[Libreoffice-commits] core.git: Branch 'libreoffice-7-5' - desktop/source extensions/source include/curlinit.hxx lingucomponent/source linguistic/source svl/source ucb/source
desktop/source/app/updater.cxx|4
desktop/source/minidump/minidump.cxx |4
extensions/source/update/check/download.cxx |4
include/curlinit.hxx | 59
++
lingucomponent/source/spellcheck/languagetool/languagetoolimp.cxx |5
linguistic/source/translate.cxx |4
svl/source/crypto/cryptosign.cxx |6 +
ucb/source/ucp/cmis/cmis_content.cxx |5
ucb/source/ucp/ftp/ftploaderthread.cxx|4
ucb/source/ucp/webdav-curl/CurlSession.cxx|2
10 files changed, 97 insertions(+)
New commits:
commit 045bef390a025c3615d904524bf5ee21fa697ca4
Author: Michael Stahl
AuthorDate: Fri Nov 3 20:16:09 2023 +0100
Commit: Xisco Fauli
CommitDate: Mon Nov 20 16:29:41 2023 +0100
curl: mitigate migration to OpenSSL on Linux
The problem is that curl 8.3.0 removed the NSS backend, so we now
have no other choice than to use the bundled OpenSSL on Linux.
Currently any curl https connection fails with:
CurlSession.cxx:963: curl_easy_perform failed: (60) SSL certificate
problem: unable to get local issuer certificate
Apparently this requires manually telling curl which CA certificates to
trust; there is a configure flag --with-ca-bundle but that is useless as
it tries to load the file relative to whatever is the current working
directory, and also did i mention that there are at least 3 different
locations where a Linux system may store its system trusted CA
certificates because ALL ABOUT CHOICE.
So add a new header with an init function to try out various file
locations listed in this nice blog article and call it from way too many
places that independently use curl.
https://www.happyassassin.net/posts/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/
TODO: perhaps bundle a cacert.pem as a fallback in case the system chose
to innovate by putting its certificates in yet another unexpected place
(regression from commit c2930ebff82c4f7ffe8377ab82627131f8544226)
Change-Id: Ibf1cc0069bc2ae011ecead9a4c2b455e94b01241
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158915
Tested-by: Jenkins
Reviewed-by: Michael Stahl
(cherry picked from commit 11f439b861922b9286b2e47ed326f3508a48d44e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159125
Reviewed-by: Xisco Fauli
diff --git a/desktop/source/app/updater.cxx b/desktop/source/app/updater.cxx
index 5fb18dfad0bf..4e4d2cda413f 100644
--- a/desktop/source/app/updater.cxx
+++ b/desktop/source/app/updater.cxx
@@ -37,6 +37,8 @@
#include
#include
#include
+
+#include
#include
#include
@@ -546,6 +548,8 @@ std::string download_content(const OString& rURL, bool
bFile, OUString& rHash)
if (!curl)
return std::string();
+::InitCurl_easy(curl.get());
+
curl_easy_setopt(curl.get(), CURLOPT_URL, rURL.getStr());
curl_easy_setopt(curl.get(), CURLOPT_USERAGENT, kUserAgent);
bool bUseProxy = false;
diff --git a/desktop/source/minidump/minidump.cxx
b/desktop/source/minidump/minidump.cxx
index 0bf20f2aa419..7fbb0884987d 100644
--- a/desktop/source/minidump/minidump.cxx
+++ b/desktop/source/minidump/minidump.cxx
@@ -17,6 +17,8 @@
#include
+#include
+
#ifdef _WIN32
#include
#include
@@ -95,6 +97,8 @@ static bool uploadContent(std::map&
parameters, std::s
if (!curl)
return false;
+::InitCurl_easy(curl);
+
std::string proxy, proxy_user_pwd, ca_certificate_file, file, url, version;
getProperty("Proxy", proxy, parameters);
diff --git a/extensions/source/update/check/download.cxx
b/extensions/source/update/check/download.cxx
index ba371bdee570..cdbbe2c32734 100644
--- a/extensions/source/update/check/download.cxx
+++ b/extensions/source/update/check/download.cxx
@@ -23,6 +23,8 @@
#include
+#include
+
#include
#include
#include
