configure.ac | 12 ++++++++++++ loolwsd-systemplate-setup | 4 +++- tools/Config.cpp | 5 +++++ wsd/FileServer.cpp | 7 +++++++ 4 files changed, 27 insertions(+), 1 deletion(-)
New commits: commit 945d74c2379b7fd5759d7bd19c673cb2926b3dc3 Author: Andras Timar <[email protected]> Date: Mon Jul 10 18:22:05 2017 +0200 wsd: fix compilation with old OpenSSL that does not have PKCS5_PBKDF2_HMAC() Change-Id: If48641f6cbcc4d4ded78ea5cc9c9f66063a2ac0a Reviewed-on: https://gerrit.libreoffice.org/39779 Reviewed-by: Michael Meeks <[email protected]> Tested-by: Michael Meeks <[email protected]> diff --git a/configure.ac b/configure.ac index 45a4160f..2c22e887 100644 --- a/configure.ac +++ b/configure.ac @@ -281,6 +281,18 @@ else AC_DEFINE([DISABLE_SECCOMP],1,[Whether to disable SECCOMP]) fi +AC_MSG_CHECKING([Whether OpenSSL has PKCS5_PBKDF2_HMAC()]) +AC_COMPILE_IFELSE([AC_LANG_SOURCE([ +#include <openssl/opensslv.h> +#if OPENSSL_VERSION_NUMBER < 0x10001000L +#error PKCS5_PBKDF2_HMAC() is in OpenSSL 1.0.1 or newer +#endif +])], + [AC_MSG_RESULT([yes]) + AC_DEFINE([HAVE_PKCS5_PBKDF2_HMAC],1,[whether OpenSSL has PKCS5_PBKDF2_HMAC()])], + [AC_MSG_RESULT([no]) + AC_MSG_WARN([OpenSSL is too old. Secure password storage for Admin Console is not supported.]) + AC_DEFINE([HAVE_PKCS5_PBKDF2_HMAC],0,[Whether OpenSSL has PKCS5_PBKDF2_HMAC()])]) AC_MSG_CHECKING([POCO version]) AC_COMPILE_IFELSE([AC_LANG_SOURCE([ diff --git a/tools/Config.cpp b/tools/Config.cpp index 232cc569..72808920 100644 --- a/tools/Config.cpp +++ b/tools/Config.cpp @@ -153,6 +153,7 @@ int Config::main(const std::vector<std::string>& args) return Application::EXIT_NOINPUT; } +#if HAVE_PKCS5_PBKDF2_HMAC _loolConfig.load(ConfigFile); for (unsigned i = 0; i < args.size(); i++) { @@ -221,6 +222,10 @@ int Config::main(const std::vector<std::string>& args) // This tool only handles options, nothing to do here return Application::EXIT_OK; +#else + std::cerr << "This application was compiled with old OpenSSL. Operation not supported. You can use plain text password in /etc/loolwsd/loolwsd.xml." << std::endl; + return Application::EXIT_UNAVAILABLE; +#endif } POCO_APP_MAIN(Config); diff --git a/wsd/FileServer.cpp b/wsd/FileServer.cpp index 90636e08..f6c3c74f 100644 --- a/wsd/FileServer.cpp +++ b/wsd/FileServer.cpp @@ -84,8 +84,10 @@ bool FileServerRequestHandler::isAdminLoggedIn(const HTTPRequest& request, // If no cookie found, or is invalid, let admin re-login const std::string user = config.getString("admin_console.username", ""); std::string pass = config.getString("admin_console.password", ""); + if (config.has("admin_console.secure_password")) { +#if HAVE_PKCS5_PBKDF2_HMAC pass = config.getString("admin_console.secure_password"); // Extract the salt from the config std::vector<unsigned char> saltData; @@ -114,6 +116,11 @@ bool FileServerRequestHandler::isAdminLoggedIn(const HTTPRequest& request, userProvidedPwd = stream.str(); pass = tokens[4]; +#else + LOG_ERR("The config file has admin_console.secure_password setting, " + << "but this application was compiled with old OpenSSL version, " + << "and this setting cannot be used. Falling back to plain text password, if it is set."); +#endif } if (user.empty() || pass.empty()) commit 478e803819339f99920d1b6be805fbaa0db66ae2 Author: Andras Timar <[email protected]> Date: Tue Jul 11 12:39:10 2017 +0200 add xpdfimport dependencies (e.g. system libpoppler) to systemplate Change-Id: Iedb77cc0eed107899b15d3d471edcfa0f655d176 diff --git a/loolwsd-systemplate-setup b/loolwsd-systemplate-setup index 729220c3..1bd4bd66 100755 --- a/loolwsd-systemplate-setup +++ b/loolwsd-systemplate-setup @@ -37,6 +37,7 @@ find etc/passwd etc/group etc/hosts \ usr/share/zoneinfo/* \ usr/share/liblangtag \ usr/lib/libpng* usr/lib64/libpng* lib/*-linux-gnu/libpng* \ + usr/lib/*-linux-gnu/liblcms2* \ -type f find etc/fonts \ @@ -45,11 +46,12 @@ find etc/fonts \ lib/libcap* lib64/libcap* lib/*-linux-gnu/libcap* \ lib/libattr* lib/*-linux-gnu/libattr* \ usr/lib/libpng* usr/lib64/libpng* lib/*-linux-gnu/libpng* \ + usr/lib/*-linux-gnu/liblcms2* \ -type l # Go through the LO shared objects and check what system libraries # they link to. -find $INSTDIR -name '*.so' -o -name '*.so.[0-9]*' | +find $INSTDIR -name '*.so' -o -name '*.so.[0-9]*' -o -name 'xpdfimport' | while read file; do ldd $file 2>/dev/null done | _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
