| Age | Commit message (Collapse) | Author |
|---|
|
Change-Id: I42a102a3532f3de98fecba8a7d96e93caac4b95b
|
|
* pre stdcxx17 compilers do not support nested namespaces
* std::make_unique is not supported (replaced by o3tl::make_unique)
* extra usage of #include <memory>: it did fail wihout it in some cases
* rewriting lambdas: they are working really bad in old versions
Change-Id: I2c99ababa16de76549c976c79c6a8ab7927ad200
|
|
This is similar to 12b15be8f4f930a04d8056b9219ac969b42a9784 and following
commits, but OOXMLSecParser has some differences to XSecParser, such as
using a ds:Manifest, and requires a couple extra namespaces.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113381
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit cc1d19f7bbaefa5fb22ebd1344112755068b93c9)
Change-Id: I56e39d9609db8fcad50ca1632ff482c1f0a30ff5
|
|
Combine everything related to a certificate in a new struct X509Data.
The CertDigest is not actually written in the X509Data element but in
xades:Cert, so try to find the matching entry in
XSecController::setX509CertDigest().
There was a confusing interaction with PGP signatures, where ouGpgKeyID
was used for import, but export wrote the value from ouCertDigest
instead - this needed fixing.
The main point of this is enforcing a constraint from xmldsig-core 4.5.4:
All certificates appearing in an X509Data element MUST relate to the
validation key by either containing it or being part of a certification
chain that terminates in a certificate containing the validation key.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111254
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 9e82509b09f5fe2eb77bcdb8fd193c71923abb67)
xmlsecurity: improve handling of multiple certificates per X509Data
It turns out that an X509Data element can contain an arbitrary number of
each of its child elements.
How exactly certificates of an issuer chain may or should be distributed
across multiple X509Data elements isn't terribly obvious.
One thing that is clear is that any element that refers to or contains
one particular certificate has to be a child of the same X509Data
element, although in no particular order, so try to match the 2 such
elements that the parser supports in XSecController::setX509Data().
Presumably the only way it makes sense to have multiple signing
certificates is if they all contain the same key but are signed by
different CAs. This case isn't handled currently; CheckX509Data() will
complain there's not a single chain and validation of the certificates
will fail.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111500
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 5af5ea893bcb8a8eb472ac11133da10e5a604e66)
xmlsecurity: add EqualDistinguishedNames()
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111545
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 1d3da3486d827dd5e7a3bf1c7a533f5aa9860e42)
xmlsecurity: avoid exception in DigitalSignaturesDialog::getCertificate()
Fallback to PGP if there's no X509 signing certificate because
CheckX509Data() failed prevents the dialog from popping up.
To avoid confusing the user in this situation, the dialog should
show no certificate, which is already the case.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111664
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 90b725675c2964f4a151d802d9afedd8bc2ae1a7)
xmlsecurity: fix crash in DocumentDigitalSignatures::isAuthorTrusted()
If the argument is null.
This function also should use EqualDistinguishedNames().
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111667
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ca98e505cd69bf95d8ddb9387cf3f8e03ae4577d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit a1cf770c2d7ca3e153e0b1f01ddcc313bc2bed7f)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113058
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Change-Id: I9633a980b0c18d58dfce24fc59396a833498a77d
|
|
Change-Id: I3faa33c98ec56197a1528f443c3850c70e171c4b
|
|
Change-Id: I2e4411f0907b89e7ad6e0185cee8f12b600515e8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111253
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 2bfa00e6bf4b2a310a8b8f5060acec85b5f7a3ce)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111909
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94ce59dd02fcfcaa1eb4f195b45a9a2edbd58242)
|
|
LO writes timestamp both to dc:date and xades:SigningTime elements.
The parser tries to avoid reading multiple dc:date, preferring the first
one, but doesn't care about multiple xades:SigningTime, for undocumented
reasons.
