diff options
7 files changed, 1440 insertions, 0 deletions
diff --git a/kde-frameworks/kdelibs/Manifest b/kde-frameworks/kdelibs/Manifest index 4b017ade..9d46f09e 100644 --- a/kde-frameworks/kdelibs/Manifest +++ b/kde-frameworks/kdelibs/Manifest @@ -1 +1,2 @@ DIST kdelibs-4.14.37.tar.xz 11642272 BLAKE2B 6d4384b9de08c557ba2a9af856825985bc26e71ab6deb515f13ad023a5c6f74d820666f13a6b719d51aff6fa03243f8606c3bbf568d279532ab7eb79c6cd5b2f SHA512 b25a845b7c1edae0c66b0a0881801dd3c57febc4cb57186ddddfd32c3253e492b7ff866fb38a10e4fb489233ecee71e80f3a1806f293a29607ea5f68d60ab6e1 +DIST kdelibs-4.14.38.tar.xz 11644900 BLAKE2B 8ad411bbee8c3f49b0a2139b3698027b0ea461f8cbb3e3ff237c9c1887b4305b4aa8856f254aed48d8e25604b9dde84b3be21e772c7c659a2e7a5b2cfb870bf4 SHA512 54fbbb9b2f12a47d5aca21c152164ed03cc6a6619bf285e2b93c8e9260042ffd728ef41e1badb217e552de6478687cab5d3caf14af7b32da8caca3468d469e45 diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch new file mode 100644 index 00000000..bc71dc0f --- /dev/null +++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch @@ -0,0 +1,111 @@ +From 2c3762feddf7e66cf6b64d9058f625a715694a00 Mon Sep 17 00:00:00 2001 +From: Kai Uwe Broulik <kde@privat.broulik.de> +Date: Wed, 7 Aug 2019 09:47:46 +0200 +Subject: Security: remove support for $(...) in config keys with [$e] marker. + +It is very unclear at this point what a valid use case for this feature +would possibly be. The old documentation only mentions $(hostname) as +an example, which can be done with $HOSTNAME instead. + +Note that $(...) is still supported in Exec lines of desktop files, +this does not require [$e] anyway (and actually works better without it, +otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...). + +Thanks to Fabian Vogt for testing. + +(This is a backport of KDE Frameworks 5 kconfig patch to kdelibs) + +Differential Revision: https://phabricator.kde.org/D22989 +--- + kdecore/config/kconfig.cpp | 32 +------------------------------- + kdecore/doc/README.kiosk | 12 ------------ + kdecore/tests/kconfigtest.cpp | 6 +----- + 3 files changed, 2 insertions(+), 48 deletions(-) + +diff --git a/kdecore/config/kconfig.cpp b/kdecore/config/kconfig.cpp +index 7ea26a5..b30584b 100644 +--- a/kdecore/config/kconfig.cpp ++++ b/kdecore/config/kconfig.cpp +@@ -160,37 +160,7 @@ QString KConfigPrivate::expandString(const QString& value) + int nDollarPos = aValue.indexOf( QLatin1Char('$') ); + while( nDollarPos != -1 && nDollarPos+1 < aValue.length()) { + // there is at least one $ +- if( aValue[nDollarPos+1] == QLatin1Char('(') ) { +- int nEndPos = nDollarPos+1; +- // the next character is not $ +- while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=QLatin1Char(')')) ) +- nEndPos++; +- nEndPos++; +- QString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 ); +- +- QString result; +- QByteArray oldpath = qgetenv( "PATH" ); +- QByteArray newpath; +- if (KGlobal::hasMainComponent()) { +- newpath = QFile::encodeName(KGlobal::dirs()->resourceDirs("exe").join(QChar::fromLatin1(KPATH_SEPARATOR))); +- if (!newpath.isEmpty() && !oldpath.isEmpty()) +- newpath += KPATH_SEPARATOR; +- } +- newpath += oldpath; +- setenv( "PATH", newpath, 1/*overwrite*/ ); +-// FIXME: wince does not have pipes +-#ifndef _WIN32_WCE +- FILE *fs = popen(QFile::encodeName(cmd).data(), "r"); +- if (fs) { +- QTextStream ts(fs, QIODevice::ReadOnly); +- result = ts.readAll().trimmed(); +- pclose(fs); +- } +-#endif +- setenv( "PATH", oldpath, 1/*overwrite*/ ); +- aValue.replace( nDollarPos, nEndPos-nDollarPos, result ); +- nDollarPos += result.length(); +- } else if( aValue[nDollarPos+1] != QLatin1Char('$') ) { ++ if( aValue[nDollarPos+1] != QLatin1Char('$') ) { + int nEndPos = nDollarPos+1; + // the next character is not $ + QString aVarName; +diff --git a/kdecore/doc/README.kiosk b/kdecore/doc/README.kiosk +index b95002d..d902c61 100644 +--- a/kdecore/doc/README.kiosk ++++ b/kdecore/doc/README.kiosk +@@ -640,18 +640,6 @@ The following syntax is also supported: + Name[$ei]=${USER} + + +-Shell Commands in KDE config files. +-=================================== +- +-Since KDE-3.1 arbitrary entries in configuration files can contain shell +-commands. This way the value of a configuration entry can be determined +-dynamically at runtime. In order to use this the entry must be marked +-with [$e]. +- +-Example: +-Host[$e]=$(hostname) +- +- + KDE Kiosk Application API + ========================== + +diff --git a/kdecore/tests/kconfigtest.cpp b/kdecore/tests/kconfigtest.cpp +index 78e6ad1..37ea3c2 100644 +--- a/kdecore/tests/kconfigtest.cpp ++++ b/kdecore/tests/kconfigtest.cpp +@@ -479,12 +479,8 @@ void KConfigTest::testPath() + QCOMPARE(group.readPathEntry("withBraces", QString()), QString("file://" + HOMEPATH) ); + QVERIFY(group.hasKey("URL")); + QCOMPARE(group.readEntry("URL", QString()), QString("file://" + HOMEPATH) ); +-#if !defined(Q_OS_WIN32) && !defined(Q_OS_MAC) +- // I don't know if this will work on windows +- // This test hangs on OS X + QVERIFY(group.hasKey("hostname")); +- QCOMPARE(group.readEntry("hostname", QString()), QHostInfo::localHostName()); +-#endif ++ QCOMPARE(group.readEntry("hostname", QString()), QString("(hostname)")); // the $ got removed because empty var name + QVERIFY(group.hasKey("noeol")); + QCOMPARE(group.readEntry("noeol", QString()), QString("foo")); + } +-- +cgit v1.1 + diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch new file mode 100644 index 00000000..b010a6d8 --- /dev/null +++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch @@ -0,0 +1,12 @@ +diff -ur kdelibs-4.14.38/kio/kio/tcpslavebase.cpp kdelibs-4.14.38-kio-tls1x/kio/kio/tcpslavebase.cpp +--- kdelibs-4.14.38/kio/kio/tcpslavebase.cpp 2017-11-05 02:51:22.000000000 +0100 ++++ kdelibs-4.14.38-kio-tls1x/kio/kio/tcpslavebase.cpp 2020-01-18 18:57:45.933170939 +0100 +@@ -499,7 +499,7 @@ + { + if (d->usingSSL) + return false; +- return d->startTLSInternal(KTcpSocket::TlsV1) & ResultOk; ++ return d->startTLSInternal(KTcpSocket::SecureProtocols) & ResultOk; + } + + TCPSlaveBase::SslResult TCPSlaveBase::TcpSlaveBasePrivate::startTLSInternal (KTcpSocket::SslVersion version, diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch new file mode 100644 index 00000000..3d3c3902 --- /dev/null +++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch @@ -0,0 +1,12 @@ +diff -up kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp.me kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp +--- kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp.me 2020-01-30 15:58:55.430416493 +0100 ++++ kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp 2020-01-30 16:27:55.098089353 +0100 +@@ -94,7 +94,7 @@ KFileSystemType::Type determineFileSyste + //kDebug() << path << errno << strerror(errno); + return KFileSystemType::Unknown; + } +- switch (buf.f_type) { ++ switch (static_cast<uintmax_t>(buf.f_type)) { + case NFS_SUPER_MAGIC: + case AUTOFS_SUPER_MAGIC: + case AUTOFSNG_SUPER_MAGIC: diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch new file mode 100644 index 00000000..1f8352d7 --- /dev/null +++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch @@ -0,0 +1,999 @@ +From a015996bb55bbd63d94b227a2c82d0d97cd86ae8 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bauer <wbauer@tmo.at> +Date: Wed, 25 Oct 2017 07:49:32 +0200 +Subject: [PATCH] Make kssl compile against OpenSSL 1.1.0 + +OpenSSL 1.1.0 contains some source-incompatible changes, most notably +making most of the structures opaque and introducing new getter/setter +functions to modify the structures. This patch adds some of the newly +introduced functions to the KOpenSSL class and modifies the code to +call them. The implementation of those newly introduced methods +contains both OpenSSL < 1.1 compatible code (direct structure member +access) and calls to real functions resolved from OpenSSL>= 1.1 +library. Which implementation is used is decided at compile time. Some +of the existing methods were renamed to match the OpenSSL 1.1 naming +and to avoid conflicts with backward-compatibility names provided by +OpenSSL 1.1. + +KSSLCertificate::toNetscape() returns empty result when built against +OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL +1.1 API (and there does not seem to be any). + +(Backport of commit 9a990c69c606126bcd60cd7718462aec2a92460d from +kdelibs4support) +--- + kio/kssl/kopenssl.cpp | 250 ++++++++++++++++++++++++++++++++++++++----- + kio/kssl/kopenssl.h | 80 ++++++++++++-- + kio/kssl/kssl.cpp | 4 - + kio/kssl/ksslcallback.c | 6 +- + kio/kssl/ksslcertchain.cpp | 53 +++------ + kio/kssl/ksslcertificate.cpp | 68 +++++++----- + 6 files changed, 351 insertions(+), 110 deletions(-) + +diff --git a/kio/kssl/kopenssl.cpp b/kio/kssl/kopenssl.cpp +index e3ca535b25..8f8b921159 100644 +--- a/kio/kssl/kopenssl.cpp ++++ b/kio/kssl/kopenssl.cpp +@@ -75,18 +75,26 @@ static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L; + static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L; + static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L; + static void (*K_X509_STORE_free) (X509_STORE *) = 0L; ++static void (*K_X509_STORE_set_verify_cb)(X509_STORE *, int (*)(int, X509_STORE_CTX *)) = 0L; + static X509_STORE *(*K_X509_STORE_new) (void) = 0L; + static void (*K_X509_free) (X509 *) = 0L; + static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L; + static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L; + static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L; ++static void (*K_X509_get0_signature)(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x) = 0L; + static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L; + static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L; + static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L; + static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L; + static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + static void (*K_CRYPTO_free) (void *) = 0L; ++#else ++static void (*K_CRYPTO_free)(void *, const char *, int) = 0L; ++#endif + static X509* (*K_X509_dup) (X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notBefore)(const X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notAfter)(const X509 *) = 0L; + static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L; + static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L; + static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L; +@@ -118,13 +126,16 @@ static int (*K_SSL_get_error) (SSL*, int) = 0L; + static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L; + static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L; + static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L; +-static void (*K_sk_free) (STACK*) = 0L; +-static int (*K_sk_num) (STACK*) = 0L; +-static char* (*K_sk_pop) (STACK*) = 0L; +-static char* (*K_sk_value) (STACK*, int) = 0L; +-static STACK* (*K_sk_new) (int (*)()) = 0L; +-static int (*K_sk_push) (STACK*, char*) = 0L; +-static STACK* (*K_sk_dup) (STACK *) = 0L; ++static X509 *(*K_X509_STORE_CTX_get_current_cert)(X509_STORE_CTX *) = 0L; ++static void (*K_X509_STORE_CTX_set_error)(X509_STORE_CTX *, int) = 0L; ++static int (*K_X509_STORE_CTX_get_error)(X509_STORE_CTX *) = 0L; ++static void (*K_OPENSSL_sk_free)(STACK *) = 0L; ++static int (*K_OPENSSL_sk_num)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_pop)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_value)(STACK *, int) = 0L; ++static STACK *(*K_OPENSSL_sk_new)(int (*)()) = 0L; ++static int (*K_OPENSSL_sk_push)(STACK *, char *) = 0L; ++static STACK *(*K_OPENSSL_sk_dup)(STACK *) = 