SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Peter Kovacs-3
Hello all,


I would like to ask if I or any other from OpenOffice Development team
can port the patch from LibreOffice to OpenOffice to fix this Issue
under the APL2 License, so the Issue can be fixed in OpenOffice without
more work then necessary.

LO Issue: 114939

OO Issue: 127661

Thanks for your considerations.


All the Best

Peter



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Keith N. McKenna
On 7/24/2019 6:43 PM, Peter Kovacs wrote:

> Hello all,
>
>
> I would like to ask if I or any other from OpenOffice Development team
> can port the patch from LibreOffice to OpenOffice to fix this Issue
> under the APL2 License, so the Issue can be fixed in OpenOffice without
> more work then necessary.
>
> LO Issue: 114939
>
> OO Issue: 127661
>
> Thanks for your considerations.
>
>
> All the Best
>
> Peter
>
Peter;

I believe that unless the LO developer agrees to license it also under
the ALv2 we cannot commit it to our code base.

Regards
Keith



signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

FR web forum


----- Mail original -----
> I believe that unless the LO developer agrees to license it also
> under the ALv2 we cannot commit it to our code base.
+1
The author is Michael Stahl, employed at CIB GmbH.
This company is copyleft addicted and LibO side only.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Peter Kovacs-3
Call me naive. I wanted to have the question asked. No one should say that we did not try it this way.  

Am 25. Juli 2019 09:38:28 MESZ schrieb Bidouille <[hidden email]>:

>
>
>----- Mail original -----
>> I believe that unless the LO developer agrees to license it also
>> under the ALv2 we cannot commit it to our code base.
>+1
>The author is Michael Stahl, employed at CIB GmbH.
>This company is copyleft addicted and LibO side only.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [hidden email]
>For additional commands, e-mail: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Keith N. McKenna
In reply to this post by FR web forum
On 7/25/2019 1:26 PM, Peter Kovacs wrote:

> Call me naive. I wanted to have the question asked. No one should say that we did not try it this way.  
>
> Am 25. Juli 2019 09:38:28 MESZ schrieb Bidouille <[hidden email]>:
>>
>>
>> ----- Mail original -----
>>> I believe that unless the LO developer agrees to license it also
>>> under the ALv2 we cannot commit it to our code base.
>> +1
>> The author is Michael Stahl, employed at CIB GmbH.
>> This company is copyleft addicted and LibO side only.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>
Peter;

For other questions around handling other licenses see the 3rd Party
License Policy at https://www.apache.org/legal/resolved.html


signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Raphael Bircher-3
If the code is released from the original author under Apache License
v2.0 then we can include it, else we have to write our own solution

On Thu, Jul 25, 2019 at 9:54 PM Keith N. McKenna
<[hidden email]> wrote:

>
> On 7/25/2019 1:26 PM, Peter Kovacs wrote:
> > Call me naive. I wanted to have the question asked. No one should say that we did not try it this way.
> >
> > Am 25. Juli 2019 09:38:28 MESZ schrieb Bidouille <[hidden email]>:
> >>
> >>
> >> ----- Mail original -----
> >>> I believe that unless the LO developer agrees to license it also
> >>> under the ALv2 we cannot commit it to our code base.
> >> +1
> >> The author is Michael Stahl, employed at CIB GmbH.
> >> This company is copyleft addicted and LibO side only.
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [hidden email]
> >> For additional commands, e-mail: [hidden email]
> >
> Peter;
>
> For other questions around handling other licenses see the 3rd Party
> License Policy at https://www.apache.org/legal/resolved.html
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Dr. Michael Stehmann-2
OT:

Hi, Raphael - wb

Regards
Michael



signature.asc (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Branko Čibej
In reply to this post by Peter Kovacs-3
On 25.07.2019 00:43, Peter Kovacs wrote:
> Hello all,
>
>
> I would like to ask if I or any other from OpenOffice Development team
> can port the patch from LibreOffice to OpenOffice to fix this Issue
> under the APL2 License, so the Issue can be fixed in OpenOffice without
> more work then necessary.


