gpg4libre: check if we can really verify OpenPGP signatures

And disable unit tests otherwise Change-Id: I32e1d8d2f8b0013d9cb43b78a55d23a1a29a8e8d Reviewed-on: https://gerrit.libreoffice.org/46057Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>

gpg4libre: check if we can really verify OpenPGP signatures
And disable unit tests otherwise Change-Id: I32e1d8d2f8b0013d9cb43b78a55d23a1a29a8e8d Reviewed-on: https://gerrit.libreoffice.org/46057Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
7886de30 · Thorsten Behrens · 032a3e37 · 7886de30 · 7886de30 · 7886de30
Kaydet (Commit) 7886de30 authored Ara 07, 2017 tarafından Thorsten Behrens
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 14 deletions

config_gpgme.h.in config_host/config_gpgme.h.in +3 -0

configure.ac configure.ac +16 -1

signing.cxx xmlsecurity/qa/unit/signing/signing.cxx +7 -13

No files found.
--- a/config_host/config_gpgme.h.in
+++ b/config_host/config_gpgme.h.in
@@ -16,6 +16,9 @@
 // Defined if gpgme support is available
 #define HAVE_FEATURE_GPGME 0

+// Defined if gpg and gpgme signature verification is available
+#define HAVE_FEATURE_GPGVERIFY 0
+
 #if HAVE_FEATURE_GPGME
 # include "config_lgpl.h"
 #endif

--- a/configure.ac
+++ b/configure.ac
@@ -133,9 +133,16 @@ dnl path location is git, so make sure we have it
    if test -n "$mac_git_path" -a -x "$mac_git_path" -a "$mac_git_path" != "/usr/bin/git" ; then
        mac_path="$mac_path:`dirname $mac_git_path`"
    fi
+dnl a not so common but nevertheless quite helpful thing that may be in a fancy
+dnl path location is gpg, so make sure we find it
+    mac_gpg_path=`which gpg 2>/dev/null`
+    if test -n "$mac_gpg_path" -a -x "$mac_gpg_path" -a "$mac_gpg_path" != "/usr/bin/gpg" ; then
+        mac_path="$mac_path:`dirname $mac_gpg_path`"
+    fi
    PATH="$mac_path"
    unset mac_path
-    unset git_mac_path
+    unset mac_git_path
+    unset mac_gpg_path
 }

 echo "********************************************************************"
@@ -10225,6 +10232,14 @@ if test "$_os" = "Linux" -o "$_os" = "Darwin" -o "$_os" = "WINNT" ; then
    fi
    ENABLE_GPGMEPP=TRUE
    AC_DEFINE([HAVE_FEATURE_GPGME])
+    AC_PATH_PROG(GPG, gpg)
+    # TODO: Windows's cygwin gpg does not seem to work with our gpgme,
+    # so let's exclude that manually for the moment
+    if test -n "$GPG" -a "$_os" != "WINNT"; then
+        # make sure we not only have a working gpgme, but a full working
+        # gpg installation to run OpenPGP signature verification
+        AC_DEFINE([HAVE_FEATURE_GPGVERIFY])
+    fi
 fi
 AC_SUBST(ENABLE_GPGMEPP)
 AC_SUBST(SYSTEM_GPGMEPP)

--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -42,6 +42,7 @@
 #include <sfx2/sfxbasemodel.hxx>
 #include <sfx2/objsh.hxx>
 #include <osl/file.hxx>
+#include <osl/process.h>
 #include <comphelper/ofopxmlhelper.hxx>

 #include <documentsignaturehelper.hxx>
@@ -103,8 +104,7 @@ public:
    void testXAdESGood();
    /// Test importing of signature line images
    void testSignatureLineImages();
-#ifdef LINUX
-# if HAVE_FEATURE_GPGME
+#if HAVE_FEATURE_GPGVERIFY
    /// Test a typical ODF where all streams are GPG-signed.
    void testODFGoodGPG();
    /// Test a typical ODF where all streams are GPG-signed, but we don't trust the signature.
@@ -113,7 +113,6 @@ public:
    void testODFBrokenStreamGPG();
    /// Test a typical broken ODF signature where the XML dsig hash is corrupted.
    void testODFBrokenDsigGPG();
-# endif
 #endif
    CPPUNIT_TEST_SUITE(SigningTest);
    CPPUNIT_TEST(testDescription);
@@ -137,13 +136,11 @@ public:
    CPPUNIT_TEST(testXAdES);
    CPPUNIT_TEST(testXAdESGood);
    CPPUNIT_TEST(testSignatureLineImages);
-#ifdef LINUX
-# if HAVE_FEATURE_GPGME
+#if HAVE_FEATURE_GPGVERIFY
    CPPUNIT_TEST(testODFGoodGPG);
    CPPUNIT_TEST(testODFUntrustedGoodGPG);
    CPPUNIT_TEST(testODFBrokenStreamGPG);
    CPPUNIT_TEST(testODFBrokenDsigGPG);
-# endif
 #endif
    CPPUNIT_TEST_SUITE_END();

@@ -177,15 +174,14 @@ void SigningTest::setUp()
    osl::FileBase::getSystemPathFromFileURL(aTargetDir, aTargetPath);
    setenv("MOZILLA_CERTIFICATE_FOLDER", aTargetPath.toUtf8().getStr(), 1);
 #endif
-#ifdef LINUX
-# if HAVE_FEATURE_GPGME
+#if HAVE_FEATURE_GPGVERIFY
    // Make gpg use our own defined setup below data dir
    OUString aHomePath;
    osl::FileBase::getSystemPathFromFileURL(
        m_directories.getURLFromSrc(DATA_DIRECTORY),
        aHomePath);
-    setenv("GNUPGHOME", aHomePath.toUtf8().getStr(), 1);
-# endif
+    OUString envVar("GNUPGHOME");
+    osl_setEnvironment(envVar.pData, aHomePath.pData);
 #endif
 }

@@ -687,8 +683,7 @@ void SigningTest::testSignatureLineImages()
    CPPUNIT_ASSERT(xSignatureInfo[0].InvalidSignatureLineImage.is());
 }

-#ifdef LINUX
-# if HAVE_FEATURE_GPGME
+#if HAVE_FEATURE_GPGVERIFY
 void SigningTest::testODFGoodGPG()
 {
    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "goodGPG.odt");
@@ -743,7 +738,6 @@ void SigningTest::testODFBrokenDsigGPG()
    CPPUNIT_ASSERT(pObjectShell);
    CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN), static_cast<int>(pObjectShell->GetDocumentSignatureState()));
 }
-# endif
 #endif

 void SigningTest::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx)