| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Change-Id: I9f5419642ac9559e37652bc7353d9914e45cffd6
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regression from commit b6588bd7c831ce88a29131ca7ea8d3f3e082564e (Reduce
image resolution by default in PDF Export, 2014-03-02) the problem is
that in case you have small enough bitmaps, then these used to look
OK at reasonable zoom levels, but now we intentionally scale down
bitmaps by default.
That makes little sense for tiny images, do this only for large ones.
Change-Id: Iff15325b842b47d9285a7c0f83f402897498392d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87086
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On KDE Neon 18.04, something was causing page 1 to spill over
onto page 2. Checking the last page instead of the second one
is fine for testing the problem solved for bug 81345.
Confirmed with bibisect53 that same header/page style had been
used for the whole document originally.
Change-Id: Id85562153d7ce1d570806a611f11d33fa5b83c87
Reviewed-on: https://gerrit.libreoffice.org/78250
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 6fa47ff2ee87bde38719bfaeac022efd966fc8a2)
|
| |
|
|
| |
Change-Id: Ib01c8224537448e146ab9dc80f4583f06c9f0c28
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem is that in SwpHints::TryInsertHint() there is a check for
IsInXMLImport() that is presumably an optimization to avoid the
potentially expensive call to BuildPortions().
While LO would only produce 1 text:span referencing an automatic style
around any given character content, this is not required by ODF, and so
other producers may legitimately produce such nested text:span elements.
Unfortunately the current SwpHints::Insert() isn't deterministic, the
RES_TXTATR_AUTOFMT with same start/end will be compared by address in
CompareSwpHtStart() (whereas RES_TXTATR_CHARFMT has a sort number for
this), so the result is going to be a random order.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137033
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit d7827f712ddd21a6c1e151f54dc6eba5c12690da)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137057
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 7a8f2c7e3a16dae6bdc891fb969e673527e45615)
Change-Id: Id62a7ff5fb85dbe42b7e1a27b0d8b36b74cf1100
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adjusts my LO 5.2 code for tdf#91083 that tried to emulate the
table's keep-with-next property which doesn't have a matching
counterpart in MS formats.
I always confused myself trying to understand what my year-long coding
attempt was trying to do. This seems much understandable, and efficient.
The big clue was that it affected non-MS formats - which was unintended.
Change-Id: I7886e52430cb34799e25f7fcf73500e28bbe2a55
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93443
Tested-by: Jenkins
Reviewed-by: Justin Luth <justin_luth@sil.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136952
Tested-by: Gabor Kelemen <kelemeng@ubuntu.com>
Reviewed-by: Gabor Kelemen <kelemeng@ubuntu.com>
|
| |
|
|
|
|
|
|
|
|
| |
... so that it may be called from SfxObjectShell::SaveTo_Impl, and
handle export cases in addition to save (as) handled in tdf#41063.
Change-Id: Ie39196656dd1a95dcb6bab3ae8138c2f5c8729e6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99714
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
| |
|
|
| |
Change-Id: I9057241beffc35e17d05ff74f6d4ee6017bccc06
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
I noticed these "DeprecationWarning: Using or importing the ABCs from
'collections' instead of from 'collections.abc' is deprecated since Python 3.3,
and in 3.9 it will stop working" now when running tests with
CPPUNITTRACE='gdb --args' on Fedora 32.
Change-Id: If263dacb9df5c1fffd2be2418e13e69b96070c77
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103294
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 4a899a5f8a72ea29a6919316afe3627de9f33e95)
|
| |
|
|
| |
Change-Id: I6f696641a19bec3df792bd27f8c2fe0a7024c6c6
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem is that 32-bit Win32 applications have very little VM, and
soffice.bin can run out, so try to move the JVM to a separate process
(uno.bin) and connect to it via pipe.
Add a new config to enable this:
"org.openoffice.Office.Java/VirtualMachine/RunUnoComponentsOutOfProcess"
If enabled, ServiceManager instantiates *all* JVM components
out-of-process, by instantiating
"com.sun.star.java.theJavaVirtualMachine" out-of-process.
To ensure that the remote connection is disconnected at shutdown (and
thereby prevent crashes with remote calls during late shutdown),
JavaComponentLoader is now a "single-instance" service; this change
should be harmless for the default in-process configuration case.
Tested with these extensions:
Wiki Publisher
smoketest TestExtension.oxt
odk CalcAddins.oxt Inspector.oxt ToDo.oxt
Also passed "make check" on Linux when enabled, if the variable
URE_BIN_DIR is set properly for CppunitTest_services.
