| Age | Commit message (Collapse) | Author |
|---|
|
Combine everything related to a certificate in a new struct X509Data.
The CertDigest is not actually written in the X509Data element but in
xades:Cert, so try to find the matching entry in
XSecController::setX509CertDigest().
There was a confusing interaction with PGP signatures, where ouGpgKeyID
was used for import, but export wrote the value from ouCertDigest
instead - this needed fixing.
The main point of this is enforcing a constraint from xmldsig-core 4.5.4:
All certificates appearing in an X509Data element MUST relate to the
validation key by either containing it or being part of a certification
chain that terminates in a certificate containing the validation key.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111254
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 9e82509b09f5fe2eb77bcdb8fd193c71923abb67)
xmlsecurity: improve handling of multiple certificates per X509Data
It turns out that an X509Data element can contain an arbitrary number of
each of its child elements.
How exactly certificates of an issuer chain may or should be distributed
across multiple X509Data elements isn't terribly obvious.
One thing that is clear is that any element that refers to or contains
one particular certificate has to be a child of the same X509Data
element, although in no particular order, so try to match the 2 such
elements that the parser supports in XSecController::setX509Data().
Presumably the only way it makes sense to have multiple signing
certificates is if they all contain the same key but are signed by
different CAs. This case isn't handled currently; CheckX509Data() will
complain there's not a single chain and validation of the certificates
will fail.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111500
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 5af5ea893bcb8a8eb472ac11133da10e5a604e66)
xmlsecurity: add EqualDistinguishedNames()
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111545
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 1d3da3486d827dd5e7a3bf1c7a533f5aa9860e42)
xmlsecurity: avoid exception in DigitalSignaturesDialog::getCertificate()
Fallback to PGP if there's no X509 signing certificate because
CheckX509Data() failed prevents the dialog from popping up.
To avoid confusing the user in this situation, the dialog should
show no certificate, which is already the case.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111664
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 90b725675c2964f4a151d802d9afedd8bc2ae1a7)
xmlsecurity: fix crash in DocumentDigitalSignatures::isAuthorTrusted()
If the argument is null.
This function also should use EqualDistinguishedNames().
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111667
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ca98e505cd69bf95d8ddb9387cf3f8e03ae4577d)
Change-Id: I9633a980b0c18d58dfce24fc59396a833498a77d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
That's reserved for valid signatures (digest match, certificate
validates and the signature covers the whole document).
Also avoid "invalid" in the dialog when the digest matches and the
signature is just incomplete.
This now uses wording which is closer to Acrobat and also uses the same
wording on the infobar and in the dialog.
(cherry picked from commit e76d021ac44e7bf4de05899dc2694a96470bc707)
Change-Id: I26e4781d555b65cf29aa8df2232e286917235dc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102186
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
The infobar mentioned if a signature is partial, but the dialog just has
a bool UI for signatures. Then present "good, but partial" as "bad".
(cherry picked from commit 3ba1144cb96c710e665ffb3ada26fb6a48a03472)
Change-Id: I698190aa77702000b11d635bd038d9c9a91614ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101826
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
The problem was that the whole Subject info was returned from
X.509 certs if they did not start with one of "CN", "OU", "O", "E"
Instead of extending this list with random keys, pass the type of cert
and only return the whole Subject info if it's an OpenGPG one, and
process the info unconditionally if it's X.509 like before the OpenGPG
integration
Change-Id: I1aa5d7285e48b0f4a769a073cdfb7732e482792c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/92675
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: I2bbfb1445b8d2e748f642cdf4723d41b7f072e2b
Reviewed-on: https://gerrit.libreoffice.org/80305
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I7892b4819fd7491882e6ca995bf2ce5c65230609
Reviewed-on: https://gerrit.libreoffice.org/79791
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I54945ed1ea2292ecc02ff988c4ecf310a9c4b87a
Reviewed-on: https://gerrit.libreoffice.org/77451
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
It might be simple "Program Files" on 32-bit system; or localized (see
https://www.samlogic.net/articles/program-files-folder-different-languages.htm),
or on a different drive (if system isn't on C:), etc.
Change-Id: Id0f28b4c4920fcda53a58fbff9f42bcfde6668f6
Reviewed-on: https://gerrit.libreoffice.org/77448
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
Seems Gpg4Win recently grew a few more variants where to put stuff.
Look there, too.