Ideally something should check all read values for consistency.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111160
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 4ab8d9c09a5873ca0aea56dafa1ab34758d52ef7)
xmlsecurity: remove XSecController::setPropertyId()
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111252
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit d2a345e1163616fe3201ef1d6c758e2e819214e0)
Change-Id: Ic018ee89797a1c8a4f870ae102af48006de930ef
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111908
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit abe77c4fcb9ea97d9fff07eaea6d8863bcba5b02)
|
|
Implement Namespaces in XML and follow xmldsig-core and XAdES schemas.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110833
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 12b15be8f4f930a04d8056b9219ac969b42a9784)
xmlsecurity: move XSecParser state into contexts
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111158
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 59df9e70ce1a7ec797b836bda7f9642912febc53)
xmlsecurity: move XSecParser Reference state into contexts
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111159
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit cfeb89a758b5f0ec406f0d72444e52ed2f47b85e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111907
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit ad5930e87e788780a255523f106deb1dde5d7b37)
Change-Id: I03537b51bb757ecbfa63a826b38de543c70ba032
|
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94093
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
(cherry picked from commit 943fbfad668da76f7d0ebd4f4d8cdd67224d2f01)
plus one line in xsecverify.cxx from:
commit f59d9e7ea09482c2e9e5f52a8d0445e4cebc3df5
Author: Noel Grandin <noel.grandin@collabora.co.uk>
AuthorDate: Fri Apr 3 15:53:49 2020 +0200
new loplugin:unusedvariableplus
a particularly aggressive checker, which is why it is off by default
Change-Id: I5fdb554a1b116824843f35645bc1cea3ca91e0f2
|
|
Duplicate ds:X509Certificate elements cause:
warn:xmlsecurity.comp:9604:3820:xmlsecurity/source/helper/xmlsignaturehelper.cxx:658: X509Data do not form a chain: certificate in cycle:
(regression from 5af5ea893bcb8a8eb472ac11133da10e5a604e66)
Change-Id: I3d319a2f74dbec17b73f1c7bb8f4efe4e335f0ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113746
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ae08aa8a095832ae2a88eac14f9680ac8d3a13b6)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113752
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
As already stated in the comments of the signing unit tests,
disabling macro security will not only ignore the signatures, but
actually drop the macro signature, as these are never evaluated
and as a result can't be restored for the new document.
Change-Id: Ie41a9e72d3367c2eed58a52387bb67d8c41abff3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90435
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 929d46bbf42aefc1f6cf046c2b9cf3d7c4e1efc5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90393
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
* Don't hide the option dialogs "Macro security" push button.
I don't see any reason, why these settings should be hidden, if
macros are disabled or settings locked. At least a user can now
check, what is going on (still nothing shows disabled macros for
a document in the UI AFAIK).
* Don't scale the lock icons of the trusted list boxes.
This just uses the same alignments, which the macro security
level lock image uses, otherwise the image is scaled to fit the
whole space of its layout cell.
* Don't disable the trusted list boxes.
If the setting is locked, it's sufficient to disable all the
buttons, which allow modification (so View can stay enabled).
This way you can still scroll the list. Correct button handling
is already implemented and works for me.
* Catch exceptions of broken certificate data.
If your config contains certificates, which can't be correctly
decoded, the NSS backend will throw an exception, which kills
the dialog, but not the nested loop, resulting in a locked LO.
Since we don't want a string change in LTS, this drops the whole
"broken certificate" warning dialog. There already are SAL_WARNs,
which log the same warning, and are considered sufficient for
debugging broken configurations.
Reviewed-on: https://gerrit.libreoffice.org/85056
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b3348ce498b3d54b3e5e6518954ad9d5e917b8f2)
Reviewed-on: https://gerrit.libreoffice.org/85282
(cherry picked from commit ad1a41032054991cfb8b9e821c1dd25ec21d0aec)
Conflicts:
xmlsecurity/source/dialogs/macrosecurity.cxx
Change-Id: I79002e0ce85cf9a9017caf858407f2f635a3a074
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/85756
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
This extends the filter comparison from commit c3a1c83ff5af
("tdf#42316 preserve macro signature of templates").
The original patch just stripped "_template" from the source
filter to find equal document types, which just enables the
"template => document" case. This patch also strips the
"_template" from the target filter, which fixes the "document
or template => template" cases.
This also extends the signing save tests:
* OTT 1.2 => OTT 1.2 - preserve
* ODT 1.2 => OTT 1.2 - preserve
* OTT 1.0 => OTT 1.0 - preserve
* ODT 1.0 => OTT 1.0 - preserve
* OTT 1.0 => OTT 1.2 - drop
Reviewed-on: https://gerrit.libreoffice.org/80654
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit 4aa6e2cb2245eddab87fb451add94159a7604246)
Reviewed-on: https://gerrit.libreoffice.org/80910
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 7b405877b0fa0145513ac0294ab51cf57e6108c6)
Change-Id: Ie297258a4d9f9aa4beb25786c6ba240b6f16f49b
Reviewed-on: https://gerrit.libreoffice.org/81885
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
When comparing the filter of the current and the target document
we have to strip the '_template' from the filter name.
