Fix macro security UI usability problems

* Don't hide the option dialogs "Macro security" push button. I don't see any reason, why these settings should be hidden, if macros are disabled or settings locked. At least a user can now check, what is going on (still nothing shows disabled macros for a document in the UI AFAIK). * Don't scale the lock icons of the trusted list boxes. This just uses the same alignments, which the macro security level lock image uses, otherwise the image is scaled to fit the whole space of its layout cell. * Don't disable the trusted list boxes. If the setting is locked, it's sufficient to disable all the buttons, which allow modification (so View can stay enabled). This way you can still scroll the list. Correct button handling is already implemented and works for me. * Catch exceptions of broken certificate data. If your config contains certificates, which can't be correctly decoded, the NSS backend will throw an exception, which kills the dialog, but not the nested loop, resulting in a locked LO. Since we don't want a string change in LTS, this drops the whole "broken certificate" warning dialog. There already are SAL_WARNs, which log the same warning, and are considered sufficient for debugging broken configurations. Reviewed-on: https://gerrit.libreoffice.org/85056 Tested-by: Jenkins Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de> (cherry picked from commit b3348ce498b3d54b3e5e6518954ad9d5e917b8f2) Reviewed-on: https://gerrit.libreoffice.org/85282 (cherry picked from commit ad1a41032054991cfb8b9e821c1dd25ec21d0aec) Conflicts: xmlsecurity/source/dialogs/macrosecurity.cxx Change-Id: I79002e0ce85cf9a9017caf858407f2f635a3a074 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/85756 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
author: Jan-Marek Glogowski <jan-marek.glogowski@extern.cib.de> 2019-12-11 10:24:37 +0100
committer: Vasily Melenchuk <vasily.melenchuk@cib.de> 2021-04-15 13:11:45 +0300
commit: d1c3a935a6f7fbbbdc5dbecd8dcb80db8375d682 (patch)
tree: 22253b4e1e7ebb35b407630d49a7f15877b74a08 /xmlsecurity/source
parent: fbde1006a233422f9ab66b5f2a8354957d50392e (diff)
1 files changed, 41 insertions, 21 deletions
diff --git a/xmlsecurity/source/dialogs/macrosecurity.cxx b/xmlsecurity/source/dialogs/macrosecurity.cxx
index cef75f57d665..e57d9bfb500b 100644
--- a/xmlsecurity/source/dialogs/macrosecurity.cxx
+++ b/xmlsecurity/source/dialogs/macrosecurity.cxx
@@ -27,7 +27,6 @@
 #include <vcl/help.hxx>
 #include <vcl/layout.hxx>
 
-
 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
 #include <comphelper/sequence.hxx>
 #include <comphelper/processfactory.hxx>
@@ -207,20 +206,33 @@ void MacroSecurityTrustedSourcesTP::ImplCheckButtons()
     m_pRemoveLocPB->Enable( bLocationSelected && !mbURLsReadonly);
 }
 
-
 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, ViewCertPBHdl, Button*, void)
 {
     if( m_pTrustCertLB->FirstSelected() )
     {
-        sal_uInt16 nSelected = sal_uInt16( sal_uIntPtr( m_pTrustCertLB->FirstSelected()->GetUserData() ) );
-
-        uno::Reference< css::security::XCertificate > xCert = mpDlg->mxSecurityEnvironment->getCertificate( maTrustedAuthors[nSelected][0], xmlsecurity::numericStringToBigInteger( maTrustedAuthors[nSelected][1] ) );
-
-        // If we don't get it, create it from signature data:
-        if ( !xCert.is() )
-            xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii( maTrustedAuthors[nSelected][2] ) ;
+        const sal_uInt16 nSelected = sal_uInt16(sal_uIntPtr(m_pTrustCertLB->FirstSelected()->GetUserData()));
+        uno::Reference< css::security::XCertificate > xCert;
+        try
+        {
+            xCert = mpDlg->mxSecurityEnvironment->getCertificate(maTrustedAuthors[nSelected][0],
+                           xmlsecurity::numericStringToBigInteger(maTrustedAuthors[nSelected][1]));
+        }
+        catch (...)
+        {
+            SAL_WARN("xmlsecurity.dialogs", "matching certificate not found for: " << maTrustedAuthors[nSelected][0]);
+        }
 