@@ -222,6 +224,8 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
if( nullptr != pCURL )
{
+::InitCurl_easy(pCURL);
+
out.curl = pCURL;
OString aURL(OUStringToOString(rURL, RTL_TEXTENCODING_UTF8));
diff --git a/include/curlinit.hxx b/include/curlinit.hxx
new file mode 100644
index ..8b3a9968419d
--- /dev/null
+++ b/include/curlinit.hxx
@@ -0,0 +1,59 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4;
fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MP
[Libreoffice-commits] core.git: Branch 'libreoffice-7-5' - desktop/source extensions/source
desktop/source/app/updater.cxx |6 +++--- extensions/source/update/check/download.cxx |6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) New commits: commit fc4b3cf771499b7f333ed7ec4779d0cfaa2c875a Author: Julien Nabet AuthorDate: Wed Jan 11 11:28:27 2023 +0100 Commit: Christian Lohmaier CommitDate: Thu Jan 12 20:22:41 2023 + Curl:CURLOPT_REDIR_PROTOCOLS(_STR): use only "https", not "http" Change-Id: If615503b598f6823d7978f12e666832c82b63ece Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145334 Tested-by: Jenkins Reviewed-by: Michael Stahl (cherry picked from commit e78859005b632860c9464335fdf6836c4fd41807) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145310 Reviewed-by: Christian Lohmaier diff --git a/desktop/source/app/updater.cxx b/desktop/source/app/updater.cxx index f74dfbeceb6e..5fb18dfad0bf 100644 --- a/desktop/source/app/updater.cxx +++ b/desktop/source/app/updater.cxx @@ -562,11 +562,11 @@ std::string download_content(const OString& rURL, bool bFile, OUString& rHash) headerlist = curl_slist_append(headerlist, buf); curl_easy_setopt(curl.get(), CURLOPT_HTTPHEADER, headerlist); curl_easy_setopt(curl.get(), CURLOPT_FOLLOWLOCATION, 1); // follow redirects -// only allow redirect to http:// and https:// +// only allow redirect to https:// #if (LIBCURL_VERSION_MAJOR > 7) || (LIBCURL_VERSION_MAJOR == 7 && LIBCURL_VERSION_MINOR >= 85) -curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS_STR, "http,https"); +curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS_STR, "https"); #else -curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); +curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS); #endif std::string response_body; diff --git a/extensions/source/update/check/download.cxx b/extensions/source/update/check/download.cxx index 4ba5863930ba..ba371bdee570 100644 --- a/extensions/source/update/check/download.cxx +++ b/extensions/source/update/check/download.cxx @@ -232,11 +232,11 @@ static bool curl_run(std::u16string_view rURL, OutData& out, const OString& aPro // enable redirection (void)curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1); -// only allow redirect to http:// and https:// +// only allow redirect to https:// #if (LIBCURL_VERSION_MAJOR > 7) || (LIBCURL_VERSION_MAJOR == 7 && LIBCURL_VERSION_MINOR >= 85) -curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS_STR, "http,https"); +curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS_STR, "https"); #else -curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); +curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS); #endif // write function
[Libreoffice-commits] core.git: Branch 'libreoffice-7-5' - desktop/source extensions/source
desktop/source/app/updater.cxx |6 +-
extensions/source/update/check/download.cxx | 22 +-
2 files changed, 18 insertions(+), 10 deletions(-)
New commits:
commit 3a3f6fb74781b4e1def227e88d2b96449acdc4c1
Author: Julien Nabet
AuthorDate: Mon Jan 9 13:54:45 2023 +0100
Commit: Xisco Fauli
CommitDate: Thu Jan 12 08:23:36 2023 +
Fix types for Curl elements (update part)
"CURLOPT_REDIR_PROTOCOLS_STR" has been added with Curl 7.85
so check if Curl version is 7.85 min or use the previous version
