commit: b108894299cf9456f954014e47d2bceac62685b5 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> AuthorDate: Mon Dec 29 18:10:42 2025 +0000 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> CommitDate: Mon Dec 29 18:14:48 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1088942
kde-apps/messagelib: Don't unconditionally ignore SSL errors Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> .../messagelib-25.08.3-dont-ignore-ssl-errs.patch | 123 +++++++++++++++++++++ kde-apps/messagelib/messagelib-25.08.3-r2.ebuild | 81 ++++++++++++++ 2 files changed, 204 insertions(+) diff --git a/kde-apps/messagelib/files/messagelib-25.08.3-dont-ignore-ssl-errs.patch b/kde-apps/messagelib/files/messagelib-25.08.3-dont-ignore-ssl-errs.patch new file mode 100644 index 000000000000..f514a7407452 --- /dev/null +++ b/kde-apps/messagelib/files/messagelib-25.08.3-dont-ignore-ssl-errs.patch @@ -0,0 +1,123 @@ +From df525dc91498423f3c45e143efab1c7102776652 Mon Sep 17 00:00:00 2001 +From: Volker Krause <[email protected]> +Date: Sun, 23 Nov 2025 11:30:04 +0100 +Subject: [PATCH] Don't unconditionally ignore SSL errors from Google's + phishing API + +Google generally has a working SSL setup, so encountering SSL errors +actually means we are probably not talking to Google's API, and as such +we shouldn't continue here. +--- + .../src/checkphishingurl/checkphishingurljob.cpp | 7 ------- + webengineviewer/src/checkphishingurl/checkphishingurljob.h | 1 - + .../src/checkphishingurl/createphishingurldatabasejob.cpp | 7 ------- + .../src/checkphishingurl/createphishingurldatabasejob.h | 1 - + webengineviewer/src/checkphishingurl/searchfullhashjob.cpp | 7 ------- + webengineviewer/src/checkphishingurl/searchfullhashjob.h | 1 - + 6 files changed, 24 deletions(-) + +diff --git a/webengineviewer/src/checkphishingurl/checkphishingurljob.cpp b/webengineviewer/src/checkphishingurl/checkphishingurljob.cpp +index 25c675f524..d05c5b68be 100644 +--- a/webengineviewer/src/checkphishingurl/checkphishingurljob.cpp ++++ b/webengineviewer/src/checkphishingurl/checkphishingurljob.cpp +@@ -37,17 +37,10 @@ CheckPhishingUrlJob::CheckPhishingUrlJob(QObject *parent) + d->mNetworkAccessManager->enableStrictTransportSecurityStore(true); + + connect(d->mNetworkAccessManager, &QNetworkAccessManager::finished, this, &CheckPhishingUrlJob::slotCheckUrlFinished); +- connect(d->mNetworkAccessManager, &QNetworkAccessManager::sslErrors, this, &CheckPhishingUrlJob::slotSslErrors); + } + + CheckPhishingUrlJob::~CheckPhishingUrlJob() = default; + +-void CheckPhishingUrlJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error) +-{ +- qCDebug(WEBENGINEVIEWER_LOG) << " void CheckPhishingUrlJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error)" << error.count(); +- reply->ignoreSslErrors(error); +-} +- + void CheckPhishingUrlJob::parse(const QByteArray &replyStr) + { + QJsonDocument document = QJsonDocument::fromJson(replyStr); +diff --git a/webengineviewer/src/checkphishingurl/checkphishingurljob.h b/webengineviewer/src/checkphishingurl/checkphishingurljob.h +index e370005283..67ca355a65 100644 +--- a/webengineviewer/src/checkphishingurl/checkphishingurljob.h ++++ b/webengineviewer/src/checkphishingurl/checkphishingurljob.h +@@ -40,7 +40,6 @@ Q_SIGNALS: + void debugJson(const QByteArray &ba); + + private: +- WEBENGINEVIEWER_NO_EXPORT void slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error); + WEBENGINEVIEWER_NO_EXPORT void slotError(QNetworkReply::NetworkError error); + WEBENGINEVIEWER_NO_EXPORT void slotCheckUrlFinished(QNetworkReply *reply); + std::unique_ptr<CheckPhishingUrlJobPrivate> const