libreoffice/0004-CVE-2022-2630-6-7-add-infobar-to-prompt-to-refresh-t.patch

114 lines
5.3 KiB
Diff
Raw Permalink Normal View History

From 0aac66b96fcfa7f8c2c265afec59eb4b3f51c131 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
Date: Wed, 23 Mar 2022 13:03:30 +0000
Subject: [PATCH 4/5] CVE-2022-2630[6|7] add infobar to prompt to refresh to
replace old format
Change-Id: Id99cbf2b50a4ebf289dae6fc67e22e20afcda35b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131976
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bbd196ff82bda9f66b4ba32a412f10cefe6da60e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132307
Reviewed-by: Sophie Gautier <sophi@libreoffice.org>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit c5d01b11db3c83cb4a89d3b388d78e20dd3990b5)
---
include/sfx2/strings.hrc | 2 ++
include/sfx2/viewfrm.hxx | 1 +
sfx2/source/view/viewfrm.cxx | 39 +++++++++++++++++++++++++++++++++++-
3 files changed, 41 insertions(+), 1 deletion(-)
diff --git a/include/sfx2/strings.hrc b/include/sfx2/strings.hrc
index cb627807d8c8..317dd88061df 100644
--- a/include/sfx2/strings.hrc
+++ b/include/sfx2/strings.hrc
@@ -292,6 +292,8 @@
#define STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK NC_("STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK", "The certificate could not be validated and the document is only partially signed.")
#define STR_SIGNATURE_OK NC_("STR_SIGNATURE_OK", "This document is digitally signed and the signature is valid.")
#define STR_SIGNATURE_SHOW NC_("STR_SIGNATURE_SHOW", "Show Signatures")
+#define STR_REFRESH_MASTER_PASSWORD NC_("STR_REFRESH_MASTER_PASSWORD", "The master password is stored in an outdated format, you should refresh it")
+#define STR_REFRESH_PASSWORD NC_("STR_REFRESH_PASSWORD", "Refresh Password")
#define STR_CLOSE_PANE NC_("STR_CLOSE_PANE", "Close Pane")
diff --git a/include/sfx2/viewfrm.hxx b/include/sfx2/viewfrm.hxx
index aedd362f8781..dc01c088f1f7 100644
--- a/include/sfx2/viewfrm.hxx
+++ b/include/sfx2/viewfrm.hxx
@@ -64,6 +64,7 @@ protected:
DECL_LINK(WhatsNewHandler, weld::Button&, void);
DECL_LINK(SwitchReadOnlyHandler, weld::Button&, void);
DECL_LINK(SignDocumentHandler, weld::Button&, void);
+ DECL_DLLPRIVATE_LINK(RefreshMasterPasswordHdl, weld::Button&, void);
SAL_DLLPRIVATE void KillDispatcher_Impl();
virtual ~SfxViewFrame() override;
diff --git a/sfx2/source/view/viewfrm.cxx b/sfx2/source/view/viewfrm.cxx
index 46a7c4d9dc42..0f90af8bfb34 100644
--- a/sfx2/source/view/viewfrm.cxx
+++ b/sfx2/source/view/viewfrm.cxx
@@ -32,7 +32,7 @@
#include <com/sun/star/frame/XLoadable.hpp>
#include <com/sun/star/frame/XLayoutManager.hpp>
#include <com/sun/star/frame/XComponentLoader.hpp>
-#include <com/sun/star/drawing/XShapes.hpp>
+#include <com/sun/star/task/PasswordContainer.hpp>
#include <officecfg/Office/Common.hxx>
#include <officecfg/Setup.hxx>
#include <toolkit/helper/vclunohelper.hxx>
@@ -1413,6 +1413,22 @@ void SfxViewFrame::Notify( SfxBroadcaster& /*rBC*/, const SfxHint& rHint )
batch->commit();
}
+ if (officecfg::Office::Common::Passwords::HasMaster::get() &&
+ officecfg::Office::Common::Passwords::StorageVersion::get() == 0)
+ {
+ // master password stored in deprecated format
+ VclPtr<SfxInfoBarWindow> pOldMasterPasswordInfoBar =
+ AppendInfoBar("oldmasterpassword", "",
+ SfxResId(STR_REFRESH_MASTER_PASSWORD), InfobarType::DANGER, false);
+ if (pOldMasterPasswordInfoBar)
+ {
+ weld::Button& rButton = pOldMasterPasswordInfoBar->addButton();
+ rButton.set_label(SfxResId(STR_REFRESH_PASSWORD));
+ rButton.connect_clicked(LINK(this,
+ SfxViewFrame, RefreshMasterPasswordHdl));
+ }
+ }
+
// read-only infobar if necessary
const SfxViewShell *pVSh;
const SfxShell *pFSh;
@@ -1561,6 +1577,27 @@ IMPL_LINK_NOARG(SfxViewFrame, SignDocumentHandler, weld::Button&, void)
GetDispatcher()->Execute(SID_SIGNATURE);
}
+IMPL_LINK_NOARG(SfxViewFrame, RefreshMasterPasswordHdl, weld::Button&, void)
+{
+ bool bChanged = false;
+ try
+ {
+ Reference< task::XPasswordContainer2 > xMasterPasswd(
+ task::PasswordContainer::create(comphelper::getProcessComponentContext()));
+
+ css::uno::Reference<css::frame::XFrame> xFrame = GetFrame().GetFrameInterface();
+ css::uno::Reference<css::awt::XWindow> xContainerWindow = xFrame->getContainerWindow();
+
+ uno::Reference<task::XInteractionHandler> xTmpHandler(task::InteractionHandler::createWithParent(comphelper::getProcessComponentContext(),
+ xContainerWindow));
+ bChanged = xMasterPasswd->changeMasterPassword(xTmpHandler);
+ }
+ catch (const Exception&)
+ {}
+ if (bChanged)
+ RemoveInfoBar(u"oldmasterpassword");
+}
+
void SfxViewFrame::Construct_Impl( SfxObjectShell *pObjSh )
{
m_pImpl->bResizeInToOut = true;
--
2.37.3