sfx2/source/doc/docmacromode.cxx | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)
New commits: commit 766c2928ab1c9b773c4973c641a0b021c91f3026 Author: Mike Kaganski <[email protected]> AuthorDate: Tue Nov 7 13:38:33 2023 +0300 Commit: Miklos Vajna <[email protected]> CommitDate: Mon Nov 13 09:27:12 2023 +0100 Add a description comment Basically describing commit 71c6f438cecc3ce5e8060efe1df840652885701c (tdf#129311 don't allow temporary trusted certs, 2019-12-17). Change-Id: I4d947014b09412638560e9249f242cf6ff222cc2 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159069 Tested-by: Jenkins Reviewed-by: Mike Kaganski <[email protected]> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159266 Reviewed-by: Miklos Vajna <[email protected]> diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index 89bd7f5d3bfb..1df7fea87a54 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -189,6 +189,13 @@ namespace sfx2 // check whether the document is signed with trusted certificate if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) { + // At this point, the possible values of nMacroExecutionMode are: ALWAYS_EXECUTE, + // FROM_LIST_AND_SIGNED_WARN (the default), FROM_LIST_AND_SIGNED_NO_WARN. + // ALWAYS_EXECUTE corresponds to the Medium security level; it should ask for + // confirmation when macros are unsigned or untrusted. FROM_LIST_AND_SIGNED_NO_WARN + // should not ask any confirmations. FROM_LIST_AND_SIGNED_WARN should only allow + // trusted signed macros at this point; so it may only ask for confirmation to add + // certificates to trusted, and shouldn't show UI when trusted list is read-only. // the trusted macro check will also retrieve the signature state ( small optimization ) const bool bAllowUI = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE commit 7ad484bbc3f8704989655627e9004eed2020fb8d Author: Mike Kaganski <[email protected]> AuthorDate: Tue Nov 7 10:55:48 2023 +0300 Commit: Miklos Vajna <[email protected]> CommitDate: Mon Nov 13 09:26:58 2023 +0100 Rename variable: The UI is not only to "add" author (i.e., modify config) It is mainly to allow macro execution for this unknown certificate once. The UI will even disable the option to add, when the config is read-only. Change-Id: Iebc526c23572dc7c0e94fac79fafc8b402d451c3 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159051 Tested-by: Jenkins Reviewed-by: Mike Kaganski <[email protected]> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159265 Reviewed-by: Miklos Vajna <[email protected]> diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index 07a7978cc76e..89bd7f5d3bfb 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -190,10 +190,10 @@ namespace sfx2 if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) { // the trusted macro check will also retrieve the signature state ( small optimization ) - const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN + const bool bAllowUI = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE || !SvtSecurityOptions::IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)); - const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor); + const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUI); SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState(); if ( nSignatureState == SignatureState::BROKEN )
