sfx2/source/doc/docmacromode.cxx | 16 +++++++++-------
sfx2/source/doc/objmisc.cxx | 24 ++++++++++++------------
2 files changed, 21 insertions(+), 19 deletions(-)
New commits:
commit 8fc4b8697b5ce487089069b76110c00660709290
Author: Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Wed Nov 8 14:11:24 2023 +0300
Commit: Mike Kaganski <mike.kagan...@collabora.com>
CommitDate: Thu Nov 9 07:20:58 2023 +0100
Only create xSigner when necessary
Change-Id: I4136c2ced3be445b6e763aa20856fec3792cdcb4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159154
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index dbd8c5ea059b..bf9c67d7d910 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1854,22 +1854,22 @@ bool SfxObjectShell_Impl::hasTrustedScriptingSignature(
try
{
- OUString aVersion;
- try
- {
- uno::Reference < beans::XPropertySet > xPropSet(
rDocShell.GetStorage(), uno::UNO_QUERY_THROW );
- xPropSet->getPropertyValue("Version") >>= aVersion;
- }
- catch( uno::Exception& )
- {
- }
-
- uno::Reference< security::XDocumentDigitalSignatures > xSigner(
security::DocumentDigitalSignatures::createWithVersion(comphelper::getProcessComponentContext(),
aVersion) );
-
if ( nScriptingSignatureState == SignatureState::UNKNOWN
|| nScriptingSignatureState == SignatureState::OK
|| nScriptingSignatureState == SignatureState::NOTVALIDATED )
{
+ OUString aVersion;
+ try
+ {
+ uno::Reference < beans::XPropertySet > xPropSet(
rDocShell.GetStorage(), uno::UNO_QUERY_THROW );
+ xPropSet->getPropertyValue("Version") >>= aVersion;
+ }
+ catch( uno::Exception& )
+ {
+ }
+
+ uno::Reference< security::XDocumentDigitalSignatures > xSigner(
security::DocumentDigitalSignatures::createWithVersion(comphelper::getProcessComponentContext(),
aVersion) );
+
const uno::Sequence< security::DocumentSignatureInformation >
aInfo = rDocShell.GetDocumentSignatureInformation( true, xSigner );
if ( aInfo.hasElements() )
commit ad6a8cf99b627d13f998ffcd7452a45386c649f5
Author: Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Wed Nov 8 11:57:17 2023 +0300
Commit: Mike Kaganski <mike.kagan...@collabora.com>
CommitDate: Thu Nov 9 07:20:50 2023 +0100
tdf#158090: Do not auto-reject SignatureState::BROKEN in ALWAYS_EXECUTE case
It doesn't make sense to silently reject it here, but e.g., allow the
confirmation dialog for SignatureState::INVALID case; also, it was only
possible to get a silent execution of BROKEN-signature macros (in Low
security mode) vs. silent reject (in all higher modes) - which was not
good security-wise. Now it will result in the usual confirmation dialog
in Medium security mode.
Both BROKEN and INVALID signature states are made sure to not allow
automatically depending on the Windows Security Zone.
Change-Id: I41b0fc96b6bd00e960ae612e79fa1f0f1e06a069
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159153
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index d1b4ffd2cc67..017e620303e4 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -164,6 +164,7 @@ namespace sfx2
if ( nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE_NO_WARN )
return allowMacroExecution();
+ SignatureState nSignatureState = SignatureState::UNKNOWN;
const OUString sURL(m_xData->m_rDocumentAccess.getDocumentLocation());
try
{
@@ -188,7 +189,7 @@ namespace sfx2
// check whether the document is signed with trusted certificate
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
{
- SignatureState nSignatureState =
m_xData->m_rDocumentAccess.getScriptingSignatureState();
+ nSignatureState =
m_xData->m_rDocumentAccess.getScriptingSignatureState();
if (!bHasValidContentSignature
&& (nMacroExecutionMode ==
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
@@ -217,11 +218,7 @@ namespace sfx2
||
!SvtSecurityOptions::IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
const bool bHasTrustedMacroSignature =
m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUI ?
rxInteraction : nullptr);
- if ( nSignatureState == SignatureState::BROKEN )
- {
- return disallowMacroExecution();
- }
- else if ( bHasTrustedMacroSignature )
+ if (bHasTrustedMacroSignature)
{
// there is trusted macro signature, allow macro execution
return allowMacroExecution();
@@ -234,6 +231,8 @@ namespace sfx2
// FROM_LIST_AND_SIGNED_WARN and ALWAYS_EXECUTE
return disallowMacroExecution();
}
+ // Other values of nSignatureState would result in either
rejected macros
+ // (FROM_LIST_AND_SIGNED_*), or a confirmation.
}
}
catch ( const Exception& )
@@ -295,7 +294,10 @@ namespace sfx2
case 0: // Ask
break;
case 1: // Allow
- return allowMacroExecution();
+ if (nSignatureState != SignatureState::BROKEN
+ && nSignatureState != SignatureState::INVALID)
+ return allowMacroExecution();
+ break;
case 2: // Deny
return disallowMacroExecution();
}