Change-Id: Ifa09db11665671f518a6a66480c1a71fd619d8cd
Reviewed-on: https://gerrit.libreoffice.org/77341
Tested-by: Jenkins
Reviewed-by: Xisco Faulí <xiscofauli@libreoffice.org>
|
|
Change-Id: I69e5c6d82fddd1da1e414e7764f3a5d90351a43d
Reviewed-on: https://gerrit.libreoffice.org/76377
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: Ic3daba9e6e94516ea4d80f25f73e9e46a50edb5c
Reviewed-on: https://gerrit.libreoffice.org/76035
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I1262ca0dc2b2f843bdd6277415ee7967e9e59458
Reviewed-on: https://gerrit.libreoffice.org/72320
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
ditch duplicate method
Change-Id: Iea35d6437f48809a06e093241bddf301f00c502b
Reviewed-on: https://gerrit.libreoffice.org/69302
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Id3858365a54e6ae96bf9e6c3e27a777441ab56ae
Reviewed-on: https://gerrit.libreoffice.org/68133
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
and ChineseTranslationDialog
Change-Id: I3b754c405c8379fc0c5fa94437cc0464a1dea999
Reviewed-on: https://gerrit.libreoffice.org/67991
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Idd2c4a812a9415c816427f8566d9e7159b4dd2a6
Reviewed-on: https://gerrit.libreoffice.org/67806
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I197f4805558b07aeb9e66734d0fb5c250c41ad3e
Reviewed-on: https://gerrit.libreoffice.org/67796
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I46087a58d5cff7ea8ac86ef8ee670cc4a59d0120
Reviewed-on: https://gerrit.libreoffice.org/67795
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
CertificateViewer, CertificateViewerGeneralTP,
CertificateViewerDetailsTP, CertificateViewerCertPathTP
Change-Id: I5792b673f17b3cd465ff17444776066139877ec1
Reviewed-on: https://gerrit.libreoffice.org/67756
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
look for mixed indentation in compound statements, which makes them hard
to read, and sometimes makes it look like a statement is associated with
a nearby if/for
Change-Id: Ic8429cee1f9a86d938097a4a8769a2bce97b3361
Reviewed-on: https://gerrit.libreoffice.org/63283
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Found with bin/find-unneeded-includes
Only removal proposals are dealt with here.
Change-Id: I937ed12f2a96943664087ddcdd035f1347e84a57
Reviewed-on: https://gerrit.libreoffice.org/67102
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
When determining if a file is an XML file for siging, we need to
read the manifest file to get an accurate detection. In case when
we were signing in the GUI the manifest file was read when the
storage was set. When we didn't sign over the GUI, the manifest
was never read: the code was only present in the GUI code -
"documentsignaturesdialog.cxx" so the detection was wrong and
isXML returned "true" for current.xml.
With this we move the manifest reading to DigitalSignatureManager,
where the manifest is read when needed.
Change-Id: If45a32af6410bc5f7c5afdb976b182bd69ab7d6b
Reviewed-on: https://gerrit.libreoffice.org/65600
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
|
|
Found with bin/find-unneeded-includes
Only removal proposals are dealt with here.
Change-Id: Ib32ea54a3fa690a0722fa75ddb4121ec78c0b64f
Reviewed-on: https://gerrit.libreoffice.org/65386
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Move the xmlsec helper methods to comphelper so that we can use them in cui
Change-Id: If9b10cfff5f5abd6b16e48f043af7959edbb1142
Reviewed-on: https://gerrit.libreoffice.org/63198
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: I04a146d3d8a428ac1678827dc883525c40240a44
Reviewed-on: https://gerrit.libreoffice.org/62787
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ia70f28fece45c84b4a460e379c5447818818e114
Reviewed-on: https://gerrit.libreoffice.org/62054
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Iaca0d47b07f4b31b70ddeccb87f0f84019be81cd
Reviewed-on: https://gerrit.libreoffice.org/62055
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I4da53c79bb9e47548338d3e348677049e664bf8d
Reviewed-on: https://gerrit.libreoffice.org/62053
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I1df70b7dff5ebb6048f7fc618789faa15ca5d422
Reviewed-on: https://gerrit.libreoffice.org/61967
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I3a7ab7ec046a6bbff4b4a020e76356ffd454bab8
Reviewed-on: https://gerrit.libreoffice.org/61061
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
rtl/string.hxx and rtl/ustring.hxx both unnecessarily #include <sal/log.hxx> (and don't make use of it themselves), but many other files happen to depend on it.
This is a continuation of commit 6ff2d84ade299cb3d14d4110e4cf1a4b8070c030 to be able to remove those unneeded includes.
This commit adds missing headers to every file found by:
grep -FwL sal/log.hxx $(git grep -Elw 'SAL_INFO|SAL_INFO_IF|SAL_WARN|SAL_WARN_IF|SAL_DETAIL_LOG_STREAM|SAL_WHERE|SAL_STREAM|SAL_DEBUG')
to directories w* x*
Change-Id: I27bff44da3d34d24262031c7489e755311599bc5
Reviewed-on: https://gerrit.libreoffice.org/57307
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Regression from 13596e704e4b48e8b0892867b3f3fc351a2729f9 (Don't pass ODF
version, just retrieve it directly, 2018-05-17).
Change-Id: Ia031e597c610000db2820920c3dc1b58430dcc12
Reviewed-on: https://gerrit.libreoffice.org/57246
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Regression from 13596e704e4b48e8b0892867b3f3fc351a2729f9 (Don't pass ODF
version, just retrieve it directly, 2018-05-17), just checking the file
format explicitly like the PDF signing does fixes the problem.
