[poppler] utils/pdfsig.cc
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Mon Sep 20 09:53:14 UTC 2021
utils/pdfsig.cc | 37 ++++++++++++++++++++++++++-----------
1 file changed, 26 insertions(+), 11 deletions(-)
New commits:
commit 6bdf5710b0fb13bddc1d31c32d6622516221151d
Author: Albert Astals Cid <aacid at kde.org>
Date: Mon Sep 20 11:45:05 2021 +0200
pdfsig: Don't infinite loop if the NSS password given is wrong
diff --git a/utils/pdfsig.cc b/utils/pdfsig.cc
index 3abe7287..cf2c3d6d 100644
--- a/utils/pdfsig.cc
+++ b/utils/pdfsig.cc
@@ -169,26 +169,41 @@ static void print_version_usage(bool usage)
}
}
-static std::vector<std::unique_ptr<X509CertificateInfo>> getAvailableSigningCertificates(bool *passwordNeeded)
+static std::vector<std::unique_ptr<X509CertificateInfo>> getAvailableSigningCertificates(bool *error)
{
- *passwordNeeded = false;
- auto passwordCallback = [&passwordNeeded](const char *) -> char * {
+ bool wrongPassword = false;
+ bool passwordNeeded = false;
+ auto passwordCallback = [&passwordNeeded, &wrongPassword](const char *) -> char * {
+ static bool firstTime = true;
+ if (!firstTime) {
+ wrongPassword = true;
+ return nullptr;
+ }
+ firstTime = false;
if (nssPassword.getLength() > 0) {
return strdup(nssPassword.c_str());
} else {
- *passwordNeeded = true;
+ passwordNeeded = true;
return nullptr;
}
};
SignatureHandler::setNSSPasswordCallback(passwordCallback);
std::vector<std::unique_ptr<X509CertificateInfo>> vCerts = SignatureHandler::getAvailableSigningCertificates();
SignatureHandler::setNSSPasswordCallback({});
- if (*passwordNeeded) {
+ if (passwordNeeded) {
+ *error = true;
printf("Password is needed to access the NSS database.\n");
printf("\tPlease provide one with -nss-pwd.\n");
return {};
}
+ if (wrongPassword) {
+ *error = true;
+ printf("Password was not accepted to open the NSS database.\n");
+ printf("\tPlease provide the correct one with -nss-pwd.\n");
+ return {};
+ }
+ *error = false;
return vCerts;
}
@@ -219,9 +234,9 @@ int main(int argc, char *argv[])
SignatureHandler::setNSSDir(nssDir);
if (listNicknames) {
- bool passwordNeeded;
- const std::vector<std::unique_ptr<X509CertificateInfo>> vCerts = getAvailableSigningCertificates(&passwordNeeded);
- if (passwordNeeded) {
+ bool getCertsError;
+ const std::vector<std::unique_ptr<X509CertificateInfo>> vCerts = getAvailableSigningCertificates(&getCertsError);
+ if (getCertsError) {
return 2;
} else {
if (vCerts.empty()) {
@@ -286,10 +301,10 @@ int main(int argc, char *argv[])
return 2;
}
- bool passwordNeeded;
+ bool getCertsError;
// We need to call this otherwise NSS spins forever
- getAvailableSigningCertificates(&passwordNeeded);
- if (passwordNeeded) {
+ getAvailableSigningCertificates(&getCertsError);
+ if (getCertsError) {
return 2;
}
More information about the poppler
mailing list