| Age | Commit message (Collapse) | Author |
|---|
|
Change-Id: I3e28ef5646ff39b0e3e8ed8962bfacf5b79176a7
Reviewed-on: https://gerrit.libreoffice.org/60069
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins
|
|
It passed "make check" on Linux
Change-Id: I1cb32c359d761410cf8e657f8e4e15694836947e
Reviewed-on: https://gerrit.libreoffice.org/59985
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: Iebcaea7b08c5284946d83b6b6b9ed26b218025d4
Reviewed-on: https://gerrit.libreoffice.org/59992
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Allows not iterating the certificate chain twice.
Change-Id: I3993f8af24b28bef505d0e8c24bce8065580c2cf
Reviewed-on: https://gerrit.libreoffice.org/59780
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Icc820a47ac891c358883f9c01224f676c58fdd11
Reviewed-on: https://gerrit.libreoffice.org/59744
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
look for places where we are appending the temporary result of adding
strings together, to an OUStringBuffer, where we could rather call
append repeatedly and avoid the temporary creation
Change-Id: I481435124291ac7fb54b91a78344a9fe5b379a82
Reviewed-on: https://gerrit.libreoffice.org/59708
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
The AdES validator at
<https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation> recently
learned to deal with ODF files, this improves its output, so that
"Qualification Signature" section is no longer just a red "N/A" but an
orange "Indeterminate QESig".
Change-Id: I5f47b935f1dbfa4e2eee4654db31403479cb571d
Reviewed-on: https://gerrit.libreoffice.org/59633
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Use range-based loop or replace with std::any_of, std::find and
std::find_if where applicable.
Change-Id: I2f80788c49d56094c29b102eb96a7a7c079567c6
Reviewed-on: https://gerrit.libreoffice.org/59143
Tested-by: Jenkins
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.35_release_notes
NSS 3.35 and later will automatically migrate migrate profiles from the
old "dbm:" BDB format to the new "sql:" SQLite format.
The new format can be read by NSS 3.12 and later, which is old enough that
it can be assumed to be available.
However LibreOffice still shouldn't migrate the profile on its own:
LO typically uses a Mozilla Firefox or Thunderbird profile, and if it is
a system Firefox with system NSS libraries, then it's probably a bad
idea for LO to migrate the profile under Firefox's nose, particularly
considering the "partial migration" scenario if the profile is
password-protected.
Try to avoid this by checking if the profile is the old format and
explicitly using the "dbm:" prefix to prevent the migration.
Change-Id: I06480522f830ce74e2fb7bf79fee84ad80979b82
Reviewed-on: https://gerrit.libreoffice.org/58756
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Mostly only the certificate selector was left + the global runtime switch.
Change-Id: I11e8e0920806eb61848512df6dea48c594febfe4
Reviewed-on: https://gerrit.libreoffice.org/58751
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I5ae459e159a64f32c62278a87e37deb08ab9d6ac
Reviewed-on: https://gerrit.libreoffice.org/58389
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I3b3e45a20c41e538849b7b0b4cdf112d8fac8fe7
Reviewed-on: https://gerrit.libreoffice.org/58388
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I1b2fe5674c8350690efc3d3219b9273cc61d5b0c
Reviewed-on: https://gerrit.libreoffice.org/58332
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: Iebc31a53404da41f35eed7338662365d7efbd7a2
Reviewed-on: https://gerrit.libreoffice.org/57810
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: I271b1d69d5231ab76cb49fb0101c09d7c0ef6b79
Reviewed-on: https://gerrit.libreoffice.org/57779
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
That call in the RTFSprms copy ctor to the parent non-copy ctor was a
bit odd.
Change-Id: Ic219ec22c0b63472766a668406585dbbeebae2f7
Reviewed-on: https://gerrit.libreoffice.org/57763
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins
|
|
This was only useful when the mscrypto to mscng porting was in progress.
Change-Id: I5a062cae744489e5ad311ab6b531d00ea21f4e0a
Reviewed-on: https://gerrit.libreoffice.org/57699
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I2b7a055a44c63bfc072b82580811898e177fbb8e
Reviewed-on: https://gerrit.libreoffice.org/57628
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
rtl/string.hxx and rtl/ustring.hxx both unnecessarily #include <sal/log.hxx> (and don't make use of it themselves), but many other files happen to depend on it.
