core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objstor.cxx |3 -
xmlsecurity/qa/unit/signing/signing2.cxx | 58 ---
2 files changed, 31 insertions(+), 30 deletions(-)
New commits:
commit d0dcd87788910e3c9f67a2b68534019c05b77bad
Author: Thorsten Behrens
AuthorDate: Mon Jan 15 00:26:02 2024 +0100
Commit: Thorsten Behrens
CommitDate: Tue Jan 23 21:41:03 2024 +0100
Make wholesome ODF package encryption the default
Change-Id: I825ae7a5e4b80d390804a7bb2cfdfc3b1843bd07
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162066
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens
diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx
index 854389ae31be..27fb68c83f87 100644
--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -170,8 +170,7 @@ bool SfxObjectShell::QuerySlotExecutable( sal_uInt16
/*nSlotId*/ )
static bool UseODFWholesomeEncryption(SvtSaveOptions::ODFSaneDefaultVersion
const nODFVersion)
{
-return nODFVersion == SvtSaveOptions::ODFSVER_LATEST_EXTENDED
-&& officecfg::Office::Common::Misc::ExperimentalMode::get();
+return nODFVersion == SvtSaveOptions::ODFSVER_LATEST_EXTENDED;
}
bool GetEncryptionData_Impl( const SfxItemSet* pSet, uno::Sequence<
beans::NamedValue >& o_rEncryptionData )
diff --git a/xmlsecurity/qa/unit/signing/signing2.cxx
b/xmlsecurity/qa/unit/signing/signing2.cxx
index 71e887df236a..dd6f9e09a83d 100644
--- a/xmlsecurity/qa/unit/signing/signing2.cxx
+++ b/xmlsecurity/qa/unit/signing/signing2.cxx
@@ -128,9 +128,21 @@ CPPUNIT_TEST_FIXTURE(SigningTest2,
testPasswordPreserveMacroSignatureODF13)
CPPUNIT_ASSERT_EQUAL(SignatureState::OK,
pObjectShell->GetScriptingSignatureState());
}
-saveAndReload("writer8", "password");
{
-// test standard ODF 1.2/1.3/1.4 encryption
+// test the old, standard ODF 1.2/1.3/1.4 encryption
+Resetter resetter([]() {
+std::shared_ptr pBatch(
+comphelper::ConfigurationChanges::create());
+officecfg::Office::Common::Save::ODF::DefaultVersion::set(3,
pBatch);
+return pBatch->commit();
+});
+std::shared_ptr pBatch(
+comphelper::ConfigurationChanges::create());
+officecfg::Office::Common::Save::ODF::DefaultVersion::set(10, pBatch);
+pBatch->commit();
+
+saveAndReload("writer8", "password");
+
xmlDocUniquePtr pXmlDoc = parseExport("META-INF/manifest.xml");
assertXPath(pXmlDoc, "/manifest:manifest"_ostr, "version"_ostr, "1.3");
assertXPath(pXmlDoc,
"/manifest:manifest/manifest:file-entry[@manifest:size != '0']"_ostr,
@@ -174,18 +186,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest2,
testPasswordPreserveMacroSignatureODF13)
}
{
-Resetter resetter([]() {
-std::shared_ptr pBatch(
-comphelper::ConfigurationChanges::create());
-officecfg::Office::Common::Misc::ExperimentalMode::set(false,
pBatch);
-return pBatch->commit();
-});
-std::shared_ptr pBatch(
-comphelper::ConfigurationChanges::create());
-officecfg::Office::Common::Misc::ExperimentalMode::set(true, pBatch);
-pBatch->commit();
-
-// store it experimental - reload
+// store it with new wholesome ODF extended encryption - reload
saveAndReload("writer8", "password");
// test wholesome ODF extended encryption
@@ -253,18 +254,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest2,
testPasswordPreserveMacroSignatureODFWholesom
}
{
-Resetter resetter([]() {
-std::shared_ptr pBatch(
-comphelper::ConfigurationChanges::create());
-officecfg::Office::Common::Misc::ExperimentalMode::set(false,
pBatch);
-return pBatch->commit();
-});
-std::shared_ptr pBatch(
-comphelper::ConfigurationChanges::create());
-officecfg::Office::Common::Misc::ExperimentalMode::set(true, pBatch);
-pBatch->commit();
-
-// store it experimental - reload
+// store it with new wholesome ODF extended encryption - reload
saveAndReload("writer8", "password");
// test wholesome ODF extended encryption
@@ -321,9 +311,21 @@ CPPUNIT_TEST_FIXTURE(SigningTest2,
testPasswordPreserveMacroSignatureODFWholesom
CPPUNIT_ASSERT_EQUAL(SignatureState::OK,
pObjectShell->GetScriptingSignatureState());
}
-saveAndReload("writer8", "password");
{
-// test standard ODF 1.2/1.3/1.4 encryption
+// test the old, standard ODF 1.2/1.3/1.4 encryption
+Resetter resetter([]() {
+std::shared_ptr pBatch(
+comphelper::ConfigurationChanges::create());
+officecfg::Office::Common::Save::ODF::DefaultVersion::set(3,
pBatch);
+return pBatch->commit();
+});
+std::shared_ptr pBatch(
+
[Libreoffice-commits] core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objmisc.cxx |3 +++
xmlsecurity/qa/unit/signing/signing.cxx | 30 ++
2 files changed, 9 insertions(+), 24 deletions(-)
New commits:
commit 929d46bbf42aefc1f6cf046c2b9cf3d7c4e1efc5
Author: Jan-Marek Glogowski
AuthorDate: Thu Mar 12 18:07:48 2020 +0100
Commit: Thorsten Behrens
CommitDate: Fri Mar 13 00:37:46 2020 +0100
tdf#42316 always evaluate macro signatures on load
As already stated in the comments of the signing unit tests,
disabling macro security will not only ignore the signatures, but
actually drop the macro signature, as these are never evaluated
and as a result can't be restored for the new document.
