[Libreoffice-commits] core.git: xmlsecurity/source
Thorsten Behrens
Thorsten.Behrens at CIB.de
Thu May 11 11:37:58 UTC 2017
xmlsecurity/source/gpg/SecurityEnvironment.cxx | 15 ++++-----------
1 file changed, 4 insertions(+), 11 deletions(-)
New commits:
commit d4b0451a1ab416c406a74d6d33615d61acf6f7d2
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date: Wed May 10 15:58:21 2017 +0200
gpg4libre: we really only want private keys listed
Since this canSign/canEncrypt is fundamentally busted in gpgme,
outright limit all keys we're looking at to those with secrets.
Change-Id: Ib3dfbc8ef661430efc3a8c17f2f3166af8225a56
Reviewed-on: https://gerrit.libreoffice.org/37471
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Katarina Behrens <Katarina.Behrens at cib.de>
Reviewed-by: Siegmund Gorr <siegmund.gorr at cib.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
index 6ad51f97302e..323e267af6b0 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
@@ -72,7 +72,7 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif
std::list< CertificateImpl* > certsList;
ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
- err = ctx->startKeyListing();
+ err = ctx->startKeyListing("", true);
while (!err) {
GpgME::Key k = ctx->nextKey(err);
if (err)
@@ -124,21 +124,14 @@ sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters(
const Reference< XCertificate >& aCert)
{
const CertificateImpl* xCert;
- const GpgME::Key* key;
-
Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ;
xCert = reinterpret_cast<CertificateImpl*>(sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ;
if (xCert == nullptr)
throw RuntimeException();
- key = xCert->getCertificate();
- sal_Int32 characters = 0x0;
-
- // We need to use canSign() instead of hasSecret() because of a bug in the latter.
- if (key->canSign())
- characters |= CertificateCharacters::HAS_PRIVATE_KEY;
-
- return characters;
+ // we only listed private keys anyway, up in
+ // SecurityEnvironmentGpg::getPersonalCertificates
+ return CertificateCharacters::HAS_PRIVATE_KEY;
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
More information about the Libreoffice-commits
mailing list