loolwsd/LOOLSession.cpp | 3 +++ loolwsd/LOOLWSD.cpp | 46 ++++++++++++++++++++++++++++++++++++++++++++++ loolwsd/configure.ac | 4 ++-- loolwsd/loolwsd.spec.in | 2 +- 4 files changed, 52 insertions(+), 3 deletions(-)
New commits: commit abaea1ef5e68ad1b61ddb0e3e5a15c3522535081 Author: Tor Lillqvist <[email protected]> Date: Fri Jun 19 00:43:09 2015 +0300 Bump version after tarball diff --git a/loolwsd/configure.ac b/loolwsd/configure.ac index c90b3b7..7404519 100644 --- a/loolwsd/configure.ac +++ b/loolwsd/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.69]) -AC_INIT([loolwsd], [1.0.42], [[email protected]]) +AC_INIT([loolwsd], [1.0.43], [[email protected]]) AM_INIT_AUTOMAKE([1.11 silent-rules]) commit 9b6c268d1870c91b65acc19697d3db442987a325 Author: Tor Lillqvist <[email protected]> Date: Thu Jun 18 22:38:41 2015 +0300 Bump version for tarball diff --git a/loolwsd/configure.ac b/loolwsd/configure.ac index 4b8c734..c90b3b7 100644 --- a/loolwsd/configure.ac +++ b/loolwsd/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.69]) -AC_INIT([loolwsd], [1.0.41], [[email protected]]) +AC_INIT([loolwsd], [1.0.42], [[email protected]]) AM_INIT_AUTOMAKE([1.11 silent-rules]) commit de7f4e14d3d9cbed6c97f9128fb87397b064ecb6 Author: Tor Lillqvist <[email protected]> Date: Thu Jun 18 22:06:04 2015 +0300 Support https, too More complicated than expected, even if the actual code added are not many lines. Figuring out the exact Poco code needed to initialise Poco's OpenSSL bits the right way was confusing. Which is odd, one would thing that it would be a most common use case for OpenSSL, to be able to download documents over https, and that there would be some trivial way to tell Poco to do set things up for that. diff --git a/loolwsd/LOOLSession.cpp b/loolwsd/LOOLSession.cpp index a485482..d151a7f 100644 --- a/loolwsd/LOOLSession.cpp +++ b/loolwsd/LOOLSession.cpp @@ -30,6 +30,7 @@ #include <Poco/Exception.h> #include <Poco/File.h> +#include <Poco/Net/HTTPSStreamFactory.h> #include <Poco/Net/HTTPStreamFactory.h> #include <Poco/Net/WebSocket.h> #include <Poco/Path.h> @@ -54,6 +55,7 @@ using namespace LOOLProtocol; using Poco::File; using Poco::IOException; +using Poco::Net::HTTPSStreamFactory; using Poco::Net::HTTPStreamFactory; using Poco::Net::WebSocket; using Poco::Path; @@ -594,6 +596,7 @@ void MasterProcessSession::dispatchChild() URIStreamOpener opener; opener.registerStreamFactory("http", new HTTPStreamFactory()); + opener.registerStreamFactory("https", new HTTPSStreamFactory()); try { std::istream *input = opener.open(_docURL); diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp index f654612..cd08877 100644 --- a/loolwsd/LOOLWSD.cpp +++ b/loolwsd/LOOLWSD.cpp @@ -60,6 +60,7 @@ DEALINGS IN THE SOFTWARE. #include <Poco/Exception.h> #include <Poco/File.h> +#include <Poco/Net/Context.h> #include <Poco/Net/HTTPClientSession.h> #include <Poco/Net/HTTPRequest.h> #include <Poco/Net/HTTPRequestHandler.h> @@ -69,12 +70,18 @@ DEALINGS IN THE SOFTWARE. #include <Poco/Net/HTTPServerParams.h> #include <Poco/Net/HTTPServerRequest.h> #include <Poco/Net/HTTPServerResponse.h> +#include <Poco/Net/InvalidCertificateHandler.h> #include <Poco/Net/NetException.h> +#include <Poco/Net/PrivateKeyFactory.h> +#include <Poco/Net/PrivateKeyPassphraseHandler.h> +#include <Poco/Net/RejectCertificateHandler.h> #include <Poco/Net/ServerSocket.h> #include <Poco/Net/SocketAddress.h> +#include <Poco/Net/SSLManager.h> #include <Poco/Net/WebSocket.h> #include <Poco/Path.h> #include <Poco/Process.h> +#include <Poco/SharedPtr.h> #include <Poco/StringTokenizer.h> #include <Poco/ThreadPool.h> #include <Poco/Util/HelpFormatter.h> @@ -94,6 +101,7 @@ using namespace LOOLProtocol; using Poco::Exception; using Poco::File; using Poco::IOException; +using Poco::Net::Context; using Poco::Net::HTTPClientSession; using Poco::Net::HTTPRequest; using Poco::Net::HTTPRequestHandler; @@ -103,13 +111,21 @@ using Poco::Net::HTTPServer; using Poco::Net::HTTPServerParams; using Poco::Net::HTTPServerRequest; using Poco::Net::HTTPServerResponse; +using Poco::Net::InvalidCertificateHandler; +using Poco::Net::PrivateKeyFactory; +using Poco::Net::PrivateKeyFactoryImpl; +using Poco::Net::PrivateKeyPassphraseHandler; +using Poco::Net::RejectCertificateHandler; using Poco::Net::ServerSocket; using Poco::Net::SocketAddress; +using Poco::Net::SSLManager; +using Poco::Net::SocketAddress; using Poco::Net::WebSocket; using Poco::Net::WebSocketException; using Poco::Path; using Poco::Process; using Poco::Runnable; +using