[Libreoffice-commits] core.git: Branch 'distro/lhm/libreoffice-6-4+backports' - 2 commits - xmlsecurity/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Thu Mar 25 09:25:42 UTC 2021
xmlsecurity/source/helper/xmlsignaturehelper.cxx | 1 +
xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx | 4 ++--
2 files changed, 3 insertions(+), 2 deletions(-)
New commits:
commit a38e0961002310562da2c32b96fa539eaa2a23c4
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Mon Feb 8 17:05:28 2021 +0000
Commit: Michael Stahl <michael.stahl at allotropia.de>
CommitDate: Thu Mar 25 10:25:21 2021 +0100
default to CertificateValidity::INVALID
so if CertGetCertificateChain fails we don't want validity to be
css::security::CertificateValidity::VALID which is what the old default
of 0 equates to
notably
commit 1e0bc66d16aee28ce8bd9582ea32178c63841902
Date: Thu Nov 5 16:55:26 2009 +0100
jl137: #103420# better logging
turned the nss equivalent of SecurityEnvironment_NssImpl::verifyCertificate
from 0 to CertificateValidity::INVALID like this change does
Change-Id: I5350dbc22d1b9b378da2976d3b0abd728f1f4c27
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110561
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos at collabora.com>
(cherry picked from commit edeb164c1d8ab64116afee4e2140403a362a1358)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113051
Tested-by: Michael Stahl <michael.stahl at allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl at allotropia.de>
diff --git a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index d9b657891b96..4031df289f44 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -755,7 +755,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::verifyCertificate(
const uno::Reference< css::security::XCertificate >& aCert,
const uno::Sequence< uno::Reference< css::security::XCertificate > >& seqCerts)
{
- sal_Int32 validity = 0;
+ sal_Int32 validity = css::security::CertificateValidity::INVALID;
PCCERT_CHAIN_CONTEXT pChainContext = nullptr;
PCCERT_CONTEXT pCertContext = nullptr;
@@ -899,7 +899,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::verifyCertificate(
}
else
{
- SAL_INFO("xmlsecurity.xmlsec", "CertGetCertificateChaine failed.");
+ SAL_INFO("xmlsecurity.xmlsec", "CertGetCertificateChain failed.");
}
}
commit e6bb72dd4c6a9f9743f3585e22576f589e5e74ba
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Thu Mar 11 20:23:31 2021 +0000
Commit: Michael Stahl <michael.stahl at allotropia.de>
CommitDate: Thu Mar 25 10:25:09 2021 +0100
do same set error state as ReadAndVerifySignature does
this function is nearly exactly the same as ReadAndVerifySignature
except it doesn't set error-state on exception during parse
Change-Id: Ife881f639a11d3185920ca62cc2cd22812fae36d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112366
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at allotropia.de>
Reviewed-by: Miklos Vajna <vmiklos at collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112412
(cherry picked from commit 52a23d595b820cab27d76d0e7c129f2757c762d6)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113050
Tested-by: Michael Stahl <michael.stahl at allotropia.de>
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 6ec834053a17..22c056e70da1 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -402,6 +402,7 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorageStream(const css::uno::Ref
catch(const uno::Exception&)
{
DBG_UNHANDLED_EXCEPTION("xmlsecurity.helper");
+ mbError = true;
}
mpXSecController->releaseSignatureReader();
More information about the Libreoffice-commits
mailing list