Change-Id: I76bf17a9512414b67dbd20daee25a6d29c05f9d9
|
| |
|
|
|
|
|
|
|
|
|
| |
See tdf#74608 for motivation.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/98698
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
(cherry picked from commit 37f5ad41ed9928a4394b80050cdc00fd6d830a07)
Change-Id: Ic1ce8431bfb116c1e64116e2019fa0d3bcf8344c
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After 424a7f404565e068995e2a9827d5bc6f76920ec8 "add some more libs to libmerged"
had added javaloader to libmerged, destruction of static xStaticRef started to
cause problems at least during CppunitTest_services of --enable-mergedlib
Windows builds (presumably because the relative order of static variable
destruction had changed).
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90254
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 9ed75e2c65544b4f71c73e1c51a68d74e31d544b)
Change-Id: I8307570222cc9a3d9511d090d0dae7f7dfe7a9ad
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These routines can fail during MSI installation
(seen leftover program_old folders, with program folder missing).
We at least want to see the error in the MSI log file when this doesn't succeed.
This outputs error messages like:
MSI (s) (C4:5C) [10:47:54:280]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI37B4.tmp, Entrypoint: RemovePrgFolder
CustomAction RemovePrgFolder returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 10:47:54: RemovePrgFolder. Return value 3.
Change-Id: I4ce4099eeb3e0ee79eb4a2e1d3887f9810fd9669
|
| |
|
|
| |
Change-Id: Id264d8c79b515eaedb15a8434cdbd47ca5314101
|
| |
|
|
|
|
|
|
|
|
| |
* Allow to display the recent/frequent files
* Allow adding items to the "Tasks" category
* Allow adding multiple categories
Follow-up to 7efd22c912262f7bf4e4735dae70db0b31ab3d5b
Change-Id: I860d44c1a0d9bc8200529c908b6103741dc37bb5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This crashes only when calling storeToURL() with writer_pdf_Export?
There is a text frame 112, followed by section frame 126, which contains
table frame 127.
The section frame 126 is being formatted, which in
SwFrame::PrepareMake() formats its prev, text frame 112.
This does MoveBwd() and in SwContentFrame::MakeAll() formats its next,
tab frame 127.
This also does MoveBwd() and then there is this really odd condition in
SwTabFrame::Paste() where it calls SwFrame::CheckPageDescs() if it
*doesn't* have a RES_PAGEDESC item and the page has a non-default page
style - this condition remains inexplicable since initial CVS import.
Then CheckPageDesc() sees the (next) page is empty and deletes it.
So check in sw::IsPageFrameEmpty() that there aren't any sections with
IsDeleteForbidden() set.
(regression from commit b9ef71476fd70bc13f50ebe80390e0730d1b7afb)
Change-Id: I3c64fe40fabffc255c4146a35c678ce6a1cc09c9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133222
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 85aa57359befd7a21b3fdf36f2b362f50495f77c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133151
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 116b246e42a1c807e4e693bd020231a22f05abcd)
|
| |
|
|
| |
Change-Id: I3e207e3c15305febd13cb335da4081534cbc4103
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-OWMTGGWJ
Change-Id: I8f744e1ab2684a0f0995abcc3e753a684a3b970a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130982
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 19add15932e579c931480eed42eeea52d0551897)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131369
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 8727f47611af8dfb5ac186cc47e7b38741ccfb76)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-N4LA0OHZ
Change-Id: I0d24277665a317f047b286fe0f0878b3814ded65
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130766
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit ee2a192923bf709d05c174848e7054cd411b205a)
(cherry picked from commit 3d3c6462eeef581af2b936071c3ef432858b04a5)
(cherry picked from commit 503d84cabb68233a12a3a9602253f4345be86ad7)
|
| |
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-KYYAZMB9
Change-Id: Ic0d95bd39a01dc1e5e0fec83dcc2c40b3f23b747
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130462
Tested-by: Jenkins
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 21ea1eacd214dbaac8d0ce7f437580d535871415)
(cherry picked from commit 1f3e7bc9e47b83f009b8085effa61467101aa102)
|
| |
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-N4LA0OHZ
Change-Id: I7f863151f753ad5605c4f1f280cfd79aa4c6bce4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130772
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 02837024ea8d3d52c92420858327b309f2e96487)
(cherry picked from commit 9fc1be2594ceac46e9a769d7ee2a2004869603ac)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-311XVJ95
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130670
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit b44bd9ef8e2efdb66558917200e1f179b9db1c58)
Change-Id: I159f516daafad3e4088677fe2c8c6f5423b3e264
(cherry picked from commit f9350f9a8404fd9eb5b6963022f0069e89ddd061)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-WB8DT2Q9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130668
