tdf#105844 package: remove root document from manifest ...

... for ODF wholesome encryption.

4.3  <manifest:file-entry>
For directories, the manifest file should contain a <manifest:file-entry> element only if a directory contains a document or a sub document.

Because the "encrypted-package" is not a document but a package, we
should probably omit the file-entry for the root document.

ZipPackage::writeTempFile() always generates the root document becuase
it's needed for GPG properties, and ManifestExport filters it out.

A bit tricky to implement, because there isn't a clean distinction
between the package and the root document/storage in the package module,
in particular there's no other place than the root storage to store the
MediaType property.

Change-Id: Id7e72a64e2faa074dce80cd5fefb2fa189e2e3ee
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160717
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>

1 files changed, 18 insertions, 5 deletions

diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx
index 1bae902c177a..f95731f368d1 100644
--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -417,25 +417,36 @@ void ZipPackage::parseManifest()
             }
         }
 
-        if ( !bManifestParsed )
+        if (!bManifestParsed || m_xRootFolder->GetMediaType().isEmpty())
         {
             // the manifest.xml could not be successfully parsed, this is an inconsistent package
             if ( aPackageMediatype.startsWith("application/vnd.") )
             {
                 // accept only types that look similar to own mediatypes
                 m_xRootFolder->SetMediaType( aPackageMediatype );
-                m_bMediaTypeFallbackUsed = true;
+                // if there is an encrypted inner package, there is no root
+                // document, because instead there is a package, and it is not
+                // an error
+                if (!m_xRootFolder->hasByName("encrypted-package"))
+                {
+                    m_bMediaTypeFallbackUsed = true;
+                }
             }
         }
         else if ( !m_bForceRecovery )
         {
-            // the mimetype stream should contain the information from manifest.xml
-            if ( m_xRootFolder->GetMediaType() != aPackageMediatype )
+            // the mimetype stream should contain the same information as manifest.xml
+            OUString const mediaTypeXML(m_xRootFolder->hasByName("encrypted-package")
+                ? m_xRootFolder->doGetByName("encrypted-package").xPackageEntry->GetMediaType()
+                : m_xRootFolder->GetMediaType());
+            if (mediaTypeXML != aPackageMediatype)
+            {
                 throw ZipIOException(
                     THROW_WHERE
                     "mimetype conflicts with manifest.xml, \""
-                    + m_xRootFolder->GetMediaType() + "\" vs. \""
+                    + mediaTypeXML + "\" vs. \""
                     + aPackageMediatype + "\"" );
+            }
         }
 
         m_xRootFolder->removeByName( sMimetype );
@@ -1269,6 +1280,8 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile()
         static constexpr OUStringLiteral sFullPath(u"FullPath");
         const bool bIsGpgEncrypt = m_aGpgProps.hasElements();
 
+        // note: this is always created here (needed for GPG), possibly
+        // filtered out later in ManifestExport
         if ( m_nFormat == embed::StorageFormats::PACKAGE )
         {
             uno::Sequence < PropertyValue > aPropSeq(