On 11/8/13 1:18 PM, Herbert Duerr wrote:
> As discussed in the thread "AOO Security Features without Mozilla" I
> removed the dependency on the ancient Seamonkey-1.1 binaries and use the
> NSS libraries ("Network Security Services") instead. This major rework
> has been integrated into trunk now.
>
> If you are working on trunk you'll notice that the moz module and the
> configure switch named --disable-mozilla is gone. This switch was
> sometimes used to build Apache OpenOffice without security services. If
> you want to continue building without security services please use the
> --disable-nss-module instead. Whether such an insecure AOO build is
> something to aim for is dubious though, especially since the biggest
> hurdles to enable this functionality have been removed which were:
> - building the Seamonkey-1.1 using special old compiler versions
> - providing zip-archives of such prebuilt Seamonkey-1.1 binaries
> are no longer needed. Good riddance.
>
> If you are working on Windows then you'll notice that the
> --with-mozilla-build option is still there as NSS being part of the
> Mozilla project needs the Mozilla build environment. If you object to
> install the Mozilla build environment then you couldn't build the
> moz+nss modules on Windows then and cannot build nss on Windows now.
> Please use the --disable-nss-module or the --disable-category-B switches
> if providing the Mozilla build environment for NSS is out of the question.
>
> As shown in the earlier thread on this topic the address books provided
> via the old Seamonkey binaries were quite bit-rotten and often didn't
> work on modern systems. There is a good chance that their successors
> will be ready for AOO 4.1 and solve most current problems. Volunteers
> who'd like to dive right into AOO's SDBC subsytem and write drivers for
> Mork, LDAP or MAB address book formats are welcome. Especially power
> users of the older implementations who suffered their shortcomings may
> find this chance interesting.
>
> With the Seamonkey-1.1 compatibility requirement removed it was now also
> possible to do an overdue update of the security critical NSS libraries
> to their latest released version. Thanks to Pedro for his initial patch
> on the platform-independent part of the library update.
>
thanks Herbert for the update, this are good news ...
A further good step would be to get rid of nss and use openssl instead
and use the system certificate stores on the different platforms. If I
understand it correct that is the main advantage of nss, it has it's own
certificate store.
But anyway very good news and a further step in the right direction.
Maybe some other volunteers are interested or already have knowledge how
to use the system cert store and can help ...
Juergen
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