"CURLOPT_REDIR_PROTOCOLS"
Change-Id: Iacf6a3c37aba63d615eaa93352b098b1c9183533
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145208
Reviewed-by: Michael Stahl
Tested-by: Jenkins
(cherry picked from commit 071c66521c6db7136ea7f4606d48ab9fbcc4c71d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145304
Reviewed-by: Xisco Fauli
diff --git a/desktop/source/app/updater.cxx b/desktop/source/app/updater.cxx
index 9f60a64d7235..f74dfbeceb6e 100644
--- a/desktop/source/app/updater.cxx
+++ b/desktop/source/app/updater.cxx
@@ -563,7 +563,11 @@ std::string download_content(const OString& rURL, bool
bFile, OUString& rHash)
curl_easy_setopt(curl.get(), CURLOPT_HTTPHEADER, headerlist);
curl_easy_setopt(curl.get(), CURLOPT_FOLLOWLOCATION, 1); // follow
redirects
// only allow redirect to http:// and https://
-curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS_STR, CURLPROTO_HTTP |
CURLPROTO_HTTPS);
+#if (LIBCURL_VERSION_MAJOR > 7) || (LIBCURL_VERSION_MAJOR == 7 &&
LIBCURL_VERSION_MINOR >= 85)
+curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS_STR, "http,https");
+#else
+curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP |
CURLPROTO_HTTPS);
+#endif
std::string response_body;
utl::TempFileNamed aTempFile;
diff --git a/extensions/source/update/check/download.cxx
b/extensions/source/update/check/download.cxx
index 3b76f9cc8a27..4ba5863930ba 100644
--- a/extensions/source/update/check/download.cxx
+++ b/extensions/source/update/check/download.cxx
@@ -60,8 +60,8 @@ static void openFile( OutData& out )
char * effective_url;
curl_easy_getinfo(out.curl, CURLINFO_EFFECTIVE_URL, &effective_url);
-double fDownloadSize;
-curl_easy_getinfo(out.curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&fDownloadSize);
+curl_off_t nDownloadSize;
+curl_easy_getinfo(out.curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&nDownloadSize);
OString aURL(effective_url);
@@ -94,7 +94,7 @@ static void openFile( OutData& out )
} while( osl_File_E_EXIST == rc );
if( osl_File_E_None == rc )
-out.Handler->downloadStarted(out.File,
static_cast(fDownloadSize));
+out.Handler->downloadStarted(out.File,
static_cast(nDownloadSize));
}
}
@@ -140,7 +140,7 @@ write_function( void *ptr, size_t size, size_t nmemb, void
*stream )
static int
-progress_callback( void *clientp, double dltotal, double dlnow,
SAL_UNUSED_PARAMETER double, SAL_UNUSED_PARAMETER double )
+progress_callback( void *clientp, curl_off_t dltotal, curl_off_t dlnow,
SAL_UNUSED_PARAMETER curl_off_t, SAL_UNUSED_PARAMETER curl_off_t)
{
OutData *out = static_cast < OutData * > (clientp);
@@ -148,7 +148,7 @@ progress_callback( void *clientp, double dltotal, double
dlnow, SAL_UNUSED_PARAM
if (out && !out->StopCondition.check())
{
-double fPercent = 0;
+float fPercent = 0;
if ( dltotal + out->Offset )
fPercent = (dlnow + out->Offset) * 100 / (dltotal + out->Offset);
if( fPercent < 0 )
@@ -233,7 +233,11 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
// enable redirection
(void)curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1);
// only allow redirect to http:// and https://
-(void)curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS_STR,
CURLPROTO_HTTP | CURLPROTO_HTTPS);
+#if (LIBCURL_VERSION_MAJOR > 7) || (LIBCURL_VERSION_MAJOR == 7 &&
LIBCURL_VERSION_MINOR >= 85)
+curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS_STR, "http,https");
+#else
+curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP |
CURLPROTO_HTTPS);
+#endif
// write function
(void)curl_easy_setopt(pCURL, CURLOPT_WRITEDATA, &out);
@@ -274,9 +278,9 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
{
// this sometimes happens, when a user throws away his user data,
but has already
// completed the download of an update.
