TDE core libraries
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

knewstuffsecure.cpp 8.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240
  1. /***************************************************************************
  2. knewstuffsecure.cpp - description
  3. -------------------
  4. begin : Tue Jun 22 12:19:55 2004
  5. copyright : (C) 2004, 2005 by Andras Mantia <amantia@kde.org>
  6. ***************************************************************************/
  7. /***************************************************************************
  8. * *
  9. * This program is free software; you can redistribute it and/or modify *
  10. * it under the terms of the GNU Library General Public License as *
  11. * published by the Free Software Foundation; version 2 of the License. *
  12. * *
  13. ***************************************************************************/
  14. //qt includes
  15. #include <tqfileinfo.h>
  16. //kde includes
  17. #include <tdeconfig.h>
  18. #include <kdebug.h>
  19. #include <tdeglobal.h>
  20. #include <tdeio/netaccess.h>
  21. #include <tdelocale.h>
  22. #include <tdemessagebox.h>
  23. #include <kstandarddirs.h>
  24. #include <ktar.h>
  25. #include <ktempdir.h>
  26. //app includes
  27. #include "engine.h"
  28. #include "knewstuffsecure.h"
  29. #include "security.h"
  30. using namespace KNS;
  31. TDENewStuffSecure::TDENewStuffSecure(const TQString &type, TQWidget *parentWidget)
  32. : TDENewStuff(type, parentWidget)
  33. {
  34. m_tempDir = 0L;
  35. connect(engine(), TQT_SIGNAL(uploadFinished(bool)), TQT_SLOT(slotUploadFinished(bool)));
  36. }
  37. TDENewStuffSecure::~TDENewStuffSecure()
  38. {
  39. removeTempDirectory();
  40. }
  41. bool TDENewStuffSecure::install(const TQString &fileName)
  42. {
  43. bool ok = true;
  44. removeTempDirectory();
  45. m_tempDir = new KTempDir();
  46. m_tempDir->setAutoDelete(true);
  47. KTar tar(fileName, "application/x-gzip");
  48. if (tar.open(IO_ReadOnly))
  49. {
  50. const KArchiveDirectory *directory = tar.directory();
  51. directory->copyTo(m_tempDir->name(), true);
  52. m_tarName = "";
  53. TQStringList entries = directory->entries();
  54. for (TQStringList::Iterator it = entries.begin(); it != entries.end(); ++it)
  55. {
  56. if (*it != "signature" && *it != "md5sum")
  57. {
  58. m_tarName = *it;
  59. break;
  60. }
  61. }
  62. tar.close();
  63. if (m_tarName.isEmpty())
  64. ok = false;
  65. else
  66. {
  67. m_tarName.prepend(m_tempDir->name());
  68. connect(Security::ref(), TQT_SIGNAL(validityResult(int)), this, TQT_SLOT(slotValidated(int)));
  69. Security::ref()->checkValidity(m_tarName);
  70. }
  71. } else
  72. ok = false;
  73. if (!ok)
  74. KMessageBox::error(parentWidget(), i18n("There was an error with the downloaded resource tarball file. Possible causes are damaged archive or invalid directory structure in the archive."), i18n("Resource Installation Error"));
  75. return ok;
  76. }
  77. void TDENewStuffSecure::slotValidated(int result)
  78. {
  79. TQString errorString;
  80. TQString signatureStr;
  81. bool valid = true;
  82. if (result == -1)
  83. {
  84. errorString ="<br>- " + i18n("No keys were found.");
  85. valid = false;
  86. } else
  87. if (result == 0)
  88. {
  89. errorString ="<br>- " + i18n("The validation failed for unknown reason.");
  90. valid = false;
  91. } else
  92. {
  93. KeyStruct key = Security::ref()->signatureKey();
  94. if (!(result & Security::MD5_OK ))
  95. {
  96. errorString = "<br>- " + i18n("The MD5SUM check failed, the archive might be broken.");
  97. valid = false;
  98. }
  99. if (result & Security::SIGNED_BAD)
  100. {
  101. errorString += "<br>- " + i18n("The signature is bad, the archive might be broken or altered.");
  102. valid = false;
  103. }
  104. if (result & Security::SIGNED_OK)
  105. {
  106. if (result & Security::TRUSTED)
  107. {
  108. kdDebug() << "Signed and trusted " << endl;
  109. } else
  110. {
  111. errorString += "<br>- " + i18n("The signature is valid, but untrusted.");
  112. valid = false;
  113. }
  114. }
  115. if (result & Security::UNKNOWN)
  116. {
  117. errorString += "<br>- " + i18n("The signature is unknown.");
  118. valid = false;
  119. } else
  120. {