Still this won't preserve the signature of the document attached
to tdf#42316, as this is a ODF 1.0 OTT, which doesn't have a
valid signature in ODF 1.2, as the signature doesn't match the ODF
1.2 namespace for signatures and the default LO ODF version is ODF
1.2 extended.
In theory the signature itself could even be converted most times,
but that can be done in an additional patch, if needed.
Since the code literally saves a template to an internal document,
SfxObjectShell::DoSaveCompleted must keep the signature of the
template. Eventually it'll be dropped on save of the template as
a document later.
The signing tests check "OTT 1.0 => ODT 1.0: preserve", "OTT 1.2
=> ODT 1.2: preserve" and "OTT 1.0 => ODT 1.2: drop".
Reviewed-on: https://gerrit.libreoffice.org/75958
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit c3a1c83ff5af05d34f433ac808adbe85f47e8c18)
Reviewed-on: https://gerrit.libreoffice.org/77112
Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I2263093687f5a0568ea781ce3ac9b114c9599add
Reviewed-on: https://gerrit.libreoffice.org/79371
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Add support for macro and package signing with a provided certificate
which is already possible for document signing since LO 6.2:
boolean signScriptingContentWithCertificate(
[in] ::com::sun::star::security::XCertificate xCertificate,
[in] ::com::sun::star::embed::XStorage xStorage,
[in] ::com::sun::star::io::XStream xStream);
boolean signPackageWithCertificate(
[in] ::com::sun::star::security::XCertificate xCertificate,
[in] ::com::sun::star::embed::XStorage xStorage,
[in] ::com::sun::star::io::XStream xStream);
Change-Id: I9783cd317a7202691913be186eca95964b1e0ff7
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86141
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 697989d11e25b3eb83e5ca2dad5d71b178abfbc1)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107772
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Found with bin/find-unneeded-includes
Only removal proposals are dealt with here.
Change-Id: I89c77656ea4021cb16bd122cb1dd1cd803390c3d
Reviewed-on: https://gerrit.libreoffice.org/71765
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Found with bin/find-unneeded-includes
Only removal proposals are dealt with here.
All hxx cleaned except the ones in
xmlsecurity/source/xmlsec/mscrypt
Change-Id: I651f53c9d339208b3132f9078a5c3829ff9c5dc8
Reviewed-on: https://gerrit.libreoffice.org/71448
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Only add the correct type to new signatures to avoid breaking the hash
of old ones.
Change-Id: I30f892b292f84a0575a3d4ef5ccf3eddbe0090ca
Reviewed-on: https://gerrit.libreoffice.org/70424
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
so if CertGetCertificateChain fails we don't want validity to be
css::security::CertificateValidity::VALID which is what the old default
of 0 equates to
notably
commit 1e0bc66d16aee28ce8bd9582ea32178c63841902
Date: Thu Nov 5 16:55:26 2009 +0100
jl137: #103420# better logging
turned the nss equivalent of SecurityEnvironment_NssImpl::verifyCertificate
from 0 to CertificateValidity::INVALID like this change does
Change-Id: I5350dbc22d1b9b378da2976d3b0abd728f1f4c27
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110561
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit edeb164c1d8ab64116afee4e2140403a362a1358)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113090
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Change-Id: Iff416a9c5930ad5903f7ee51a2abbc94d5f40800
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110970
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins
(cherry picked from commit f456c4dacf700e064e112ef068ff7edb04239754)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110922
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit f19d95986756412e5d72047656eec17a720c5e57)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113049
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Triggers the assert in SwSubFont::GetTextSize_() on ooo58234-1.doc,
which has a field result with ^G cell separators that is converted to
SwInputField, which inserts the field result into SwTextNode.
Change-Id: Ibdb93390862a11462d62cf744bac912d6009777e
Reviewed-on: https://gerrit.libreoffice.org/81788
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 3a9d504b01c061f60a915b5681c8313859294118)
Reviewed-on: https://gerrit.libreoffice.org/81831
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Sanitize string before calling InsertString().