-        SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "*MacroSecurityTrustedSourcesTP::ViewCertPBHdl(): Certificate not found and can't be created!" );
+        if (!xCert.is())
+        {
+            try
+            {
+                xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii(maTrustedAuthors[nSelected][2]);
+            }
+            catch (...)
+            {
+                SAL_WARN("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << maTrustedAuthors[nSelected][2]);
+            }
+        }
 
         if ( xCert.is() )
         {
@@ -309,7 +321,7 @@ IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, TrustFileLocLBSelectHdl, ListBox&
     ImplCheckButtons();
 }
 
-void MacroSecurityTrustedSourcesTP::FillCertLB()
+void MacroSecurityTrustedSourcesTP::FillCertLB(const bool bShowWarnings)
 {
     m_pTrustCertLB->Clear();
 
@@ -322,13 +334,23 @@ void MacroSecurityTrustedSourcesTP::FillCertLB()
             css::uno::Sequence< OUString >&              rEntry = maTrustedAuthors[ nEntry ];
             uno::Reference< css::security::XCertificate >   xCert;
 
-            // create from RawData
-            xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii( rEntry[ 2 ] );
-
-            SvTreeListEntry*    pLBEntry = m_pTrustCertLB->InsertEntry( xmlsec::GetContentPart( xCert->getSubjectName() ) );
-            m_pTrustCertLB->SetEntryText( xmlsec::GetContentPart( xCert->getIssuerName() ), pLBEntry, 1 );
-            m_pTrustCertLB->SetEntryText( utl::GetDateTimeString( xCert->getNotValidAfter() ), pLBEntry, 2 );
-            pLBEntry->SetUserData( reinterpret_cast<void*>(nEntry) );      // misuse user data as index
+            try
+            {
+                // create from RawData
+                xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii( rEntry[ 2 ] );
+
+                SvTreeListEntry*    pLBEntry = m_pTrustCertLB->InsertEntry( xmlsec::GetContentPart( xCert->getSubjectName() ) );
+                m_pTrustCertLB->SetEntryText( xmlsec::GetContentPart( xCert->getIssuerName() ), pLBEntry, 1 );
+                m_pTrustCertLB->SetEntryText( utl::GetDateTimeString( xCert->getNotValidAfter() ), pLBEntry, 2 );
+                pLBEntry->SetUserData( reinterpret_cast<void*>(nEntry) );      // misuse user data as index
+            }
+            catch (...)
+            {
+                if (bShowWarnings)
+                {
+                    SAL_WARN("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << rEntry[2]);
+                }
+            }
         }
     }
 }
@@ -386,14 +408,12 @@ MacroSecurityTrustedSourcesTP::MacroSecurityTrustedSourcesTP(vcl::Window* _pPare
     maTrustedAuthors = mpDlg->maSecOptions.GetTrustedAuthors();
     mbAuthorsReadonly = mpDlg->maSecOptions.IsReadOnly( SvtSecurityOptions::EOption::MacroTrustedAuthors );
     m_pTrustCertROFI->Show( mbAuthorsReadonly );
-    mbAuthorsReadonly ? m_pTrustCertLB->DisableTable() : m_pTrustCertLB->EnableTable();
 
-    FillCertLB();
+    FillCertLB(true);
 
     css::uno::Sequence< OUString > aSecureURLs = mpDlg->maSecOptions.GetSecureURLs();
     mbURLsReadonly = mpDlg->maSecOptions.IsReadOnly( SvtSecurityOptions::EOption::SecureUrls );
     m_pTrustFileROFI->Show( mbURLsReadonly );
-    m_pTrustFileLocLB->Enable( !mbURLsReadonly );
     m_pAddLocPB->Enable( !mbURLsReadonly );
 
     sal_Int32 nEntryCnt = aSecureURLs.getLength();
author	Jan-Marek Glogowski <jan-marek.glogowski@extern.cib.de>	2019-12-11 10:24:37 +0100
committer	Vasily Melenchuk <vasily.melenchuk@cib.de>	2021-04-15 13:11:45 +0300
commit	d1c3a935a6f7fbbbdc5dbecd8dcb80db8375d682 (patch)
tree	22253b4e1e7ebb35b407630d49a7f15877b74a08 /xmlsecurity/source
parent	fbde1006a233422f9ab66b5f2a8354957d50392e (diff)