From 8d1a56c206e5c2ed6c331049198bb8ebc6176171 Mon Sep 17 00:00:00 2001 From: Szymon Kłos Date: Wed, 29 Mar 2017 21:36:57 +0200 Subject: tdf#98416 libcmis: Google Drive 2FA fix Change-Id: Ice6758d8e9bc0ece57e038561376e7a6d67ab616 Reviewed-on: https://gerrit.libreoffice.org/35880 Reviewed-by: David Tardon Tested-by: David Tardon --- external/libcmis/UnpackedTarball_cmis.mk | 1 + external/libcmis/libcmis-fix-google-drive-2.patch | 125 ++++++++++++++++++++++ 2 files changed, 126 insertions(+) create mode 100755 external/libcmis/libcmis-fix-google-drive-2.patch (limited to 'external') diff --git a/external/libcmis/UnpackedTarball_cmis.mk b/external/libcmis/UnpackedTarball_cmis.mk index 38f592a1bf34..a29b1e7cd6f8 100644 --- a/external/libcmis/UnpackedTarball_cmis.mk +++ b/external/libcmis/UnpackedTarball_cmis.mk @@ -17,6 +17,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,cmis, \ external/libcmis/libcmis-libxml2_compatibility.patch \ external/libcmis/libcmis-fix-google-drive.patch \ external/libcmis/libcmis-google-2FA-implementation.patch \ + external/libcmis/libcmis-fix-google-drive-2.patch \ external/libcmis/libcmis-sharepoint-repository-root.patch \ external/libcmis/libcmis-fix-error-handling.patch \ )) diff --git a/external/libcmis/libcmis-fix-google-drive-2.patch b/external/libcmis/libcmis-fix-google-drive-2.patch new file mode 100755 index 000000000000..7d11514d82ee --- /dev/null +++ b/external/libcmis/libcmis-fix-google-drive-2.patch @@ -0,0 +1,125 @@ +diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx +index 74c0fec..30fedb0 100644 +--- a/src/libcmis/oauth2-providers.cxx ++++ b/src/libcmis/oauth2-providers.cxx +@@ -41,6 +41,7 @@ + #define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1 + #define PIN_FORM_ACTION "/signin/challenge/ipp" + #define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1 ++#define PIN_INPUT_NAME "Pin" + + using namespace std; + +@@ -80,7 +81,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + // send the first get, receive the html login page + res = session->httpGetRequest( authUrl )->getStream( )->str( ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -102,7 +103,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE ) + ->getStream( )->str( ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -113,7 +114,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) ) + return string( ); + +- loginPasswdPost += "&Passwd="; ++ loginPasswdPost += "Passwd="; + loginPasswdPost += string( password ); + + istringstream loginPasswdIs( loginPasswdPost ); +@@ -124,7 +125,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE ) + ->getStream( )->str( ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -152,7 +153,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + } + + loginChallengeLink = "https://accounts.google.com" + loginChallengeLink; +- loginChallengePost += "Pin="; ++ loginChallengePost += string( PIN_INPUT_NAME ) + "="; + loginChallengePost += string( pin ); + + istringstream loginChallengeIs( loginChallengePost ); +@@ -163,7 +164,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + loginChallengeRes = session->httpPostRequest ( loginChallengeLink, loginChallengeIs, CONTENT_TYPE ) + ->getStream( )->str( ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -221,7 +222,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth + { + res = session->httpGetRequest( authUrl )->getStream( )->str( ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -247,7 +248,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth + // Alfresco code is in the redirect link + resp = session->httpPostRequest( loginLink, loginIs, CONTENT_TYPE, false ); + } +- catch ( const CurlException& e ) ++ catch ( const CurlException& ) + { + return string( ); + } +@@ -291,6 +292,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string& + if ( reader == NULL ) return 0; + + bool readInputField = false; ++ bool bIsRightForm = false; ++ bool bHasPinField = false; + + while ( true ) + { +@@ -301,6 +304,12 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string& + // Find the redirect link + if ( xmlStrEqual( nodeName, BAD_CAST( "form" ) ) ) + { ++ // 2FA: Don't add fields form other forms not having pin field ++ if ( bIsRightForm && !bHasPinField ) ++ post = string( "" ); ++ if ( bIsRightForm && bHasPinField ) ++ break; ++ + xmlChar* action = xmlTextReaderGetAttribute( reader, + BAD_CAST( "action" )); + +@@ -311,7 +320,7 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string& + bool bChallengePage = ( strncmp( (char*)action, + CHALLENGE_PAGE_ACTION, + CHALLENGE_PAGE_ACTION_LEN ) == 0 ); +- bool bIsRightForm = ( strncmp( (char*)action, ++ bIsRightForm = ( strncmp( (char*)action, + PIN_FORM_ACTION, + PIN_FORM_ACTION_LEN ) == 0 ); + if ( ( xmlStrlen( action ) > 0 ) +@@ -332,6 +341,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string& + BAD_CAST( "name" )); + xmlChar* value = xmlTextReaderGetAttribute( reader, + BAD_CAST( "value" )); ++ if ( name != NULL && strcmp( (char*)name, PIN_INPUT_NAME ) == 0 ) ++ bHasPinField = true; + if ( ( name != NULL ) && ( value!= NULL ) ) + { + if ( ( xmlStrlen( name ) > 0) && ( xmlStrlen( value ) > 0) ) + -- cgit