[Libreoffice-commits] online.git: kit/ChildSession.cpp kit/ChildSession.hpp kit/Kit.cpp
Henry Castro (via logerrit)
logerrit at kemper.freedesktop.org
Thu Mar 12 12:33:37 UTC 2020
kit/ChildSession.cpp | 18 ++++++++++++++----
kit/ChildSession.hpp | 2 ++
kit/Kit.cpp | 4 ++--
3 files changed, 18 insertions(+), 6 deletions(-)
New commits:
commit 316a011c08ddf1c7dd6a329f04c238bd2c040eb5
Author: Henry Castro <hcastro at collabora.com>
AuthorDate: Wed Mar 11 11:55:49 2020 -0400
Commit: Henry Castro <hcastro at collabora.com>
CommitDate: Thu Mar 12 13:33:19 2020 +0100
kit: fix download action when server is running with no capabilities
Downloading pdf file does not work because the kit process is not jailed
Change-Id: I1e67840eb58997f6de10948c8d8e260888abe326
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90338
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice at gmail.com>
Reviewed-by: Henry Castro <hcastro at collabora.com>
diff --git a/kit/ChildSession.cpp b/kit/ChildSession.cpp
index 4842b8ffe..e5a76f060 100644
--- a/kit/ChildSession.cpp
+++ b/kit/ChildSession.cpp
@@ -49,6 +49,8 @@ using Poco::URI;
using namespace LOOLProtocol;
+bool ChildSession::NoCapsForKit = false;
+
namespace {
std::vector<unsigned char> decodeBase64(const std::string & inputBase64)
@@ -926,14 +928,22 @@ bool ChildSession::downloadAs(const char* /*buffer*/, int /*length*/, const Stri
format.empty() ? nullptr : format.c_str(),
filterOptions.empty() ? nullptr : filterOptions.c_str());
#else
- // The file is removed upon downloading.
- const std::string tmpDir = FileUtil::createRandomDir(JAILED_DOCUMENT_ROOT);
// Prevent user inputting anything funny here.
// A "name" should always be a name, not a path
const Poco::Path filenameParam(name);
- const std::string url = JAILED_DOCUMENT_ROOT + tmpDir + "/" + filenameParam.getFileName();
const std::string nameAnonym = anonymizeUrl(name);
- const std::string urlAnonym = JAILED_DOCUMENT_ROOT + tmpDir + "/" + Poco::Path(nameAnonym).getFileName();
+
+ std::string jailDoc = JAILED_DOCUMENT_ROOT;
+ if (NoCapsForKit)
+ {
+ jailDoc = Poco::URI(getJailedFilePath()).getPath();
+ jailDoc = jailDoc.substr(0, jailDoc.find(JAILED_DOCUMENT_ROOT)) + JAILED_DOCUMENT_ROOT;
+ }
+
+ // The file is removed upon downloading.
+ const std::string tmpDir = FileUtil::createRandomDir(jailDoc);
+ const std::string url = jailDoc + tmpDir + "/" + filenameParam.getFileName();
+ const std::string urlAnonym = jailDoc + tmpDir + "/" + Poco::Path(nameAnonym).getFileName();
LOG_DBG("Calling LOK's downloadAs with: url='" << urlAnonym << "', format='" <<
(format.empty() ? "(nullptr)" : format.c_str()) << "', ' filterOptions=" <<
diff --git a/kit/ChildSession.hpp b/kit/ChildSession.hpp
index c7a248546..da44a5f94 100644
--- a/kit/ChildSession.hpp
+++ b/kit/ChildSession.hpp
@@ -192,6 +192,8 @@ public:
class ChildSession final : public Session
{
public:
+ static bool NoCapsForKit;
+
/// Create a new ChildSession
/// ws The socket between master and kit (jailed).
/// loKit The LOKit instance.
diff --git a/kit/Kit.cpp b/kit/Kit.cpp
index 8b8e6514d..f14362c35 100644
--- a/kit/Kit.cpp
+++ b/kit/Kit.cpp
@@ -2402,7 +2402,7 @@ void lokit_main(
// So we insure it lives until std::_Exit is called.
std::shared_ptr<lok::Office> loKit;
Path jailPath;
- bool bRunInsideJail = !noCapabilities;
+ ChildSession::NoCapsForKit = noCapabilities;
#else
AnonymizeUserData = false;
#endif // MOBILEAPP
@@ -2415,7 +2415,7 @@ void lokit_main(
File(jailPath).createDirectories();
chmod(jailPath.toString().c_str(), S_IXUSR | S_IWUSR | S_IRUSR);
- if (bRunInsideJail)
+ if (!ChildSession::NoCapsForKit)
{
userdir_url = "file:///user";
instdir_path = "/" + loSubPath + "/program";
More information about the Libreoffice-commits
mailing list