Change-Id: I1ba7cf9096e01c6c5a2d3875b08fa3a66acae829
Reviewed-on: https://gerrit.libreoffice.org/56635
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
and fix the fallout
Change-Id: I15bc5d626f4d157cbc69a87392078b41e621d14e
Reviewed-on: https://gerrit.libreoffice.org/54882
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
passing count as first element in array, dodgy.
Change-Id: I49905b554b3b4d6cc3fa419a36389cd2e5ded463
|
|
Change-Id: I00bdbc58d2295a0be30b47c85eae6b9abfec17b2
Reviewed-on: https://gerrit.libreoffice.org/51868
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
and
convert remaining QueryBox to weld::MessageDialog
Change-Id: Ifb4c316dee8eabf57c4940c44e29c65a2781aa6c
|
|
Change-Id: I91d828e38d96264cf4a76f30940942556b8f78d8
Reviewed-on: https://gerrit.libreoffice.org/50205
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
just the straight-forward MessageDialog cases first
a) remove border_width from message dialog .ui so as to take
the default border width
b) retain 12 as default message dialog border for vcl widget case
c) remove layour_style from message dialog button boxes so as to
take the default mode (a no-op for vcl widget case)
d) use gtk response ids (vcl builder will converts to vcl ones)
Change-Id: I7de281093a1b64f92f71ca11e7cbba42bb658154
Reviewed-on: https://gerrit.libreoffice.org/50143
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I90679472898648ccf0811c67c17f7bad41d4e347
Reviewed-on: https://gerrit.libreoffice.org/47984
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
auto-rewrite with <https://gerrit.libreoffice.org/#/c/47798/> "Enable
loplugin:cstylecast for some more cases" plus
solenv/clang-format/reformat-formatted-files
Change-Id: Ica6e96072435aa4df4e74accdfe06f798a640bbe
|
|
Change-Id: Icb0e32716ae58886912a1a1c7c50e66f30256227
Reviewed-on: https://gerrit.libreoffice.org/46202
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
And pass down all necessary parameters everywhere
Change-Id: I152b9d84c0e35be9e5193a9a6f67de9fb86133b0
|
|
Change-Id: If93c06ad90d708b0fbaf476bda6fdb902bd77b1e
|
|
Insert constructor everywhere, except a couple places that apparently
want to compare GetMapUnit().
Change-Id: I1910deb60562e5e949203435e827057f70a3f988
|
|
Change-Id: I9c3eca51fec52a255fcf280fe4e5ecc2ebbee5f3
|
|
Change-Id: I730fc0b3b6b7ac1803d75b5d9e007b15395888c6
Reviewed-on: https://gerrit.libreoffice.org/42826
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I699ecff1f62b3dae7ac275823c6721810589c4cf
Reviewed-on: https://gerrit.libreoffice.org/41507
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
* all .ui files go from <interface> to <interface domain="MODULE"> e.g. vcl
* all .src files go away and the english source strings folded into the .hrc as NC_("context", "source string")
* ResMgr is dropped in favour of std::locale imbued by boost::locale::generator pointed at matching
MODULE .mo files
* UIConfig translations are folded into the module .mo, so e.g. UIConfig_cui
goes from l10n target to normal one, so the res/lang.zips of UI files go away
* translation via Translation::get(hrc-define-key, imbued-std::locale)
* python can now be translated with its inbuilt gettext support (we keep the name strings.hrc there
to keep finding the .hrc file uniform) so magic numbers can go away there
* java and starbasic components can be translated via the pre-existing css.resource.StringResourceWithLocation
mechanism
* en-US res files go away, their strings are now the .hrc keys in the source code
* remaining .res files are replaced by .mo files
* in .res/.ui-lang-zip files, the old scheme missing translations of strings
results in inserting the english original so something can be found, now the
standard fallback of using the english original from the source key is used, so
partial translations shrink dramatically in size
* extract .hrc strings with hrcex which backs onto
xgettext -C --add-comments --keyword=NC_:1c,2 --from-code=UTF-8 --no-wrap
* extract .ui strings with uiex which backs onto
xgettext --add-comments --no-wrap
* qtz for gettext translations is generated at runtime as ascii-ified crc32 of
content + "|" + msgid
* [API CHANGE] remove deprecated binary .res resouce loader related uno apis
com::sun::star::resource::OfficeResourceLoader
com::sun::star::resource::XResourceBundleLoader
com::sun::star::resource::XResourceBundle
when translating strings via uno apis
com.sun.star.resource.StringResourceWithLocation
can continue to be used
Change-Id: Ia2594a2672b7301d9c3421fdf31b6cfe7f3f8d0a
|
|
gpg4libre
Change-Id: I9c05f68e16928d14a29058f5bb9aa35c90b8f48b
Reviewed-on: https://gerrit.libreoffice.org/39744
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
