Turn onlineupdate into external/onlineupdate

...and update to latest Mozilla sources.

Originally, this was a non-external onlineupdate module (plus correspsonding
top-level include/onlineupdate/ directory) that apparently contained sources
originally copied from Mozilla and subsequently modified in-place (plus, mixed
in, presumably some sources that were not copied from Mozilla but were our own
inventions).  To clean up this mess, this has been turned into a proper
external/onlineupdate module with a tarball containing the pristine external
Mozilla sources.

The sources for the onlineupdate-c003be8b9727672e7d30972983b375f4c200233f.tar.xz
tarball are taken, somewhat arbitrarily, from a recent
<https://github.com/mozilla/gecko-dev/commit/c003be8b9727672e7d30972983b375f4c200233f>
("Bug 1867784 - Force reflow all kids in the last column balancing reflow.
r=layout-reviewers,dholbert") trunk state, by running
`external/onlineupdate/generate-sources.sh ~/github.com/mozilla/gecko-dev` on a
Fedora 39 machine.

The layout of the tarball still mostly follows the old onlineupdate/ layout,
even if that deviates heavily from the actual source layout at
<https://github.com/mozilla/gecko-dev/>.  (And some files, which apparently are
not needed, anyway, lacked sources, see the "Missing source for" in
external/onlineupdate/generate-sources.sh.  And win_dirent.h/.cpp has meanwhile
been superseded by updateutils_win.h/.cpp.)  Merely newly included source files
are laid out in the tarball according to the actual source layout.

Any LO-specific modifications are made via patch files (rather than modifying
the sources inline, as was done in the past): external/onlineupdate/lo.patch
contains whatever modifications are needed to adapt the functionality, while
external/onlineupdate/gtk3deprecated.patch fixes

> workdir/UnpackedTarball/onlineupdate/onlineupdate/source/update/updater/progressui_gtk.cpp:97:21: error: use of undeclared identifier 'gtk_vbox_new'; did you mean 'gtk_box_new'?
>    97 |   GtkWidget* vbox = gtk_vbox_new(TRUE, 6);
>       |                     ^~~~~~~~~~~~
>       |                     gtk_box_new

to not use the deprecated gtk_vbox_new, which is hidden because we include
-DGTK_DISABLE_DEPRECATED in our GTK3_CFLAGS as per our configure.ac.

On Windows, the definition of __BYTE_ORDER__ etc. is needed because
workdir/UnpackedTarball/onlineupdate/include/mozilla/ says "Our supported
compilers provide architecture-independent macros for this", but MSVC doesn't
actually, so define here what would implicitly be defined by GCC.  Similarly, on
Windows -U_WIN32_WINNT is needed to undo -D_WIN32_WINNT=0x0601 in
solenv/gbuild/platform/windows.mk, which would cause

> workdir\UnpackedTarball\onlineupdate\include\mozilla/WinHeaderOnlyUtils.h(537): error C2065: 'FILE_ID_INFO': undeclared identifier

etc., despite the #include <windws.h> there.

Curiously, the original gb_CustomTarget_CustomTarget,onlineupdate/generated from
onlineupdate/CustomTarget_generated.mk had to be renamed to
gb_CustomTarget_CustomTarget,external/onlineupdate/generated when the file was
moved to external/onlineupdate/CustomTarget_generated.mk, as otherwise a
top-level `make CustomTarget_onlineupdate/generated` would have failed with "No
rule to make target..."  Also, as there is no gb_CustomTarget_use_unpacked, its
effect has been poorly mimicked for now in
external/onlineupdate/CustomTarget_generated.mk.

Similarly, as there is no gb_WinResTarget_use_unpacked, its effect has been
poorly mimicked for now in external/onlineupdate/WinResTarget_updater.mk.

The original onlineupdate/workben/test_dialog.cxx, which is actually code
written by us, has been moved to external/onlineupdate/workben/test_dialog.cxx.

The original onlineupdate/qa/ sources (which were apparently not used during the
build) have been preserved for now as external/onlineupdate/qa/, for
documentation purposes.

The original onlineupdate/astyle.options (which was apparently not used during
the build) has been removed.

