[prev in list] [next in list] [prev in thread] [next in thread]
List: mandrake-cooker
Subject: [Cooker] KDE/Qt build question....
From: Gary Greene <greeneg () student ! gvsu ! edu>
Date: 2003-05-14 7:27:48
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This question is aimed at anyone here that can help with some issues I'm
having packaging up the KIO_exec package.
I'm building a new set of packages that will hopefully be in Mandrake cooker
contrib soon that will add a kio_exec protocol to Konqueror (GPL'd stuff from
Lycoris Linux) and a new centralized HTML based system control panel (custom
designed). The KIO_exec package is giving me a little bit of a problem
though.
I've got it rebuilt OK, once I figured out all the flags needed to get it
working with libqt compiled with threads. However I think I've found a
possible bug in the code. Now KDE 3.1.1 keeps informing me when I click on
the link (or even type the path into the location bar), it keeps informing me
that the URL is insecure. however this HTML is a LOCAL page that I created,
thus as far as the code's test is concerned, should be safe. I've checked the
code and found that the message is coming from the
kio_execProtocol::checkReferrer(const KURL& url) method starting on line 112
of exec.cpp.
This is not helpful at all since the kio_exec KIO-slave is designed to execute
local executables from local html files without a warning about security.
This causes the Lycoris control center to be nearly useless on 3.1.1 in it's
current form due to the warnings popping up.
Near as I can tell, the test that happens to check whether this is a local or
remote URL is constantly failing. This is making the exec protocol think that
the file is ALWAYS from an insecure location.
The exec.cpp, exec.h, and exec.protocol are attached below.
- --
Gary L. Greene, Jr.
Sent from uriel.gvsu.edu
01:47:16 up 1 day, 1:54, 7 users, load average: 0.24, 0.21, 0.14
============================================================
Founder and president of the Grand Valley Linux Users Group.
-=<http://www.gvlug.org>=-
PHONE : 331-0562
EMAIL : greeneg@student.gvsu.edu
============================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+we/0yPw381UL7WcRArHiAJ0QCsZXXZPQ0xRyrJgYcwyc+qKCMACgk/Gt
cpDTr/tXbDLmy0lPcHe3Oww=
=OjFZ
-----END PGP SIGNATURE-----
["exec.cpp" (text/x-c++src)]
/***************************************************************************
exec.cpp - description
-------------------
begin : Tue Feb 26 21:24:00 EST 2002
author : Jason Mott
copyright : (C) 2002 by Redmond Linux Corp
email : jmott@users.sourceforge.net
***************************************************************************/
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
***************************************************************************/
#include <qcstring.h>
#include <qstringlist.h>
#include <qsocket.h>
#include <qdatetime.h>
#include <qbitarray.h>
#include <qregexp.h>
#include <stdlib.h>
#include <math.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <kapp.h>
#include <kdebug.h>
#include <kmessagebox.h>
#include <kinstance.h>
#include <kglobal.h>
#include <kstddirs.h>
#include <klocale.h>
#include <kurl.h>
#include <ksock.h>
#include "exec.h"
using namespace KIO;
extern "C"
{
int kdemain( int argc, char **argv )
{
KInstance instance( "kio_exec" );
kdDebug(7101) << "*** Starting kio_exec " << endl;
if (argc != 4)
{
kdDebug(7101) << "Usage: kio_exec protocol domain-socket1 domain-socket2" \
<< endl; exit(-1);
}
kio_execProtocol slave(argv[2], argv[3]);
slave.dispatchLoop();
kdDebug(7101) << "*** kio_exec Done" << endl;
return 0;
}
}
kio_execProtocol::kio_execProtocol(const QCString &pool_socket, const QCString \
&app_socket) : SlaveBase("kio_exec", pool_socket, app_socket)
{
kdDebug() << "kio_execProtocol::kio_execProtocol()" << endl;
}
/* ---------------------------------------------------------------------------------- \
*/
kio_execProtocol::~kio_execProtocol()
{
kdDebug() << "kio_execProtocol::~kio_execProtocol()" << endl;
}
/* ---------------------------------------------------------------------------------- \
*/ void kio_execProtocol::get(const KURL& url )
{
kdDebug() << "kio_exec::get(const KURL& url)" << endl ;
KURL referrer_url(metaData("referrer"));
if ( checkReferrer(referrer_url) ) {
QString queryStr = url.query();
queryStr.remove(0,1); // take off the "?" at the begining.
queryStr.replace(QRegExp("\\+"), "%20"); // "+" is valid as a space, but \
decode_string doesn't recognize it.
QStringList args = QStringList::split(QChar(' \
'),KURL::decode_string(queryStr)); QString executable = url.path();
executable.remove(0,1); // Get rid of begining "/", kdeinitExec() doesn't work \
with it there. infoMessage(i18n("Executing %1 ...").arg( executable ) );
KApplication::kdeinitExec(executable,args);
}
if (referrer_url.isValid()) {
redirection(referrer_url); // this makes it so the browser stays where it was.
// otherwise we either get a hang or a blank page.
// of course in the case of no referrer, it's a \
blank page. }
data(QByteArray());
finished();
}
/* ---------------------------------------------------------------------------------- \
*/
bool kio_execProtocol::checkReferrer(const KURL& url)
{
if ( url.isValid() && url.isLocalFile() ) {
return true;
}
QString warning = i18n("The URL you are about to follow\nexecutes an application \
on your system,\nbut the URL is from an insecure source.\n\nWould you like to execute \
anyway?");
int answer = messageBox( WarningYesNo, warning, i18n("Insecure Protocol!"));
if (answer == KMessageBox::Yes) {
return true;
} else {
return false;
}
}
/* --------------------------------------------------------------------------- */
void kio_execProtocol::mimetype(const KURL & /*url*/)
{
mimeType("text/html");
finished();
}
/* --------------------------------------------------------------------------- */
["exec.h" (text/x-chdr)]
/***************************************************************************
exec.h - description
-------------------
begin : Tue Feb 26 21:24:00 EST 2002
author : Jason Mott
copyright : (C) 2002 by Redmond Linux Corp
email : jmott@users.sourceforge.net
***************************************************************************/
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
***************************************************************************/
#ifndef __exec_h__
#define __exec_h__
#include <qstring.h>
#include <qcstring.h>
#include <kurl.h>
#include <kio/global.h>
#include <kio/slavebase.h>
class QCString;
class kio_execProtocol : public KIO::SlaveBase
{
public:
kio_execProtocol(const QCString &pool_socket, const QCString &app_socket);
virtual ~kio_execProtocol();
virtual void mimetype(const KURL& url);
virtual void get(const KURL& url);
protected:
bool checkReferrer(const KURL& url);
};
#endif
["exec.protocol" (text/plain)]
[Protocol]
exec=kio_exec
protocol=exec
input=none
output=none
reading=true
defaultMimetype=text/html
Icon=exec
Description=A kioslave for exec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic