[Libreoffice-commits] core.git: Branch 'libreoffice-5-4' - config_host.mk.in configure.ac external/Module_external.mk RepositoryExternal.mk Repository.mk xmlsecurity/inc xmlsecurity/Library_xsec_xmlsec.mk xmlsecurity/source
Miklos Vajna
vmiklos at collabora.co.uk
Tue Jul 4 17:23:45 UTC 2017
Repository.mk | 1
RepositoryExternal.mk | 28 ++++++++++
config_host.mk.in | 3 +
configure.ac | 5 +
external/Module_external.mk | 2
xmlsecurity/Library_xsec_xmlsec.mk | 8 ++
xmlsecurity/inc/xmlsec-wrapper.h | 2
xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx | 9 +++
8 files changed, 55 insertions(+), 3 deletions(-)
New commits:
commit 0d3f1a50d7bea8a1709e8ba065116d22547e48a4
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Jun 21 21:59:11 2017 +0200
xmlsecurity: implement support for building against system-xmlsec
The only remaining difference is that in the system-xmlsec case we work
with the default key manager, not with the one that's only added by our
xmlsec patches.
This works for me for the uses I know of (see
<https://lists.freedesktop.org/archives/libreoffice/2017-February/076947.html>
for the motivation): signing and verifying of different signatures (bad
signature, good with non-trusted CA, good with trusted CA) with
software-based certificates all behave as expected.
Change-Id: If3f3e2b8373ab7397db3f98070a5a2ce51fa7c06
Reviewed-on: https://gerrit.libreoffice.org/39075
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/39274
Reviewed-by: Michael Stahl <mstahl at redhat.com>
Reviewed-by: Rene Engelhard <rene at debian.org>
Tested-by: Rene Engelhard <rene at debian.org>
diff --git a/Repository.mk b/Repository.mk
index 8df60d4d7a51..184f5661ee10 100644
--- a/Repository.mk
+++ b/Repository.mk
@@ -933,7 +933,6 @@ $(eval $(call gb_Helper_register_packages_for_install,ooo,\
wizards_basicsrvtools \
wizards_basicsrvtutorials \
wizards_basicusr \
- xmlsec \
$(if $(ENABLE_HEADLESS),, \
chart2_opengl_shader \
) \
diff --git a/RepositoryExternal.mk b/RepositoryExternal.mk
index eb0b3e2c9d40..8ce8555a7233 100644
--- a/RepositoryExternal.mk
+++ b/RepositoryExternal.mk
@@ -921,6 +921,34 @@ endef
endif # SYSTEM_LIBXSLT
+ifneq ($(SYSTEM_XMLSEC),)
+
+define gb_LinkTarget__use_xmlsec
+$(call gb_LinkTarget_add_defs,$(1),\
+ -DSYSTEM_XMLSEC \
+)
+$(call gb_LinkTarget_set_include,$(1),\
+ $$(INCLUDE) \
+ $(XMLSEC_CFLAGS) \
+)
+$(call gb_LinkTarget_add_libs,$(1),$(XMLSEC_LIBS))
+
+endef
+
+gb_ExternalProject__use_xmlsec:=
+
+else # !SYSTEM_XMLSEC
+
+$(eval $(call gb_Helper_register_packages_for_install,ooo,\
+ xmlsec \
+))
+
+define gb_LinkTarget__use_xmlsec
+
+endef
+
+endif # SYSTEM_XMLSEC
+
ifneq ($(SYSTEM_LIBLANGTAG),)
define gb_LinkTarget__use_liblangtag
diff --git a/config_host.mk.in b/config_host.mk.in
index 880895e3c00f..60e1f781b377 100644
--- a/config_host.mk.in
+++ b/config_host.mk.in
@@ -561,6 +561,7 @@ export SYSTEM_VISIO=@SYSTEM_VISIO@
export SYSTEM_WPD=@SYSTEM_WPD@
export SYSTEM_WPG=@SYSTEM_WPG@
export SYSTEM_WPS=@SYSTEM_WPS@
+export SYSTEM_XMLSEC=@SYSTEM_XMLSEC@
export SYSTEM_ZLIB=@SYSTEM_ZLIB@
export SYSTEM_ZMF=@SYSTEM_ZMF@
export TARFILE_LOCATION=@TARFILE_LOCATION@
@@ -617,6 +618,8 @@ export XCODE_ARCHS=@XCODE_ARCHS@
export XCODEBUILD_SDK=@XCODEBUILD_SDK@
export XINERAMA_LINK=@XINERAMA_LINK@
export XMLLINT=@XMLLINT@
+export XMLSEC_CFLAGS=$(gb_SPACE)@XMLSEC_CFLAGS@
+export XMLSEC_LIBS=$(gb_SPACE)@XMLSEC_LIBS@
export XRANDR_CFLAGS=$(gb_SPACE)@XRANDR_CFLAGS@
export XRANDR_LIBS=$(gb_SPACE)@XRANDR_LIBS@
export XRENDER_CFLAGS=$(gb_SPACE)@XRENDER_CFLAGS@
diff --git a/configure.ac b/configure.ac
index 34610c473bb3..456c553f6c79 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7821,6 +7821,11 @@ dnl Check for system expat
