| Age | Commit message (Collapse) | Author |
|---|
|
This is essentially a footgun because the user can accidentally turn it
off and get non-AdES signatures which use obsolete SHA1 hashes.
Unfortunately it turns out that the initial setting of the checkbox only
works for ODF, because OOXML have m_sODFVersion set to "1.0" due to some
defaulting code somewhere.
So what this checkbox actually did is unintentionally disable XAdES
signatures for OOXML by default.
Now that i actually test it by setting ODF version 1.1 in
Tools->Options, it turns out that signing ODF 1.1 documents isn't
possible at all, a dialog pops up that says "Signing documents
requires ODF 1.2 (OpenOffice.org 3.x)".
Change-Id: I0eaf590c290b2c0ee0ff890ed73f0dbea4cf0ce3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160785
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
gtk3/gtkinst.cxx:15371: virtual void (anonymous namespace)::GtkInstanceTreeView::select(int): Assertion `gtk_tree_view_get_model(m_pTreeView) && "don't select when frozen, select after thaw. Note selection doesn't survive a freeze"' failed.
(regression from commit ad6f23d2a3842c40f7c812003af4031150ea8183)
Change-Id: I8c0639e755188731bdd211f9d71a830d7afeeaa6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160786
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
... and use it in the new experimental ODF encryption mode.
https://www.w3.org/TR/xmlenc-core1/#sec-AES-GCM
Unfortunately it turned out that NSS PK11_CipherOp() does not work with
CKM_AES_GCM because it is initialized with "context->multi = PR_FALSE"
in sftk_CryptInit(), so the one-step functions PK11_Encrypt() and
PK11_Decrypt() have to be used.
NSS 3.52 also changed a parameter struct definition - see
https://fedoraproject.org/wiki/Changes/NssGCMParams - which is not a
problem for RHEL or SUSE system NSS since those are rebased, but it
is likely a problem for less well maintained Ubuntu LTS, so use
the old struct definition which evidently still works with NSS 3.94.
NSS 3.52 also added a new PK11_AEADOp() API but it looks like this
doesn't support incremental encryption either.
Change-Id: Ibd4a672db74b65b1218926ba35ff8d2f70444c7e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160505
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Missed a special case in previous commit, in case the input is
completely empty and PK11_DigestFinal() doesn't see a problem with it,
aResult could be empty too.
Change-Id: I8ea900774ae390857307ec5bab38876bead6bc86
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160441
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
If this function returns null, storing a document will proceed without
reporting an error to the user, and lose all the data.
Change-Id: I0f9fd53702321e7997b28e12eb5bed3349bbcc13
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160435
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Change-Id: I90c48aafd11deb2895d01c90764fc433a9161e07
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160434
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
(*) Make all of it use a "Scoped" paradigm
(*) pass by value, no need to allocate on heap
(*) make all of the construction go via the *Access constructors, instead of it being some via the constructors and some via the Acquire*Access methods.
(*) take the Bitmap& by const& in the constructor, so we can avoid doing const_cast in random places.
Change-Id: Ie03a9145c0965980ee8df9a89b8714a425e18f74
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160293
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I05a7eeb74088c278aab94519c7f53b0482e38058
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160400
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
Seen in a fedora:40 container, using --with-system-libcmis,
--with-system-liblangtag and --with-system-xmlsec.
Change-Id: I9d748d3dc0b70dbfdfcb6b99c9ce8440bda6f326
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159980
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Change-Id: Ia7d9b806667a7c11743f7e9e4bb5525a1202e7fe
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159712
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: I639bf4af888e5af615379515d92ad70025d8ac15
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159660
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
new plugin to look for class fields that are always cast to some
subtype, which indicates that they should probably just be declared to
be that subtype.
Perform one of the suggested improvements in xmlsecurity/
Change-Id: Ia68df422c37f05cbcf9c02ba5d0853f8eca4f120
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159063
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
"untrusted locations" -> "untrusted file locations"
Change-Id: I31810c8dc572086aa1378800cc2551bce2933a1b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158719
Tested-by: Jenkins
Reviewed-by: Taichi Haradaguchi <20001722@ymail.ne.jp>
|
|
Change-Id: I7a56ed976ddac9917721da1247c55a735ae77d32
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158557
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>
|
|
...in include files. This is a mix of automatic rewriting in include files and
manual fixups (mostly addressing loplugin:redundantfcast) in source files that
include those.
