[Libreoffice-commits] core.git: Branch 'distro/collabora/cp-6.4' - 2 commits - external/serf i18npool/source

Andras Timar (via logerrit) logerrit at kemper.freedesktop.org
Mon Jun 22 07:00:36 UTC 2020 

 external/serf/UnpackedTarball_serf.mk         |    1 +
 external/serf/ssl.verify.none.patch.1         |   11 +++++++++++
 i18npool/source/collator/collator_unicode.cxx |    5 +++++
 3 files changed, 17 insertions(+)

New commits:
commit e428ca117b0510ac7b0fbbf233bd940c8cc464fd
Author:     Andras Timar <andras.timar at collabora.com>
AuthorDate: Fri Jun 19 11:05:36 2020 +0200
Commit:     Andras Timar <andras.timar at collabora.com>
CommitDate: Mon Jun 22 08:59:56 2020 +0200

    Fix a chrash in LOKit (Japanese-only)
    
    Change-Id: I09c8d3a129c0d1d2fab561add0447869156b193f
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96682
    Reviewed-by: Jan Holesovsky <kendy at collabora.com>
    Tested-by: Andras Timar <andras.timar at collabora.com>

diff --git a/i18npool/source/collator/collator_unicode.cxx b/i18npool/source/collator/collator_unicode.cxx
index 7530e5d2f6f1..5fb6805d8550 100644
--- a/i18npool/source/collator/collator_unicode.cxx
+++ b/i18npool/source/collator/collator_unicode.cxx
@@ -394,6 +394,11 @@ Collator_Unicode::loadCollatorAlgorithm(const OUString& rAlgorithm, const lang::
             icu::Locale icuLocale( LanguageTagIcu::getIcuLocale( LanguageTag( rLocale),
                         "", rAlgorithm.isEmpty() ? OUString("") : "collation=" + rAlgorithm));
 
+            // FIXME: apparently we get here in LOKit case only. When the language is Japanese, we pass "ja at collation=phonetic (alphanumeric first)" to ICU
+            // and ICU does not like this (U_ILLEGAL_ARGUMENT_ERROR). Subsequently LOKit crashes, because collator is nullptr.
+            if (!strcmp(icuLocale.getLanguage(), "ja"))
+                icuLocale = icu::Locale::getJapanese();
+
             // load ICU collator
             collator.reset( static_cast<icu::RuleBasedCollator*>( icu::Collator::createInstance(icuLocale, status) ) );
             if (! U_SUCCESS(status)) {
commit acba2dd40d8c72be160ad4d4b1424eadab66362b
Author:     Andras Timar <andras.timar at collabora.com>
AuthorDate: Fri May 1 21:41:37 2020 +0200
Commit:     Andras Timar <andras.timar at collabora.com>
CommitDate: Mon Jun 22 08:59:43 2020 +0200

    [cp] Be more relaxed with accepting certs in serf
    
    The Desktop product uses neon, so this patch is for Online.
    When the WOPI-like host uses a self-signed SSL certificate,
    serf refuses to fetch resources from it, so Insert - Image
    and Create from Template operations fail.
    
    Related commit: a08552a8c36754930a3268e27aefee70d5cf21df
    But in case of serf somehow we do not trigger the interaction
    handler, we get an information message box with the text
    "Image file cannot be opened"
    
    So I decided to patch serf. The result is the same.
    * In Collabora Online 4.0.x we do not check the cert of
      WOPI-like host anyway.
    * In Collabora Online 4.2.x we optionally check the cert
      of WOPI-like host. The Create from Template and Insert -
      Image cases will be exceptional, where we won't check it.
      Generally it should not make a big difference.
    
    Change-Id: I3937bf450ef70f3a793ec1c793336d18209b6e62
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96652
    Reviewed-by: Jan Holesovsky <kendy at collabora.com>
    Tested-by: Andras Timar <andras.timar at collabora.com>

diff --git a/external/serf/UnpackedTarball_serf.mk b/external/serf/UnpackedTarball_serf.mk
index e6e950920b95..3cea304dbcc4 100644
--- a/external/serf/UnpackedTarball_serf.mk
+++ b/external/serf/UnpackedTarball_serf.mk
@@ -17,6 +17,7 @@ $(eval $(call gb_UnpackedTarball_fix_end_of_line,serf,\
 
 $(eval $(call gb_UnpackedTarball_add_patches,serf,\
 	external/serf/windows.build.patch.1 \
+	external/serf/ssl.verify.none.patch.1 \
 ))
 
 # vim: set noet sw=4 ts=4:
diff --git a/external/serf/ssl.verify.none.patch.1 b/external/serf/ssl.verify.none.patch.1
new file mode 100644
index 000000000000..3bf48e0fc5c2
--- /dev/null
+++ b/external/serf/ssl.verify.none.patch.1
@@ -0,0 +1,11 @@
+--- serf.org/buckets/ssl_buckets.c	2020-05-01 20:45:32.463464917 +0200
++++ serf/buckets/ssl_buckets.c	2020-05-01 20:46:00.643301728 +0200
+@@ -1205,7 +1205,7 @@
+     ssl_ctx->server_cert_callback = NULL;
+     ssl_ctx->server_cert_chain_callback = NULL;
+
+-    SSL_CTX_set_verify(ssl_ctx->ctx, SSL_VERIFY_PEER,
++    SSL_CTX_set_verify(ssl_ctx->ctx, SSL_VERIFY_NONE,
+                        validate_server_certificate);
+     SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_ALL);
+     /* Disable SSL compression by default. */

More information about the Libreoffice-commits mailing list