Change-Id: I5ea606202e7837269e7b128e45af2f0b8c277f9e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160492
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergmann@allotropia.de>

1 files changed, 0 insertions, 292 deletions

diff --git a/onlineupdate/source/service/certificatecheck.cxx b/onlineupdate/source/service/certificatecheck.cxx
deleted file mode 100644
index 58d70162f40c..000000000000
--- a/onlineupdate/source/service/certificatecheck.cxx
+++ /dev/null
@@ -1,292 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <windows.h>
-#include <softpub.h>
-#include <wintrust.h>
-
-#include "certificatecheck.hxx"
-#include "servicebase.hxx"
-
-#pragma comment(lib, "wintrust.lib")
-#pragma comment(lib, "crypt32.lib")
-
-static const int ENCODING = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
-
-/**
- * Checks to see if a file stored at filePath matches the specified info.
- *
- * @param  filePath    The PE file path to check
- * @param  infoToMatch The acceptable information to match
- * @return ERROR_SUCCESS if successful, ERROR_NOT_FOUND if the info
- *         does not match, or the last error otherwise.
- */
-DWORD
-CheckCertificateForPEFile(LPCWSTR filePath,
-                          CertificateCheckInfo &infoToMatch)
-{
-    HCERTSTORE certStore = nullptr;
-    HCRYPTMSG cryptMsg = nullptr;
-    PCCERT_CONTEXT certContext = nullptr;
-    PCMSG_SIGNER_INFO signerInfo = nullptr;
-    DWORD lastError = ERROR_SUCCESS;
-
-    // Get the HCERTSTORE and HCRYPTMSG from the signed file.
-    DWORD encoding, contentType, formatType;
-    BOOL result = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
-                                   filePath,
-                                   CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
-                                   CERT_QUERY_CONTENT_FLAG_ALL,
-                                   0, &encoding, &contentType,
-                                   &formatType, &certStore, &cryptMsg, nullptr);
-    if (!result)
-    {
-        lastError = GetLastError();
-        LOG_WARN(("CryptQueryObject failed.  (%d)", lastError));
-        goto cleanup;
-    }
-
-    // Pass in nullptr to get the needed signer information size.
-    DWORD signerInfoSize;
-    result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
-                              nullptr, &signerInfoSize);
-    if (!result)
-    {
-        lastError = GetLastError();
-        LOG_WARN(("CryptMsgGetParam failed.  (%d)", lastError));
-        goto cleanup;
-    }
-
-    // Allocate the needed size for the signer information.
-    signerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, signerInfoSize);
-    if (!signerInfo)
-    {
-        lastError = GetLastError();
-        LOG_WARN(("Unable to allocate memory for Signer Info.  (%d)", lastError));
-        goto cleanup;
-    }
-
-    // Get the signer information (PCMSG_SIGNER_INFO).
-    // In particular we want the issuer and serial number.
-    result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
-                              (PVOID)signerInfo, &signerInfoSize);
-    if (!result)
-    {
-        lastError = GetLastError();
-        LOG_WARN(("CryptMsgGetParam failed.  (%d)", lastError));
-        goto cleanup;
-    }
-
-    // Search for the signer certificate in the certificate store.
-    CERT_INFO certInfo;
-    certInfo.Issuer = signerInfo->Issuer;
-    certInfo.SerialNumber = signerInfo->SerialNumber;
-    certContext = CertFindCertificateInStore(certStore, ENCODING, 0,
-                  CERT_FIND_SUBJECT_CERT,
-                  (PVOID)&certInfo, nullptr);
-    if (!certContext)
-    {
-        lastError = GetLastError();
-        LOG_WARN(("CertFindCertificateInStore failed.  (%d)", lastError));
-        goto cleanup;
-    }
-
-    if (!DoCertificateAttributesMatch(certContext, infoToMatch))
-    {
-        lastError = ERROR_NOT_FOUND;
-        LOG_WARN(("Certificate did not match issuer or name.  (%d)", lastError));
-        goto cleanup;
-    }
-
-cleanup:
-    if (signerInfo)
-    {
-        LocalFree(signerInfo);
-    }
-    if (certContext)
-    {
-        CertFreeCertificateContext(certContext);
-    }
-    if (certStore)
-    {
-        CertCloseStore(certStore, 0);
-    }
-    if (cryptMsg)
-    {
-        CryptMsgClose(cryptMsg);
-    }
-    return lastError;
-}
-
-/**
- * Checks to see if a file stored at filePath matches the specified info.
- *
- * @param  certContext  The certificate context of the file
- * @param  infoToMatch  The acceptable information to match
- * @return FALSE if the info does not match or if any error occurs in the check
- */
-BOOL
-DoCertificateAttributesMatch(PCCERT_CONTEXT certContext,
-                             CertificateCheckInfo &infoToMatch)
-{
-    DWORD dwData;
-    LPTSTR szName = nullptr;
-
-    if (infoToMatch.issuer)
-    {
-        // Pass in nullptr to get the needed size of the issuer buffer.
-        dwData = CertGetNameString(certContext,