Change-Id: Ie41a9e72d3367c2eed58a52387bb67d8c41abff3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90435
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 0f155cc7e4f9..43a5f5b10800 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -928,6 +928,9 @@ void SfxObjectShell::BreakMacroSign_Impl( bool
bBreakMacroSign )
void SfxObjectShell::CheckSecurityOnLoading_Impl()
{
+// make sure LO evaluates the macro signatures, so it can be preserved
+GetScriptingSignatureState();
+
uno::Reference< task::XInteractionHandler > xInteraction;
if ( GetMedium() )
xInteraction = GetMedium()->GetInteractionHandler();
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx
b/xmlsecurity/qa/unit/signing/signing.cxx
index 5a3cdb55f608..2609ae91cd24 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -1009,15 +1009,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest,
testPreserveMacroTemplateSignature12_ODF)
ODFVER_012_TEXT);
// create new document from template
-// we can't use createDoc / MacrosTest::loadFromDesktop, because
ALWAYS_EXECUTE_NO_WARN
-// won't verify the signature for templates, so the resulting document
won't be able to
-// preserve the templates signature.
mxComponent->dispose();
-mxComponent = mxDesktop->loadComponentFromURL(
-aURL, "_default", 0,
-comphelper::InitPropertySequence(
-{ { "MacroExecutionMode",
-
uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } }));
+mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0,
+
uno::Sequence(0));
CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage,
RTL_TEXTENCODING_UTF8).getStr(),
mxComponent.is());
@@ -1119,15 +1113,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest,
testDropMacroTemplateSignature)
SignatureState::NOTVALIDATED, OUString());
// create new document from template
-// we can't use createDoc / MacrosTest::loadFromDesktop, because
ALWAYS_EXECUTE_NO_WARN
-// won't verify the signature for templates, so the resulting document
won't be able to
-// preserve the templates signature.
mxComponent->dispose();
-mxComponent = mxDesktop->loadComponentFromURL(
-aURL, "_default", 0,
-comphelper::InitPropertySequence(
-{ { "MacroExecutionMode",
-
uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } }));
+mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0,
+
uno::Sequence(0));
CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage,
RTL_TEXTENCODING_UTF8).getStr(),
mxComponent.is());
@@ -1252,15 +1240,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest,
testPreserveMacroTemplateSignature10)
SignatureState::NOTVALIDATED, OUString());
// create new document from template
-// we can't use createDoc / MacrosTest::loadFromDesktop, because
ALWAYS_EXECUTE_NO_WARN
-// won't verify the signature for templates, so the resulting document
won't be able to
-// preserve the templates signature.
mxComponent->dispose();
-mxComponent = mxDesktop->loadComponentFromURL(
-aURL, "_default", 0,
-comphelper::InitPropertySequence(
-{ { "MacroExecutionMode",
-
uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } }));
+mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0,
+
uno::Sequence(0));
CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage,
RTL_TEXTENCODING_UTF8).getStr(),
mxComponent.is());
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objstor.cxx | 15 +-
xmlsecurity/qa/unit/signing/signing.cxx | 181
2 files changed, 174 insertions(+), 22 deletions(-)
New commits:
commit 4aa6e2cb2245eddab87fb451add94159a7604246
Author: Jan-Marek Glogowski
AuthorDate: Fri Oct 11 13:09:59 2019 +0200
Commit: Samuel Mehrbrodt
CommitDate: Wed Oct 16 13:44:17 2019 +0200
tdf#42316 handle saving to template filters
This extends the filter comparison from commit c3a1c83ff5af
("tdf#42316 preserve macro signature of templates").