Change-Id: I1f3cc1e67b9cabd2e9d61a4d9e9a01e587ea35cc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158337
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I6cdabef12d60f9fa554b95c99e702e8c700329e9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158296
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...now that warning about O[U]String vars that could be O[U]StringLiteral is no
longer useful
Change-Id: I389e72038171f28482049b41f6224257dd11f452
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/157992
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...by moving the char8_t -> char reinterpret_cast out of any potential constexpr
paths into a new TranslateId::getId. And demonstrate constexpr'ability by
making the aCategories var in OApplicationIconControl::Fill
(dbaccess/source/ui/app/AppIconControl.cxx) constexpr. (And there might be more
such cases that could now be made constexpr.)
Change-Id: I0b4e3292faf8f6b901f9b9e934e1aa6bf0f583ff
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/157862
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I4647ebdba45e2598b993d7aeb06111f069a0eba8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/157556
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>
|
|
Change-Id: I05777731f1d69b5714942411401afb5fd605d726
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/155668
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I00f228451574ca9f9e352d233c7f326c88e90a95
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/156892
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: I618431147060b4bec7d1957b949dc270eeaafdd2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/156153
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: I9880e5a7957bf2124f1ce8d9fc0cd3e44e129e65
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/156154
Tested-by: Julien Nabet <serval2412@yahoo.fr>
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Updated the README Documentation file for xmlsecurity module. Fixed
broken sxd file for signatures workflow. Added dumb certificates creator
shell script for testing purposes in qa.
Change-Id: Ibee17193a1a38348f2e7fc460dfdd0c54dd31f9b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/155932
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Added the functionality of caching certificates per session using a
single instance with internal memoization. Added Reload Certificates
button in case of certificate changes in-session. Updated all instances
of certifcate chooser in the codebase to work with the new change.
Change-Id: Icb25a2b2e9787b029fa6189f70bd4ba3b6806f60
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/155373
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Both columns are irrelevant in the main dialog's view, can be viewed
through viewing certificate's details.
Change-Id: I265a7e125c2679f3a05dba4414f4104f3a5cac2f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/155746
Tested-by: Jenkins
Reviewed-by: Heiko Tietze <heiko.tietze@documentfoundation.org>
|
|
Change-Id: I460d56a5a13dde1bd77f21e0bb6467dd00cb3f40
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154498
Tested-by: Jenkins
Reviewed-by: Arnaud Versini <arnaud.versini@libreoffice.org>
|
|
Change-Id: Ib9f93d626b7f2629ebfb17f0f0f43af8fe24d4ee
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154744
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Change-Id: I8abcee4739a218e9856fbf603792b480efe89dcc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154797
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Change-Id: Ic2e9de67a00bb9ca8ab4d0f7528b22c58d0cc360
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154721
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Added a new search box in the certificate chooser dialog, introduced
local caching for certificates to allow instantaneous filtering and
searching. Modified viewing signatures function to allow searching
functionality.
Change-Id: I361a47da7bd5d24efcbfc17065935851db951c44
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154630
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
(!a && b) || (a && b) => b
Change-Id: Iee9ae38d9dc5f6aa94eaff61b3937633f5da7af1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154285
Tested-by: Jenkins
Reviewed-by: Arnaud Versini <arnaud.versini@libreoffice.org>
|
|
The trouble is that calling into the configmgr would require recursive
access to the service manager, but that's protected by a non-recursive
mutex.
See
<https://gerrit.libreoffice.org/c/core/+/153798/24#message-b04c747da2cb73230d88ec65cc8207ac8b124dda>
for details.
Change-Id: If75779a995c2ad8855073bd6538832a18953d4cf
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154356
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Added a new option in Tools>Options>Security that allows choosing the
path of a different certificate manager.
Made Certificate Manager Button be disabled instead of hidden in case no
certificate manager is detected. Added a box notifying that the
certificate manager is opened (or not working in case it failed for some
reason).
Change-Id: I64a901766d4fb05c59c0f85fdf94c08a3ca4bdab
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153798
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Allowed native GTK TreeViewColumn sorting for the Certificate Chooser
Dialog (selectcertificatedialog.ui)
Change-Id: I4acba667ebd6fd5801730bf4413a00149b3b6528
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/154227
Tested-by: Jenkins
Reviewed-by: Heiko Tietze <heiko.tietze@documentfoundation.org>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Change-Id: I282e2af395471aa4818bfb4586ac06c7850c8a61
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153862
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Reviewed-by: Arnaud Versini <arnaud.versini@libreoffice.org>
Tested-by: Arnaud Versini <arnaud.versini@libreoffice.org>
|
|
OUStringLiteral should be declared constexpr, to enforce
that it is initialised at compile-time and not runtime.
