summaryrefslogtreecommitdiff
path: root/source/l/qt
diff options
context:
space:
mode:
Diffstat (limited to 'source/l/qt')
-rw-r--r--source/l/qt/README1
-rw-r--r--[-rwxr-xr-x]source/l/qt/profile.d/qt4.csh0
-rw-r--r--[-rwxr-xr-x]source/l/qt/profile.d/qt4.sh0
-rw-r--r--source/l/qt/qt.QSortFilterProxyModel.reformatted.diff92
-rwxr-xr-xsource/l/qt/qt.SlackBuild20
-rw-r--r--source/l/qt/qt.blacklist.bad.certs.diff67
-rw-r--r--source/l/qt/qt.blacklist.bad.certs.patch02.diff35
7 files changed, 212 insertions, 3 deletions
diff --git a/source/l/qt/README b/source/l/qt/README
index bdf9be99..9bbcb346 100644
--- a/source/l/qt/README
+++ b/source/l/qt/README
@@ -6,3 +6,4 @@ repository with this command:
git clone git://gitorious.org/+kde-developers/qt/kde-qt.git
+(see the SlackBuild for more details)
diff --git a/source/l/qt/profile.d/qt4.csh b/source/l/qt/profile.d/qt4.csh
index 6e2c726c..6e2c726c 100755..100644
--- a/source/l/qt/profile.d/qt4.csh
+++ b/source/l/qt/profile.d/qt4.csh
diff --git a/source/l/qt/profile.d/qt4.sh b/source/l/qt/profile.d/qt4.sh
index 5b4b830a..5b4b830a 100755..100644
--- a/source/l/qt/profile.d/qt4.sh
+++ b/source/l/qt/profile.d/qt4.sh
diff --git a/source/l/qt/qt.QSortFilterProxyModel.reformatted.diff b/source/l/qt/qt.QSortFilterProxyModel.reformatted.diff
new file mode 100644
index 00000000..0ab94b31
--- /dev/null
+++ b/source/l/qt/qt.QSortFilterProxyModel.reformatted.diff
@@ -0,0 +1,92 @@
+--- ./src/gui/itemviews/qsortfilterproxymodel.cpp.orig 2010-11-20 17:54:23.000000000 -0600
++++ ./src/gui/itemviews/qsortfilterproxymodel.cpp 2011-01-07 00:40:04.000000000 -0600
+@@ -782,14 +782,14 @@
+ if (orthogonal_source_to_proxy.isEmpty()) {
+ const int ortho_end = (orient == Qt::Horizontal) ? model->rowCount(source_parent) : model->columnCount(source_parent);
+
++ orthogonal_source_to_proxy.resize(ortho_end);
++
+ for (int ortho_item = 0; ortho_item < ortho_end; ++ortho_item) {
+ if ((orient == Qt::Horizontal) ? q->filterAcceptsRow(ortho_item, source_parent)
+ : q->filterAcceptsColumn(ortho_item, source_parent)) {
+ orthogonal_proxy_to_source.append(ortho_item);
+ }
+ }
+- orthogonal_source_to_proxy.resize(orthogonal_proxy_to_source.size());
+-
+ if (orient == Qt::Horizontal) {
+ // We're reacting to columnsInserted, but we've just inserted new rows. Sort them.
+ sort_source_rows(orthogonal_proxy_to_source, source_parent);
+--- ./tests/auto/qsortfilterproxymodel/qsortfilterproxymodel.pro.orig 2010-11-20 17:54:28.000000000 -0600
++++ ./tests/auto/qsortfilterproxymodel/qsortfilterproxymodel.pro 2011-01-07 00:40:04.000000000 -0600
+@@ -1,6 +1,7 @@
+ load(qttest_p4)
+
+-SOURCES += tst_qsortfilterproxymodel.cpp
+-
++INCLUDEPATH += $$PWD/../modeltest
+
++SOURCES += tst_qsortfilterproxymodel.cpp ../modeltest/dynamictreemodel.cpp ../modeltest/modeltest.cpp
++HEADERS += ../modeltest/dynamictreemodel.h ../modeltest/modeltest.h
+
+--- ./tests/auto/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp.orig 2010-11-20 17:54:28.000000000 -0600
++++ ./tests/auto/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp 2011-01-07 00:41:02.000000000 -0600
+@@ -43,6 +43,9 @@
+ #include <QtTest/QtTest>
+ #include "../../shared/util.h"
+
++#include "dynamictreemodel.h"
++#include "modeltest.h"
++
+ #include <QtCore>
+ #include <QtGui>
+
+@@ -143,6 +146,7 @@
+ void taskQTBUG_10287_unnecessaryMapCreation();
+
+ void testMultipleProxiesWithSelection();
++ void filteredColumns();
+
+ protected:
+ void buildHierarchy(const QStringList &data, QAbstractItemModel *model);
+@@ -3135,5 +3139,40 @@
+ // No assert failure, it passes.
