merge/fix conflicts with pull request #9

Makefile

@@ -1,5 +1,5 @@
 #
-# The Qubes OS Project, http://www.qubes-os.org
+# The Qubes OS Project, https://www.qubes-os.org
 #
 # Copyright (C) 2013  Joanna Rutkowska <[email protected]>
 #
@@ -19,11 +19,12 @@
 #
 #
 
-build:
-	make manpages -C doc
+PANDOC=pandoc -s -f markdown -t man
+NAME := convert-pdf
 
-install-vm:
-	make install -C doc
+install-vm: build
+	install -d $(DESTDIR)/usr/share/man/man1
+	install -D qvm-$(NAME).1.gz $(DESTDIR)/usr/share/man/man1/
 	python3 setup.py install -O1 $(PYTHON_PREFIX_ARG) --root $(DESTDIR)
 	install -d $(DESTDIR)/etc/qubes-rpc
 	ln -s ../../usr/lib/qubes/qpdf-convert-server $(DESTDIR)/etc/qubes-rpc/qubes.PdfConvert
@@ -39,6 +40,15 @@ install-dom0:
 	rm -f $(DESTDIR)/usr/bin/qvm-convert-pdf
 	rm -f $(DESTDIR)/usr/lib/qubes/qpdf-convert-server
 
+qvm-$(NAME).1: README.md
+	$(PANDOC) $< > $@
+
+qvm-$(NAME).1.gz: qvm-$(NAME).1
+	gzip -f $<
+
+build: qvm-$(NAME).1.gz
+
 clean:
 	rm -rf debian/changelog.*
 	rm -rf pkgs
+	rm -f qvm-$(NAME).1.gz

Makefile.builder

@@ -5,6 +5,7 @@ else ifeq ($(PACKAGE_SET),vm)
   ifeq ($(filter $(DIST), stretch jessie centos7 centos8),)
     DEBIAN_BUILD_DIRS := debian
     RPM_SPEC_FILES := rpm_spec/qpdf-converter.spec
+    ARCH_BUILD_DIRS := archlinux
   endif
 endif
 

README.md

@@ -1,34 +1,59 @@
-Qubes PDF Converter
-====================
+% QVM-CONVERT-PDF(1) | User Commands
 
-Qubes PDF converter is a [Qubes](https://qubes-os.org) Application that
-utilizes Disposable VMs and Qubes' flexible qrexec (inter-VM communication)
-infrastructure to securely convert potentially untrusted PDF files into
+NAME
+===============
+qvm-convert-pdf - converts a potentially untrusted file to a safe-to-view pdf
+
+SYNOPSIS
+===============
+**qvm-convert-pdf** [_OPTION_]... [_FILE_]...
+
+DESCRIPTION
+==============
+Qubes PDF converter is a [Qubes](https://qubes-os.org) Application, which utilizes Qubes flexible qrexec
+(inter-VM communication) infrastructure and Disposable VMs to perform conversion
+of potentially untrusted (e.g. maliciously malformed) files into
 safe-to-view PDF files.
 
-This is done by having a Disposable VM render each page of a PDF file into a
-very simple representation (RGB bitmap) that (presumably) leaves no room for
-malicious code. This representation is then sent back to the client AppVM which
-then constructs an entirely new PDF file out of the received bitmaps.
+This is done by having the Disposable VM perform the complex (and potentially
+buggy) rendering of the PDF in question) and sending the resulting RGB bitmap
+(simple representation) to the client AppVM. The client AppVM can _trivially_
+verify the received data are indeed the simple representation, and then
+construct a new PDF out of the received bitmap. Of course the price we pay for
+this conversion is loosing any structural information and text-based search in
+the converted PDF.
+
+More discussion and introduction of the concept has been described in the original article [here](https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html).
+
+OPTIONS
+=============
+**-b** SIZE, **`--`batch**=SIZE
+--------------------------------
+Maximum number of conversion tasks
 
-More discussion of the concept has been described in the original article
-[here](http://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html).
+**-a** PATH, **`--`archive**=PATH
+----------------------------------
+Directory for storing archived files
 
-Usage
-------
+**-i**, **`--`in-place**
+-------------------------
+Replace original files instead of archiving them
 
-    [user@domU ~]$ qvm-convert-pdf file1.pdf file2.pdf file3.pdf
-    :: Sending files to Disposable VMs...
+**`--`help**
+-------------
+Show this message and exit.
 
-     file1.pdf...done
-     file2.pdf...fail
-     file3.pdf...done
+CONFIGURATION
+===============
+To use a custom DisposableVM instead of the default one:
 
-    Total Sanitized Files: 2/3
+Let’s assume that this custom DisposableVM is called "web".
+In dom0, add new line in "/etc/qubes-rpc/policy/qubes.PdfConvert":
 
-Authors
----------
+**YOUR_CLIENT_VM_NAME @dispvm allow,target=@dispvm:web**
 
+AUTHOR
+============
 The original idea and implementation has been provided by Joanna Rutkowska. The
 project has been subsequently incorporated into [Qubes OS](https://qubes-os.org)
 and multiple other developers have contributed various fixes and improvements

archlinux/PKGBUILD

@@ -0,0 +1,18 @@
+pkgname=(qubes-pdf-converter)
+pkgver=$(cat version)
+pkgrel=1
+arch=(x86_64)
+pkgdesc=$(grep "Summary:" ./rpm_spec/qpdf-converter.spec.in | sed 's/Summary://' | xargs)
+url=$(git remote get-url origin)
+license=(GPL)
+makedepends=(git pandoc python-setuptools)
+depends=(libreoffice graphicsmagick zenity poppler python-nautilus python-click python-pillow python-tqdm python-magic)
+
+build() {
+ ln -s "$srcdir"/../ "$srcdir/src"
+}
+package() {
+ cd src
+ make install-vm DESTDIR="$pkgdir/"
+}
+