-                                   CERT_NAME_SIMPLE_DISPLAY_TYPE,
-                                   CERT_NAME_ISSUER_FLAG, nullptr,
-                                   nullptr, 0);
-
-        if (!dwData)
-        {
-            LOG_WARN(("CertGetNameString failed.  (%d)", GetLastError()));
-            return FALSE;
-        }
-
-        // Allocate memory for Issuer name buffer.
-        LPTSTR szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
-        if (!szName)
-        {
-            LOG_WARN(("Unable to allocate memory for issuer name.  (%d)",
-                      GetLastError()));
-            return FALSE;
-        }
-
-        // Get Issuer name.
-        if (!CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
-                               CERT_NAME_ISSUER_FLAG, nullptr, szName, dwData))
-        {
-            LOG_WARN(("CertGetNameString failed.  (%d)", GetLastError()));
-            LocalFree(szName);
-            return FALSE;
-        }
-
-        // If the issuer does not match, return a failure.
-        if (!infoToMatch.issuer ||
-                wcscmp(szName, infoToMatch.issuer))
-        {
-            LocalFree(szName);
-            return FALSE;
-        }
-
-        LocalFree(szName);
-        szName = nullptr;
-    }
-
-    if (infoToMatch.name)
-    {
-        // Pass in nullptr to get the needed size of the name buffer.
-        dwData = CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
-                                   0, nullptr, nullptr, 0);
-        if (!dwData)
-        {
-            LOG_WARN(("CertGetNameString failed.  (%d)", GetLastError()));
-            return FALSE;
-        }
-
-        // Allocate memory for the name buffer.
-        szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
-        if (!szName)
-        {
-            LOG_WARN(("Unable to allocate memory for subject name.  (%d)",
-                      GetLastError()));
-            return FALSE;
-        }
-
-        // Obtain the name.
-        if (!(CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0,
-                                nullptr, szName, dwData)))
-        {
-            LOG_WARN(("CertGetNameString failed.  (%d)", GetLastError()));
-            LocalFree(szName);
-            return FALSE;
-        }
-
-        // If the issuer does not match, return a failure.
-        if (!infoToMatch.name ||
-                wcscmp(szName, infoToMatch.name))
-        {
-            LocalFree(szName);
-            return FALSE;
-        }
-
-        // We have a match!
-        LocalFree(szName);
-    }
-
-    // If there were any errors we would have aborted by now.
-    return TRUE;
-}
-
-/**
- * Duplicates the specified string
- *
- * @param  inputString The string to duplicate
- * @return The duplicated string which should be freed by the caller.
- */
-LPWSTR
-AllocateAndCopyWideString(LPCWSTR inputString)
-{
-    LPWSTR outputString =
-        (LPWSTR)LocalAlloc(LPTR, (wcslen(inputString) + 1) * sizeof(WCHAR));
-    if (outputString)
-    {
-        lstrcpyW(outputString, inputString);
-    }
-    return outputString;
-}
-
-/**
- * Verifies the trust of the specified file path.
- *
- * @param  filePath  The file path to check.
- * @return ERROR_SUCCESS if successful, or the last error code otherwise.
- */
-DWORD
-VerifyCertificateTrustForFile(LPCWSTR filePath)
-{
-    // Setup the file to check.
-    WINTRUST_FILE_INFO fileToCheck;
-    ZeroMemory(&fileToCheck, sizeof(fileToCheck));
-    fileToCheck.cbStruct = sizeof(WINTRUST_FILE_INFO);
-    fileToCheck.pcwszFilePath = filePath;
-
-    // Setup what to check, we want to check it is signed and trusted.
-    WINTRUST_DATA trustData;
-    ZeroMemory(&trustData, sizeof(trustData));
-    trustData.cbStruct = sizeof(trustData);
-    trustData.pPolicyCallbackData = nullptr;
-    trustData.pSIPClientData = nullptr;
-    trustData.dwUIChoice = WTD_UI_NONE;
-    trustData.fdwRevocationChecks = WTD_REVOKE_NONE;
-    trustData.dwUnionChoice = WTD_CHOICE_FILE;
-    trustData.dwStateAction = 0;
-    trustData.hWVTStateData = nullptr;
-    trustData.pwszURLReference = nullptr;
-    // no UI
-    trustData.dwUIContext = 0;
-    trustData.pFile = &fileToCheck;
-
-    GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
-    // Check if the file is signed by something that is trusted.
-    LONG ret = WinVerifyTrust(nullptr, &policyGUID, &trustData);
-    if (ERROR_SUCCESS == ret)
-    {
-        // The hash that represents the subject is trusted and there were no
-        // verification errors.  No publisher nor time stamp chain errors.
-        LOG(("The file \"%ls\" is signed and the signature was verified.",
-             filePath));
-        return ERROR_SUCCESS;
-    }
-
-    DWORD lastError = GetLastError();
-    LOG_WARN(("There was an error validating trust of the certificate for file"
-              " \"%ls\". Returned: %d.  (%d)", filePath, ret, lastError));
-    return ret;
-}