changeset 587:02a89710a7cd

Split up list and software verification and use it
author Andre Heinecke <aheinecke@intevation.de>
date Tue, 27 May 2014 16:31:29 +0000
parents ecfd77751daf
children a4e75d90d3f6
files ui/mainwindow.cpp ui/mainwindow.h
diffstat 2 files changed, 51 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/ui/mainwindow.cpp	Tue May 27 16:30:58 2014 +0000
+++ b/ui/mainwindow.cpp	Tue May 27 16:31:29 2014 +0000
@@ -53,6 +53,7 @@
 #include "installwrapper.h"
 #include "util.h"
 #include "logging.h"
+#include "binverify.h"
 
 MainWindow::MainWindow(bool trayMode):
     mTrayMode(trayMode)
@@ -102,8 +103,15 @@
     }
 
     if (mCurState == NewSoftwareAvailable) {
-        checkUpdates(true);
-        mCurState = DownloadingSW;
+        verifySWData();
+        QString swFileName = mSettings.value("Software/available").toString();
+        if (swFileName.isEmpty()) {
+            checkUpdates(true);
+            mCurState = DownloadingSW;
+            return;
+        }
+        installNewSW(swFileName,
+                mSettings.value("Software/availableDate").toDateTime());
     }
 }
 
@@ -116,12 +124,10 @@
     }
 }
 
-void MainWindow::verifyAvailableData()
+void MainWindow::verifyListData()
 {
     QString availableFileName = mSettings.value("List/available").toString();
     QString installedFileName = mSettings.value("List/installed").toString();
-    QString swFileName = mSettings.value("Software/available").toString();
-
     if (!availableFileName.isEmpty()) {
         mListToInstall.readList(availableFileName.toLocal8Bit().constData());
         if (!mListToInstall.isValid()) {
@@ -153,9 +159,32 @@
         mSettings.remove("List/installed");
         mSettings.remove("List/installedDate");
     }
+}
+
+void MainWindow::verifySWData()
+{
+    QString swFileName = mSettings.value("Software/available").toString();
 
     if (!swFileName.isEmpty()) {
-        // TODO Verify integrity of the software
+        QFileInfo fi(swFileName);
+        if (!fi.exists()) {
+            mSettings.remove("Software/available");
+            mSettings.remove("Software/availableDate");
+        }
+        if (!fi.isExecutable()) {
+            qWarning() << "Downloaded file: " << swFileName << " is not executable.";
+            setState(TransferError);
+            return;
+        }
+        bin_verify_result verifyResult = verify_binary(swFileName.toUtf8().constData(),
+                swFileName.toUtf8().size());
+        qDebug() << "Binary verify result: " << verifyResult;
+        if (verifyResult != VerifyValid) {
+            qDebug() << "Failed to verify downloaded data. Retrying.";
+            QFile::remove(swFileName);
+            mSettings.remove("Software/available");
+            mSettings.remove("Software/availableDate");
+        }
     } else {
         mSettings.remove("Software/available");
         mSettings.remove("Software/availableDate");
@@ -166,7 +195,7 @@
     mSettings.setValue("List/available", fileName);
     mSettings.setValue("List/availableDate", modDate);
 
-    verifyAvailableData();
+    verifyListData();
     if (!mListToInstall.isValid()) {
         /* Downloader provided invalid files */
         /* TODO: Error count. Error handling. Otherwise
@@ -196,11 +225,7 @@
 
 void MainWindow::installNewSW(const QString& fileName, const QDateTime& modDate) {
     QFileInfo instProcInfo = QFileInfo(fileName);
-    if (!instProcInfo.isExecutable()) {
-        qWarning() << "Downloaded file: " << fileName << " is not executable.";
-        setState(TransferError);
-        return;
-    }
+    verifySWData();
     QString filePath = QDir::toNativeSeparators(instProcInfo.absoluteFilePath());
 #ifdef WIN32
     SHELLEXECUTEINFOW shExecInfo;
@@ -243,7 +268,7 @@
 
 void MainWindow::checkUpdates(bool downloadSW)
 {
-    verifyAvailableData();
+    verifyListData();
 
     if (!mSettings.contains("Software/installedDate") ||
           mSettings.value("Software/installedVersion").toString() != QApplication::applicationVersion()) {
--- a/ui/mainwindow.h	Tue May 27 16:30:58 2014 +0000
+++ b/ui/mainwindow.h	Tue May 27 16:31:29 2014 +0000
@@ -134,15 +134,25 @@
     void installNewSW(const QString& fileName, const QDateTime& modDate);
 
 private:
-    /** @brief check the integrity of available files.
+    /** @brief check the integrity of available certificate lists.
      *
-     * Do not use this as a trust check as this only works on
+     * Note: Do not use this as a trust check as this only works on
      * FileNames where the underlying files can change. This
      * is just meant to check if the downloaded data was somehow
      * removed or corrupted. It also initializes mListToInstall
      * and mInstalledList.
      */
-    void verifyAvailableData();
+    void verifyListData();
+
+    /** @brief check the integrity of available software updates.
+     *
+     * Note: Do not use this as a trust check as this only works on
+     * FileNames where the underlying files can change. This
+     * is just meant to check if the downloaded data was somehow
+     * removed or corrupted.
+     */
+    void verifySWData();
+
     void createTrayIcon();
     void createActions();
     void createMenuBar();

http://wald.intevation.org/projects/trustbridge/