Age | Commit message (Collapse) | Author |
|
(cherry picked from commit f231dacde9df1c4aa5f4e0970535c4f4093364a7)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
xmlsecurity/source/helper/pdfsignaturehelper.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx
Change-Id: I950b49a6e7181639daf27348ddfa0f36586baa65
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107000
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
(cherry picked from commit 586f6abee92af3cdabdce034b607b9a046ed3946)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/filter/ipdf/pdfdocument.cxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
xmlsecurity/source/helper/pdfsignaturehelper.cxx
(cherry picked from commit 00479937dc071246cc27f33fd6397668448a7ed9)
Change-Id: I626fca7c03079fb0374c577dcfe024e7db6ed5b3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106766
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
I.e. it's OK to add incremental updates for annotation/commenting
purposes and that doesn't invalite existing signatures. Everything else
does.
(cherry picked from commit 61834cd574568613f0b0a2ee099a60fa5a8d9804)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I4607c242b3c6f6b01517b02407e9e7a095e2e069
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106762
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
(cherry picked from commit 7468d5df5ec79783eae84b62bdc5ecf12f0ca255)
Conflicts:
vcl/source/filter/ipdf/pdfdocument.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx
Change-Id: I269ed858852ee7d1275adf340c8cc1565fc30693
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99480
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Only add the correct type to new signatures to avoid breaking the hash
of old ones.
(cherry picked from commit 8a9d8238bd8f903393ff1184aa37f8973c81e2ba)
Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I30f892b292f84a0575a3d4ef5ccf3eddbe0090ca
Reviewed-on: https://gerrit.libreoffice.org/70451
Tested-by: Jenkins
Tested-by: Xisco Faulí <xiscofauli@libreoffice.org>
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
(cherry picked from commit 4a59a8aba8c9d451edff790d9281d0095c1bd78e)
Change-Id: I6060b7130827346ac5d6955bf38ebe3b476819fd
Reviewed-on: https://gerrit.libreoffice.org/64151
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Change-Id: I033731251c4fffd759144f5bd9d6b9737de48c80
Reviewed-on: https://gerrit.libreoffice.org/63455
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
f0305ec0a7d199e605511844d9d6af98b66d4bfd "Fix creation/removal of GPG socketdir"
spawns additional gpgconf processes which need the same LD_LIBRARY_PATH fix as
d15f042abd5a1093984a0c8380837145f38c4efc "CppunitTest_xmlsecurity_signing failed
in sanitizer builds"
Change-Id: I1da9e9e459c5a584f092966923f8818f115322dc
Reviewed-on: https://gerrit.libreoffice.org/63420
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I4423a32fe84c6f13457e92aa0de913ee22995119
Reviewed-on: https://gerrit.libreoffice.org/63333
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
This had manual consistent formatting. Recently it was broken, so bring
back consisency by using clang-format.
(And move the "if conversion fails" comment above
CPPUNIT_ASSERT_MESSAGE() to avoid the need for an over-indented
comment.)
Change-Id: Id6a9231c044d7282c84a21152ffdfdcb8af3690d
Reviewed-on: https://gerrit.libreoffice.org/63327
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
|
|
Change-Id: I8e16746fc8d89adc8882303f67760341c1968aed
Reviewed-on: https://gerrit.libreoffice.org/63190
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
<https://gerrit.libreoffice.org/#/c/50978/> "gpg4libre: fix failing gpg test due
to over-long filenames" had introduced the gb_CppunitTest_run_gpgconf target in
xmlsecurity/CppunitTest_xmlsecurity_signing.mk, calling `gpgconf
--craete-socketdir`. A 2018-03-18 comment there notes that "Stephan's last
comment: (and `gpgconf --remove-sockedir` be called after the test?) is not
addressed yet, will do in follow-up commit".
Follow-up d7ecf4a4e37a9eeffa2b40f9fe5a2e6a8f90c876 "properly check for gpgconf
(and --create-socketdir) working" makes gb_CppunitTest_run_gpgconf conditional.
