X-Git-Url: https://git.lyx.org/gitweb/?a=blobdiff_plain;f=src%2FConverter.cpp;h=664a4bb7180a32fe615384c8a584d277c48b0a99;hb=c75d9bf7c4e1ec31b31be55ce3f88ba605cff625;hp=f10d563fc2d52ae496c4d2a0a777530d439ebdac;hpb=306b136cc005a1aeb9a6861ee0ac6fe2a2dd53e3;p=lyx.git diff --git a/src/Converter.cpp b/src/Converter.cpp index f10d563fc2..664a4bb718 100644 --- a/src/Converter.cpp +++ b/src/Converter.cpp @@ -19,16 +19,23 @@ #include "Encoding.h" #include "ErrorList.h" #include "Format.h" +#include "InsetList.h" #include "Language.h" #include "LaTeX.h" +#include "LyXRC.h" #include "Mover.h" +#include "ParagraphList.h" +#include "Session.h" #include "frontends/alert.h" +#include "insets/InsetInclude.h" + #include "support/debug.h" #include "support/FileNameList.h" #include "support/filetools.h" #include "support/gettext.h" +#include "support/lassert.h" #include "support/lstrings.h" #include "support/os.h" #include "support/Package.h" @@ -92,14 +99,14 @@ private: string const to_; }; -} // namespace anon +} // namespace Converter::Converter(string const & f, string const & t, string const & c, string const & l) : from_(f), to_(t), command_(c), flags_(l), From_(0), To_(0), latex_(false), xml_(false), - need_aux_(false), nice_(false) + need_aux_(false), nice_(false), need_auth_(false) {} @@ -127,9 +134,11 @@ void Converter::readFlags() parselog_ = flag_value; else if (flag_name == "nice") nice_ = true; + else if (flag_name == "needauth") + need_auth_ = true; } if (!result_dir_.empty() && result_file_.empty()) - result_file_ = "index." + formats.extension(to_); + result_file_ = "index." + theFormats().extension(to_); //if (!contains(command, token_from)) // latex = true; } @@ -163,8 +172,8 @@ int Converters::getNumber(string const & from, string const & to) const void Converters::add(string const & from, string const & to, string const & command, string const & flags) { - formats.add(from); - formats.add(to); + theFormats().add(from); + theFormats().add(to); ConverterList::iterator it = find_if(converterlist_.begin(), converterlist_.end(), ConverterEqual(from , to)); @@ -274,6 +283,107 @@ OutputParams::FLAVOR Converters::getFlavor(Graph::EdgePath const & path, } +bool Converters::checkAuth(Converter const & conv, string const & doc_fname, + bool use_shell_escape) +{ + string conv_command = conv.command(); + bool const has_shell_escape = contains(conv_command, "-shell-escape") + || contains(conv_command, "-enable-write18"); + if (conv.latex() && has_shell_escape && !use_shell_escape) { + docstring const shellescape_warning = + bformat(_("
The following LaTeX backend has been " + "configured to allow execution of external programs " + "for any document:
" + "%1$s
This is a dangerous configuration. Please, " + "consider using the support offered by LyX for " + "allowing this privilege only to documents that " + "actually need it, instead.
"), + from_utf8(conv_command)); + frontend::Alert::error(_("Security Warning"), + shellescape_warning , false); + } else if (!conv.latex()) + use_shell_escape = false; + if (!conv.need_auth() && !use_shell_escape) + return true; + size_t const token_pos = conv_command.find("$$"); + bool const has_token = token_pos != string::npos; + string const command = use_shell_escape && !has_shell_escape + ? (has_token ? conv_command.insert(token_pos, "-shell-escape ") + : conv_command.append(" -shell-escape")) + : conv_command; + docstring const security_warning = (use_shell_escape + ? bformat(_("The following LaTeX backend has been requested " + "to allow execution of external programs:
" + "%1$s
The external programs can execute arbitrary commands on " + "your system, including dangerous ones, if instructed to do " + "so by a maliciously crafted LyX document.
"), + from_utf8(command)) + : bformat(_("The requested operation requires the use of a " + "converter from %2$s to %3$s:
" + "" + "%1$s
This external program can execute arbitrary commands on " + "your system, including dangerous ones, if instructed to do " + "so by a maliciously crafted LyX document.