The original patch just stripped "_template" from the source
filter to find equal document types, which just enables the
"template => document" case. This patch also strips the
"_template" from the target filter, which fixes the "document
or template => template" cases.
This also extends the signing save tests:
* OTT 1.2 => OTT 1.2 - preserve
* ODT 1.2 => OTT 1.2 - preserve
* OTT 1.0 => OTT 1.0 - preserve
* ODT 1.0 => OTT 1.0 - preserve
* OTT 1.0 => OTT 1.2 - drop
Change-Id: Ie297258a4d9f9aa4beb25786c6ba240b6f16f49b
Reviewed-on: https://gerrit.libreoffice.org/80654
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt
diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx
index 5dfcd6829df5..901432384ac2 100644
--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -1089,6 +1089,15 @@ private:
};
}
+static OUString lcl_strip_template(const OUString )
+{
+static const OUString sPostfix("_template");
+OUString sRes(aString);
+if (sRes.endsWith(sPostfix))
+sRes = sRes.copy(0, sRes.getLength() - sPostfix.getLength());
+return sRes;
+}
+
bool SfxObjectShell::SaveTo_Impl
(
SfxMedium , // Medium, in which it will be stored
@@ -1168,10 +1177,8 @@ bool SfxObjectShell::SaveTo_Impl
// preserve only if the same filter has been used
// for templates, strip the _template from the filter name for
comparison
-OUString aMediumFilter = pMedium->GetFilter()->GetFilterName();
-if (aMediumFilter.endsWith("_template"))
-aMediumFilter = aMediumFilter.copy(0,
aMediumFilter.getLength() - 9);
-bTryToPreserveScriptSignature = pMedium->GetFilter() && pFilter &&
aMediumFilter == pFilter->GetFilterName();
+const OUString aMediumFilter =
lcl_strip_template(pMedium->GetFilter()->GetFilterName());
+bTryToPreserveScriptSignature = pMedium->GetFilter() && pFilter &&
aMediumFilter == lcl_strip_template(pFilter->GetFilterName());
// signatures were specified in ODF 1.2 but were used since much
longer.
// LO will still correctly validate an old style signature on an
ODF 1.2
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx
b/xmlsecurity/qa/unit/signing/signing.cxx
index 982e06523c64..f2039b609e7e 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -995,7 +995,7 @@ SfxObjectShell* SigningTest::assertDocument(const
::CppUnit::SourceLine aSrcLine
}
/// Test if a macro signature from a OTT 1.2 template is preserved for ODT 1.2
-CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12)
+CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12_ODF)
{
const OUString aURL(m_directories.getURLFromSrc(DATA_DIRECTORY) +
"tdf42316_odt12.ott");
const OUString sLoadMessage = "loading failed: " + aURL;
@@ -1009,12 +1009,12 @@ CPPUNIT_TEST_FIXTURE(SigningTest,
testPreserveMacroTemplateSignature12)
// we are a template, and have a valid document and macro signature
assertDocument(CPPUNIT_SOURCELINE(), "writer8_template",
SignatureState::OK, SignatureState::OK,
ODFVER_012_TEXT);
-mxComponent->dispose();
// create new document from template
// we can't use createDoc / MacrosTest::loadFromDesktop, because
ALWAYS_EXECUTE_NO_WARN
// won't verify the signature for templates, so the resulting document
won't be able to
// preserve the templates signature.
+mxComponent->dispose();
mxComponent = mxDesktop->loadComponentFromURL(
aURL, "_default", 0,
comphelper::InitPropertySequence(
@@ -1028,26 +1028,80 @@ CPPUNIT_TEST_FIXTURE(SigningTest,
testPreserveMacroTemplateSignature12)
SignatureState::OK, ODFVER_012_TEXT);
// save as new ODT document
-utl::TempFile aTempFileSaveAs;
-aTempFileSaveAs.EnableKillingFile();
+utl::TempFile aTempFileSaveAsODT;
+aTempFileSaveAsODT.EnableKillingFile();
try
{
uno::Reference xDocStorable(mxComponent,
uno::UNO_QUERY);
uno::Sequence descSaveAs(
comphelper::InitPropertySequence({ { "FilterName",
uno::Any(OUString("writer8")) } }));
-xDocStorable->storeAsURL(aTempFileSaveAs.GetURL(), descSaveAs);
+