However, in configure.ac,
HAVE_GPGCONF_SOCKETDIR=TRUE
is missing, so even after follow-up 7a95ee8d0badb2cbbd137a6e18af1bada35ae933
"actually add HAVE_GPGCONF_SOCKETDIR to config_host.mk.in...", config_host.mk
will always contain
export HAVE_GPGCONF_SOCKETDIR=
so gb_CppunitTest_run_gpgconf will never be executed (and `pgconf
--crate-socketdir` will never called).
But even if it were executed, it would not create the socket dir that the test
code in xmlsecurity/qa/unit/signing/signing.cxx is actually using, as
gb_CppunitTest_run_gpgconf sets
GNUPGHOME=.../workdir/CppunitTest/xmlsecurity_signing.test.user
while xmlsecurity/qa/unit/signing/signing.cxx's SigningTest::setUp sets
GNUPGHOME=.../workdir//CppunitTest/xmlsecurity_signing.test.user/
and the GPG software is apparently picky about extra slashes when computing the
socket dir name from the GNUPGHOME env var.
(That `gpgconf --create-socketdir` was never executed with the current setup
shows that calling it explicitly is probably not really needed, as the GPG
software apparently creates it automatically on demand.)
However, what is still missing is to remove the socket dir again (see the
comment quoted above), and, probably more importantly, to exit any gpg-agent
daemon operating on that socket dir that has (indirectly) been started by the
tests in xmlsecurity/qa/unit/signing/signing.cxx. At least with Fedora 29
gpgconf from gnupg2-2.2.9-1.fc29.x86_64, that daemon is successfully terminated
by calling `gpgconf --remove-socket`.
So move the call to `gpgconf --create-socketdir` from the makefile to the test
setup code (which makes it easier to guarantee that a single GNUPGHOME value,
and thus a single socket dir, is used), and add a corresponding `gpgconf
--remove-socketdir` call to the test shutdown code. (As argued above, the
`gpgconf --create-socketdir` call shouldn't be stricktly necessary, but it looks
cleaner to do it explicitly anyway.)
Change-Id: I2ec8f08943ed63ec27f8507461588ee7cdadf372
Reviewed-on: https://gerrit.libreoffice.org/63181
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
It passed "make check" on Linux
Change-Id: I1cb32c359d761410cf8e657f8e4e15694836947e
Reviewed-on: https://gerrit.libreoffice.org/59985
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: Icc820a47ac891c358883f9c01224f676c58fdd11
Reviewed-on: https://gerrit.libreoffice.org/59744
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
The AdES validator at
<https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation> recently
learned to deal with ODF files, this improves its output, so that
"Qualification Signature" section is no longer just a red "N/A" but an
orange "Indeterminate QESig".
Change-Id: I5f47b935f1dbfa4e2eee4654db31403479cb571d
Reviewed-on: https://gerrit.libreoffice.org/59633
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
rtl/string.hxx and rtl/ustring.hxx both unnecessarily #include <sal/log.hxx> (and don't make use of it themselves), but many other files happen to depend on it.
This is a continuation of commit 6ff2d84ade299cb3d14d4110e4cf1a4b8070c030 to be able to remove those unneeded includes.
This commit adds missing headers to every file found by:
grep -FwL sal/log.hxx $(git grep -Elw 'SAL_INFO|SAL_INFO_IF|SAL_WARN|SAL_WARN_IF|SAL_DETAIL_LOG_STREAM|SAL_WHERE|SAL_STREAM|SAL_DEBUG')
to directories w* x*
Change-Id: I27bff44da3d34d24262031c7489e755311599bc5
Reviewed-on: https://gerrit.libreoffice.org/57307
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
and give utl::OStreamWrapper a new constructor so that it knows it is
taking ownership of the SvStream, which appears to fix several leaks
Change-Id: Idcbcca9b81a4f0345fd8b8c8a2f4e84213686a6b
Reviewed-on: https://gerrit.libreoffice.org/57187
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
With OFFICE-3940 the loext markup got accepted for ODF1.3 (and
the redundant KeyInfo element removed). Make sure manifest parser
can import new markup.
Change-Id: Id3c88654e8e6e0e256cd68fbb43f1ef670849cf7
Reviewed-on: https://gerrit.libreoffice.org/56597
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Allows dropping the xmlsec1-ecdsa-assert.patch.1 backport.
