Age | Commit message (Collapse) | Author |
|
Duplicate ds:X509Certificate elements cause:
warn:xmlsecurity.comp:9604:3820:xmlsecurity/source/helper/xmlsignaturehelper.cxx:658: X509Data do not form a chain: certificate in cycle:
(regression from 5af5ea893bcb8a8eb472ac11133da10e5a604e66)
Change-Id: I3d319a2f74dbec17b73f1c7bb8f4efe4e335f0ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113746
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ae08aa8a095832ae2a88eac14f9680ac8d3a13b6)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113752
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 0ab3a264ba8d732cffa42a069c9aa50dab44e99f)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113781
Tested-by: Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>
Reviewed-by: Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>
|
|
This was added in commit ebd1b95bb5f9235d1dba1b840fd746c9b53320d2
(INTEGRATION: CWS xmlsec08 (1.1.2); FILE ADDED; 2005-03-10) without any
real commit message to explain why this is necessary.
system-xmlsec (not containing this patch) works fine for our XML signing
purposes with software certificates, and just recently I learned that
even hardware-based certificates work fine without this patch, so it can
go away.
I assume this was a refactor to allow some new feature as a next step,
but that feature was never implemented.
[ Committer's note: this xmlsec1-customkeymanage.patch.1 breaks the test
SigningTest::testXAdESNotype():
In xmlSecNssKeyDataX509VerifyAndExtractKey(), code is added to extract
the *private* key of the certificate; upstream only extracts the
public key.
Later this causes a key requirement check in xmlSecKeysMngrGetKey() to
succeed which would otherwise fail, and the certificate to remain
uncleared.
Then xmlSecKeyInfoNodeWrite() writes the certificate into the KeyInfo
element, where it was previously read from, so it is duplicated and
LO's CheckX509Data() fails because of 2 signing certificates. ]
Reviewed-on: https://gerrit.libreoffice.org/55296
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit f06004c03bbd076767a570180b7fc239064713e6)
Change-Id: I31639230483cd34b14b35fd41b4fcd8284476138
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113179
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Change-Id: Id977be090e09eefcb4196078682694443718c2fd
Reviewed-on: https://gerrit.libreoffice.org/54103
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
... instead of hard-coding some subset of the variables everywhere.
Change-Id: I5eac5663563ee9d6cb7b57f5f6e9d55560587276
Reviewed-on: https://gerrit.libreoffice.org/44167
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>
|
|
Part of the configure is upstreamed, drop those 3 hunks.
Change-Id: I5f2ad217aaba050969cb655091f33fe61970a512
|
|
Change-Id: I9774dbec91b397d291d8f7f9bf96bbb75fc2baad
Reviewed-on: https://gerrit.libreoffice.org/42298
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>
|