d2b128a6931875572aa4acc9df940ab623
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161951
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Diffstat (limited to 'external/xmlsec/old-nss.patch.1')
| -rw-r--r-- | external/xmlsec/old-nss.patch.1 | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/external/xmlsec/old-nss.patch.1 b/external/xmlsec/old-nss.patch.1 index b46453586351..19ac8ffe6c5a 100644 --- a/external/xmlsec/old-nss.patch.1 +++ b/external/xmlsec/old-nss.patch.1 @@ -39,18 +39,19 @@ diff --git a/src/nss/crypto.c b/src/nss/crypto.c index 429d209f..e0296bda 100644 --- a/src/nss/crypto.c +++ b/src/nss/crypto.c -@@ -131,9 +131,11 @@ xmlSecCryptoGetFunctions_nss(void) { +@@ -162,10 +162,12 @@ xmlSecCryptoGetFunctions_nss(void) { gXmlSecNssFunctions->transformAes192CbcGetKlass = xmlSecNssTransformAes192CbcGetKlass; gXmlSecNssFunctions->transformAes256CbcGetKlass = xmlSecNssTransformAes256CbcGetKlass; +#if 0 + /* gcm */ gXmlSecNssFunctions->transformAes128GcmGetKlass = xmlSecNssTransformAes128GcmGetKlass; gXmlSecNssFunctions->transformAes192GcmGetKlass = xmlSecNssTransformAes192GcmGetKlass; gXmlSecNssFunctions->transformAes256GcmGetKlass = xmlSecNssTransformAes256GcmGetKlass; +#endif + /* kw: uses AES ECB */ gXmlSecNssFunctions->transformKWAes128GetKlass = xmlSecNssTransformKWAes128GetKlass; - gXmlSecNssFunctions->transformKWAes192GetKlass = xmlSecNssTransformKWAes192GetKlass; diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h index bb64c5f2..4c3dc4d3 100644 --- a/include/xmlsec/nss/crypto.h @@ -64,3 +65,18 @@ index bb64c5f2..4c3dc4d3 100644 #define XMLSEC_NO_RSA_OAEP 1 #else /* (NSS_VMAJOR < 3) || ((NSS_VMAJOR == 3) && (NSS_VMINOR < 59)) */ #define XMLSEC_NO_MD5 1 +diff --git a/src/nss/crypto.c b/src/nss/crypto.c +index 6455ec72..a6c46350 100644 +--- a/src/nss/crypto.c ++++ b/src/nss/crypto.c +@@ -546,8 +546,10 @@ xmlSecNssInit (void) { + /* set default errors callback for xmlsec to us */ + xmlSecErrorsSetCallback(xmlSecNssErrorsDefaultCallback); + ++#if 0 + /* update the avaialble algos based on NSS configs */ + xmlSecNssUpdateAvailableCryptoTransforms(xmlSecCryptoGetFunctions_nss()); ++#endif + + /* register our klasses */ + if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_nss()) < 0) { |