#i125431# "The Password is incorrect. The file cannot be opened."

Fix a serious cross-platform regression caused during SeaMonkey's removal and first released in version 4.1.0, where all features provided by NSS (like opening and saving encrypted documents, digital signatures, etc.) were failing. SYSTEM_MOZILLA doesn't exist any more, yet was being used to check whether to skip loading nssckbi when SECMOD_HasRootCerts() is true, so we were always attempting to load it even when not necessary. Also with SYSTEM_MOZILLA skipping loading it from the system path, we were always trying to load it from "${OOO_BASE_DIR}/program/libnssckbi.so" even when it wasn't there because --with-system-nss was passed to ./configure. This patch fixes the above problems by using SYSTEM_NSS instead of SYSTEM_MOZILLA, which actually exists, now both skipping loading nssckbi when unnecessary, and loading it from the right place when necessary. Patch-by: me git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1724971 13f79535-47bb-0310-9956-ffa450edef68
apache · Jan 16, 2016 · 1b37335 · 1b37335
1 parent b58ac25
commit 1b37335
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/main/xmlsecurity/source/xmlsec/nss/makefile.mk b/main/xmlsecurity/source/xmlsec/nss/makefile.mk
@@ -42,6 +42,10 @@ CFLAGS+=-DSYSTEM_LIBXML $(LIBXML_CFLAGS)
 	@echo "No nss -> no libxmlsec -> no xmlsecurity/nss"
 .ENDIF
 
+.IF "$(SYSTEM_NSS)" == "YES"
+CFLAGS+=-DSYSTEM_NSS
+.ENDIF
+
 .IF "$(SYSTEM_NSS)" != "YES"
 MOZ_INC = $(SOLARVERSION)$/$(INPATH)$/inc$(UPDMINOREXT)$/mozilla
 NSS_CFLAGS = -I$(MOZ_INC)$/nss

diff --git a/main/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx b/main/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
@@ -234,7 +234,7 @@ ::rtl::OString getMozillaCurrentProfile( const css::uno::Reference< css::lang::X
 //the location of the roots module to the profile, which makes FF2 and TB2 use
 //it instead of there own module.
 //
-//When using SYSTEM_MOZILLA then the libnss3.so lib is typically found in
+//When using SYSTEM_NSS then the libnss3.so lib is typically found in
 ///usr/lib. This folder may, however, NOT contain the roots certificate
 //module. That is, just providing the library name in SECMOD_LoadUserModule or
 //SECMOD_AddNewModule will FAIL to load the mozilla unless the LD_LIBRARY_PATH
@@ -289,7 +289,7 @@ bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFa
     out_nss_init = true;
 
 #ifdef XMLSEC_CRYPTO_NSS
-#if defined SYSTEM_MOZILLA
+#if defined SYSTEM_NSS
     if (!SECMOD_HasRootCerts())
     {
 #endif
@@ -298,7 +298,7 @@ bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFa
 #if defined OS2
         // YD the nss system dlls names are ending with 'k'
         OUString rootModule(RTL_CONSTASCII_USTRINGPARAM( "nssckbik" SAL_DLLEXTENSION));
-#elif defined SYSTEM_MOZILLA
+#elif defined SYSTEM_NSS
         OUString rootModule(RTL_CONSTASCII_USTRINGPARAM( "libnssckbi" SAL_DLLEXTENSION));
 #else
         OUString rootModule(RTL_CONSTASCII_USTRINGPARAM( "${OOO_BASE_DIR}/program/libnssckbi" SAL_DLLEXTENSION));
@@ -352,7 +352,7 @@ bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFa
             xmlsec_trace("Adding new root certificate module failed.");
             return_value = false;
         }
-#if SYSTEM_MOZILLA
+#if SYSTEM_NSS
     }
 #endif
 #endif