diff --git a/generators/poppler/CMakeLists.txt b/generators/poppler/CMakeLists.txt index ef58428f9..c23e334b0 100644 --- a/generators/poppler/CMakeLists.txt +++ b/generators/poppler/CMakeLists.txt @@ -45,6 +45,16 @@ int main() } " HAVE_POPPLER_RECONSTRUCTION_CALLBACK) +check_cxx_source_compiles(" +#include +#include +int main() +{ + int a = Poppler::FormFieldSignature::ValidateWithoutOCSPRevocationCheck; + return 0; +} +" HAVE_POPPLER_21_10) + configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/config-okular-poppler.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config-okular-poppler.h diff --git a/generators/poppler/conf/pdfsettings.kcfg b/generators/poppler/conf/pdfsettings.kcfg index 69204f630..c784c2bce 100644 --- a/generators/poppler/conf/pdfsettings.kcfg +++ b/generators/poppler/conf/pdfsettings.kcfg @@ -24,6 +24,9 @@ + + true + diff --git a/generators/poppler/conf/pdfsettingswidget.ui b/generators/poppler/conf/pdfsettingswidget.ui index c05f65967..097a897e0 100644 --- a/generators/poppler/conf/pdfsettingswidget.ui +++ b/generators/poppler/conf/pdfsettingswidget.ui @@ -57,6 +57,16 @@ + + + + Enabling this option will allow Okular to contact 3rd-party OCSP servers to check if the certificates used for digital signing have been revoked since their creation. + + + Check revocation of digital signatures' certificates using 3rd-party servers + + + diff --git a/generators/poppler/config-okular-poppler.h.cmake b/generators/poppler/config-okular-poppler.h.cmake index 4d986d67b..d1a8e5df1 100644 --- a/generators/poppler/config-okular-poppler.h.cmake +++ b/generators/poppler/config-okular-poppler.h.cmake @@ -10,3 +10,6 @@ /* Defined if we have Poppler version that notifies for XRef Table reconstruction */ #cmakedefine HAVE_POPPLER_RECONSTRUCTION_CALLBACK 1 +/* Defined if we have the 21.10 version of the Poppler library or later */ +#cmakedefine HAVE_POPPLER_21_10 1 + diff --git a/generators/poppler/formfields.cpp b/generators/poppler/formfields.cpp index af04297b2..da9de82bc 100644 --- a/generators/poppler/formfields.cpp +++ b/generators/poppler/formfields.cpp @@ -10,6 +10,7 @@ #include "core/action.h" +#include "pdfsettings.h" #include "pdfsignatureutils.h" #include @@ -393,7 +394,13 @@ PopplerFormFieldSignature::PopplerFormFieldSignature(std::unique_ptrrect()); m_id = m_field->id(); - m_info = new PopplerSignatureInfo(m_field->validate(Poppler::FormFieldSignature::ValidateVerifyCertificate)); + int validateOptions = Poppler::FormFieldSignature::ValidateVerifyCertificate; +#ifdef HAVE_POPPLER_21_10 + if (!PDFSettings::checkOCSPServers()) { + validateOptions = validateOptions | Poppler::FormFieldSignature::ValidateWithoutOCSPRevocationCheck; + } +#endif + m_info = new PopplerSignatureInfo(m_field->validate(static_cast(validateOptions))); SET_ACTIONS } diff --git a/generators/poppler/pdfsettingswidget.cpp b/generators/poppler/pdfsettingswidget.cpp index 71365ad86..2ad01a7e0 100644 --- a/generators/poppler/pdfsettingswidget.cpp +++ b/generators/poppler/pdfsettingswidget.cpp @@ -67,6 +67,10 @@ PDFSettingsWidget::PDFSettingsWidget(QWidget *parent) m_pdfsw.certificatesGroup->hide(); m_pdfsw.loadSignaturesButton->hide(); #endif + +#ifndef HAVE_POPPLER_21_10 + m_pdfsw.kcfg_CheckOCSPServers->hide(); +#endif } bool PDFSettingsWidget::event(QEvent *e)