Also fix the generated test certs + generator script to avoid expired
certs for a while (.db files generated with Firefox 57.0).
Change-Id: I8cba9a01633a3952c845e15e23b18d44544cdb59
Reviewed-on: https://gerrit.libreoffice.org/56123
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Since the previous call would throw if there was nothing to be assigned
to the value.
Idea from tml.
Used the following script to find places:
git grep -A3 -n UNO_QUERY_THROW | grep -B3 -F 'is()'
Change-Id: I36ba7b00bcd014bdf16c0455ab91056f82194969
Reviewed-on: https://gerrit.libreoffice.org/55417
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
and fix the fallout
Change-Id: I15bc5d626f4d157cbc69a87392078b41e621d14e
Reviewed-on: https://gerrit.libreoffice.org/54882
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I8bb48c46aaea9ef4ce4bc4ab58ea8b88fe0e48a2
Reviewed-on: https://gerrit.libreoffice.org/55159
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
idea originally from either tml or moggi, can't remember which
Change-Id: Id78d75035036d3aa1666e33469c6eeb38f9e624d
Reviewed-on: https://gerrit.libreoffice.org/55126
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Need to incrementally migrate the remaining places (ODF, OOXML signing)
to CNG, then flip the default. SVL_CRYPTO_CNG=1 is needed till then.
(The testcase passes with and without the fix when SVL_CRYPTO_CNG is not
specified; it fails without the fix when SVL_CRYPTO_CNG is specified.)
Change-Id: Ide9d3b109bbd955a9cb83b18bba6aa72269f4d34
Reviewed-on: https://gerrit.libreoffice.org/55030
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Id2b59887fcd69e294a6d9db17ec0446615054ecc
Reviewed-on: https://gerrit.libreoffice.org/54779
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Using an ECDSA key but writing RSA URIs would fail later in libxmlsec.
Also fix up CppunitTest_xmlsecurity_signing (env vars were set too
late), so that the new testcase actually fails without the fix.
Change-Id: I9e584844d5cd046952b2f19130aeaa5a765bfc0a
Reviewed-on: https://gerrit.libreoffice.org/54400
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I11d874caad9174fb1a70121f1772e117753ee519
Reviewed-on: https://gerrit.libreoffice.org/54503
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I92078fdece135754744d85424956dbb071f3899e
Reviewed-on: https://gerrit.libreoffice.org/53638
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
...fail when SRCDIR is a read-only tree
Change-Id: I80a372b3eb71faed1215305a55df93390c846eed
Reviewed-on: https://gerrit.libreoffice.org/52020
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...otherwise fails if SRCDIR is a read-only tree
Change-Id: I0b81be5ba055dac133e5ee638f21c3c5f4d5736b
Reviewed-on: https://gerrit.libreoffice.org/52015
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
I (tried to) keep these files consistent locally with astyle in the past,
switching to clang-format makes sure that the recent problem with introducing
inconsistencies in these files doesn't happen again.
(On the flip side, it's great to see that now others also touch this
PDF/pdfium code. :-) )
Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd
Reviewed-on: https://gerrit.libreoffice.org/51701
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I21268e5950381845eb90bf66a42a99adc3821eaa
Reviewed-on: https://gerrit.libreoffice.org/51493
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
PDFDocument::Tokenize() in the aKeyword == "obj" case allocates a
PDFObjectElement, stores it as an owning pointer inside rElements, and
also stores two non-owning references to it in m_aOffsetObjects and
m_aIDObjects. So make sure those 2 other containers are also cleared
then elements go away.
LO_TRACE="valgrind" bin/run pdfverify <sample>
doesn't report errors anymore after the fix.
Change-Id: Ie103de3e24a1080257a79e53b994e8536a9597bc
Reviewed-on: https://gerrit.libreoffice.org/50627
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
The roundtrip of the pdf image failed due to this.
Change-Id: I88a9657e242dd2659f9bf06233e5fcbfeb43ceb5
Reviewed-on: https://gerrit.libreoffice.org/48362
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I078626eaa3155cc429320cc8c1532003b382b22a
Reviewed-on: https://gerrit.libreoffice.org/47855
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: I3ff3df41b004a0c2cfe01da19c1a0aa6488aaead
|
|
Load encrypted document w/ password-less key,
don't fail.
