Skip to content

C
core
Dal (branch)/etiket değiştir
Dosya bul
BlameHistoryPermalink
  • Miklos Vajna's avatar
    xmlsecurity nss: adopt the private key of the signing certificate explicitly · 9752eccd
    Miklos Vajna yazdı 
    xmlsec1-customkeymanage.patch.1 of our bundled xmlsec extends
xmlSecNssKeyDataX509VerifyAndExtractKey(), so that it calls
xmlSecNssPKIAdoptKey() for the private key of the signing certificate.
Make this explicit in xmlsecurity/ code, so we don't depend on the
patched xmlSecNssKeyDataX509VerifyAndExtractKey().

This is harmless for the patched xmlsec, but it prevents this error:

warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: keys.c:1246: xmlSecKeysMngrGetKey() '' 'xmlSecKeysMngrFindKey' 1 ' '
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:790: xmlSecDSigCtxProcessKeyInfoNode() '' '' 45 'details=NULL'
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:503: xmlSecDSigCtxProcessSignatureNode() '' 'xmlSecDSigCtxProcessKeyInfoNode' 1 ' '
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:286: xmlSecDSigCtxSign() '' 'xmlSecDSigCtxSignatureProcessNode' 1 ' '

when xmlsec is not patched.

(This is needed, but not enough to build against system xmlsec.)

Change-Id: I5d68a8be7aefcb529566213f9b9c2985eab6a80a
Reviewed-on: https://gerrit.libreoffice.org/39023Reviewed-by: 's avatarMiklos Vajna <vmiklos@collabora.co.uk>
Tested-by: 's avatarJenkins <ci@libreoffice.org>
    9752eccd
securityenvironment_nssimpl.hxx 6.33 KB