Would it be appropriate to use the hash code from APR
(https://apr.apacha.org)? The license fits, and that code has been
stable and well tested for ages. But I'm not sure if it fits your FIPS
compliance requirements.

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Peter Kovacs-3
In reply to this post by Raphael Bircher-3
OT:

Welcome back Rafael!

On 25.07.19 22:57, Raphael Bircher wrote:

> If the code is released from the original author under Apache License
> v2.0 then we can include it, else we have to write our own solution
>
> On Thu, Jul 25, 2019 at 9:54 PM Keith N. McKenna
> <[hidden email]> wrote:
>> On 7/25/2019 1:26 PM, Peter Kovacs wrote:
>>> Call me naive. I wanted to have the question asked. No one should say that we did not try it this way.
>>>
>>> Am 25. Juli 2019 09:38:28 MESZ schrieb Bidouille <[hidden email]>:
>>>>
>>>> ----- Mail original -----
>>>>> I believe that unless the LO developer agrees to license it also
>>>>> under the ALv2 we cannot commit it to our code base.
>>>> +1
>>>> The author is Michael Stahl, employed at CIB GmbH.
>>>> This company is copyleft addicted and LibO side only.
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [hidden email]
>>>> For additional commands, e-mail: [hidden email]
>> Peter;
>>
>> For other questions around handling other licenses see the 3rd Party
>> License Policy at https://www.apache.org/legal/resolved.html
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Peter Kovacs-3
In reply to this post by Branko Čibej
Hi Brane,

This is a very nice Idea. Maybe even beyond the immediate idea on fixing
the SHA implementation.

Thanks a lot for this Idea.


All the Best

Peter

On 26.07.19 12:36, Branko Čibej wrote:

> On 25.07.2019 00:43, Peter Kovacs wrote:
>> Hello all,
>>
>>
>> I would like to ask if I or any other from OpenOffice Development team
>> can port the patch from LibreOffice to OpenOffice to fix this Issue
>> under the APL2 License, so the Issue can be fixed in OpenOffice without
>> more work then necessary.
>
> Would it be appropriate to use the hash code from APR
> (https://apr.apacha.org)? The license fits, and that code has been
> stable and well tested for ages. But I'm not sure if it fits your FIPS
> compliance requirements.
>
> -- Brane
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: SHA1/MD5 in sal/rtl/source/digest.c patch license able for OO

Damjan Jovanovic
If you read through the LO bug report, you'll see that there are many
patches for this bug, affecting multiple modules.

Why?

The historical files that are valid but have the wrong checksum due to
having been written by the broken [OO.org-derivative] implementations when
they were created, will still be accepted as valid by future versions of LO.

I think they have quite an involved bug fix, with new UI dialogs for those
cases, etc.

On Sat, Jul 27, 2019 at 9:50 AM Peter Kovacs <[hidden email]> wrote:

> Hi Brane,
>
> This is a very nice Idea. Maybe even beyond the immediate idea on fixing
> the SHA implementation.
>
> Thanks a lot for this Idea.
>
>
> All the Best
>
> Peter
>
> On 26.07.19 12:36, Branko Čibej wrote:
> > On 25.07.2019 00:43, Peter Kovacs wrote:
> >> Hello all,
> >>
> >>
> >> I would like to ask if I or any other from OpenOffice Development team
> >> can port the patch from LibreOffice to OpenOffice to fix this Issue
> >> under the APL2 License, so the Issue can be fixed in OpenOffice without
> >> more work then necessary.
> >
> > Would it be appropriate to use the hash code from APR
> > (https://apr.apacha.org)? The license fits, and that code has been
> > stable and well tested for ages. But I'm not sure if it fits your FIPS
> > compliance requirements.
> >
> > -- Brane
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>