[Libreoffice-commits] core.git: include/unotools unotools/source xmlsecurity/source

[Stephan Bergmann]

 include/unotools/securityoptions.hxx                       |    5 +
 unotools/source/config/securityoptions.cxx                 |   35 ++++++-------
 xmlsecurity/source/component/documentdigitalsignatures.cxx |   14 -----
 3 files changed, 23 insertions(+), 31 deletions(-)

New commits:
commit 16b91e13c726b5b3f43c1aafde6fb8c4c18e3c77
Author: Stephan Bergmann <sbergman at redhat.com>
Date:   Sat Nov 9 16:24:56 2013 +0100

    Converge on SvtSecurityOptions::isTrustedLocation
    
    Change-Id: Ibcf4b7d9d11295c7679637a37d41dc2960e04f8f

diff --git a/include/unotools/securityoptions.hxx b/include/unotools/securityoptions.hxx
index fc6c49c..a11aff9 100644
--- a/include/unotools/securityoptions.hxx
+++ b/include/unotools/securityoptions.hxx
@@ -188,6 +188,11 @@ class UNOTOOLS_DLLPUBLIC SAL_WARN_UNUSED SvtSecurityOptions : public utl::detail
         bool isSecureMacroUri(OUString const & uri, OUString const & referer)
             const;
 
+        /**
+           Check whether the given uri is a trusted location.
+        */
+        bool isTrustedLocationUri(OUString const & uri) const;
+
         ::com::sun::star::uno::Sequence< Certificate >  GetTrustedAuthors       (                                                                   ) const ;
         void                                            SetTrustedAuthors       ( const ::com::sun::star::uno::Sequence< Certificate >& rAuthors    )       ;
 
diff --git a/unotools/source/config/securityoptions.cxx b/unotools/source/config/securityoptions.cxx
index 2271219..c31e131 100644
--- a/unotools/source/config/securityoptions.cxx
+++ b/unotools/source/config/securityoptions.cxx
@@ -21,6 +21,7 @@
 #include <unotools/securityoptions.hxx>
 #include <unotools/configmgr.hxx>
 #include <unotools/configitem.hxx>
+#include <unotools/ucbhelper.hxx>
 #include <tools/debug.hxx>
 #include <com/sun/star/uno/Any.hxx>
 #include <com/sun/star/uno/Sequence.hxx>
@@ -1041,29 +1042,27 @@ bool SvtSecurityOptions::isSecureMacroUri(
         }
         // fall through
     case INET_PROT_SLOT:
-        if (referer.equalsIgnoreAsciiCase("private:user")) {
-            return true;
-        }
-        {
-            MutexGuard g(GetInitMutex());
-            for (sal_Int32 i = 0;
-                 i != m_pDataContainer->m_seqSecureURLs.getLength(); ++i)
-            {
-                OUString pref(m_pDataContainer->m_seqSecureURLs[i]);
-                pref.endsWith("/", &pref);
-                if (referer.equalsIgnoreAsciiCase(pref)
-                    || referer.startsWithIgnoreAsciiCase(pref + "/"))
-                {
-                    return true;
-                }
-            }
-            return false;
-        }
+        return referer.equalsIgnoreAsciiCase("private:user")
+            || isTrustedLocationUri(referer);
     default:
         return true;
     }
 }
 
+bool SvtSecurityOptions::isTrustedLocationUri(OUString const & uri) const {
+    MutexGuard g(GetInitMutex());
+    for (sal_Int32 i = 0; i != m_pDataContainer->m_seqSecureURLs.getLength();
+         ++i)
+    {
+        if (UCBContentHelper::IsSubPath(
+                m_pDataContainer->m_seqSecureURLs[i], uri))
+        {
+            return true;
+        }
+    }
+    return false;
+}
+
 sal_Int32 SvtSecurityOptions::GetMacroSecurityLevel() const
 {
     MutexGuard aGuard( GetInitMutex() );
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index ceb7614..3909560 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -36,12 +36,10 @@
 #include <com/sun/star/ucb/XCommandEnvironment.hpp>
 #include <com/sun/star/ucb/XCommandProcessor.hpp>
 #include <com/sun/star/ucb/Command.hpp>
-#include <tools/urlobj.hxx>
 #include <vcl/msgbox.hxx>
 #include <unotools/securityoptions.hxx>
 #include <com/sun/star/security/CertificateValidity.hpp>
 #include <com/sun/star/security/SerialNumberAdapter.hpp>
-#include <unotools/ucbhelper.hxx>
 #include "comphelper/documentconstants.hxx"
 
 #include "com/sun/star/lang/IllegalArgumentException.hpp"
@@ -439,17 +437,7 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
 
 ::sal_Bool DocumentDigitalSignatures::isLocationTrusted( const OUString& Location ) throw (RuntimeException)
 {
-    sal_Bool bFound = sal_False;
-    INetURLObject aLocObj( Location );
-    INetURLObject aLocObjLowCase( Location.toAsciiLowerCase() ); // will be used for case insensitive comparing
-
-    Sequence< OUString > aSecURLs = SvtSecurityOptions().GetSecureURLs();
-    const OUString* pSecURLs = aSecURLs.getConstArray();
-    const OUString* pSecURLsEnd = pSecURLs + aSecURLs.getLength();
-    for ( ; pSecURLs != pSecURLsEnd && !bFound; ++pSecURLs )
-        bFound = ::utl::UCBContentHelper::IsSubPath( *pSecURLs, Location );
-
-    return bFound;
+    return SvtSecurityOptions().isTrustedLocationUri(Location);
 }
 
 void DocumentDigitalSignatures::addAuthorToTrustedSources(