0L; + static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L; + static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L; + static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L; +@@ -164,6 +175,12 @@ static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L; + static int (*K_X509_check_purpose)(X509*,int,int) = 0L; + static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L; + static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L; ++static int (*K_EVP_PKEY_base_id)(EVP_PKEY *) = 0L; ++static RSA *(*K_EVP_PKEY_get0_RSA)(EVP_PKEY *) = 0L; ++static void (*K_RSA_get0_key)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static DSA *(*K_EVP_PKEY_get0_DSA)(EVP_PKEY *) = 0L; ++static void (*K_DSA_get0_pqg)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static void (*K_DSA_get0_key)(DSA *, const BIGNUM **, const BIGNUM **) = 0L; + static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L; + static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L; + static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L; +@@ -410,7 +427,11 @@ KOpenSSLProxy::KOpenSSLProxy() + K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file"); + K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name"); + K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file"); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#else ++ K_CRYPTO_free = (void (*)(void *, const char *, int)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#endif + K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509"); + K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509"); + K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp"); +@@ -419,15 +440,19 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert"); + K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new"); + K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free"); ++ K_X509_STORE_set_verify_cb = (void (*)(X509_STORE *, int (*)(int, X509_STORE_CTX *))) d->cryptoLib->resolveFunction("X509_STORE_set_verify_cb"); + K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline"); + K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name"); + K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name"); ++ K_X509_get0_signature = (void (*)(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *)) d->cryptoLib->resolveFunction("X509_get0_signature"); + K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup"); + K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file"); + K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free"); + K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl"); + K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init"); + K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup"); ++ K_X509_getm_notBefore = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notBefore"); ++ K_X509_getm_notAfter = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notAfter"); + K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem"); + K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new"); + K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp"); +@@ -454,13 +479,26 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new"); + K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain"); + K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose"); +- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free"); +- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num"); +- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop"); +- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); +- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new"); +- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push"); +- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++ K_X509_STORE_CTX_get_current_cert = (X509 * (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_current_cert"); ++ K_X509_STORE_CTX_set_error = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_error"); ++ K_X509_STORE_CTX_get_error = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_error"); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("OPENSSL_sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("OPENSSL_sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("OPENSSL_sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_dup"); ++#else ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++#endif + K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER"); + K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber"); + K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey"); +@@ -504,6 +542,12 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose"); + K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0"); + K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign"); ++ K_EVP_PKEY_base_id = (int (*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_base_id"); ++ K_EVP_PKEY_get0_RSA = (RSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_RSA"); ++ K_RSA_get0_key = (void (*)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("ESA_get0_key"); ++ K_EVP_PKEY_get0_DSA = (DSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_DSA"); ++ K_DSA_get0_pqg = (void (*)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_pqg"); ++ K_DSA_get0_key = (void (*)(DSA *, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_key"); + K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey"); + K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key"); + K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp"); +@@ -866,6 +910,16 @@ void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) { + } + + ++void KOpenSSLProxy::X509_STORE_set_verify_cb(X509_STORE *store, int (*verify_cb)(int, X509_STORE_CTX *)) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ X509_STORE_set_verify_cb_func(store, verify_cb); ++#else ++ if (K_X509_STORE_set_verify_cb) (K_X509_STORE_set_verify_cb)(store, verify_cb); ++#endif ++} ++ ++ + X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) { + if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)(); + return 0L; +@@ -906,6 +960,17 @@ X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) { + } + + ++void KOpenSSLProxy::X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **algor, const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (psig) *psig = x->signature; ++ if (algor) *algor = x->sig_alg; ++#else ++ if (K_X509_get0_signature) return (K_X509_get0_signature)(psig, algor, x); ++#endif ++} ++ ++ + X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { + if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m); + return 0L; +@@ -934,9 +999,16 @@ void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, + } + + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void KOpenSSLProxy::CRYPTO_free(void *x) { + if (K_CRYPTO_free) (K_CRYPTO_free)(x); + } ++#else ++void KOpenSSLProxy::CRYPTO_free(void *x, const char *file, int line) ++{ ++ if (K_CRYPTO_free) K_CRYPTO_free(x, file, line); ++} ++#endif + + + X509 *KOpenSSLProxy::X509_dup(X509 *x509) { +@@ -945,6 +1017,28 @@ X509 *KOpenSSLProxy::X509_dup(X509 *x509) { + } + + ++ASN1_TIME *KOpenSSLProxy::X509_getm_notBefore(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notBefore(x); ++#else ++ if (K_X509_getm_notBefore) return (K_X509_getm_notBefore)(x); ++ else return 0L; ++#endif ++} ++ ++ ++ASN1_TIME *KOpenSSLProxy::X509_getm_notAfter(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notAfter(x); ++#else ++ if (K_X509_getm_notAfter) return (K_X509_getm_notAfter)(x); ++ else return 0L; ++#endif ++} ++ ++ + BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) { + if (K_BIO_new) return (K_BIO_new)(type); + else return 0L; +@@ -1093,25 +1187,25 @@ STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) { + } + + +-void KOpenSSLProxy::sk_free(STACK *s) { +- if (K_sk_free) (K_sk_free)(s); ++void KOpenSSLProxy::OPENSSL_sk_free(STACK *s) { ++ if (K_OPENSSL_sk_free) (K_OPENSSL_sk_free)(s); + } + + +-int KOpenSSLProxy::sk_num(STACK *s) { +- if (K_sk_num) return (K_sk_num)(s); ++int KOpenSSLProxy::OPENSSL_sk_num(STACK *s) { ++ if (K_OPENSSL_sk_num) return (K_OPENSSL_sk_num)(s); + else return -1; + } + + +-char *KOpenSSLProxy::sk_pop(STACK *s) { +- if (K_sk_pop) return (K_sk_pop)(s); ++char *KOpenSSLProxy::OPENSSL_sk_pop(STACK *s) { ++ if (K_OPENSSL_sk_pop) return (K_OPENSSL_sk_pop)(s); + else return 0L; + } + + +-char *KOpenSSLProxy::sk_value(STACK *s, int n) { +- if (K_sk_value) return (K_sk_value)(s, n); ++char *KOpenSSLProxy::OPENSSL_sk_value(STACK *s, int n) { ++ if (K_OPENSSL_sk_value) return (K_OPENSSL_sk_value)(s, n); + else return 0L; + } + +@@ -1125,20 +1219,52 @@ void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { + } + + +-STACK* KOpenSSLProxy::sk_dup(STACK *s) { +- if (K_sk_dup) return (K_sk_dup)(s); ++X509 *KOpenSSLProxy::X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->current_cert; ++#else ++ if (K_X509_STORE_CTX_get_current_cert) return (K_X509_STORE_CTX_get_current_cert)(v); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ v->error = error; ++#else ++ if (K_X509_STORE_CTX_set_error) (K_X509_STORE_CTX_set_error)(v, error); ++#endif ++} ++ ++ ++int KOpenSSLProxy::X509_STORE_CTX_get_error(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->error; ++#else ++ if (K_X509_STORE_CTX_get_error) return (K_X509_STORE_CTX_get_error)(v); ++ else return 0; ++#endif ++} ++ ++ ++STACK* KOpenSSLProxy::OPENSSL_sk_dup(STACK *s) { ++ if (K_OPENSSL_sk_dup) return (K_OPENSSL_sk_dup)(s); + else return 0L; + } + + +-STACK* KOpenSSLProxy::sk_new(int (*cmp)()) { +- if (K_sk_new) return (K_sk_new)(cmp); ++STACK* KOpenSSLProxy::OPENSSL_sk_new(int (*cmp)()) { ++ if (K_OPENSSL_sk_new) return (K_OPENSSL_sk_new)(cmp); + else return 0L; + } + + +-int KOpenSSLProxy::sk_push(STACK* s, char* d) { +- if (K_sk_push) return (K_sk_push)(s,d); ++int KOpenSSLProxy::OPENSSL_sk_push(STACK* s, char* d) { ++ if (K_OPENSSL_sk_push) return (K_OPENSSL_sk_push)(s,d); + else return -1; + } + +@@ -1423,6 +1549,74 @@ int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) { + else return -1; + } + ++ ++int KOpenSSLProxy::EVP_PKEY_base_id(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->type; ++#else ++ if (K_EVP_PKEY_base_id) return (K_EVP_PKEY_base_id)(pkey); ++ else return 0; ++#endif ++} ++ ++ ++RSA *KOpenSSLProxy::EVP_PKEY_get0_RSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.rsa; ++#else ++ if (K_EVP_PKEY_get0_RSA) return (K_EVP_PKEY_get0_RSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (n) *n = rsa->n; ++ if (e) *e = rsa->e; ++ if (d) *d = rsa->d; ++#else ++ if (K_RSA_get0_key) (K_RSA_get0_key)(rsa, n, e, d); ++#endif ++} ++ ++ ++DSA *KOpenSSLProxy::EVP_PKEY_get0_DSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.dsa; ++#else ++ if (K_EVP_PKEY_get0_DSA) return (K_EVP_PKEY_get0_DSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (p) *p = dsa->p; ++ if (q) *q = dsa->q; ++ if (g) *g = dsa->g; ++#else ++ if (K_DSA_get0_pqg) (K_DSA_get0_pqg)(dsa, p, q, g); ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (pub_key) *pub_key = dsa->pub_key; ++ if (priv_key) *priv_key = dsa->priv_key; ++#else ++ if (K_DSA_get0_key) (K_DSA_get0_key)(dsa, pub_key, priv_key); ++#endif ++} ++ + + int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { + if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey); +diff --git a/kio/kssl/kopenssl.h b/kio/kssl/kopenssl.h +index ab05486336..ae3398fbef 100644 +--- a/kio/kssl/kopenssl.h ++++ b/kio/kssl/kopenssl.h +@@ -297,6 +297,18 @@ public: + + + /* ++ * X509_getm_notBefore - get validity start ++ */ ++ ASN1_TIME *X509_getm_notBefore(const X509 *x); ++ ++ ++ /* ++ * X509_getm_notAfter - get validity end ++ */ ++ ASN1_TIME *X509_getm_notAfter(const X509 *x); ++ ++ ++ /* + * X509_STORE_CTX_new - create an X509 store context + */ + X509_STORE_CTX *X509_STORE_CTX_new(void); +@@ -313,11 +325,31 @@ public: + */ + void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); + ++ + /* + * X509_STORE_CTX_set_purpose - set the purpose of the certificate + */ + void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); + ++ ++ /* ++ * X509_STORE_CTX_get_current_cert - get the current certificate ++ */ ++ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v); ++ ++ ++ /* ++ * X509_STORE_CTX_set_error - set certificate error ++ */ ++ void X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error); ++ ++ ++ /* ++ * X509_STORE_CTX_get_error - get certificate error ++ */ ++ int X509_STORE_CTX_get_error(X509_STORE_CTX *v); ++ ++ + /* + * X509_verify_cert - verify the certificate + */ +@@ -337,6 +369,12 @@ public: + + + /* ++ * X509_STORE_set_verify_cb - set verify callback ++ */ ++ void X509_STORE_set_verify_cb(X509_STORE *v, int (*verify_cb)(int, X509_STORE_CTX *)); ++ ++ ++ /* + * X509_free - free up an X509 + */ + void X509_free(X509 *v); +@@ -361,6 +399,12 @@ public: + + + /* ++ * X509_get0_signature - return X509 signature and signature algorithm ++ */ ++ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x); ++ ++ ++ /* + * X509_STORE_add_lookup - add a lookup file/method to an X509 store + */ + X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); +@@ -393,7 +437,11 @@ public: + /* + * CRYPTO_free - free up an internally allocated object + */ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void CRYPTO_free(void *x); ++#else ++ void CRYPTO_free(void *x, const char *file, int line); ++#endif + + /* + * BIO_new - create new BIO +@@ -505,53 +553,53 @@ public: + /* + * Pop off the stack + */ +- char *sk_pop(STACK *s); ++ char *OPENSSL_sk_pop(STACK *s); + + + /* + * Free the stack + */ +- void sk_free(STACK *s); ++ void OPENSSL_sk_free(STACK *s); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); } ++ void OPENSSL_sk_free(void *s) { return OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); } + #endif + + /* + * Number of elements in the stack + */ +- int sk_num(STACK *s); ++ int OPENSSL_sk_num(STACK *s); + + + /* + * Value of element n in the stack + */ +- char *sk_value(STACK *s, int n); ++ char *OPENSSL_sk_value(STACK *s, int n); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); } ++ char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); } + #endif + + /* + * Create a new stack + */ +- STACK *sk_new(int (*cmp)()); ++ STACK *OPENSSL_sk_new(int (*cmp)()); + + + /* + * Add an element to the stack + */ +- int sk_push(STACK *s, char *d); ++ int OPENSSL_sk_push(STACK *s, char *d); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } ++ int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } + #endif + + + /* + * Duplicate the stack + */ +- STACK *sk_dup(STACK *s); ++ STACK *OPENSSL_sk_dup(STACK *s); + + + /* +@@ -800,6 +848,18 @@ public: + + + /* ++ * Get key type ++ */ ++ int EVP_PKEY_base_id(EVP_PKEY *pkey); ++ ++ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); ++ void RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); ++ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); ++ void DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); ++ void DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key); ++ ++ ++ /* + * Generate a RSA key + */ + RSA *RSA_generate_key(int bits, unsigned long e, void +diff --git a/kio/kssl/kssl.cpp b/kio/kssl/kssl.cpp +index c36db55a42..faba1bb5ab 100644 +--- a/kio/kssl/kssl.cpp ++++ b/kio/kssl/kssl.cpp +@@ -55,8 +55,6 @@ + #warning "kssl.cc needs to be ported to QSslSocket" + #endif + +-#define sk_dup d->kossl->sk_dup +- + class KSSLPrivate { + public: + KSSLPrivate() { +@@ -212,5 +210,3 @@ bool KSSL::doesSSLWork() { + return m_bSSLWorks; + } + +-#undef sk_dup +- +diff --git a/kio/kssl/ksslcallback.c b/kio/kssl/ksslcallback.c +index 516b916337..38e94356e8 100644 +--- a/kio/kssl/ksslcallback.c ++++ b/kio/kssl/ksslcallback.c +@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found; + extern "C" { + static int X509Callback(int ok, X509_STORE_CTX *ctx) { + +- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; ++ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; + // Here is how this works. We put "ok = 1;" in any case that we + // don't consider to be an error. In that case, it will return OK + // for the certificate check as long as there are no other critical +@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STORE_CTX *ctx) { + + if (KSSL_X509CallBack_ca) + { +- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) ++ if (KOSSL::self()->X509_cmp(KOSSL::self()->X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0) + return 1; // Ignore errors for this certificate + + KSSL_X509CallBack_ca_found = true; + } + + if (!ok) { +- switch (ctx->error) { ++ switch (KOSSL::self()->X509_STORE_CTX_get_error(ctx)) { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + case X509_V_ERR_UNABLE_TO_GET_CRL: + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: +diff --git a/kio/kssl/ksslcertchain.cpp b/kio/kssl/ksslcertchain.cpp +index 2be7995bf8..cdfab2b5ae 100644 +--- a/kio/kssl/ksslcertchain.cpp ++++ b/kio/kssl/ksslcertchain.cpp +@@ -44,16 +44,6 @@ + #include <kdebug.h> + #include <QtCore/QStringList> + +-#ifdef KSSL_HAVE_SSL +-#define sk_new d->kossl->sk_new +-#define sk_push d->kossl->sk_push +-#define sk_free d->kossl->sk_free +-#define sk_value d->kossl->sk_value +-#define sk_num d->kossl->sk_num +-#define sk_dup d->kossl->sk_dup +-#define sk_pop d->kossl->sk_pop +-#endif +- + class KSSLCertChainPrivate { + public: + KSSLCertChainPrivate() { +@@ -79,11 +69,11 @@ KSSLCertChain::~KSSLCertChain() { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + } + #endif + delete d; +@@ -106,7 +96,7 @@ KSSLCertChain *KSSLCertChain::replicate() { + + int KSSLCertChain::depth() { + #ifdef KSSL_HAVE_SSL +- return sk_X509_num((STACK_OF(X509)*)_chain); ++ return d->kossl->OPENSSL_sk_num(static_cast<STACK *>(_chain)); + #endif + return 0; + } +@@ -123,8 +113,8 @@ QList<KSSLCertificate *> KSSLCertChain::getChain() const { + #ifdef KSSL_HAVE_SSL + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; + KSSLCertificate *nc = new KSSLCertificate; + nc->setCert(d->kossl->X509_dup(x5)); +@@ -142,18 +132,18 @@ void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK*>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); +- _chain = NULL; ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK*>(x)); ++ _chain = NULL; + } + + if (chain.isEmpty()) return; +- _chain = (void *)sk_new(NULL); ++ _chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + foreach (KSSLCertificate *x, chain) { +- sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert())); ++ d->kossl->OPENSSL_sk_push(static_cast<STACK*>(_chain), d->kossl->X509_dup(x->getCert())); + } + + #endif +@@ -166,23 +156,23 @@ if (_chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509 *>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + _chain = NULL; + } + + if (!stack_of_x509) return; + +-_chain = (void *)sk_new(NULL); ++_chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; +- sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5)); ++ d->kossl->OPENSSL_sk_push(reinterpret_cast<STACK *>(_chain), d->kossl->X509_dup(x5)); + } + + #else +@@ -202,14 +192,3 @@ void KSSLCertChain::setCertChain(const QStringList& chain) { + setChain(cl); + } + +- +-#ifdef KSSL_HAVE_SSL +-#undef sk_new +-#undef sk_push +-#undef sk_free +-#undef sk_value +-#undef sk_num +-#undef sk_dup +-#undef sk_pop +-#endif +- +diff --git a/kio/kssl/ksslcertificate.cpp b/kio/kssl/ksslcertificate.cpp +index 0d4fbd9cdc..c93d5c5b22 100644 +--- a/kio/kssl/ksslcertificate.cpp ++++ b/kio/kssl/ksslcertificate.cpp +@@ -200,14 +200,17 @@ QString KSSLCertificate::getSignatureText() const { + char *s; + int n, i; + +- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); ++ const X509_ALGOR *algor; ++ const ASN1_BIT_STRING *sig; ++ d->kossl->X509_get0_signature(&sig, &algor, d->m_cert); ++ i = d->kossl->OBJ_obj2nid(algor->algorithm); + rc = i18n("Signature Algorithm: "); + rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); + + rc += '\n'; + rc += i18n("Signature Contents:"); +- n = d->m_cert->signature->length; +- s = (char *)d->m_cert->signature->data; ++ n = sig->length; ++ s = (char *)sig->data; + for (i = 0; i < n; ++i) { + if (i%20 != 0) { + rc += ':'; +@@ -233,9 +236,10 @@ void KSSLCertificate::getEmails(QStringList &to) const { + } + + STACK *s = d->kossl->X509_get1_email(d->m_cert); ++ const int size = d->kossl->OPENSSL_sk_num(s); + if (s) { +- for(int n=0; n < s->num; n++) { +- to.append(d->kossl->sk_value(s,n)); ++ for(int n=0; n < size; n++) { ++ to.append(d->kossl->OPENSSL_sk_value(s,n)); + } + d->kossl->X509_email_free(s); + } +@@ -317,13 +321,13 @@ QString rc = ""; + EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); + if (pkey) { + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { + rc = "RSA"; + } + else + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { + rc = "DSA"; + } + else +@@ -347,8 +351,10 @@ char *x = NULL; + if (pkey) { + rc = i18nc("Unknown", "Unknown key algorithm"); + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { ++ const BIGNUM *n, *e; ++ d->kossl->RSA_get0_key(d->kossl->EVP_PKEY_get0_RSA(pkey), &n, &e, NULL); ++ x = d->kossl->BN_bn2hex(n); + rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n'; + + rc += i18n("Modulus: "); +@@ -364,15 +370,18 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); ++ x = d->kossl->BN_bn2hex(e); + rc += i18n("Exponent: 0x") + QLatin1String(x) + + QLatin1String("\n"); + d->kossl->OPENSSL_free(x); + } + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { ++ DSA *dsa = d->kossl->EVP_PKEY_get0_DSA(pkey); ++ const BIGNUM *p, *q, *g; ++ d->kossl->DSA_get0_pqg(dsa, &p, &q, &g); ++ x = d->kossl->BN_bn2hex(p); + // hack - this may not be always accurate + rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n'; + +@@ -389,7 +398,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); ++ x = d->kossl->BN_bn2hex(q); + rc += i18n("160 bit prime factor: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -403,7 +412,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); ++ x = d->kossl->BN_bn2hex(g); + rc += QString("g: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -417,7 +426,9 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); ++ const BIGNUM *pub_key; ++ d->kossl->DSA_get0_key(dsa, &pub_key, NULL); ++ x = d->kossl->BN_bn2hex(pub_key); + rc += i18n("Public key: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -682,7 +693,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + return errors; + } + +- X509_STORE_set_verify_cb_func(certStore, X509Callback); ++ d->kossl->X509_STORE_set_verify_cb(certStore, X509Callback); + + certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file()); + if (!certLookup) { +@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; + KSSL_X509CallBack_ca_found = false; + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- int errcode = certStoreCTX->error; ++ int errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + if (ca && !KSSL_X509CallBack_ca_found) { + ksslv = KSSLCertificate::Irrelevant; + } else { +@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, + X509_PURPOSE_NS_SSL_SERVER); + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- errcode = certStoreCTX->error; ++ errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + ksslv = processError(errcode); + } + d->kossl->X509_STORE_CTX_free(certStoreCTX); +@@ -978,7 +989,7 @@ KSSLCertificate::KSSLValidation KSSLCertificate::processError(int ec) { + + QString KSSLCertificate::getNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notBefore(d->m_cert)); + #else + return QString(); + #endif +@@ -987,7 +998,7 @@ QString KSSLCertificate::getNotBefore() const { + + QString KSSLCertificate::getNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notAfter(d->m_cert)); + #else + return QString(); + #endif +@@ -996,7 +1007,7 @@ QString KSSLCertificate::getNotAfter() const { + + QDateTime KSSLCertificate::getQDTNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notBefore(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1005,7 +1016,7 @@ QDateTime KSSLCertificate::getQDTNotBefore() const { + + QDateTime KSSLCertificate::getQDTNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notAfter(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1210,7 +1221,8 @@ typedef struct NETSCAPE_X509_st + // what a piece of crap this is + QByteArray KSSLCertificate::toNetscape() { + QByteArray qba; +-#ifdef KSSL_HAVE_SSL ++ // no equivalent in OpenSSL 1.1.0 (?), so behave as if we had no OpenSSL at all ++#if KSSL_HAVE_SSL && OPENSSL_VERSION_NUMBER < 0x10100000L + NETSCAPE_X509 nx; + ASN1_OCTET_STRING hdr; + KTemporaryFile ktf; +@@ -1293,10 +1305,10 @@ QStringList KSSLCertificate::subjAltNames() const { + return rc; + } + +- int cnt = d->kossl->sk_GENERAL_NAME_num(names); ++ int cnt = d->kossl->OPENSSL_sk_num((STACK *)names); + + for (int i = 0; i < cnt; i++) { +- const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); ++ const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->OPENSSL_sk_value(names, i); + if (val->type != GEN_DNS) { + continue; + } +@@ -1308,7 +1320,7 @@ QStringList KSSLCertificate::subjAltNames() const { + rc += s; + } + } +- d->kossl->sk_free(names); ++ d->kossl->OPENSSL_sk_free(names); + #endif + return rc; + } +-- +2.13.6 + diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch new file mode 100644 index 00000000..80bf12d4 --- /dev/null +++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch @@ -0,0 +1,19 @@ +diff -up kdelibs-4.14.38/kimgio/jp2.cpp.me kdelibs-4.14.38/kimgio/jp2.cpp +--- kdelibs-4.14.38/kimgio/jp2.cpp.me 2020-08-27 17:41:44.809195175 +0200 ++++ kdelibs-4.14.38/kimgio/jp2.cpp 2020-08-27 17:55:29.534742787 +0200 +@@ -103,13 +103,13 @@ static void jas_stream_initbuf(jas_strea + stream->bufmode_ |= bufmode & JAS_STREAM_BUFMODEMASK; + } + +-static int qiodevice_read(jas_stream_obj_t *obj, char *buf, int cnt) ++static int qiodevice_read(jas_stream_obj_t *obj, char *buf, unsigned int cnt) + { + QIODevice *io = (QIODevice*) obj; + return io->read(buf, cnt); + } + +-static int qiodevice_write(jas_stream_obj_t *obj, char *buf, int cnt) ++static int qiodevice_write(jas_stream_obj_t *obj, char *buf, unsigned int cnt) + { + QIODevice *io = (QIODevice*) obj; + return io->write(buf, cnt); diff --git a/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild b/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild new file mode 100644 index 00000000..ef347772 --- /dev/null +++ b/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild @@ -0,0 +1,286 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +QT_MINIMAL="4.8.7" +inherit cmake-utils flag-o-matic toolchain-funcs xdg-utils + +DESCRIPTION="Libraries needed for programs by KDE" +HOMEPAGE="https://www.kde.org/" +SRC_URI="mirror://kde/stable/applications/17.08.3/src/${P}.tar.xz" + +KEYWORDS="~amd64 ~arm ~x86 ~amd64-linux ~x86-linux" +LICENSE="LGPL-2.1" +SLOT="4/4.14" +IUSE="cpu_flags_x86_3dnow acl altivec +bzip2 debug doc fam +handbook kerberos +libressl lzma cpu_flags_x86_mmx nls openexr opengl +plasma +policykit qt3support spell +test cpu_flags_x86_sse cpu_flags_x86_sse2 ssl +udev +udisks +upower webkit zeroconf" + +REQUIRED_USE=" + opengl? ( plasma ) + udisks? ( udev ) + upower? ( udev ) +" + +# needs the kate regression testsuite from svn +RESTRICT="test" + +COMMONDEPEND=" + app-text/docbook-xml-dtd:4.2 + app-text/docbook-xsl-stylesheets + dev-lang/perl + >=dev-libs/libattica-0.4.2 + dev-libs/libdbusmenu-qt[qt4(-)] + dev-libs/libpcre[unicode] + dev-libs/libxml2 + dev-libs/libxslt + >=dev-qt/designer-${QT_MINIMAL}:4 + >=dev-qt/qtcore-${QT_MINIMAL}:4[qt3support?,ssl] + >=dev-qt/qtdbus-${QT_MINIMAL}:4 + >=dev-qt/qtdeclarative-${QT_MINIMAL}:4 + >=dev-qt/qtgui-${QT_MINIMAL}:4[accessibility,dbus(+)] + >=dev-qt/qtscript-${QT_MINIMAL}:4 + >=dev-qt/qtsvg-${QT_MINIMAL}:4 + media-libs/fontconfig + media-libs/freetype:2 + media-libs/giflib:= + media-libs/libpng:0= + media-libs/phonon[qt4(-)] + sys-libs/libutempter + sys-libs/zlib + virtual/jpeg:0 + x11-libs/libICE + x11-libs/libSM + x11-libs/libX11 + x11-libs/libXau + x11-libs/libXcursor + x11-libs/libXdmcp + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXft + x11-libs/libXpm + x11-libs/libXrender + x11-libs/libXScrnSaver + x11-libs/libXtst + x11-misc/shared-mime-info + acl? ( virtual/acl ) + bzip2? ( app-arch/bzip2 ) + fam? ( virtual/fam ) + kerberos? ( virtual/krb5 ) + openexr? ( + media-libs/openexr:= + media-libs/ilmbase:= + ) + opengl? ( >=dev-qt/qtopengl-${QT_MINIMAL}:4 ) + plasma? ( + app-crypt/qca:2-qt4 + >=dev-qt/qtsql-${QT_MINIMAL}:4[qt3support?] + ) + policykit? ( sys-auth/polkit-qt[qt4(-)] ) + spell? ( app-text/enchant:= ) + ssl? ( + libressl? ( dev-libs/libressl:0= ) + !libressl? ( dev-libs/openssl:0= ) + ) + udev? ( virtual/udev ) + webkit? ( >=dev-qt/qtwebkit-${QT_MINIMAL}:4 ) + zeroconf? ( net-dns/avahi[mdnsresponder-compat] ) +" +DEPEND="${COMMONDEPEND} + >=dev-qt/qttest-${QT_MINIMAL}:4 + doc? ( app-doc/doxygen ) + nls? ( virtual/libintl ) + test? ( dev-util/cppunit ) +" +RDEPEND="${COMMONDEPEND} + !dev-qt/qtphonon + >=app-crypt/gnupg-2.0.11 + app-misc/ca-certificates + kde-frameworks/kdelibs-env:4 + kde-frameworks/oxygen-icons + sys-apps/dbus[X] + x11-apps/iceauth + x11-apps/rgb + x11-misc/xdg-utils + plasma? ( !sci-libs/plasma ) + udev? ( app-misc/media-player-info ) + udisks? ( sys-fs/udisks:2 ) + upower? ( >=sys-power/upower-0.9.23 ) +" +PDEPEND=" + dev-util/automoc + virtual/pkgconfig + x11-base/xorg-proto + >=x11-libs/libXtst-1.1.0 + x11-misc/xdg-utils + handbook? ( kde-apps/khelpcenter:* ) + policykit? ( kde-plasma/polkit-kde-agent:* ) +" + +DOCS=( AUTHORS README{,-WIN32.TXT} TODO ) + +PATCHES=( + "${FILESDIR}/dist/01_gentoo_set_xdg_menu_prefix-1.patch" + "${FILESDIR}/dist/02_gentoo_append_xdg_config_dirs-1.patch" + "${FILESDIR}/${PN}-4.14.5-fatalwarnings.patch" + "${FILESDIR}/${PN}-4.14.5-mimetypes.patch" + "${FILESDIR}/${PN}-4.4.90-xslt.patch" + "${FILESDIR}/${PN}-4.6.3-no_suid_kdeinit.patch" + "${FILESDIR}/${PN}-4.8.1-norpath.patch" + "${FILESDIR}/${PN}-4.9.3-werror.patch" + "${FILESDIR}/${PN}-4.10.0-udisks.patch" + "${FILESDIR}/${PN}-4.14.20-FindQt4.patch" + "${FILESDIR}/${PN}-4.14.22-webkit.patch" + "${FILESDIR}/${PN}-4.14.35-3dnow.patch" + "${FILESDIR}/${PN}-4.14.35-kde3support.patch" + "${FILESDIR}/${PN}-4.14.35-plasma4.patch" + "${FILESDIR}/${PN}-4.14.37-exiv2-cmake.patch" + "${FILESDIR}/${P}-CVE-2019-14744.patch" + "${FILESDIR}/${P}-kio-tls1x.patch" + "${FILESDIR}/${P}-narrowing-warning.patch" + "${FILESDIR}/${P}-openssl-1.1.patch" + "${FILESDIR}/${P}-qiodevice.patch" +) + +src_prepare() { + cmake-utils_src_prepare + + # Rename applications.menu (needs 01_gentoo_set_xdg_menu_prefix-1.patch to work) + sed -e 's|FILES[[:space:]]applications.menu|FILES applications.menu RENAME kde-4-applications.menu|g' \ + -i kded/CMakeLists.txt || die "Sed on CMakeLists.txt for applications.menu failed." + + if ! use opengl; then + sed -i -e "/if/ s/QT_QTOPENGL_FOUND/FALSE/" \ + plasma/CMakeLists.txt plasma/tests/CMakeLists.txt includes/CMakeLists.txt \ + || die "failed to sed out QT_QTOPENGL_FOUND" + fi +} + +src_configure() { + local mycmakeargs=( + -DWITH_HSPELL=OFF + -DWITH_ASPELL=OFF + -DKDE_DEFAULT_HOME=.kde4 + -DKDE_DISTRIBUTION_TEXT=Gentoo + -DKDE4_BUILD_TESTS=OFF + -DKAUTH_BACKEND=POLKITQT-1 + -DSYSCONF_INSTALL_DIR="${EPREFIX}"/etc + -DWITH_Soprano=OFF + -DWITH_SharedDesktopOntologies=OFF + -DCMAKE_DISABLE_FIND_PACKAGE_Strigi=ON + -DBUILD_doc=$(usex handbook) + -DHAVE_X86_3DNOW=$(usex cpu_flags_x86_3dnow) + -DHAVE_PPC_ALTIVEC=$(usex altivec) + -DHAVE_X86_MMX=$(usex cpu_flags_x86_mmx) + -DHAVE_X86_SSE=$(usex cpu_flags_x86_sse) + -DHAVE_X86_SSE2=$(usex cpu_flags_x86_sse2) + -DWITH_ACL=$(usex acl) + -DWITH_BZip2=$(usex bzip2) + -DWITH_FAM=$(usex fam) + -DWITH_Jasper=OFF + -DWITH_GSSAPI=$(usex kerberos) + -DWITH_LibLZMA=$(usex lzma) + -DWITH_Libintl=$(usex nls) + -DWITH_OpenEXR=$(usex openexr) + -DWITH_PLASMA4SUPPORT=$(usex plasma) + -DWITH_QCA2=$(usex plasma) + -DWITH_PolkitQt-1=$(usex policykit) + -DWITH_KDE3SUPPORT=$(usex qt3support) + -DWITH_ENCHANT=$(usex spell) + -DWITH_OpenSSL=$(usex ssl) + -DWITH_UDev=$(usex udev) + -DWITH_SOLID_UDISKS2=$(usex udisks) + -DWITH_KDEWEBKIT=$(usex webkit) + -DWITH_Avahi=$(usex zeroconf) + ) + + use zeroconf || mycmakeargs+=( -DWITH_DNSSD=OFF ) + + if use debug; then + # Set "real" debug mode + CMAKE_KDE_BUILD_TYPE="Debugfull" + else + # Handle common release builds + append-cppflags -DQT_NO_DEBUG + fi + + tc-is-cross-compiler || cmakeargs+=( -DCMAKE_INSTALL_PREFIX="${EPREFIX}/usr" ) + #qmake -query QT_INSTALL_LIBS unavailable when cross-compiling + tc-is-cross-compiler && cmakeargs+=( -DQT_LIBRARY_DIR="${ROOT}"/usr/$(get_libdir)/qt4 ) + #kde-config -path data unavailable when cross-compiling + tc-is-cross-compiler && cmakeargs+=( -DKDE4_DATA_DIR="${ROOT}"/usr/share/apps/ ) + + cmake-utils_src_configure +} + +src_compile() { + cmake-utils_src_compile + + # The building of apidox is not managed anymore by the build system + if use doc; then + einfo "Building API documentation" + cd "${S}"/doc/api/ + ./doxygen.sh "${S}" || die "APIDOX generation failed" + fi +} + +src_install() { + for doc in "${S}"/*/{AUTHORS,ChangeLog*,README*,TODO}; do + [[ -f ${doc} && -s ${doc} ]] && newdoc "${doc}" "$(basename $(dirname ${doc})).$(basename ${doc})" + done + + cmake-utils_src_install + + # We don't want /usr/share/doc/HTML to be compressed, + # because then khelpcenter can't find the docs + [[ -d ${ED}/usr/share/doc/HTML ]] && + docompress -x /usr/share/doc/HTML + + # use system certificates + rm -f "${ED}"/usr/share/apps/kssl/ca-bundle.crt || die + dosym ../../../../etc/ssl/certs/ca-certificates.crt /usr/share/apps/kssl/ca-bundle.crt + + if use doc; then + einfo "Installing API documentation. This could take a bit of time." + cd "${S}"/doc/api/ + docinto /HTML/en/kdelibs-apidox + dodoc -r ${P}-apidocs/* + fi + + # We don't package it, so don't install headers + rm -r "${ED}"/usr/include/KDE/Nepomuk || die + + einfo Installing environment file. + # Since 44qt4 is sourced earlier QT_PLUGIN_PATH is defined. + echo "COLON_SEPARATED=QT_PLUGIN_PATH" > "${T}/77kde" + echo "QT_PLUGIN_PATH=${EPREFIX}/usr/$(get_libdir)/kde4/plugins" >> "${T}/77kde" + doenvd "${T}/77kde" +} + +pkg_postinst() { + xdg_desktop_database_update + xdg_mimeinfo_database_update + + if use zeroconf; then + elog + elog "To make zeroconf support available in applications make sure that the avahi daemon" + elog "is running." + elog + elog "If you also want to use zeroconf for hostname resolution, emerge sys-auth/nss-mdns" + elog "and enable multicast dns lookups by editing the 'hosts:' line in /etc/nsswitch.conf" + elog "to include 'mdns', e.g.:" + elog " hosts: files mdns dns" + elog + fi +} + +pkg_prerm() { + # Remove ksycoca4 global database + rm -f "${EROOT%/}"/usr/share/kde4/services/ksycoca4 || die +} + +pkg_postrm() { + xdg_desktop_database_update + xdg_mimeinfo_database_update +} |