+ }
+
++class FilteredColumnProxyModel : public QSortFilterProxyModel
++{
++ Q_OBJECT
++public:
++ FilteredColumnProxyModel(QObject *parent = 0)
++ : QSortFilterProxyModel(parent)
++ {
++
++ }
++
++protected:
++ bool filterAcceptsColumn(int column, const QModelIndex &source_parent) const
++ {
++ return column % 2 != 0;
++ }
++};
++
++void tst_QSortFilterProxyModel::filteredColumns()
++{
++ DynamicTreeModel *model = new DynamicTreeModel(this);
++
++ FilteredColumnProxyModel *proxy = new FilteredColumnProxyModel(this);
++ proxy->setSourceModel(model);
++
++ new ModelTest(proxy, this);
++
++ ModelInsertCommand *insertCommand = new ModelInsertCommand(model, this);
++ insertCommand->setNumCols(2);
++ insertCommand->setStartRow(0);
++ insertCommand->setEndRow(0);
++ // Parent is QModelIndex()
++ insertCommand->doCommand();
++
++}
++
+ QTEST_MAIN(tst_QSortFilterProxyModel)
+ #include "tst_qsortfilterproxymodel.moc"
diff --git a/source/l/qt/qt.SlackBuild b/source/l/qt/qt.SlackBuild
index c04221c3..f79d2c2a 100755
--- a/source/l/qt/qt.SlackBuild
+++ b/source/l/qt/qt.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2006, 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -31,11 +31,14 @@
# git checkout origin/4.5.3-patched
# git checkout origin/4.6.0-stable-patched
# git checkout origin/4.6.1-patched
+# git checkout origin/4.7.0-patched
+#
+# Alternate method (we don't use this):
# wget http://qt.gitorious.org/qt/kde-qt/archive-tarball/4.6.2-patched
PKGNAM=qt
VERSION=$(ls qt-*.tar.?z* | cut -d - -f 2 | rev | cut -f 3- -d . | rev)
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -109,7 +112,14 @@ if [ $ARCH = "i486" ]; then
fi
# Fix path to mysql header
-zcat $CWD/qt.mysql.h.diff.gz | patch -p1 || exit 1
+zcat $CWD/qt.mysql.h.diff.gz | patch -p1 --verbose || exit 1
+
+# Upstream patch required for upcoming kdepim-4.6.x:
+zcat $CWD/qt.QSortFilterProxyModel.reformatted.diff.gz | patch -p1 --verbose || exit 1
+
+# Blacklist compromised certificates:
+zcat $CWD/qt.blacklist.bad.certs.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/qt.blacklist.bad.certs.patch02.diff.gz | patch -p1 --verbose || exit 1
export CFLAGS="$SLKCFLAGS"
export CXXFLAGS="$SLKCFLAGS"
@@ -142,6 +152,10 @@ make install INSTALL_ROOT=$PKG || exit 1
# The infamous qt -> qt-${VERSION} link that keeps the full path out of .la files:
( cd $PKG/usr/lib${LIBDIRSUFFIX} ; ln -sf qt qt-${VERSION} )
+# libjscore is used internally. Prevent a false dependency on this in the .la files:
+sed -i "s,-ljscore,,g" $PKG/usr/lib${LIBDIRSUFFIX}/qt/lib/*.la $PKG/usr/lib${LIBDIRSUFFIX}/qt/lib/pkgconfig/*.pc
+sed -i "s,-L../JavaScriptCore/release,,g" $PKG/usr/lib${LIBDIRSUFFIX}/qt/lib/*.la $PKG/usr/lib${LIBDIRSUFFIX}/qt/lib/pkgconfig/*.pc
+
# Link the shared libraries into /usr/lib:
( cd $PKG/usr/lib${LIBDIRSUFFIX}
for file in qt/lib/*.so* ; do
diff --git a/source/l/qt/qt.blacklist.bad.certs.diff b/source/l/qt/qt.blacklist.bad.certs.diff
new file mode 100644
index 00000000..38b6d369
--- /dev/null
+++ b/source/l/qt/qt.blacklist.bad.certs.diff
@@ -0,0 +1,67 @@
+--- ./src/network/ssl/qsslcertificate_p.h.orig 2010-11-20 17:54:24.000000000 -0600
++++ ./src/network/ssl/qsslcertificate_p.h 2011-03-24 18:08:59.000000000 -0500
+@@ -96,6 +96,7 @@
+ static QSslCertificate QSslCertificate_from_X509(X509 *x509);
+ static QList<QSslCertificate> certificatesFromPem(const QByteArray &pem, int count = -1);
+ static QList<QSslCertificate> certificatesFromDer(const QByteArray &der, int count = -1);
++ static bool isBlacklisted(const QSslCertificate &certificate);
+
+ friend class QSslSocketBackendPrivate;
+
+--- ./src/network/ssl/qsslcertificate.cpp.orig 2010-11-20 17:54:24.000000000 -0600
++++ ./src/network/ssl/qsslcertificate.cpp 2011-03-24 18:08:59.000000000 -0500
+@@ -219,17 +219,19 @@
+ Returns true if this certificate is valid; otherwise returns
+ false.