This segfaults since:
commit b522fc0646915d4da94df38dd249c88b28f25be7
Date: Tue Sep 24 18:11:45 2019 +0200
sw: maintain fieldmarks in DeleteRange()/DeleteAndJoin()/ReplaceRange()
Change-Id: I9ef73d924420686f6838fa21900ec57b4d25c905
Reviewed-on: https://gerrit.libreoffice.org/81949
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7ecda38cdaa2361e8510bf3e7206863c4936deab)
Reviewed-on: https://gerrit.libreoffice.org/82759
(cherry picked from commit d494a4c0ead7db481757d8d67fbce9e1b02e65df)
|
|
SwWW8ImplReader::ReadChar() inserts a U+0002 control character to
temporarily mark a footnote anchor; this is then deleted and replaced
with a real footnote hint by SwWW8ImplReader::End_Footnote().
The assumption is that it is necessary to insert a placeholder
character to be able to apply formatting to it.
But if the document is corrupted, the control character could survive
the import, which sounds less than ideal.
So either make this magic character more explicit by documenting it in
hintids.hxx and removing any outstanding ones at the end of the import,
or use a non-offensive character instead; since this should only affect
invalid documents, choose the solution with the least effort.
Change-Id: I76d396258b32e0f0fb6393942a58a4dc57912211
Reviewed-on: https://gerrit.libreoffice.org/82760
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 13ba765c444713b0b0b2f4b4231bdafcbbef6ad0)
|
|
... in RTFDocumentImpl::checkUnicode(); see ooo86460-1.xls [sic]
for an example.
There is another caller of text() in rtfdispatchdestination.cxx:311 but
it turns out that buffered text was created by text() in the first
place.
This shouldn't be a problem for DOCX because XML 1.0 doesn't allow the
bad control characters anyway so the sax parser should report an error
in that case.
(cherry picked from commit a6516c76c01b92f7d35bfb352b63af7de42b5707)
Change-Id: Ice45e1c3c8c7db668a4cfb8364e42addea1777ce
Reviewed-on: https://gerrit.libreoffice.org/81780
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Refuse invalid input in DocInsertStringSplitCR().
Reviewed-on: https://gerrit.libreoffice.org/81696
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 9b1e3e9bfdc0639630a367e45e4bdc2e9f22e503)
Change-Id: I097c1b3a1f70b0cf1fa3fc33fc1d965ee6c96280
|
|
E.g. rhbz433940-1.html contains literal ^G characters that are inserted
as-is into SwTextNodes.
This now triggers assert about CH_TXT_ATR_FIELDSTART in
SwSubFont::GetTextSize_() that was added in
19a559b0ec9b806519c405651d6d2b2e14712b4a.
Change-Id: I6aa7de41a04069e15b40865fd57894dae0fc10db
Reviewed-on: https://gerrit.libreoffice.org/81606
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Tested-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 35d248cab1f0d4800f72abb5cb6afb56f40d9083)
Reviewed-on: https://gerrit.libreoffice.org/81652
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
(cherry picked from commit f231dacde9df1c4aa5f4e0970535c4f4093364a7)
Conflicts:
xmlsecurity/source/helper/pdfsignaturehelper.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105926
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit fcab45e0e22f4cf46e71856dba7ae5abd6f99bc5)
Change-Id: I950b49a6e7181639daf27348ddfa0f36586baa65
Conflicts:
xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
(cherry-picked from 363997c76749219b900f47043d1b17ba8ec9bccd)
Change-Id: I7096222bc2547046d988e0ba28df725859270790
|
|
external: update pdfium to 4203
(cherry picked from commit 4488be8a9279be0bd0aebd476589a49d2b95da6e)
Update one mention of pdfium-4137.tar.bz2
...left behind by 4488be8a9279be0bd0aebd476589a49d2b95da6e "external: update
pdfium to 4203"
(cherry picked from commit ba4b3d5f7a0fe8d0d985e98897e041d59093d8b0)
external: update pdfium to 4260
(cherry picked from commit f19381e46930bb496e7331754843920933fb4be2)
external: update pdfium to 4306
(cherry picked from commit fe531957e3dcd42927cf15ab31d04473433d81f9)
Conflicts:
include/vcl/pdf/PDFAnnotationSubType.hxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105913
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit b4f50e78e9cd391964128bd0d1446d4dca110cef)
Change-Id: Ic10cf99fa412f8f0b3475e82d0a1839a7f04bd08
|
|
Needed to be able to parse the /Reference key of signatures.
