/*************************************************************************** knewstuffsecure.cpp - description ------------------- begin : Tue Jun 22 12:19:55 2004 copyright : (C) 2004, 2005 by Andras Mantia <amantia@kde.org> ***************************************************************************/ /*************************************************************************** * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU Library General Public License as * * published by the Free Software Foundation; version 2 of the License. * * * ***************************************************************************/ //qt includes #include <tqfileinfo.h> //kde includes #include <kconfig.h> #include <kdebug.h> #include <kglobal.h> #include <kio/netaccess.h> #include <klocale.h> #include <kmessagebox.h> #include <kstandarddirs.h> #include <ktar.h> #include <ktempdir.h> //app includes #include "engine.h" #include "knewstuffsecure.h" #include "security.h" using namespace KNS; KNewStuffSecure::KNewStuffSecure(const TQString &type, TQWidget *parentWidget) : KNewStuff(type, parentWidget) { m_tempDir = 0L; connect(engine(), TQT_SIGNAL(uploadFinished(bool)), TQT_SLOT(slotUploadFinished(bool))); } KNewStuffSecure::~KNewStuffSecure() { removeTempDirectory(); } bool KNewStuffSecure::install(const TQString &fileName) { bool ok = true; removeTempDirectory(); m_tempDir = new KTempDir(); m_tempDir->setAutoDelete(true); KTar tar(fileName, "application/x-gzip"); if (tar.open(IO_ReadOnly)) { const KArchiveDirectory *directory = tar.directory(); directory->copyTo(m_tempDir->name(), true); m_tarName = ""; TQStringList entries = directory->entries(); for (TQStringList::Iterator it = entries.begin(); it != entries.end(); ++it) { if (*it != "signature" && *it != "md5sum") { m_tarName = *it; break; } } tar.close(); if (m_tarName.isEmpty()) ok = false; else { m_tarName.prepend(m_tempDir->name()); connect(Security::ref(), TQT_SIGNAL(validityResult(int)), this, TQT_SLOT(slotValidated(int))); Security::ref()->checkValidity(m_tarName); } } else ok = false; if (!ok) KMessageBox::error(parentWidget(), i18n("There was an error with the downloaded resource tarball file. Possible causes are damaged archive or invalid directory structure in the archive."), i18n("Resource Installation Error")); return ok; } void KNewStuffSecure::slotValidated(int result) { TQString errorString; TQString signatureStr; bool valid = true; if (result == -1) { errorString ="<br>- " + i18n("No keys were found."); valid = false; } else if (result == 0) { errorString ="<br>- " + i18n("The validation failed for unknown reason."); valid = false; } else { KeyStruct key = Security::ref()->signatureKey(); if (!(result & Security::MD5_OK )) { errorString = "<br>- " + i18n("The MD5SUM check failed, the archive might be broken."); valid = false; } if (result & Security::SIGNED_BAD) { errorString += "<br>- " + i18n("The signature is bad, the archive might be broken or altered."); valid = false; } if (result & Security::SIGNED_OK) { if (result & Security::TRUSTED) { kdDebug() << "Signed and trusted " << endl; } else { errorString += "<br>- " + i18n("The signature is valid, but untrusted."); valid = false; } } if (result & Security::UNKNOWN) { errorString += "<br>- " + i18n("The signature is unknown."); valid = false; } else { signatureStr = i18n("The resource was signed with key <i>0x%1</i>, belonging to <i>%2 <%3></i>.").arg(key.id.right(8)).arg(key.name).arg(key.mail); } } if (!valid) { signatureStr.prepend( "<br>"); if (KMessageBox::warningContinueCancel(parentWidget(), i18n("<qt>There is a problem with the resource file you have downloaded. The errors are :<b>%1</b><br>%2<br><br>Installation of the resource is <b>not recommended</b>.<br><br>Do you want to proceed with the installation?</qt>").arg(errorString).arg(signatureStr), i18n("Problematic Resource File")) == KMessageBox::Continue) valid = true; } else KMessageBox::information(parentWidget(), i18n("<qt>%1<br><br>Press OK to install it.</qt>").arg(signatureStr), i18n("Valid Resource"), "Show Valid Signature Information"); if (valid) { installResource(); emit installFinished(); } else { KConfig *cfg = KGlobal::config(); cfg->deleteGroup("KNewStuffStatus"); cfg->setGroup("KNewStuffStatus"); for (TQMap<TQString, TQString>::ConstIterator it = m_installedResources.constBegin(); it != m_installedResources.constEnd(); ++it) { cfg->writeEntry(it.key(), it.data()); } cfg->sync(); } removeTempDirectory(); disconnect(Security::ref(), TQT_SIGNAL(validityResult(int)), this, TQT_SLOT(slotValidated(int))); } void KNewStuffSecure::downloadResource() { KConfig *cfg = KGlobal::config(); m_installedResources = cfg->entryMap("KNewStuffStatus"); engine()->ignoreInstallResult(true); KNewStuff::download(); } bool KNewStuffSecure::createUploadFile(const TQString &fileName) { Q_UNUSED(fileName); return true; } void KNewStuffSecure::uploadResource(const TQString& fileName) { connect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int))); removeTempDirectory(); m_tempDir = new KTempDir(); m_tempDir->setAutoDelete(true); TQFileInfo f(fileName); m_signedFileName = m_tempDir->name() + "/" + f.fileName(); KIO::NetAccess::file_copy(KURL::fromPathOrURL(fileName), KURL::fromPathOrURL(m_signedFileName), -1, true); Security::ref()->signFile(m_signedFileName); } void KNewStuffSecure::slotFileSigned(int result) { if (result == 0) { KMessageBox::error(parentWidget(), i18n("The signing failed for unknown reason.")); } else { if (result & Security::BAD_PASSPHRASE) { if (KMessageBox::warningContinueCancel(parentWidget(), i18n("There are no keys usable for signing or you did not entered the correct passphrase.\nProceed without signing the resource?")) == KMessageBox::Cancel) { disconnect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int))); removeTempDirectory(); return; } } KTar tar(m_signedFileName + ".signed", "application/x-gzip"); tar.open(IO_WriteOnly); TQStringList files; files << m_signedFileName; files << m_tempDir->name() + "/md5sum"; files << m_tempDir->name() + "/signature"; for (TQStringList::Iterator it_f = files.begin(); it_f != files.end(); ++it_f) { TQFile file(*it_f); file.open(IO_ReadOnly); TQByteArray bArray = file.readAll(); tar.writeFile(TQFileInfo(file).fileName(), "user", "group", bArray.size(), bArray.data()); file.close(); } tar.close(); KIO::NetAccess::file_move(KURL::fromPathOrURL(m_signedFileName + ".signed"), KURL::fromPathOrURL(m_signedFileName), -1, true); KNewStuff::upload(m_signedFileName, TQString::null); disconnect(Security::ref(), TQT_SIGNAL(fileSigned(int)), this, TQT_SLOT(slotFileSigned(int))); } } void KNewStuffSecure::slotUploadFinished(bool result) { Q_UNUSED(result); removeTempDirectory(); } void KNewStuffSecure::removeTempDirectory() { if (m_tempDir) { KIO::NetAccess::del(KURL().fromPathOrURL(m_tempDir->name()), parentWidget()); delete m_tempDir; m_tempDir = 0L; } } #include "knewstuffsecure.moc"