Mercurial > trustbridge
changeset 587:02a89710a7cd
Split up list and software verification and use it
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Tue, 27 May 2014 16:31:29 +0000 |
parents | ecfd77751daf |
children | a4e75d90d3f6 |
files | ui/mainwindow.cpp ui/mainwindow.h |
diffstat | 2 files changed, 51 insertions(+), 16 deletions(-) [+] |
line wrap: on
line diff
--- a/ui/mainwindow.cpp Tue May 27 16:30:58 2014 +0000 +++ b/ui/mainwindow.cpp Tue May 27 16:31:29 2014 +0000 @@ -53,6 +53,7 @@ #include "installwrapper.h" #include "util.h" #include "logging.h" +#include "binverify.h" MainWindow::MainWindow(bool trayMode): mTrayMode(trayMode) @@ -102,8 +103,15 @@ } if (mCurState == NewSoftwareAvailable) { - checkUpdates(true); - mCurState = DownloadingSW; + verifySWData(); + QString swFileName = mSettings.value("Software/available").toString(); + if (swFileName.isEmpty()) { + checkUpdates(true); + mCurState = DownloadingSW; + return; + } + installNewSW(swFileName, + mSettings.value("Software/availableDate").toDateTime()); } } @@ -116,12 +124,10 @@ } } -void MainWindow::verifyAvailableData() +void MainWindow::verifyListData() { QString availableFileName = mSettings.value("List/available").toString(); QString installedFileName = mSettings.value("List/installed").toString(); - QString swFileName = mSettings.value("Software/available").toString(); - if (!availableFileName.isEmpty()) { mListToInstall.readList(availableFileName.toLocal8Bit().constData()); if (!mListToInstall.isValid()) { @@ -153,9 +159,32 @@ mSettings.remove("List/installed"); mSettings.remove("List/installedDate"); } +} + +void MainWindow::verifySWData() +{ + QString swFileName = mSettings.value("Software/available").toString(); if (!swFileName.isEmpty()) { - // TODO Verify integrity of the software + QFileInfo fi(swFileName); + if (!fi.exists()) { + mSettings.remove("Software/available"); + mSettings.remove("Software/availableDate"); + } + if (!fi.isExecutable()) { + qWarning() << "Downloaded file: " << swFileName << " is not executable."; + setState(TransferError); + return; + } + bin_verify_result verifyResult = verify_binary(swFileName.toUtf8().constData(), + swFileName.toUtf8().size()); + qDebug() << "Binary verify result: " << verifyResult; + if (verifyResult != VerifyValid) { + qDebug() << "Failed to verify downloaded data. Retrying."; + QFile::remove(swFileName); + mSettings.remove("Software/available"); + mSettings.remove("Software/availableDate"); + } } else { mSettings.remove("Software/available"); mSettings.remove("Software/availableDate"); @@ -166,7 +195,7 @@ mSettings.setValue("List/available", fileName); mSettings.setValue("List/availableDate", modDate); - verifyAvailableData(); + verifyListData(); if (!mListToInstall.isValid()) { /* Downloader provided invalid files */ /* TODO: Error count. Error handling. Otherwise @@ -196,11 +225,7 @@ void MainWindow::installNewSW(const QString& fileName, const QDateTime& modDate) { QFileInfo instProcInfo = QFileInfo(fileName); - if (!instProcInfo.isExecutable()) { - qWarning() << "Downloaded file: " << fileName << " is not executable."; - setState(TransferError); - return; - } + verifySWData(); QString filePath = QDir::toNativeSeparators(instProcInfo.absoluteFilePath()); #ifdef WIN32 SHELLEXECUTEINFOW shExecInfo; @@ -243,7 +268,7 @@ void MainWindow::checkUpdates(bool downloadSW) { - verifyAvailableData(); + verifyListData(); if (!mSettings.contains("Software/installedDate") || mSettings.value("Software/installedVersion").toString() != QApplication::applicationVersion()) {
--- a/ui/mainwindow.h Tue May 27 16:30:58 2014 +0000 +++ b/ui/mainwindow.h Tue May 27 16:31:29 2014 +0000 @@ -134,15 +134,25 @@ void installNewSW(const QString& fileName, const QDateTime& modDate); private: - /** @brief check the integrity of available files. + /** @brief check the integrity of available certificate lists. * - * Do not use this as a trust check as this only works on + * Note: Do not use this as a trust check as this only works on * FileNames where the underlying files can change. This * is just meant to check if the downloaded data was somehow * removed or corrupted. It also initializes mListToInstall * and mInstalledList. */ - void verifyAvailableData(); + void verifyListData(); + + /** @brief check the integrity of available software updates. + * + * Note: Do not use this as a trust check as this only works on + * FileNames where the underlying files can change. This + * is just meant to check if the downloaded data was somehow + * removed or corrupted. + */ + void verifySWData(); + void createTrayIcon(); void createActions(); void createMenuBar();