This is a continuation of commit 6ff2d84ade299cb3d14d4110e4cf1a4b8070c030 to be able to remove those unneeded includes.
This commit adds missing headers to every file found by:
grep -FwL sal/log.hxx $(git grep -Elw 'SAL_INFO|SAL_INFO_IF|SAL_WARN|SAL_WARN_IF|SAL_DETAIL_LOG_STREAM|SAL_WHERE|SAL_STREAM|SAL_DEBUG')
to directories w* x*
Change-Id: I27bff44da3d34d24262031c7489e755311599bc5
Reviewed-on: https://gerrit.libreoffice.org/57307
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Regression from 13596e704e4b48e8b0892867b3f3fc351a2729f9 (Don't pass ODF
version, just retrieve it directly, 2018-05-17).
Change-Id: Ia031e597c610000db2820920c3dc1b58430dcc12
Reviewed-on: https://gerrit.libreoffice.org/57246
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
and give utl::OStreamWrapper a new constructor so that it knows it is
taking ownership of the SvStream, which appears to fix several leaks
Change-Id: Idcbcca9b81a4f0345fd8b8c8a2f4e84213686a6b
Reviewed-on: https://gerrit.libreoffice.org/57187
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: Ib8a16c69aa2a05118e329a6552682b7a21d4536a
Reviewed-on: https://gerrit.libreoffice.org/57023
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Idbf60be3cef2d9dde454da0279d2810488b1e157
Reviewed-on: https://gerrit.libreoffice.org/56871
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
With OFFICE-3940 the loext markup got accepted for ODF1.3 (and
the redundant KeyInfo element removed). Make sure manifest parser
can import new markup.
Change-Id: Id3c88654e8e6e0e256cd68fbb43f1ef670849cf7
Reviewed-on: https://gerrit.libreoffice.org/56597
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I3c10b9eca3efb90a8f0e4c35bd71512f321a05fd
|
|
Regression from 13596e704e4b48e8b0892867b3f3fc351a2729f9 (Don't pass ODF
version, just retrieve it directly, 2018-05-17), just checking the file
format explicitly like the PDF signing does fixes the problem.
Change-Id: I1ba7cf9096e01c6c5a2d3875b08fa3a66acae829
Reviewed-on: https://gerrit.libreoffice.org/56635
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Ifec98748d55ff6aca64c425c50c2cf2650f61591
Reviewed-on: https://gerrit.libreoffice.org/56422
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
By making it possible to use libxmlsec's mscng backend instead of the old
mscrypto one which lacks ECDSA support.
make -sr CppunitTest_xmlsecurity_signing SVL_CRYPTO_CNG=1 CPPUNIT_TEST_NAME="SigningTest::testECDSA"
passes with these changes, while it failed in the SVL_CRYPTO_CNG=1 case previously.
Change-Id: Ic23e5af11d271ed84175abe3d5ad008c7cc9e071
Reviewed-on: https://gerrit.libreoffice.org/56370
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins
|
|
Allows dropping the xmlsec1-ecdsa-assert.patch.1 backport.
Also fix the generated test certs + generator script to avoid expired
certs for a while (.db files generated with Firefox 57.0).
Change-Id: I8cba9a01633a3952c845e15e23b18d44544cdb59
Reviewed-on: https://gerrit.libreoffice.org/56123
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Iced10ed59c475dff4d33ff06151b2015a27a860b
Reviewed-on: https://gerrit.libreoffice.org/55715
Tested-by: Jenkins
Reviewed-by: Tor Lillqvist <tml@collabora.com>
|
|
Change-Id: I26a0da1ec9cda9030371977596053a45303756a0
Reviewed-on: https://gerrit.libreoffice.org/55609
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
For the general benefit of --with-system-xmlsec usage scenarios (where
LO may be built against an old version of xmlsec and run against a new
one).
Change-Id: I4ae582771dbc8eec149a706cfa5ccc0ec0859704
Reviewed-on: https://gerrit.libreoffice.org/55446
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Since the previous call would throw if there was nothing to be assigned
to the value.
Idea from tml.
Used the following script to find places:
git grep -A3 -n UNO_QUERY_THROW | grep -B3 -F 'is()'
Change-Id: I36ba7b00bcd014bdf16c0455ab91056f82194969
Reviewed-on: https://gerrit.libreoffice.org/55417
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
Swap the order of the default and custom callback registration, since
the order of lookup is now reversed since
<https://github.com/lsh123/xmlsec/commit/968646fb9b8428174a112fce2f08b1ec89d0ed97>.