"), + from_utf8(command), from_utf8(conv.from()), + from_utf8(conv.to()))); + if (lyxrc.use_converter_needauth_forbidden && !use_shell_escape) { + frontend::Alert::error( + _("An external converter is disabled for security reasons"), + security_warning + _( + "Your current preference settings forbid its execution.
" + "(To change this setting, go to Preferences ▹ File " + "Handling ▹ Converters and uncheck Security ▹ " + "Forbid needauth converters.)"), false); + return false; + } + if (!lyxrc.use_converter_needauth && !use_shell_escape) + return true; + docstring const security_title = use_shell_escape + ? _("A LaTeX backend requires your authorization") + : _("An external converter requires your authorization"); + int choice; + docstring const security_warning2 = security_warning + (use_shell_escape + ? _("
Should LaTeX backends be allowed to run external " + "programs?
Allow them only if you trust the " + "origin/sender of the LyX document!
") + : _("Would you like to run this converter?
" + "Only run if you trust the origin/sender of the LyX " + "document!
")); + docstring const no = use_shell_escape + ? _("Do ¬ allow") : _("Do ¬ run"); + docstring const yes = use_shell_escape ? _("A&llow") : _("&Run"); + docstring const always = use_shell_escape + ? _("&Always allow for this document") + : _("&Always run for this document"); + if (!doc_fname.empty()) { + LYXERR(Debug::FILES, "looking up: " << doc_fname); + bool authorized = use_shell_escape + ? theSession().shellescapeFiles().findAuth(doc_fname) + : theSession().authFiles().find(doc_fname); + if (!authorized) { + choice = frontend::Alert::prompt(security_title, + security_warning2, + 0, 0, no, yes, always); + if (choice == 2) { + if (use_shell_escape) + theSession().shellescapeFiles().insert(doc_fname, true); + else + theSession().authFiles().insert(doc_fname); + } + } else { + choice = 1; + } + } else { + choice = frontend::Alert::prompt(security_title, + security_warning2, + 0, 0, no, yes); + } + return choice != 0; +} + + bool Converters::convert(Buffer const * buffer, FileName const & from_file, FileName const & to_file, FileName const & orig_from, @@ -294,8 +404,8 @@ bool Converters::convert(Buffer const * buffer, // default one from ImageMagic. string const from_ext = from_format.empty() ? getExtension(from_file.absFileName()) : - formats.extension(from_format); - string const to_ext = formats.extension(to_format); + theFormats().extension(from_format); + string const to_ext = theFormats().extension(to_format); string const command = os::python() + ' ' + quoteName(libFileSearch("scripts", "convertDefault.py").toFilesystemEncoding()) + @@ -338,13 +448,18 @@ bool Converters::convert(Buffer const * buffer, runparams.flavor = getFlavor(edgepath, buffer); if (buffer) { - runparams.use_japanese = buffer->params().bufferFormat() == "platex"; + runparams.use_japanese = + (buffer->params().bufferFormat() == "latex" + || suffixIs(buffer->params().bufferFormat(), "-ja")) + && buffer->params().encoding().package() == Encoding::japanese; runparams.use_indices = buffer->params().use_indices; - runparams.bibtex_command = (buffer->params().bibtex_command == "default") ? - string() : buffer->params().bibtex_command; + runparams.bibtex_command = buffer->params().bibtexCommand(); runparams.index_command = (buffer->params().index_command == "default") ? string() : buffer->params().index_command; runparams.document_language = buffer->params().language->babel(); + runparams.only_childbibs = !buffer->params().useBiblatex() + && !buffer->params().useBibtopic() + && buffer->params().multibib == "child"; } // Some converters (e.g. lilypond) can only output files to the @@ -399,17 +514,62 @@ bool Converters::convert(Buffer const * buffer, "tmpfile.out")); } + if (buffer && buffer->params().use_minted + && lyxrc.pygmentize_command.empty() && conv.latex()) { + bool dowarn = false; + // Warn only if listings insets are actually used + for (Paragraph const & par : buffer->paragraphs()) { + InsetList const & insets = par.insetList(); + pos_type lstpos = insets.find(LISTINGS_CODE, 0); + pos_type incpos = insets.find(INCLUDE_CODE, 0); + if (incpos >= 0) { + InsetInclude const * include = + static_cast