+
+- Note: Currently, this function only checks that the current
++ Note: Currently, this function checks that the current
+ data-time is within the date-time range during which the
+- certificate is considered valid. No other checks are
+- currently performed.
++ certificate is considered valid, and checks that the
++ certificate is not in a blacklist of fraudulent certificates.
+
+ \sa isNull()
+ */
+ bool QSslCertificate::isValid() const
+ {
+ const QDateTime currentTime = QDateTime::currentDateTime();
+- return currentTime >= d->notValidBefore && currentTime <= d->notValidAfter;
++ return currentTime >= d->notValidBefore &&
++ currentTime <= d->notValidAfter &&
++ ! QSslCertificatePrivate::isBlacklisted(*this);
+ }
+
+ /*!
+@@ -798,6 +800,30 @@
+ return certificates;
+ }
+
++// These certificates are known to be fraudulent and were created during the comodo
++// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
++static const char *certificate_blacklist[] = {
++ "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e",
++ "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06",
++ "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3",
++ "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29",
++ "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71",
++ "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47",
++ "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43",
++ "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0",
++ "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0",
++ 0
++};
++
++bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate)
++{
++ for (int a = 0; certificate_blacklist[a] != 0; a++) {
++ if (certificate.serialNumber() == certificate_blacklist[a])
++ return true;
++ }
++ return false;
++}
++
+ #ifndef QT_NO_DEBUG_STREAM
+ QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
+ {
diff --git a/source/l/qt/qt.blacklist.bad.certs.patch02.diff b/source/l/qt/qt.blacklist.bad.certs.patch02.diff
new file mode 100644
index 00000000..b8bb1e4e
--- /dev/null
+++ b/source/l/qt/qt.blacklist.bad.certs.patch02.diff
@@ -0,0 +1,35 @@
+From b87528a71b66e786c11804d7b79e408aae612748 Mon Sep 17 00:00:00 2001
+From: Peter Hartmann <peter.hartmann@nokia.com>
+Date: Fri, 25 Mar 2011 13:45:24 +0100
+Subject: [PATCH] QSslSocket internals: abort on encountering blacklisted certificates
+
+tested manually with "openssl s_server -cert blacklisted.pem -key
+key.pem" and connecting a QSslSocket.
+
+Reviewed-by: Markus Goetz
+Task-number: QTBUG-18338
+---
+ src/network/ssl/qsslsocket_openssl.cpp | 7 +++++++
+ 1 files changed, 7 insertions(+), 0 deletions(-)
+
+diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
+index 0866534..2427193 100644
+--- a/src/network/ssl/qsslsocket_openssl.cpp
++++ b/src/network/ssl/qsslsocket_openssl.cpp
+@@ -1193,6 +1193,13 @@ bool QSslSocketBackendPrivate::startHandshake()
+ X509 *x509 = q_SSL_get_peer_certificate(ssl);
+ configuration.peerCertificate = QSslCertificatePrivate::QSslCertificate_from_X509(x509);
+ q_X509_free(x509);
++ if (QSslCertificatePrivate::isBlacklisted(configuration.peerCertificate)) {
++ q->setErrorString(QSslSocket::tr("The peer certificate is blacklisted"));
++ q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
++ emit q->error(QAbstractSocket::SslHandshakeFailedError);
++ plainSocket->disconnectFromHost();
++ return false;
++ }
+
+ // Start translating errors.
+ QList<QSslError> errors;
+--
+1.6.1
+