Change-Id: Id782dd865878ae7b8a60c7c80821b1370f6ac7e7
Reviewed-on: https://gerrit.libreoffice.org/47831
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I2040315707674dc99a37aedb96ac61dca274c13a
Reviewed-on: https://gerrit.libreoffice.org/47348
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Since some GnuPG versions tend to litter the source tree with random
files otherwise.
Change-Id: I0302f73b216f2de4dafcb6adca81097ec9d87e8c
Reviewed-on: https://gerrit.libreoffice.org/46447
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I029d5c949b4a1e6bd6b0ce4edb39411b9dce88c2
|
|
The only effect SAL_CALL effectively has on LO-internal code is to change non-
static member functions from __thiscall to __cdecl in MSVC (where all other
functions are __cdecl by default, anyway). (For 3rd-party code, it could be
argued that SAL_CALL is useful on function declarations in the URE stable
interface other than non-static member functions, too, in case 3rd-party code
uses a compiler switch to change the default calling convention to something
other than __cdecl. But loplugin:salcall exempts the URE stable interface,
anyway.)
One could argue that SAL_CALL, even if today it effectively only affects non-
static member functions in MSVC, could be extended in the future to affect more
functions on more platforms. However, the current code would already not
support that. For example, 3af500580b1c82eabd60335c9ebc458a3f68850c
"loplugin:salcall fix functions" changed FrameControl_createInstance in
UnoControls/source/base/registercontrols.cxx to no longer be SAL_CALL, even
though its address (in ctl_component_getFacrory, in the same file) is passed to
cppuhelper::createSingleFactory as an argument of type
cppu::ComponentInstantiation, which is a pointer to SAL_CALL function.
Change-Id: I3acbf7314a3d7868ed70e35bb5c47bc11a0b7ff6
Reviewed-on: https://gerrit.libreoffice.org/46436
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
And disable unit tests otherwise
Change-Id: I32e1d8d2f8b0013d9cb43b78a55d23a1a29a8e8d
Reviewed-on: https://gerrit.libreoffice.org/46057
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I6f085b67c3477f427bd1efd96db93cbb89e20647
Reviewed-on: https://gerrit.libreoffice.org/46050
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Since this requires a working gpg setup, limit to linux for the
moment. If you need to add signatures or redo them, run LibreOffice
from a shell with env var
GNUPGHOME=<core>/xmlsecurity/qa/unit/signing/data/ set.
For editing keys, gpg2 also accepts a
--homedir=<core>/xmlsecurity/qa/unit/signing/data/ option
Change-Id: I59e5b563098b19d05c8c2db32537241bc835fc80
Reviewed-on: https://gerrit.libreoffice.org/45950
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Left indent was set to non-zero in the style, but direct formatting set
it back to zero. Teach deduplication to remove the
NS_ooxml::LN_CT_PPrBase_ind SPRM itself in case the last attribute was
removed.
Change-Id: I01b202f0241b02816b2b392326737b1150caffc2
Reviewed-on: https://gerrit.libreoffice.org/44385
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I6f37919da5fef0a90fad314019db19e4a5604169
Reviewed-on: https://gerrit.libreoffice.org/44220
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
clang-cl reported "error: comparison of integers of different signs: 'DWORD'
(aka 'unsigned long') and 'HRESULT' (aka 'long') [-Werror,-Wsign-compare]"
Change-Id: I568f03bd863ba63e30143483d9573042f3506de7
Reviewed-on: https://gerrit.libreoffice.org/42597
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
The other ifdef doesn't influence indentation, so don't do it here,
either.
Change-Id: I84259a46d1f66180e4fea295930f40b2b83e58fc
|
|
Without this, expired/not yet valid certificates, as well as
certificates without private key, make test needlessly fail.
Change-Id: Ic8ff85db54f1f1b1fb49fde82424f597f1555c96
Reviewed-on: https://gerrit.libreoffice.org/42434
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Which means xmlsecurity can be again a module that has no public
headers.
Change-Id: I3d0b03680398f80196fac187263e770fd44ed0ed
Reviewed-on: https://gerrit.libreoffice.org/41966
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|