(cherry picked from commit 056c1284d6a68525002c54bef10834cc135385db)
Conflicts:
vcl/qa/cppunit/filter/ipdf/ipdf.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105626
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8f46af565680bef0ff8ca32781e6d813a7446543)
Change-Id: I6b81089a3f58a2de461ad92ca5a891c284f8686a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107084
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
|
|
(cherry picked from commit 586f6abee92af3cdabdce034b607b9a046ed3946)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/source/helper/pdfsignaturehelper.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105785
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 00479937dc071246cc27f33fd6397668448a7ed9)
Change-Id: I626fca7c03079fb0374c577dcfe024e7db6ed5b3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107085
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
|
|
Needed to be able to parse the /Reference key of signatures.
(cherry picked from commit 056c1284d6a68525002c54bef10834cc135385db)
Conflicts:
vcl/qa/cppunit/filter/ipdf/ipdf.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105626
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8f46af565680bef0ff8ca32781e6d813a7446543)
Change-Id: I6b81089a3f58a2de461ad92ca5a891c284f8686a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107084
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
|
|
I.e. it's OK to add incremental updates for annotation/commenting
purposes and that doesn't invalite existing signatures. Everything else
does.
(cherry picked from commit 61834cd574568613f0b0a2ee099a60fa5a8d9804)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I4607c242b3c6f6b01517b02407e9e7a095e2e069
|
|
(cherry picked from commit 7468d5df5ec79783eae84b62bdc5ecf12f0ca255)
Conflicts:
vcl/source/filter/ipdf/pdfdocument.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx
Change-Id: I269ed858852ee7d1275adf340c8cc1565fc30693
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99480
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
With more and more usage of PDFium, it is hard to keep track of
the life-time of the PDFium library, so it can happen that a
FPDF_DestroyLibrary happens when we still have another instance
where PDFium is still use. The result of this is a crash. To
prevent this, just initialize the library once and delete, when
on LO exit.
This can be improved in the future to only keep the library
active when in actual use.
[ Leaving out the vector graphic search bits, the motivation is to just
have this in libreoffice-7-0, so that recent pdf sig verify improvements
can be backported. ]
(cherry picked from commit 067a8a954c8e1d8d6465a4ab5fb61e93f16c26c2)
Conflicts:
vcl/source/graphic/VectorGraphicSearch.cxx
svx/source/svdraw/svdpdf.cxx
svx/source/svdraw/svdpdf.hxx
vcl/Library_vcl.mk
vcl/qa/cppunit/pdfexport/pdfexport.cxx
vcl/source/filter/ipdf/pdfread.cxx
Change-Id: I5c7e5de7f8b97d10efb394c67c7a61b976c8d57c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102317
Tested-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit b7de766b4dc5b4810277069bcf53a9f3737e87da)
|
|
That's reserved for valid signatures (digest match, certificate
validates and the signature covers the whole document).
Also avoid "invalid" in the dialog when the digest matches and the
signature is just incomplete.
This now uses wording which is closer to Acrobat and also uses the same
wording on the infobar and in the dialog.
Conflicts:
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
Change-Id: I26e4781d555b65cf29aa8df2232e286917235dc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101926
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102188
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 46efad443472679b93b282c8e08b807d7e8f1a78)
|
|
The infobar mentioned if a signature is partial, but the dialog just has
a bool UI for signatures. Then present "good, but partial" as "bad".
(cherry picked from commit 3ba1144cb96c710e665ffb3ada26fb6a48a03472)
Change-Id: I698190aa77702000b11d635bd038d9c9a91614ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101844
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
With more and more usage of PDFium, it is hard to keep track of
the life-time of the PDFium library, so it can happen that a
FPDF_DestroyLibrary happens when we still have another instance
where PDFium is still use. The result of this is a crash. To
prevent this, just initialize the library once and delete, when
on LO exit.
This can be improved in the future to only keep the library
active when in actual use.