debian/compat

@@ -1 +1 @@
-9
+10

debian/control

@@ -1,27 +1,25 @@
 Source: qubes-pdf-converter
 Section: admin
-Priority: extra
+Priority: optional
 Maintainer: Jason Mehring <[email protected]>
-Build-Depends:
- debhelper (>= 9~),
- dh-python,
- python3-setuptools,
- pandoc,
- quilt
-X-Python-Version: 2.7
-Standards-Version: 3.9.5
-Homepage: http://www.qubes-os.org
+Build-Depends: pandoc, python3-setuptools, debhelper (>= 9)
+# For the futures version of debian, delete the "compat" file, and add the line below in "Build-Depends"
+# debhelper-compat (= 12)
+Standards-Version: 4.5.0
+Homepage: https://github.com/QubesOS/qubes-app-linux-pdf-converter
 
 Package: qubes-pdf-converter
 Section: admin
 Architecture: any
-Depends:
+Depends: 
  poppler-utils,
- imagemagick,
+ libreoffice,
+ graphicsmagick,
  python3 (>= 3.7.0),
  python3-nautilus | python-nautilus,
  python3-click,
  python3-pillow,
  python3-tqdm,
+ python3-magic,
  ${misc:Depends}
 Description: The Qubes service for converting untrusted PDF files into trusted ones

debian/copyright

@@ -1,6 +1,6 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: qubes-pdf-converter
-Source: <http://www.qubes-os.org/>
+Source: <https://github.com/QubesOS/qubes-app-linux-pdf-converter>
 
 Files: *
 Copyright: 2014-2015 Qubes Developers
@@ -16,7 +16,7 @@ License: GPL-2+
  GNU General Public License for more details.
  .
  You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>
+ along with this program. If not, see <https://www.gnu.org/licenses/>
  .
  On Debian systems, the complete text of the GNU General
  Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
@@ -34,7 +34,7 @@ Copyright: 2015 Jason Mehring <[email protected]> License: GPL-2+
  GNU General Public License for more details.
  .
  You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>
+ along with this program. If not, see <https://www.gnu.org/licenses/>
  .
  On Debian systems, the complete text of the GNU General
  Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".

qubes.PdfConvert.policy

@@ -1,6 +1,7 @@
 ## Note that policy parsing stops at the first match,
-## so adding anything below "$anyvm $anyvm action" line will have no effect
+## so adding anything below "@anyvm @anyvm action" line will have no effect
 
 ## Please use a single # to start your custom comments
 
-$anyvm $dispvm allow
+@anyvm @dispvm allow
+@anyvm @anyvm deny

qubespdfconverter/client.py

@@ -1,7 +1,7 @@
 #!/usr/bin/python3
 # -*- coding: utf-8 -*-
 
-# The Qubes OS Project, http://www.qubes-os.org
+# The Qubes OS Project, https://www.qubes-os.org
 #
 # Copyright (C) 2013 Joanna Rutkowska <[email protected]>
 # Copyright (C) 2020 Jason Phan <[email protected]>
@@ -21,20 +21,19 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
 import asyncio
-import click
 import functools
 import logging
 import shutil
 import signal
 import subprocess
 import sys
-import tqdm
-
 from enum import Enum, auto
 from dataclasses import dataclass
 from pathlib import Path
-from PIL import Image
 from tempfile import TemporaryDirectory
+from PIL import Image
+import tqdm
+import click
 
 CLIENT_VM_CMD = ["/usr/bin/qrexec-client-vm", "@dispvm", "qubes.PdfConvert"]
 
@@ -184,7 +183,6 @@ async def recvline(proc):
     untrusted_data = await proc.stdout.readline()
     if not untrusted_data:
         raise EOFError
-
     return untrusted_data.decode("ascii").rstrip()
 
 
@@ -232,6 +230,7 @@ async def convert(self, bar):
         :param bar: Progress bar to update upon completion
         """
         cmd = [
+            "gm",
             "convert",
             "-size",
             f"{self.dim.width}x{self.dim.height}",
@@ -294,7 +293,6 @@ async def _dim(self, proc):
             size = width * height * 3
         else:
             raise ValueError
-
         return ImageDimensions(width, height, size)
 
 
@@ -390,10 +388,12 @@ async def _save_reps(self, pages):
 
         for page in pages:
             try:
-                images.append(await asyncio.get_running_loop().run_in_executor(
-                    None,
-                    Image.open,
-                    Path(self.pdf.parent, f"{page}.png"))
+                images.append(
+                    await asyncio.get_running_loop().run_in_executor(
+                        None,
+                        Image.open,
+                        Path(self.pdf.parent, f"{page}.png")
+                    )
                 )
             except IOError as e:
                 for image in images:
@@ -549,7 +549,6 @@ async def _send(self):
             None,
             self.path.read_bytes
         )
-
         try:
             await send(self.proc, data)
         except BrokenPipeError as e:
@@ -582,7 +581,6 @@ def _archive(self, archive):
 async def run(params):
     suffix = "s" if len(params["files"]) > 1 else ""
     print(f"Sending file{suffix} to Disposable VM{suffix}...\n")
-
     tasks = []
     jobs = [Job(f, i) for i, f in enumerate(params["files"])]
     for job in jobs:
@@ -612,7 +610,10 @@ async def run(params):
         if tqdm.__version__ >= "4.34.0":
             print()
         else:
-            print() if len(jobs) == 1 else print("\n" * len(jobs))
+            if len(jobs) == 1:
+                print()
+            else:
+                print("\n" * len(jobs))
 
         while not ERROR_LOGS.empty():
             err_msg = await ERROR_LOGS.get()