Poco::SharedPtr; using Poco::StringTokenizer; using Poco::Thread; using Poco::ThreadPool; @@ -457,6 +473,23 @@ public: } }; +class NoKeyHandler : public PrivateKeyPassphraseHandler +{ +public: + NoKeyHandler(bool server) : + PrivateKeyPassphraseHandler(server) + { + } + + ~NoKeyHandler() + { + } + + void onPrivateKeyRequested(const void* pSender, std::string& privateKey) override + { + } +}; + int LOOLWSD::portNumber = DEFAULT_CLIENT_PORT_NUMBER; std::string LOOLWSD::cache = LOOLWSD_CACHEDIR; std::string LOOLWSD::sysTemplate; @@ -817,6 +850,19 @@ int LOOLWSD::main(const std::vector<std::string>& args) dropCapability(); #endif + SSLManager::instance().privateKeyFactoryMgr().setFactory("NoKeyHandler", new PrivateKeyFactoryImpl<NoKeyHandler>()); + + // Why does this have to be so complocated, couldn't there be some simple way to get these + // settings as defaults, one wonders... + + // We want no console interaction, invalid certificates to be rejected, to be an SSL client, use + // default certificates from OpenSSL. This is based on the example in the documentation from Context::Context() + + SharedPtr<PrivateKeyPassphraseHandler> passphraseHandler = new NoKeyHandler(false); + SharedPtr<InvalidCertificateHandler> invalidCertificateHandler = new RejectCertificateHandler(false); + Context::Ptr context = new Context(Context::CLIENT_USE, "", "", "", Context::VERIFY_RELAXED, 9, true); + SSLManager::instance().initializeClient(passphraseHandler, invalidCertificateHandler, context); + if (access(cache.c_str(), R_OK | W_OK | X_OK) != 0) { std::cout << "Unable to access " << cache << diff --git a/loolwsd/configure.ac b/loolwsd/configure.ac index f43e352..4b8c734 100644 --- a/loolwsd/configure.ac +++ b/loolwsd/configure.ac @@ -95,7 +95,7 @@ AS_IF([test `uname -s` = Linux], [], [AC_MSG_ERROR([libcap not available?])])]) -LIBS="$LIBS -lPocoNet${POCO_DEBUG_SUFFIX} -lPocoUtil${POCO_DEBUG_SUFFIX} -lPocoXML${POCO_DEBUG_SUFFIX} -lPocoJSON${POCO_DEBUG_SUFFIX} -lPocoFoundation${POCO_DEBUG_SUFFIX}" +LIBS="$LIBS -lPocoNetSSL${POCO_DEBUG_SUFFIX} -lPocoNet${POCO_DEBUG_SUFFIX} -lPocoCrypto${POCO_DEBUG_SUFFIX} -lPocoUtil${POCO_DEBUG_SUFFIX} -lPocoXML${POCO_DEBUG_SUFFIX} -lPocoJSON${POCO_DEBUG_SUFFIX} -lPocoFoundation${POCO_DEBUG_SUFFIX}" AC_CHECK_HEADERS([LibreOfficeKit/LibreOfficeKit.h], [], diff --git a/loolwsd/loolwsd.spec.in b/loolwsd/loolwsd.spec.in index 7b5404f..88b0ac0 100644 --- a/loolwsd/loolwsd.spec.in +++ b/loolwsd/loolwsd.spec.in @@ -26,7 +26,7 @@ BuildRequires: libcap-progs libcap-devel libpng-devel poco-devel >= 1.6.0 syste # This works for now only with a CP build of 5.0, I think. The TDF # (and thus also CP) packages include the version number in their # names. How clever is that? So we need to specify one. -Requires: libcap libcap-progs libpng libPocoFoundation30 >= 1.6.0 libPocoNet30 >= 1.6.0 libreoffice5.0 libreoffice5.0-en-US libreoffice5.0-ure libobasis5.0-core libobasis5.0-writer libobasis5.0-impress libobasis5.0-graphicfilter libobasis5.0-en-US libobasis5.0-calc libobasis5.0-en-US-res libobasis5.0-en-US-calc libobasis5.0-ooofonts libobasis5.0-images libobasis5.0-filter-data libobasis5.0-draw libobasis5.0-base libobasis5.0-en-US-writer libobasis5.0-en-US-math libobasis5.0-en-US-base Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 cups-libs dbus-1-glib fontconfig libbz2-1 libcairo2 libdrm2 libexpat1 libfreetype6 libgbm1 libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 liblzma5 libpcre1 libpixman-1-0 libpng16-16 libuuid1 libxml2-2 %{?systemd_requires} %{fillup_prereq} +Requires: libcap libcap-progs libpng libPocoFoundation30 >= 1.6.0 libPocoNet30 >= 1.6.0 libPocoNetSSL30 >= 1.6.0 libreoffice5.0 libreoffice5.0-en-US libreoffice5.0-ure libobasis5.0-core libobasis5.0-writer libobasis5.0-impress libobasis5.0-graphicfilter libobasis5.0-en-US libobasis5.0-calc libobasis5.0-en-US-res libobasis5.0-en-US-calc libobasis5.0-ooofonts libobasis5.0-images libobasis5.0-filter-data libobasis5.0-draw libobasis5.0-base libobasis5.0-en-US-writer libobasis5.0-en-US-math libobasis5.0-en-US-base Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 cups-libs dbus-1-glib fontconfig libbz2-1 libcairo2 libdrm2 libexpat1 libfreetype6 libgbm1 libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 liblzma5 libpcre1 libpixman-1-0 libpng16-16 libuuid1 libxml2-2 %{?systemd_requires} %{fillup_prereq} %define owner lool %define group lool _______________________________________________ Libreoffice-commits mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
