On 11/8/13 1:18 PM, Herbert Duerr wrote: > As discussed in the thread "AOO Security Features without Mozilla" I > removed the dependency on the ancient Seamonkey-1.1 binaries and use the > NSS libraries ("Network Security Services") instead. This major rework > has been integrated into trunk now. > > If you are working on trunk you'll notice that the moz module and the > configure switch named --disable-mozilla is gone. This switch was > sometimes used to build Apache OpenOffice without security services. If > you want to continue building without security services please use the > --disable-nss-module instead. Whether such an insecure AOO build is > something to aim for is dubious though, especially since the biggest > hurdles to enable this functionality have been removed which were: > - building the Seamonkey-1.1 using special old compiler versions > - providing zip-archives of such prebuilt Seamonkey-1.1 binaries > are no longer needed. Good riddance. > > If you are working on Windows then you'll notice that the > --with-mozilla-build option is still there as NSS being part of the > Mozilla project needs the Mozilla build environment. If you object to > install the Mozilla build environment then you couldn't build the > moz+nss modules on Windows then and cannot build nss on Windows now. > Please use the --disable-nss-module or the --disable-category-B switches > if providing the Mozilla build environment for NSS is out of the question. > > As shown in the earlier thread on this topic the address books provided > via the old Seamonkey binaries were quite bit-rotten and often didn't > work on modern systems. There is a good chance that their successors > will be ready for AOO 4.1 and solve most current problems. Volunteers > who'd like to dive right into AOO's SDBC subsytem and write drivers for > Mork, LDAP or MAB address book formats are welcome. Especially power > users of the older implementations who suffered their shortcomings may > find this chance interesting. > > With the Seamonkey-1.1 compatibility requirement removed it was now also > possible to do an overdue update of the security critical NSS libraries > to their latest released version. Thanks to Pedro for his initial patch > on the platform-independent part of the library update. >
thanks Herbert for the update, this are good news ... A further good step would be to get rid of nss and use openssl instead and use the system certificate stores on the different platforms. If I understand it correct that is the main advantage of nss, it has it's own certificate store. But anyway very good news and a further step in the right direction. Maybe some other volunteers are interested or already have knowledge how to use the system cert store and can help ... Juergen --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org For additional commands, e-mail: dev-h...@openoffice.apache.org