dnl ===================================================================
libo_CHECK_SYSTEM_MODULE([expat], [EXPAT], [expat])
+dnl ===================================================================
+dnl Check for system xmlsec
+dnl ===================================================================
+libo_CHECK_SYSTEM_MODULE([xmlsec], [XMLSEC], [xmlsec1-nss >= 1.2.24])
+
AC_MSG_CHECKING([whether to enable Embedded OpenType support])
if test "$_os" != "WINNT" -a "$_os" != "Darwin" -a "$enable_eot" = "yes"; then
ENABLE_EOT="TRUE"
diff --git a/external/Module_external.mk b/external/Module_external.mk
index 2de9c095feab..2f5373535f78 100644
--- a/external/Module_external.mk
+++ b/external/Module_external.mk
@@ -14,7 +14,7 @@ $(eval $(call gb_Module_add_moduledir,external,msc-externals))
endif
$(eval $(call gb_Module_add_moduledirs,external,\
- $(if $(filter-out IOS,$(OS)),libxmlsec) \
+ $(if $(filter-out IOS,$(OS)),$(call gb_Helper_optional,XMLSEC,libxmlsec)) \
$(call gb_Helper_optional,ABW,libabw) \
$(call gb_Helper_optional,APACHE_COMMONS,apache-commons) \
$(call gb_Helper_optional,APR,apr) \
diff --git a/xmlsecurity/Library_xsec_xmlsec.mk b/xmlsecurity/Library_xsec_xmlsec.mk
index 639fe55f5add..5c3e20a9b970 100644
--- a/xmlsecurity/Library_xsec_xmlsec.mk
+++ b/xmlsecurity/Library_xsec_xmlsec.mk
@@ -46,12 +46,16 @@ $(eval $(call gb_Library_use_libraries,xsec_xmlsec,\
xo \
))
+ifeq ($(SYSTEM_XMLSEC),)
$(eval $(call gb_Library_use_packages,xsec_xmlsec,\
xmlsec \
))
+endif
+
$(eval $(call gb_Library_use_externals,xsec_xmlsec,\
boost_headers \
libxml2 \
+ xmlsec \
nss3 \
))
ifneq ($(filter-out WNT MACOSX ANDROID IOS,$(OS)),)
@@ -130,12 +134,16 @@ $(eval $(call gb_Library_add_libs,xsec_xmlsec,\
$(call gb_UnpackedTarball_get_dir,xmlsec)/src/.libs/libxmlsec1.a \
))
else
+
+ifeq ($(SYSTEM_XMLSEC),)
$(eval $(call gb_Library_add_libs,xsec_xmlsec,\
$(call gb_UnpackedTarball_get_dir,xmlsec)/src/nss/.libs/libxmlsec1-nss.a \
$(call gb_UnpackedTarball_get_dir,xmlsec)/src/.libs/libxmlsec1.a \
))
endif
+endif
+
$(eval $(call gb_Library_use_externals,xsec_xmlsec,\
plc4 \
))
diff --git a/xmlsecurity/inc/xmlsec-wrapper.h b/xmlsecurity/inc/xmlsec-wrapper.h
index 4a8a6554311b..6047d516a9ce 100644
--- a/xmlsecurity/inc/xmlsec-wrapper.h
+++ b/xmlsecurity/inc/xmlsec-wrapper.h
@@ -25,7 +25,7 @@
#include <sal/types.h>
// Cf. xmlsec's configure.in (but which isn't used for MSVC):
-#if !defined _MSC_VER && SAL_TYPES_SIZEOFPOINTER != 4
+#if !defined _MSC_VER && SAL_TYPES_SIZEOFPOINTER != 4 && !defined SYSTEM_XMLSEC
#define XMLSEC_NO_SIZE_T
#endif
diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
index a5b29017d180..5273c1c444d3 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
@@ -897,6 +897,7 @@ xmlSecKeysMngrPtr SecurityEnvironment_NssImpl::createKeysManager() {
for (CIT_SLOTS islots = m_Slots.begin();islots != m_Slots.end(); ++islots, ++count)
slots[count] = *islots;
+#ifndef SYSTEM_XMLSEC
xmlSecKeysMngrPtr pKeysMngr = xmlSecNssAppliedKeysMngrCreate(slots, cSlots, m_pHandler ) ;
if( pKeysMngr == nullptr )
throw RuntimeException() ;
@@ -930,6 +931,14 @@ xmlSecKeysMngrPtr SecurityEnvironment_NssImpl::createKeysManager() {
throw RuntimeException() ;
}
}
+#else // SYSTEM_XMLSEC
+ xmlSecKeysMngrPtr pKeysMngr = xmlSecKeysMngrCreate();
+ if (!pKeysMngr)
+ throw RuntimeException();
+
+ if (xmlSecNssAppDefaultKeysMngrInit(pKeysMngr) < 0)
+ throw RuntimeException();
+#endif // SYSTEM_XMLSEC
// Adopt the private key of the signing certificate, if it has any.
if (auto pCertificate = dynamic_cast<X509Certificate_NssImpl*>(m_xSigningCertificate.get()))
More information about the Libreoffice-commits
mailing list