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Tested-by: Jenkins
(cherry picked from commit 4b6956ca146f25b746f63c176b377d3c15d204ff)
Change-Id: I98529325bbd3ff475ba84b4991eb17240440df4b
(cherry picked from commit 918c4a49fa841f0d234b18234d946684fe6378af)
|
| |
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-509JU93T
Change-Id: I526edb182fed4fa023cce58e78a650a7c2046ed3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130326
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 32e8d3e45698a3cc09f66460b460db1d10ac50b5)
(cherry picked from commit 0635bbb035940dcedb17713a958f81265d69e67e)
|
| |
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-SK4E5D8N
Change-Id: I44f25a47ab6ffeb9d2b679874c8c96af1319eb2c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130317
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ccaabe8e8100a3a0600456c5a65221ca2b263c95)
(cherry picked from commit aa993b7667136ff858a7c8d6f3d1bac8f255151a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and
use std::vector
LIBREOFFICE-U78X8I5G
Change-Id: I436b4c13a4ce07f5e9e5d374163bc4de55cd2cde
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129766
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 8e94ec9d93fe3e1057fb1aaa2f0419114c4ea11c)
(cherry picked from commit 0361cc74c7e0619f8b25a5584accb56d0c45f97a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this initially went wrong at:
commit b4fb7a437bb0ce987702b12008737756623618ac
Date: Mon May 23 21:38:40 2011 +0100
fix up some more endian
LIBREOFFICE-SBQ5TJRS
Change-Id: Ie418f530f55288351f73f3c0cbab9ac48e6b6964
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129259
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 6694e3ea9c2f05a20245d94c5c1eda955cb3aacc)
(cherry picked from commit aaad67afccf1c59bf7d8fe7ab5207ff903f1c515)
|
| |
|
|
|
|
|
|
|
|
|
| |
LIBREOFFICE-SBQ5TJRS
Change-Id: I71f35bc120fdd70298685131f29a6bb822d50f11
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129261
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 17dd787a4ca9c17883e0bdfc75c89c2fa7ec169e)
(cherry picked from commit b268215d10f7da6d01c223b260970198c00cb610)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I454bff4acfcd85701a7f094a8bd76898825e9ce2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128388
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 444477a07bcaf59181dbbc719b913566091deadc)
ofz: Use-of-uninitialized-value
Change-Id: I6b768b80d972c5379005efecfb803463ca648b4b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128644
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7b37a1a5144a3a4c8b0803b7e2da81e9e108bf66)
ofz: Undefined-Shift
Change-Id: Ib935359071ef9e390aa3d6c9713ed48241ad18e6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129066
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit e863b90a0e5fc90c3b824e4b0012f9389b87a3ac)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129183
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 7c8b41bc322720dc9434fbef1f10a6740913165e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129416
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 7664ec93edc190ae0bc18b5793763fde5cec8d62)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ic5f41e4f1f6b20a8cd8887807296f33adb48b728
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128439
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bb03203848ef1c30786ad084440b5d317a466127)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129415
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit b3288c52844bec9e33a7ae725332f95c84384ac7)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8)
Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131368
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 0ce93b38af84453aba8002c098ac168b0fadfc97)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It turns out that the 2 backends NSS and MS CryptoAPI generate different
string representations of the same Distinguished Name in at least one
corner case, when a value contains a quote " U+0022.
The CryptoAPI function to generate the strings is:
CertNameToStr(..., CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, ...)
This is documented on MSDN:
https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certnametostra#CERT_X500_NAME_STR
NSS appears to implement RFC 1485, at least that's what the internal
function is named after, or perhaps one of its several successor RFCs
(not clear currently if there's a relevant difference).
This is now causing trouble if a certificate with such a DN is used in a
signature, created on WNT but then verified on another platform, because
commit 5af5ea893bcb8a8eb472ac11133da10e5a604e66
introduced consistency checks that compare the DNs that occur as strings
in META-INF/documentsignatures.xml:
xmlsecurity/source/helper/xmlsignaturehelper.cxx:672: X509Data cannot be parsed
The reason is that in XSecController::setX509Data() the value read from
the X509IssuerSerial element (a string generated by CryptoAPI) doesn't
match the value generated by NSS from the certificate parsed from the
X509Certificate element, so these are erroneously interpreted as 2
distinct certificates.
Try to make the EqualDistinguishedNames() more flexible so that it can
try also a converted variant of the DN.
