From 4c8df65031ace054ff34595a5adf9565fb4f6050 Mon Sep 17 00:00:00 2001 From: LoRd_MuldeR Date: Mon, 31 Aug 2015 22:56:39 +0200 Subject: [PATCH] Make signature validation work, when keyring file is not located in the same directory as the file to be validated. --- include/MUtils/Global.h | 3 +++ src/Global.cpp | 34 +++++++++++++++++++++++++++++++++- src/UpdateChecker.cpp | 22 +++++++++++++++++++--- 3 files changed, 55 insertions(+), 4 deletions(-) diff --git a/include/MUtils/Global.h b/include/MUtils/Global.h index 59b360c..20cf0a8 100644 --- a/include/MUtils/Global.h +++ b/include/MUtils/Global.h @@ -84,6 +84,9 @@ namespace MUtils MUTILS_API quint32 next_rand32(void); MUTILS_API quint64 next_rand64(void); + //Temp File Name + MUTILS_API QString make_temp_file(const QString &basePath, const QString &extension, const bool placeholder = false); + //Parity MUTILS_API bool parity(quint32 value); diff --git a/src/Global.cpp b/src/Global.cpp index 81046ed..e52285c 100644 --- a/src/Global.cpp +++ b/src/Global.cpp @@ -109,6 +109,37 @@ QString MUtils::rand_str(const bool &bLong) return QString("%1%2").arg(rand_str(false), rand_str(false)); } +/////////////////////////////////////////////////////////////////////////////// +// GET TEMP FILE NAME +/////////////////////////////////////////////////////////////////////////////// + +QString MUtils::make_temp_file(const QString &basePath, const QString &extension, const bool placeholder) +{ + for(int i = 0; i < 4096; i++) + { + const QString tempFileName = QString("%1/%2.%3").arg(basePath, rand_str(), extension); + if(!QFileInfo(tempFileName).exists()) + { + if(placeholder) + { + QFile file(tempFileName); + if(file.open(QFile::ReadWrite)) + { + file.close(); + return tempFileName; + } + } + else + { + return tempFileName; + } + } + } + + qWarning("Failed to generate unique temp file name!"); + return QString(); +} + /////////////////////////////////////////////////////////////////////////////// // COMPUTE PARITY /////////////////////////////////////////////////////////////////////////////// @@ -195,7 +226,8 @@ static bool temp_folder_cleanup_helper(const QString &tempPath) static void temp_folder_cleaup(void) { QWriteLocker writeLock(&g_temp_folder_lock); - + qWarning("------------ temp_folder_cleaup ------------"); + //Clean the directory while(!g_temp_folder_file.isNull()) { diff --git a/src/UpdateChecker.cpp b/src/UpdateChecker.cpp index aba6459..b963887 100644 --- a/src/UpdateChecker.cpp +++ b/src/UpdateChecker.cpp @@ -648,10 +648,17 @@ bool UpdateChecker::checkSignature(const QString &file, const QString &signature return false; } + QString keyRingPath(m_binaryKeys); + bool removeKeyring = false; if(QFileInfo(file).absolutePath().compare(QFileInfo(m_binaryKeys).absolutePath(), Qt::CaseInsensitive) != 0) { - qWarning("CheckSignature: File and keyring should be in same folder!"); - return false; + keyRingPath = make_temp_file(QFileInfo(file).absolutePath(), "gpg"); + removeKeyring = true; + if(!QFile::copy(m_binaryKeys, keyRingPath)) + { + qWarning("CheckSignature: Failed to copy the key-ring file!"); + return false; + } } QProcess process; @@ -662,10 +669,14 @@ bool UpdateChecker::checkSignature(const QString &file, const QString &signature connect(&process, SIGNAL(finished(int,QProcess::ExitStatus)), &loop, SLOT(quit())); connect(&process, SIGNAL(readyRead()), &loop, SLOT(quit())); - process.start(m_binaryGnuPG, QStringList() << "--homedir" << "." << "--keyring" << QFileInfo(m_binaryKeys).fileName() << QFileInfo(signature).fileName() << QFileInfo(file).fileName()); + process.start(m_binaryGnuPG, QStringList() << "--homedir" << "." << "--keyring" << QFileInfo(keyRingPath).fileName() << QFileInfo(signature).fileName() << QFileInfo(file).fileName()); if(!process.waitForStarted()) { + if(removeKeyring) + { + remove_file(keyRingPath); + } return false; } @@ -678,6 +689,11 @@ bool UpdateChecker::checkSignature(const QString &file, const QString &signature } } + if(removeKeyring) + { + remove_file(keyRingPath); + } + log(QString().sprintf("Exited with code %d", process.exitCode())); return (process.exitCode() == 0); }