-double fDownloadSize;
-curl_easy_getinfo( pCURL, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&fDownloadSize );
-if ( -1 == fDownloadSize )
+curl_off_t nDownloadSize;
+curl_easy_getinfo( pCURL, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&nDownloadSize );
+if ( -1 == nDownloadS
[Libreoffice-commits] core.git: Branch 'libreoffice-7-5' - desktop/source extensions/source
desktop/source/app/updater.cxx |2 +-
extensions/source/update/check/download.cxx |8
2 files changed, 5 insertions(+), 5 deletions(-)
New commits:
commit b0684feb0a1f012adaa9bb21bf730bf90601e9d9
Author: Julien Nabet
AuthorDate: Mon Jan 9 09:01:41 2023 +0100
Commit: Xisco Fauli
CommitDate: Wed Jan 11 09:46:31 2023 +
Fix deprecated Curl elements for update part
Change-Id: Ide008c8a80800b33c8104ec3d697e836fae73827
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145186
Tested-by: Jenkins
Reviewed-by: Julien Nabet
(cherry picked from commit 6410fafc6f4d58062d82f86549303f4ae2eec32a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145223
Reviewed-by: Xisco Fauli
diff --git a/desktop/source/app/updater.cxx b/desktop/source/app/updater.cxx
index e0d5bcd832b5..9f60a64d7235 100644
--- a/desktop/source/app/updater.cxx
+++ b/desktop/source/app/updater.cxx
@@ -563,7 +563,7 @@ std::string download_content(const OString& rURL, bool
bFile, OUString& rHash)
curl_easy_setopt(curl.get(), CURLOPT_HTTPHEADER, headerlist);
curl_easy_setopt(curl.get(), CURLOPT_FOLLOWLOCATION, 1); // follow
redirects
// only allow redirect to http:// and https://
-curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP |
CURLPROTO_HTTPS);
+curl_easy_setopt(curl.get(), CURLOPT_REDIR_PROTOCOLS_STR, CURLPROTO_HTTP |
CURLPROTO_HTTPS);
std::string response_body;
utl::TempFileNamed aTempFile;
diff --git a/extensions/source/update/check/download.cxx
b/extensions/source/update/check/download.cxx
index 387c1efd7a4f..3b76f9cc8a27 100644
--- a/extensions/source/update/check/download.cxx
+++ b/extensions/source/update/check/download.cxx
@@ -61,7 +61,7 @@ static void openFile( OutData& out )
curl_easy_getinfo(out.curl, CURLINFO_EFFECTIVE_URL, &effective_url);
double fDownloadSize;
-curl_easy_getinfo(out.curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD,
&fDownloadSize);
+curl_easy_getinfo(out.curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&fDownloadSize);
OString aURL(effective_url);
@@ -233,7 +233,7 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
// enable redirection
(void)curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1);
// only allow redirect to http:// and https://
-(void)curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP
| CURLPROTO_HTTPS);
+(void)curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS_STR,
CURLPROTO_HTTP | CURLPROTO_HTTPS);
// write function
(void)curl_easy_setopt(pCURL, CURLOPT_WRITEDATA, &out);
@@ -241,7 +241,7 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
// progress handler - Condition::check unfortunately is not defined
const
(void)curl_easy_setopt(pCURL, CURLOPT_NOPROGRESS, 0);
-(void)curl_easy_setopt(pCURL, CURLOPT_PROGRESSFUNCTION,
&progress_callback);
+(void)curl_easy_setopt(pCURL, CURLOPT_XFERINFOFUNCTION,
&progress_callback);
(void)curl_easy_setopt(pCURL, CURLOPT_PROGRESSDATA, &out);
// proxy
@@ -275,7 +275,7 @@ static bool curl_run(std::u16string_view rURL, OutData&
out, const OString& aPro
// this sometimes happens, when a user throws away his user data,
but has already
// completed the download of an update.
double fDownloadSize;
-curl_easy_getinfo( pCURL, CURLINFO_CONTENT_LENGTH_DOWNLOAD,
&fDownloadSize );
+curl_easy_getinfo( pCURL, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
&fDownloadSize );
if ( -1 == fDownloadSize )
{
out.Handler->downloadFinished(out.File);