(libxmlsec's NSS backend also complains that it cannot parse the DN:
x509vfy.c:607: xmlSecNssX509NameRead() '' '' 12 'invalid data for 'char': actual=34 and expected comma ',''
but it manages to validate the signature despite this.)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124287
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit e63611fabd38c757809b510fbb71c077880b1081)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124196
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 3dfe381032fc61ea31106f103dee9db8277d4d25)
Change-Id: I4f72900738d1f5313146bbda7320a8f44319ebc8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124420
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ee48ce9886d884730a91c695b5d0668c6d90c740)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With Fedora's nss-3.71.0-1.fc34.x86_64 there is the problem that
8 tests including testODFGood in CppunitTest/xmlsecurity_signing
fail because the crypto policy disallows SHA1 for signatures.
Apparently this particular policy bit was added in NSS 3.59:
https://bugzilla.mozilla.org/show_bug.cgi?id=1670835
For signatures, maybe it's not a good idea to override system policy
for product builds, so do it locally in the tests, at least for now.
If similar problems turn up for encrypted documents in the future,
that should be fixed in product builds too of course, as encrypted
documents must always be decryptable.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123768
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 51e82016e8783a452fe5f7921d12c1bf20bfd6b5)
xmlsecurity: fix --without-system-nss usage of NSS_SetAlgorithmPolicy
The problem with commit ff572d9222ec16ffd679ae907a0bf4a8900265e1
is that it's using the wrong library; NSS_SetAlgorithmPolicy is actually
in libnssutil3.so.
This causes a linking problem when upgrading the internal NSS to a
version that has NSS_USE_ALG_IN_ANY_SIGNATURE.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123819
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 395c0c0bbaceadf909e0189af99c6358487c7978)
Change-Id: I4f634cf5da1707fb628e63cd0cdafebdf4fc903f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123838
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 0f3431026dbff0251efeb0b92be335841a08cc5d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fedora nss-3.69.0-1.fc34.x86_64 and Debian libnss3:amd64 2:3.70-1 no
longer support the old BerekelyDB databases, so convert them to the new
SQLite format for the benefit of --with-system-nss builds.
This worked to do the upgrade:
> certutil -N -d sql:test/new --empty-password
> LD_LIBRARY_PATH=instdir/program workdir/UnpackedTarball/nss/dist/out/bin/certutil --merge -d sql:test/new --source-dir dbm:test/signing-keys
Builds would fail running tests added in commit
40d70d427edddb589eda64fafc2e56536953d274
signing.cxx:551:Assertion
Test name: testODFX509CertificateChain::TestBody
equality assertion failed
- Expected: 0
- Actual : 1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123586
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 907784ccce7bd8b5121888cff7f5723a55d35358)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123643
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7b4b03b9cf21ecd11bc82da5f29c4ff91ad242c9)
Change-Id: I00aa20703e117ebf583c3331b84e966c2cfc78cd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123837
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 755155498b13c8724831276808c930adba891f5c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tests added in commit 40d70d427edddb589eda64fafc2e56536953d274 don't
actually run on WNT but that wasn't obvious because commit
149df1fec6472e30582162e17e04c75aee91d26a prevented running them in
Jenkins on master, they failed only in the libreoffice-7-1 backport.
xmlsecurity/qa/unit/signing/signing.cxx(631) : error : Assertion
Test name: testODFDoubleX509Certificate::TestBody
assertion failed
- Expression: (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)
- 2
This is an oddity where NSS claims the signature in the document is
valid but CryptoAPI claims it is invalid; the hashes passed into the
validation functions are the same. Just allow BROKEN as an additional
result value on WNT.
xmlsecurity/qa/unit/signing/signing.cxx(550) : error : Assertion
Test name: testODFX509CertificateChain::TestBody
equality assertion failed
- Expected: 0
- Actual : 1
The problem here is that with NSS the tests use a custom NSS database
in test/signing-keys so we need to make these certificates available for
CryptoAPI too.
The following one-liner converts the NSS database to a PKCS#7 that can
be loaded by CrytpAPI:
> openssl crl2pkcs7 -nocrl -certfile <(certutil -d sql:test/signing-keys -L | awk '/^[^ ].*,[^ ]*,/ { printf "%s", $1; for (i = 2; i < NF; i++) { printf " %s", $i; } printf "\n"; }' | while read name; do certutil -L -d sql:test/signing-keys -a -n "${name}" ; done) > test/signing-keys/test.p7b
Then one might naively assume that something like this would allow these
certificates to be added temporarily as trusted CAs:
+ HCERTSTORE hRoot = CertOpenSystemStoreW( 0, L"Root" ) ;
+ HCERTSTORE const hExtra = CertOpenStore(
+ CERT_STORE_PROV_FILENAME_A,
+ PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
+ NULL,
+ CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG,
+ path);
+ if (hExtra != NULL && hRoot != NULL)
+ {
+ BOOL ret = CertAddStoreToCollection(
+ hRoot,
+ hExtra,
+ CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG,
+ 0);
+ SAL_DEBUG("XXX hExtra done " << ret);
+ }
There is no error from this, but it doesn't work.