[ Leaving out the vector graphic search bits, the motivation is to just
have this in libreoffice-7-0, so that recent pdf sig verify improvements
can be backported. ]
(cherry picked from commit 067a8a954c8e1d8d6465a4ab5fb61e93f16c26c2)
Conflicts:
vcl/source/graphic/VectorGraphicSearch.cxx
Change-Id: I5c7e5de7f8b97d10efb394c67c7a61b976c8d57c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102317
Tested-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit b7de766b4dc5b4810277069bcf53a9f3737e87da)
Conflicts:
svx/source/svdraw/svdpdf.cxx
svx/source/svdraw/svdpdf.hxx
vcl/Library_vcl.mk
vcl/qa/cppunit/pdfexport/pdfexport.cxx
vcl/source/filter/ipdf/pdfread.cxx
|
|
This older varialt is still used on that branch
Change-Id: I36331b672fb499218745bdcd00d077e36272f4fe
|
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93789
Tested-by: René Engelhard <rene@debian.org>
Tested-by: Jenkins
Reviewed-by: Tomáš Chvátal <tchvatal@suse.com>
(cherry picked from commit b42ab78fb871924896b3cc38a7b2f1257151f711)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96639
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
(cherry picked from commit d40f36bf47814c324a1ec467c566255fb187444b)
Change-Id: I89b4635a6a3e3a5522172d6f4c3f14e6c14994b1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108955
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Change-Id: I7a3684932b8f9c403a3368b42fa4d8039c67f1a9
Reviewed-on: https://gerrit.libreoffice.org/84384
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86905
Reviewed-by: Tomáš Chvátal <tchvatal@suse.com>
Tested-by: Tomáš Chvátal <tchvatal@suse.com>
(cherry picked from commit 035830400393e075fca364a444e04c40516730b2)
|
|
Since NSS 3.53, the Makefile based build should be fixed (upstream
bug 290526). The only missing patch is a minimal NSPR fix for the
"NSPR, configure + make, parallel, Windows, MS VS, debug" build.
That patch isn't incuded in the NSPR 4.25 release (but it's already
in the mercurial repo for NSPR 4.26).
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/95218
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b56e8d6def26a0430853835e997f1be841840a61)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100419
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit c1bce55faebd9ad8751d7b6b9a7f77dff7b3d507)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100589
(cherry picked from commit 3e4dbb1708d4b3b7619602b63602b884a7bb2caa)
Change-Id: I8eaa3792a12bdff734e56ac3f552991478957e23
|
|
Looks like Python 3.5 is EOL, so backport the patch.
Change-Id: I9ba397b3ed7e5f4ee4f78b144d822ce260ca9fb4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111059
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Fixes CVE-2020-25694, plus a bunch more CVE that don't look relevant.
* --with-krb5 no longer exists, neither does --disable-shared
* remove internal-zlib.patch.1:
zlib is only used by pg_* tools / contrib/pgcrypto
* remove postgresql-libs-leak.patch:
some relic from pre-gbuild times, not clear what the point is for
static libs
* remove postgresql-9.2.1-libreoffice.patch:
another dmake .mk file relic, and the win32 nmake build system was
removed
* add postgres-msvc-build.patch.1 to fix Cygwin perl and openssl
* on WNT, libpq.dll is now built, no longer static lib
postgresql: fix mistake in RepositoryExternal.mk
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109640
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 234833f7823a1424b62c93e145f0cfe2c6b6efd5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109698
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1362bf7fa2957d34a7cef18dd95ede22cc42787f)
Change-Id: Ic0232a28801b2f604d9f4e33d5621ae3362defaa
|
|
Fixes CVE-2020-27778, CVE-2020-35702
and changelogs mention lots of fuzzing fixes.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108912
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 48e8b32a9b66722bbb28fc15840b3706a461aeb7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108904
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit fb185106492f5aabac6ab57ae90cd81d51480093)
Change-Id: Ib07bdee726905e74afc13a01bbbd53f218121744
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108956
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108884
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit b4c5bd9b330068e8c550e398cf761457ec9b6aa4)
Change-Id: Ia756f1fa642eeb6dcadc867cc9730732a73c11b4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108953
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
due to an out of bounds array access in
raptor_xml_writer_start_element_common
use a better fix than the initial suggestion
See:
https: //bugs.mageia.org/show_bug.cgi?id=27605
https: //www.openwall.com/lists/oss-security/2020/11/13/1
Change-Id: Ida4783a61412ffce868eacf81310da338d3e2df1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106249
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Tested-by: Jenkins
|
|
Change-Id: Ifa662be39ac7d35241ee31956e2556b7ba3b5a02
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106558
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I74df0bc6db978e06e8014ac1bc0d76a66c7f4fe8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102341
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403.
(also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47)
* external/nss/nss.nspr-parallel-win-debug_build.patch:
remove, merged upstream
Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 495a5944a3d442cfe748a3bb0dcef76f6a961d30)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100420
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 227d30a3a17f2fffb1a166cdc3e2a796bb335214)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100590
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94cecbfdf3cf01fe3d5658c7edf78696da2a249f)
|
|
Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis.
Disable new optional dependencies "ngtcp2" and "quiche".
Change-Id: I595ed909c4e792ac3244643511a338b117e7f102
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 43130216127913d30074d3fe99c5706dcce44dee)
|