Thanks Tomas Chvatal for reporting this.
Change-Id: I60a347454701a679db4ccd8924a723a236d5edff
Reviewed-on: https://gerrit.libreoffice.org/55404
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Tomáš Chvátal <tchvatal@suse.cz>
|
|
Change-Id: I0442d201a5175a9929d3ea79d79f80db7930b565
Reviewed-on: https://gerrit.libreoffice.org/55394
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
and fix the fallout
Change-Id: I15bc5d626f4d157cbc69a87392078b41e621d14e
Reviewed-on: https://gerrit.libreoffice.org/54882
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
This was added in commit ebd1b95bb5f9235d1dba1b840fd746c9b53320d2
(INTEGRATION: CWS xmlsec08 (1.1.2); FILE ADDED; 2005-03-10) without any
real commit message to explain why this is necessary.
system-xmlsec (not containing this patch) works fine for our XML signing
purposes with software certificates, and just recently I learned that
even hardware-based certificates work fine without this patch, so it can
go away.
I assume this was a refactor to allow some new feature as a next step,
but that feature was never implemented.
Change-Id: I31639230483cd34b14b35fd41b4fcd8284476138
Reviewed-on: https://gerrit.libreoffice.org/55296
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I8bb48c46aaea9ef4ce4bc4ab58ea8b88fe0e48a2
Reviewed-on: https://gerrit.libreoffice.org/55159
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
idea originally from either tml or moggi, can't remember which
Change-Id: Id78d75035036d3aa1666e33469c6eeb38f9e624d
Reviewed-on: https://gerrit.libreoffice.org/55126
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
So that a modification will result in an invalid signature.
Change-Id: Ib40e0b941d56e29c134993e1d41f496aa183bd7f
Reviewed-on: https://gerrit.libreoffice.org/55079
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Signature lines is no longer ooxml specific
Change-Id: I092dbc31b30d30bf68b4cb733cb7cb8520c99738
Reviewed-on: https://gerrit.libreoffice.org/55058
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Need to incrementally migrate the remaining places (ODF, OOXML signing)
to CNG, then flip the default. SVL_CRYPTO_CNG=1 is needed till then.
(The testcase passes with and without the fix when SVL_CRYPTO_CNG is not
specified; it fails without the fix when SVL_CRYPTO_CNG is specified.)
Change-Id: Ide9d3b109bbd955a9cb83b18bba6aa72269f4d34
Reviewed-on: https://gerrit.libreoffice.org/55030
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: Id2b59887fcd69e294a6d9db17ec0446615054ecc
Reviewed-on: https://gerrit.libreoffice.org/54779
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
... and pass it as the sole argument to XMLSignatureHelper::SetDateTime().
Change-Id: I7f3e8dc90bb34ca347a1ad5a79717a338af3bed9
Reviewed-on: https://gerrit.libreoffice.org/54706
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
...which might have had a purpose in the past, but look unused today. (DEBUG is
defined in solenv/gbuild/gbuild.mk iff dbglevel >= 2, and `make
Library_xsec_xmlsec dbglevel=2` doesn't run into any problems for me with the
undefs removed.)
Change-Id: I7f941e8c2d454f4206fb17bc791247606ffe6309
Reviewed-on: https://gerrit.libreoffice.org/54718
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change the button to "Select" instead of sign when we only want to
select a certificate.
Change-Id: Ifa896e502c8680497d71912ddd1058ab0b71542b
Reviewed-on: https://gerrit.libreoffice.org/52823
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: Ia9f18addeee9cf86989c873419113ddbd07c219f
Reviewed-on: https://gerrit.libreoffice.org/54551
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: I958c1bad2f32383ebaaeb7d42c761f0d1dfefc35
Reviewed-on: https://gerrit.libreoffice.org/54513
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: I483a3b7895cdcb10ef9d6dacf167ed0f8db7e723
Reviewed-on: https://gerrit.libreoffice.org/54432
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Using an ECDSA key but writing RSA URIs would fail later in libxmlsec.
Also fix up CppunitTest_xmlsecurity_signing (env vars were set too
late), so that the new testcase actually fails without the fix.
Change-Id: I9e584844d5cd046952b2f19130aeaa5a765bfc0a
Reviewed-on: https://gerrit.libreoffice.org/54400
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
