diff options
Diffstat (limited to '0001-fix-testSignDocument_PEM_PDF.patch')
| -rw-r--r-- | 0001-fix-testSignDocument_PEM_PDF.patch | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/0001-fix-testSignDocument_PEM_PDF.patch b/0001-fix-testSignDocument_PEM_PDF.patch new file mode 100644 index 0000000..32c7395 --- /dev/null +++ b/0001-fix-testSignDocument_PEM_PDF.patch @@ -0,0 +1,61 @@ +From 599722cf77310429a9b9bd2a348486a08b60de0d Mon Sep 17 00:00:00 2001 +From: Miklos Vajna <vmiklos@collabora.com> +Date: Mon, 13 Mar 2023 20:04:17 +0100 +Subject: svl: fix CppunitTest_desktop_lib's + DesktopLOKTest::testSignDocument_PEM_PDF + +The problem was that this test passed when the entire suite was running, +but not as an individual test. + +Digging deeper, this didn't pass in isolation because the test loads a +private key into memory (which is not in the NSS DB) and since commit +5592ee094ca9f09bfcc16537d931518d4e6b2231 (svl: fix +testSignDocument_PEM_PDF with "dbm:" NSS DB, 2022-04-28) we delete that +in-memory key as a workaround for the NSS dbm -> sqlite transition. + +Fix the problem by not deleting the in-memory private key in the LOK +case: this makes the test (operating in a stateless mode, with in-memory +keys) pass again and keeps the desktop signing (working with the NSS DB) +working. + +I noticed this test failure as a local test update of libxmlsec to 1.3 +RC started to fail here even when the whole suite was running, but looks +like this was working by accident before anyway, and the fix doesn't +hurt for libxmlsec 1.2, either. + +Change-Id: Id365ddc5c5d04d538609f444c0e3c4ab4b32a6fd +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/148817 +Tested-by: Jenkins +Reviewed-by: Miklos Vajna <vmiklos@collabora.com> +--- + svl/source/crypto/cryptosign.cxx | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/svl/source/crypto/cryptosign.cxx b/svl/source/crypto/cryptosign.cxx +index 1d6337845569..e68ccb8aafda 100644 +--- a/svl/source/crypto/cryptosign.cxx ++++ b/svl/source/crypto/cryptosign.cxx +@@ -26,6 +26,7 @@ + #include <comphelper/processfactory.hxx> + #include <comphelper/random.hxx> + #include <comphelper/scopeguard.hxx> ++#include <comphelper/lok.hxx> + #include <com/sun/star/security/XCertificate.hpp> + #include <com/sun/star/uno/Sequence.hxx> + #include <o3tl/char16_t2wchar_t.hxx> +@@ -640,7 +641,11 @@ NSSCMSMessage *CreateCMSMessage(const PRTime* time, + // if it works, and fallback if it doesn't. + if (SECKEYPrivateKey * pPrivateKey = PK11_FindKeyByAnyCert(cert, nullptr)) + { +- SECKEY_DestroyPrivateKey(pPrivateKey); ++ if (!comphelper::LibreOfficeKit::isActive()) ++ { ++ // pPrivateKey only exists in the memory in the LOK case, don't delete it. ++ SECKEY_DestroyPrivateKey(pPrivateKey); ++ } + *cms_signer = NSS_CMSSignerInfo_Create(result, cert, SEC_OID_SHA256); + } + else +-- +cgit v1.2.1 + |