16 #include <tqfileinfo.h>
19 #include <tdeconfig.h>
21 #include <tdeglobal.h>
22 #include <tdeio/netaccess.h>
23 #include <tdelocale.h>
24 #include <tdemessagebox.h>
25 #include <kstandarddirs.h>
31 #include "knewstuffsecure.h"
40 connect(
engine(), TQ_SIGNAL(uploadFinished(
bool)), TQ_SLOT(slotUploadFinished(
bool)));
44 TDENewStuffSecure::~TDENewStuffSecure()
54 m_tempDir =
new KTempDir();
55 m_tempDir->setAutoDelete(
true);
56 KTar tar(fileName,
"application/x-gzip");
57 if (tar.open(IO_ReadOnly))
59 const KArchiveDirectory *directory = tar.directory();
60 directory->copyTo(m_tempDir->name(),
true);
62 TQStringList entries = directory->entries();
63 for (TQStringList::Iterator it = entries.begin(); it != entries.end(); ++it)
65 if (*it !=
"signature" && *it !=
"md5sum")
72 if (m_tarName.isEmpty())
76 m_tarName.prepend(m_tempDir->name());
77 connect(Security::ref(), TQ_SIGNAL(validityResult(
int)),
this, TQ_SLOT(slotValidated(
int)));
78 Security::ref()->checkValidity(m_tarName);
83 KMessageBox::error(
parentWidget(), i18n(
"There was an error with the downloaded resource tarball file. Possible causes are damaged archive or invalid directory structure in the archive."), i18n(
"Resource Installation Error"));
87 void TDENewStuffSecure::slotValidated(
int result)
90 TQString signatureStr;
94 errorString =
"<br>- " + i18n(
"No keys were found.");
99 errorString =
"<br>- " + i18n(
"The validation failed for unknown reason.");
103 KeyStruct key = Security::ref()->signatureKey();
104 if (!(result & Security::MD5_OK ))
106 errorString =
"<br>- " + i18n(
"The MD5SUM check failed, the archive might be broken.");
109 if (result & Security::SIGNED_BAD)
111 errorString +=
"<br>- " + i18n(
"The signature is bad, the archive might be broken or altered.");
114 if (result & Security::SIGNED_OK)
116 if (result & Security::TRUSTED)
118 kdDebug() <<
"Signed and trusted " << endl;
121 errorString +=
"<br>- " + i18n(
"The signature is valid, but untrusted.");
125 if (result & Security::UNKNOWN)
127 errorString +=
"<br>- " + i18n(
"The signature is unknown.");
131 signatureStr = i18n(
"The resource was signed with key <i>0x%1</i>, belonging to <i>%2 <%3></i>.").arg(key.id.right(8)).arg(key.name).arg(key.mail);
136 signatureStr.prepend(
"<br>");
137 if (KMessageBox::warningContinueCancel(
parentWidget(), i18n(
"<qt>There is a problem with the resource file you have downloaded. The errors are :<b>%1</b><br>%2<br><br>Installation of the resource is <b>not recommended</b>.<br><br>Do you want to proceed with the installation?</qt>").arg(errorString).arg(signatureStr), i18n(
"Problematic Resource File")) == KMessageBox::Continue)
140 KMessageBox::information(
parentWidget(), i18n(
"<qt>%1<br><br>Press OK to install it.</qt>").arg(signatureStr), i18n(
"Valid Resource"),
"Show Valid Signature Information");
144 emit installFinished();
147 TDEConfig *cfg = TDEGlobal::config();
148 cfg->deleteGroup(
"TDENewStuffStatus");
149 cfg->setGroup(
"TDENewStuffStatus");
150 for (TQMap<TQString, TQString>::ConstIterator it = m_installedResources.constBegin(); it != m_installedResources.constEnd(); ++it)
152 cfg->writeEntry(it.key(), it.data());
157 disconnect(Security::ref(), TQ_SIGNAL(validityResult(
int)),
this, TQ_SLOT(slotValidated(
int)));
162 TDEConfig *cfg = TDEGlobal::config();
163 m_installedResources = cfg->entryMap(
"TDENewStuffStatus");
176 connect(Security::ref(), TQ_SIGNAL(fileSigned(
int)),
this, TQ_SLOT(slotFileSigned(
int)));
178 m_tempDir =
new KTempDir();
179 m_tempDir->setAutoDelete(
true);
180 TQFileInfo f(fileName);
181 m_signedFileName = m_tempDir->name() +
"/" + f.fileName();
182 TDEIO::NetAccess::file_copy(KURL::fromPathOrURL(fileName), KURL::fromPathOrURL(m_signedFileName), -1,
true);
183 Security::ref()->signFile(m_signedFileName);
186 void TDENewStuffSecure::slotFileSigned(
int result)
190 KMessageBox::error(
parentWidget(), i18n(
"The signing failed for unknown reason."));
193 if (result & Security::BAD_PASSPHRASE)
195 if (KMessageBox::warningContinueCancel(
parentWidget(), i18n(
"There are no keys usable for signing or you did not entered the correct passphrase.\nProceed without signing the resource?")) == KMessageBox::Cancel)
197 disconnect(Security::ref(), TQ_SIGNAL(fileSigned(
int)),
this, TQ_SLOT(slotFileSigned(
int)));
202 KTar tar(m_signedFileName +
".signed",
"application/x-gzip");
203 tar.open(IO_WriteOnly);
205 files << m_signedFileName;
206 files << m_tempDir->name() +
"/md5sum";
207 files << m_tempDir->name() +
"/signature";
209 for (TQStringList::Iterator it_f = files.begin(); it_f != files.end(); ++it_f)
212 file.open(IO_ReadOnly);
213 TQByteArray bArray = file.readAll();
214 tar.writeFile(TQFileInfo(file).fileName(),
"user",
"group", bArray.size(), bArray.data());
218 TDEIO::NetAccess::file_move(KURL::fromPathOrURL(m_signedFileName +
".signed"), KURL::fromPathOrURL(m_signedFileName), -1,
true);
220 disconnect(Security::ref(), TQ_SIGNAL(fileSigned(
int)),
this, TQ_SLOT(slotFileSigned(
int)));
224 void TDENewStuffSecure::slotUploadFinished(
bool result)
234 TDEIO::NetAccess::del(KURL().fromPathOrURL(m_tempDir->name()),
parentWidget());
240 #include "knewstuffsecure.moc"
void ignoreInstallResult(bool ignore)
Ignores the return value of the install method.
bool install(const TQString &fileName)
Installs the downloaded resource.
TDENewStuffSecure(const TQString &type, TQWidget *parentWidget=0)
Constructor.
void removeTempDirectory()
Removes the temporary directory m_tempDir.
bool createUploadFile(const TQString &fileName)
Reimplemented for internal reasons.
void downloadResource()
Initiates a download.
virtual void installResource()=0
Installs the resource specified by m_tarName.
void uploadResource(const TQString &fileName)
Signs the file and uploads to the central server.
This class provides the functionality to download and upload "new stuff".
TQWidget * parentWidget() const
Return parent widget.
KNS::Engine * engine()
Get the pointer to the engine.
void upload()
Start upload process.
void download()
Start download process.
Handles security releated issues, like signing, verifying.
Trinity API Reference