  121. signatureStr = i18n("The resource was signed with key <i>0x%1</i>, belonging to <i>%2 &lt;%3&gt;</i>.").arg(key.id.right(8)).arg(key.name).arg(key.mail);
  122. }
  123. }
  124. if (!valid)
  125. {
  126. signatureStr.prepend( "<br>");
  127. if (KMessageBox::warningContinueCancel(parentWidget(), i18n("<qt>There is a problem with the resource file you have downloaded. The errors are :<b>%1</b><br>%2<br><br>Installation of the resource is <b>not recommended</b>.<br><br>Do you want to proceed with the installation?</qt>").arg(errorString).arg(signatureStr), i18n("Problematic Resource File")) == KMessageBox::Continue)
  128. valid = true;
  129. } else
  130. KMessageBox::information(parentWidget(), i18n("<qt>%1<br><br>Press OK to install it.</qt>").arg(signatureStr), i18n("Valid Resource"), "Show Valid Signature Information");
  131. if (valid)
  132. {
  133. installResource();
  134. emit installFinished();
  135. } else
  136. {
  137. TDEConfig *cfg = TDEGlobal::config();
  138. cfg->deleteGroup("TDENewStuffStatus");
  139. cfg->setGroup("TDENewStuffStatus");
  140. for (TQMap<TQString, TQString>::ConstIterator it = m_installedResources.constBegin(); it != m_installedResources.constEnd(); ++it)
  141. {
  142. cfg->writeEntry(it.key(), it.data());
  143. }
  144. cfg->sync();
  145. }
  146. removeTempDirectory();
  147. disconnect(Security::ref(), TQT_SIGNAL(validityResult(int)), this, TQT_SLOT(slotValidated(int)));
  148. }
  149. void TDENewStuffSecure::downloadResource()
  150. {
  151. TDEConfig *cfg = TDEGlobal::config();
  152. m_installedResources = cfg->entryMap("TDENewStuffStatus");
  153. engine()->ignoreInstallResult(true);
  154. TDENewStuff::download();
  155. }
  156. bool TDENewStuffSecure::createUploadFile(const TQString &fileName)
  157. {
  158. Q_UNUSED(fileName);
  159. return true;
  160. }
  161. void TDENewStuffSecure::uploadResource(const TQString& fileName)
  162. {
  163. connect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int)));
  164. removeTempDirectory();
  165. m_tempDir = new KTempDir();
  166. m_tempDir->setAutoDelete(true);
  167. TQFileInfo f(fileName);
  168. m_signedFileName = m_tempDir->name() + "/" + f.fileName();
  169. TDEIO::NetAccess::file_copy(KURL::fromPathOrURL(fileName), KURL::fromPathOrURL(m_signedFileName), -1, true);
  170. Security::ref()->signFile(m_signedFileName);
  171. }
  172. void TDENewStuffSecure::slotFileSigned(int result)
  173. {
  174. if (result == 0)
  175. {
  176. KMessageBox::error(parentWidget(), i18n("The signing failed for unknown reason."));
  177. } else
  178. {
  179. if (result & Security::BAD_PASSPHRASE)
  180. {
  181. if (KMessageBox::warningContinueCancel(parentWidget(), i18n("There are no keys usable for signing or you did not entered the correct passphrase.\nProceed without signing the resource?")) == KMessageBox::Cancel)
  182. {
  183. disconnect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int)));
  184. removeTempDirectory();
  185. return;
  186. }
  187. }
  188. KTar tar(m_signedFileName + ".signed", "application/x-gzip");
  189. tar.open(IO_WriteOnly);
  190. TQStringList files;
  191. files << m_signedFileName;
  192. files << m_tempDir->name() + "/md5sum";
  193. files << m_tempDir->name() + "/signature";
  194. for (TQStringList::Iterator it_f = files.begin(); it_f != files.end(); ++it_f)
  195. {
  196. TQFile file(*it_f);
  197. file.open(IO_ReadOnly);
  198. TQByteArray bArray = file.readAll();
  199. tar.writeFile(TQFileInfo(file).fileName(), "user", "group", bArray.size(), bArray.data());
  200. file.close();
  201. }
  202. tar.close();
  203. TDEIO::NetAccess::file_move(KURL::fromPathOrURL(m_signedFileName + ".signed"), KURL::fromPathOrURL(m_signedFileName), -1, true);
  204. TDENewStuff::upload(m_signedFileName, TQString::null);
  205. disconnect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int)));
  206. }
  207. }
  208. void TDENewStuffSecure::slotUploadFinished(bool result)
  209. {
  210. Q_UNUSED(result);
  211. removeTempDirectory();
  212. }
  213. void TDENewStuffSecure::removeTempDirectory()
  214. {
  215. if (m_tempDir)
  216. {
  217. TDEIO::NetAccess::del(KURL().fromPathOrURL(m_tempDir->name()), parentWidget());
  218. delete m_tempDir;
  219. m_tempDir = 0L;
  220. }
  221. }
  222. #include "knewstuffsecure.moc"