[Libreoffice-commits] online.git: 2 commits - configure.ac loolwsd-systemplate-setup tools/Config.cpp wsd/FileServer.cpp

Andras Timar andras.timar at collabora.com
Mon Jul 31 17:41:08 UTC 2017 

 configure.ac              |   12 ++++++++++++
 loolwsd-systemplate-setup |    4 +++-
 tools/Config.cpp          |    5 +++++
 wsd/FileServer.cpp        |    7 +++++++
 4 files changed, 27 insertions(+), 1 deletion(-)

New commits:
commit 945d74c2379b7fd5759d7bd19c673cb2926b3dc3
Author: Andras Timar <andras.timar at collabora.com>
Date:   Mon Jul 10 18:22:05 2017 +0200

    wsd: fix compilation with old OpenSSL that does not have PKCS5_PBKDF2_HMAC()
    
    Change-Id: If48641f6cbcc4d4ded78ea5cc9c9f66063a2ac0a
    Reviewed-on: https://gerrit.libreoffice.org/39779
    Reviewed-by: Michael Meeks <michael.meeks at collabora.com>
    Tested-by: Michael Meeks <michael.meeks at collabora.com>

diff --git a/configure.ac b/configure.ac
index 45a4160f..2c22e887 100644
--- a/configure.ac
+++ b/configure.ac
@@ -281,6 +281,18 @@ else
     AC_DEFINE([DISABLE_SECCOMP],1,[Whether to disable SECCOMP])
 fi
 
+AC_MSG_CHECKING([Whether OpenSSL has PKCS5_PBKDF2_HMAC()])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([
+#include <openssl/opensslv.h>
+#if OPENSSL_VERSION_NUMBER < 0x10001000L
+#error PKCS5_PBKDF2_HMAC() is in OpenSSL 1.0.1 or newer
+#endif
+])],
+                  [AC_MSG_RESULT([yes])
+                   AC_DEFINE([HAVE_PKCS5_PBKDF2_HMAC],1,[whether OpenSSL has PKCS5_PBKDF2_HMAC()])],
+                  [AC_MSG_RESULT([no])
+                   AC_MSG_WARN([OpenSSL is too old. Secure password storage for Admin Console is not supported.])
+                   AC_DEFINE([HAVE_PKCS5_PBKDF2_HMAC],0,[Whether OpenSSL has PKCS5_PBKDF2_HMAC()])])
 
 AC_MSG_CHECKING([POCO version])
 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
diff --git a/tools/Config.cpp b/tools/Config.cpp
index 232cc569..72808920 100644
--- a/tools/Config.cpp
+++ b/tools/Config.cpp
@@ -153,6 +153,7 @@ int Config::main(const std::vector<std::string>& args)
         return Application::EXIT_NOINPUT;
     }
 
+#if HAVE_PKCS5_PBKDF2_HMAC
     _loolConfig.load(ConfigFile);
 
     for (unsigned i = 0; i < args.size(); i++) {
@@ -221,6 +222,10 @@ int Config::main(const std::vector<std::string>& args)
 
     // This tool only handles options, nothing to do here
     return Application::EXIT_OK;
+#else
+    std::cerr << "This application was compiled with old OpenSSL. Operation not supported. You can use plain text password in /etc/loolwsd/loolwsd.xml." << std::endl;
+    return Application::EXIT_UNAVAILABLE;
+#endif
 }
 
 POCO_APP_MAIN(Config);
diff --git a/wsd/FileServer.cpp b/wsd/FileServer.cpp
index 90636e08..f6c3c74f 100644
--- a/wsd/FileServer.cpp
+++ b/wsd/FileServer.cpp
@@ -84,8 +84,10 @@ bool FileServerRequestHandler::isAdminLoggedIn(const HTTPRequest& request,
     // If no cookie found, or is invalid, let admin re-login
     const std::string user = config.getString("admin_console.username", "");
     std::string pass = config.getString("admin_console.password", "");
+
     if (config.has("admin_console.secure_password"))
     {
+#if HAVE_PKCS5_PBKDF2_HMAC
         pass = config.getString("admin_console.secure_password");
         // Extract the salt from the config
         std::vector<unsigned char> saltData;
@@ -114,6 +116,11 @@ bool FileServerRequestHandler::isAdminLoggedIn(const HTTPRequest& request,
 
         userProvidedPwd = stream.str();
         pass = tokens[4];
+#else
+        LOG_ERR("The config file has admin_console.secure_password setting, "
+                << "but this application was compiled with old OpenSSL version, "
+                << "and this setting cannot be used. Falling back to plain text password, if it is set.");
+#endif
     }
 
     if (user.empty() || pass.empty())
commit 478e803819339f99920d1b6be805fbaa0db66ae2
Author: Andras Timar <andras.timar at collabora.com>
Date:   Tue Jul 11 12:39:10 2017 +0200

    add xpdfimport dependencies (e.g. system libpoppler) to systemplate
    
    Change-Id: Iedb77cc0eed107899b15d3d471edcfa0f655d176

diff --git a/loolwsd-systemplate-setup b/loolwsd-systemplate-setup
index 729220c3..1bd4bd66 100755
--- a/loolwsd-systemplate-setup
+++ b/loolwsd-systemplate-setup
@@ -37,6 +37,7 @@ find etc/passwd etc/group etc/hosts \
      usr/share/zoneinfo/* \
      usr/share/liblangtag \
      usr/lib/libpng* usr/lib64/libpng* lib/*-linux-gnu/libpng* \
+     usr/lib/*-linux-gnu/liblcms2* \
 	 -type f
 
 find etc/fonts \
@@ -45,11 +46,12 @@ find etc/fonts \
      lib/libcap* lib64/libcap* lib/*-linux-gnu/libcap* \
      lib/libattr* lib/*-linux-gnu/libattr* \
      usr/lib/libpng* usr/lib64/libpng* lib/*-linux-gnu/libpng* \
+     usr/lib/*-linux-gnu/liblcms2* \
 	 -type l
 
 # Go through the LO shared objects and check what system libraries
 # they link to.
-find $INSTDIR -name '*.so' -o -name '*.so.[0-9]*' |
+find $INSTDIR -name '*.so' -o -name '*.so.[0-9]*' -o -name 'xpdfimport' |
 while read file; do
     ldd $file 2>/dev/null
 done |

More information about the Libreoffice-commits mailing list