Mamoru TASAKA
2 years ago
parent
5dc3f05fdc
commit
d9eb7d48cf
@ -0,0 +1,61 @@
|
||||
From 599722cf77310429a9b9bd2a348486a08b60de0d Mon Sep 17 00:00:00 2001
|
||||
From: Miklos Vajna <vmiklos@collabora.com>
|
||||
Date: Mon, 13 Mar 2023 20:04:17 +0100
|
||||
Subject: svl: fix CppunitTest_desktop_lib's
|
||||
DesktopLOKTest::testSignDocument_PEM_PDF
|
||||
|
||||
The problem was that this test passed when the entire suite was running,
|
||||
but not as an individual test.
|
||||
|
||||
Digging deeper, this didn't pass in isolation because the test loads a
|
||||
private key into memory (which is not in the NSS DB) and since commit
|
||||
5592ee094ca9f09bfcc16537d931518d4e6b2231 (svl: fix
|
||||
testSignDocument_PEM_PDF with "dbm:" NSS DB, 2022-04-28) we delete that
|
||||
in-memory key as a workaround for the NSS dbm -> sqlite transition.
|
||||
|
||||
Fix the problem by not deleting the in-memory private key in the LOK
|
||||
case: this makes the test (operating in a stateless mode, with in-memory
|
||||
keys) pass again and keeps the desktop signing (working with the NSS DB)
|
||||
working.
|
||||
|
||||
I noticed this test failure as a local test update of libxmlsec to 1.3
|
||||
RC started to fail here even when the whole suite was running, but looks
|
||||
like this was working by accident before anyway, and the fix doesn't
|
||||
hurt for libxmlsec 1.2, either.
|
||||
|
||||
Change-Id: Id365ddc5c5d04d538609f444c0e3c4ab4b32a6fd
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/148817
|
||||
Tested-by: Jenkins
|
||||
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
||||
---
|
||||
svl/source/crypto/cryptosign.cxx | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/svl/source/crypto/cryptosign.cxx b/svl/source/crypto/cryptosign.cxx
|
||||
index 1d6337845569..e68ccb8aafda 100644
|
||||
--- a/svl/source/crypto/cryptosign.cxx
|
||||
+++ b/svl/source/crypto/cryptosign.cxx
|
||||
@@ -26,6 +26,7 @@
|
||||
#include <comphelper/processfactory.hxx>
|
||||
#include <comphelper/random.hxx>
|
||||
#include <comphelper/scopeguard.hxx>
|
||||
+#include <comphelper/lok.hxx>
|
||||
#include <com/sun/star/security/XCertificate.hpp>
|
||||
#include <com/sun/star/uno/Sequence.hxx>
|
||||
#include <o3tl/char16_t2wchar_t.hxx>
|
||||
@@ -640,7 +641,11 @@ NSSCMSMessage *CreateCMSMessage(const PRTime* time,
|
||||
// if it works, and fallback if it doesn't.
|
||||
if (SECKEYPrivateKey * pPrivateKey = PK11_FindKeyByAnyCert(cert, nullptr))
|
||||
{
|
||||
- SECKEY_DestroyPrivateKey(pPrivateKey);
|
||||
+ if (!comphelper::LibreOfficeKit::isActive())
|
||||
+ {
|
||||
+ // pPrivateKey only exists in the memory in the LOK case, don't delete it.
|
||||
+ SECKEY_DestroyPrivateKey(pPrivateKey);
|
||||
+ }
|
||||
*cms_signer = NSS_CMSSignerInfo_Create(result, cert, SEC_OID_SHA256);
|
||||
}
|
||||
else
|
||||
--
|
||||
cgit v1.2.1
|
||||
|
||||
Loading…
Reference in new issue