This seems to make a different at least on Visual Studio
Change-Id: I1698f5fa22ddb480347c2f4d444530c2e0e88d92
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153499
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: Ie7ecba234f33cc09ebd4cf5a390919acb4bc7e08
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153567
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
A new function is implemented to check for that in
digitalsignaturesdialog.cxx
Change-Id: I4cf1c710e6a145e8f0d10716cb81394bdcf7a74f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153367
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
Added the option in digital signatures dialog to remember used
signature.
Implemented ResignDocument function in objserv.cxx to resign after
every save in case the option to remember signature is on.
Added a new dialog box that checks whether there is a need to
remember the signature.
Change-Id: Ia7dbcc952044e9542e3fe6cd84b5d6633fcd1461
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152687
Reviewed-by: Heiko Tietze <heiko.tietze@documentfoundation.org>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
This is particularly useful for a Writer document that contains a
section that is set to be editable in a read-only document, so that the
user is warned when closing such a document without saving it.
Originally this check was added in commit
27db57efc51487b3976fbf73df1868b8fb78d201 "CWS fwkbugfix05"
"#i39869#: readonly docs should never become modified"
but the actual problem there was that the read-only document was
displayed in a wizard dialog, not in a document view, so let's instead
check that the document is some kind of "internal" document.
Also the dialog's Save button should do something, and since the
document is read-only, a Save As dialog appears appropriate.
Change-Id: I339cbe92a2c9eb74a1f5061246f921037a47f79c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/153180
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
|
This time try to do it in a way that doesn't re-introduce tdf#155034,
i.e. patch out code that would use NSS symbols which are in the RHEL7
baseline, but are not in Ubuntu 18.04. This is all code like RSA OAEP or
AES GCM which is relatively new, so not really required for our
signature needs.
It also helps that this release has a lowered baseline for NSS.
Change-Id: I5a8df6d98462e8173a5508e014bd2d515da2dc9d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152747
Tested-by: Justin Luth <jluth@mail.com>
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
The test is meant to test PDFiumLibrary
Change-Id: Ib99d1aef4857df09fa3e73a9cfdf130c7660619d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151761
Tested-by: Jenkins
Tested-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
|
|
it only works with x509 certificates"
This reverts commit a1146fd95022196636f8c41f7322a7257955cef4.
Reason for revert: needs special case for PDFs as this dialog
is also used when signing ODF files
Change-Id: I8b9a007816732066746b790ee03654f4b5b2904d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151273
Tested-by: Jenkins
Reviewed-by: Ilmari Lauhakangas <ilmari.lauhakangas@libreoffice.org>
|
|
This reverts commit 26bf26272bf525b59b4a4ce18b3ce14c1febfd7b.
Reason for revert: compiled version fails open/create some documents
on Ubuntu 20.04, which is still an Ubuntu-supported release.
Also fails to compile on 20.04 with built-in system NSS
The clinching reason is for running bibisects.
There was no compelling reason to make the change,
just routine maintenance. So if something breaks
or is annoying when doing routine maintenance, then revert it.
The previous version is still 1.2.37, released in Nov 2022.
So this will likely come up again relatively soon
if there is a security fix required.
But at least at the end of the 7.6 development cycle,
we can avoid the pain.
Change-Id: Ife387d6e4058b017ba18cba1fbcb2b2d50f52c12
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151118
Tested-by: Jenkins
Reviewed-by: Justin Luth <jluth@mail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
As a complementer to clang-tidy-12 --checks="-*,misc-unused-using-decls"
Pros:
- simple, fast!
- finds some more unused declarations, somehow
- works on non-linux specific parts of the code
- clang-tidy (for me) trips on files with external headers, this does not
Change-Id: If2db989114ac5c2841ed2e89ff7bd7a9e419f567
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150612
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
See <https://github.com/lsh123/xmlsec/releases/tag/xmlsec_1_3_0> for the
upstream release notes, notably:
> (ABI breaking change) Switched xmlSecSize to use size_t by default.
Adapt xmlsec-wrapper.h accordingly.
Change-Id: If910e44441be65794d4441558e2838d00b4b927c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150647
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Change-Id: I5553138bfc8dd989e68b8bcc2be981746e8c1e84
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150783
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
Mostly com/sun/star/frame/Desktop.hpp is unused after inheriting from
UnoApiTest.
Change-Id: I71b75fa5c880337ff294583b96af09c90b5059c9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150514
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
|
|
Change-Id: I3bbb2df7b77ab971553b646690806385e5dea75d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150482
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