Instead, check if CertGetCertificateChain() sets the
CERT_TRUST_IS_UNTRUSTED_ROOT flag and then look up the certificate
manually in the extra PKCS#7 store.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123667
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 7d664ec788acdc378506a7ff8b1120cea24a6770)
Change-Id: Ic9865e0b5783211c2128ce0327c4583b7784ff62
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123836
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 7c622c58cda433964dd73544d56a81a7c88e3f5d)
|
| |
|
|
|
| |
Change-Id: If50ae8156f81c1053aa8fbfc3148da64bb8e1442
(cherry picked from commit 8193373a700c4b5acfc6285fac25eff06b6ffb1b)
|
| |
|
|
|
| |
Change-Id: I6ce64ca7c59639684779144ed0ed8d36c4aca32b
(cherry picked from commit cec50077eaef32890d9565237277a607c7721c83)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2022-23308
Change-Id: I1b3bf5cf58d7d1f39c224b0d898176c95107fbf5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130241
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit d50a7151431335d1431bccef000ae39f84bdf135)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130259
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130296
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2022-25235
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
Change-Id: I1cb0449411fe938fe47ab47cead685fd04e137dd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130157
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130294
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-30560
Change-Id: I334662ddc40955780321133be9aee23858e04dc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130023
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit d74fbedd96c9563e1f6bb245dc7e136b30bc5e84)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130080
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129072
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 8b537d5b40c617c29cf7ca19e63ab882525cf3aa)
Change-Id: I1f2694abd9f577e0b4fedbf27118b52be8a1a688
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129212
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I52e6588f5fac04bb26d77c1f3af470db73e41f72
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127193
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit be446d81e07b5499152efeca6ca23034e51ea5ff)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127178
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
(cherry picked from commit b0404f80577de9ff69e58390c6f6ef949fdb0139)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128110
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124779
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 35eef8ec9b122a761400f3c6590ca1f9a187d772)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124701
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 105c258fcdd69f617de64b780ffcdb8304ff262c)
Change-Id: I398596f77aa47ab6d4db01b94422262048cffd3e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124838
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-23222.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 71b9369f1cc40143108e3f2189d96e402895e315)
Change-Id: I4e16fcc60c634382a864f66b211d0e0170a06db0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125334
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-36230 and CVE-2020-36229 in libldap, plus lots of
other CVEs that affect only the server.
Unfortunately it looks like NSS support was removed in release 2.5.0.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124914
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 9393325c1db9fa25037d208607b71adb567a8bbc)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124860
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit b7c670984e4af1c73fa05731ca8029cec487bd52)
Change-Id: Ie43d7da1b9e92b5712f9cd22c4613648394c696f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124953
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ie3fe30bea6a62e7cafeaed957d6ef6aeb879047b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124778
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit ebd556220a5045c1c81891b712648d220a168c70)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124837
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixes CVE-2020-8284 CVE-2021-22924
* Also fixes these which don't look relevant to LO:
CVE-2020-8231
CVE-2020-8285 CVE-2020-8286
CVE-2021-22876 CVE-2021-22890
CVE-2021-22897 CVE-2021-22898 CVE-2021-22901
CVE-2021-22922 CVE-2021-22923 CVE-2021-22925 CVE-2021-22926
* disable some new protocols and dependencies
* remove curl-ios.patch.1 as the code no longer exists upstream
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119313
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 946f457c885bd10ff1a7281c351f3981f035f5a7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119262
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 020eb3b363a5c9444c97075a2e15b63ccbe7bf2d)
Change-Id: I12d5f87f4d503a5f9859226a05cfe2a07e46d993
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119423
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
drop ubsan patch in favour of fix applied as
https://github.com/libexpat/libexpat/pull/398
Change-Id: I59eb9e24206b9a4cf323b7f7d48d8df0792a1c46
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116102
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 740d12d8a8294d4bfd28e6c3e4cf1e0ed560b198)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119422
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541
* external/libxml2/ubsan.patch.0: remove, fixed upstream
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115913
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bf0c6a98ae38cd2188d7f7e94f1563e5ce6a8ce4)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115927
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Change-Id: I347dc854b862e78bde87d3e57cf5fdb584ca5673
|
