Open attachment 190684 [details]. When asked to allow signed macros, make sure to check "always trust macros from this source". Now, when the certificate is added to trusted, open Options->LibreOffice->Security->Macro Security. On Trusted Sources tab, remove the certificate, and press OK. Reopen the dialog, and see that the certificate re-appeared. Worked in 7.2; fails since 7.3.
Reproduced Version: 24.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 676e0527d2f31556eccae314fbb12ce204f02ec7 CPU threads: 6; OS: Windows 10.0 Build 22621; UI render: Skia/Raster; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL threaded
Bibisected win64-7.3. Added Noel Grandin to cc. https://git.libreoffice.org/core/+/6ed8c5a0f19901ab413c6610649326b2475c3a8c ------------------------------ commit 6ed8c5a0f19901ab413c6610649326b2475c3a8c [log] author Noel Grandin <noelgrandin@gmail.com> Sun Jul 25 21:35:05 2021 +0200 committer Noel Grandin <noel.grandin@collabora.co.uk> Mon Jul 26 14:25:35 2021 +0200 tree 948037d1a61f9e88547b88e107ba6e8a306c3833 parent a23b44fd9f0119f7ea3523e32875f55c1a07c1cd [diff] ------------------------------ commit f68376ad88759493e19206f9e1dd9be0adc12697 Author: Norbert Thiebaud <nthiebaud@gmail.com> Date: Mon Jul 26 06:14:15 2021 -0700 source 6ed8c5a0f19901ab413c6610649326b2475c3a8c
I cannot get the test procedure to work, even when using a build from before my commit. I get a dialog saying "Execution of macros is disabled. Macros are signed, but the document (containing document events) is not signed" I click OK, and when I go to options, there is no certificate. But then I also see warning messages in the console, so no idea what is going on. warn:xmlsecurity.xmlsec:590448:590448:xmlsecurity/source/xmlsec/errorcallback.cxx:53: x509vfy.c:397: xmlSecNssGetCertName() '' 'CERT_AsciiToName' 4 'ascii="CN=TEST ROOT CA,O=COMPANY,OU=ORG,ST=DISTRICT,L=CITY,C=COUNTRY"; NSS error: -8185' warn:xmlsecurity.xmlsec:590448:590448:xmlsecurity/source/xmlsec/errorcallback.cxx:53: x509vfy.c:455: xmlSecNssX509FindCert() '' 'xmlSecNssGetCertName' 1 'issuer=CN=TEST ROOT CA, O=COMPANY, OU=ORG, ST=DISTRICT, L=CITY, C=COUNTRY' warn:xmlsecurity.comp:590448:590448:xmlsecurity/source/helper/xmlsignaturehelper.cxx:589: X509Data cannot be parsed warn:xmlsecurity.xmlsec:590448:590448:xmlsecurity/source/xmlsec/errorcallback.cxx:53: x509vfy.c:397: xmlSecNssGetCertName() '' 'CERT_AsciiToName' 4 'ascii="CN=TEST ROOT CA,O=COMPANY,OU=ORG,ST=DISTRICT,L=CITY,C=COUNTRY"; NSS error: -8185' warn:xmlsecurity.xmlsec:590448:590448:xmlsecurity/source/xmlsec/errorcallback.cxx:53: x509vfy.c:455: xmlSecNssX509FindCert() '' 'xmlSecNssGetCertName' 1 'issuer=CN=TEST ROOT CA, O=COMPANY, OU=ORG, ST=DISTRICT, L=CITY, C=COUNTRY' warn:xmlsecurity.comp:590448:590448:xmlsecurity/source/helper/xmlsignaturehelper.cxx:589: X509Data cannot be parsed
Aha, so I can reproduce this on Windows. On windows the xmlsecurity stuff seems to be happy with the certificate.
Noel Grandin committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/def8f7699661f3ca9d763b6bd5e81759cf5b4e12 tdf#158094 Can't remove trusted certificate in Macro Security It will be available in 24.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Noel Grandin committed a patch related to this issue. It has been pushed to "libreoffice-7-6": https://git.libreoffice.org/core/commit/e4e351a01898565ac9d4d01606074fc11b322456 tdf#158094 Can't remove trusted certificate in Macro Security It will be available in 7.6.4. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.