d; +diff --git a/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.cpp b/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.cpp +index 1da04a452c..b34be279d8 100644 +--- a/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.cpp ++++ b/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.cpp +@@ -42,17 +42,10 @@ CreatePhishingUrlDataBaseJob::CreatePhishingUrlDataBaseJob(QObject *parent) + d->mNetworkAccessManager->enableStrictTransportSecurityStore(true); + + connect(d->mNetworkAccessManager, &QNetworkAccessManager::finished, this, &CreatePhishingUrlDataBaseJob::slotDownloadDataBaseFinished); +- connect(d->mNetworkAccessManager, &QNetworkAccessManager::sslErrors, this, &CreatePhishingUrlDataBaseJob::slotSslErrors); + } + + CreatePhishingUrlDataBaseJob::~CreatePhishingUrlDataBaseJob() = default; + +-void CreatePhishingUrlDataBaseJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error) +-{ +- qCDebug(WEBENGINEVIEWER_LOG) << " void CreatePhishingUrlDataBaseJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error)" << error.count(); +- reply->ignoreSslErrors(error); +-} +- + void CreatePhishingUrlDataBaseJob::start() + { + if (!PimCommon::NetworkManager::self()->isOnline()) { +diff --git a/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.h b/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.h +index d576877186..9651279423 100644 +--- a/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.h ++++ b/webengineviewer/src/checkphishingurl/createphishingurldatabasejob.h +@@ -63,7 +63,6 @@ Q_SIGNALS: + + private: + WEBENGINEVIEWER_NO_EXPORT void slotDownloadDataBaseFinished(QNetworkReply *reply); +- WEBENGINEVIEWER_NO_EXPORT void slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error); + WEBENGINEVIEWER_NO_EXPORT void slotError(QNetworkReply::NetworkError error); + + std::unique_ptr<CreatePhishingUrlDataBaseJobPrivate> const d; +diff --git a/webengineviewer/src/checkphishingurl/searchfullhashjob.cpp b/webengineviewer/src/checkphishingurl/searchfullhashjob.cpp +index 129cad9207..70f148fa76 100644 +--- a/webengineviewer/src/checkphishingurl/searchfullhashjob.cpp ++++ b/webengineviewer/src/checkphishingurl/searchfullhashjob.cpp +@@ -39,17 +39,10 @@ SearchFullHashJob::SearchFullHashJob(QObject *parent) + d->mNetworkAccessManager->enableStrictTransportSecurityStore(true); + + connect(d->mNetworkAccessManager, &QNetworkAccessManager::finished, this, &SearchFullHashJob::slotCheckUrlFinished); +- connect(d->mNetworkAccessManager, &QNetworkAccessManager::sslErrors, this, &SearchFullHashJob::slotSslErrors); + } + + SearchFullHashJob::~SearchFullHashJob() = default; + +-void SearchFullHashJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error) +-{ +- qCDebug(WEBENGINEVIEWER_LOG) << " void SearchFullHashJob::slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error)" << error.count(); +- reply->ignoreSslErrors(error); +-} +- + void SearchFullHashJob::parse(const QByteArray &replyStr) + { + /* +diff --git a/webengineviewer/src/checkphishingurl/searchfullhashjob.h b/webengineviewer/src/checkphishingurl/searchfullhashjob.h +index 67e8ebe56a..5c80ec2caa 100644 +--- a/webengineviewer/src/checkphishingurl/searchfullhashjob.h ++++ b/webengineviewer/src/checkphishingurl/searchfullhashjob.h +@@ -41,7 +41,6 @@ Q_SIGNALS: + void debugJson(const QByteArray &ba); + + private: +- WEBENGINEVIEWER_NO_EXPORT void slotSslErrors(QNetworkReply *reply, const QList<QSslError> &error); + WEBENGINEVIEWER_NO_EXPORT void slotError(QNetworkReply::NetworkError error); + WEBENGINEVIEWER_NO_EXPORT void slotCheckUrlFinished(QNetworkReply *reply); + +-- +GitLab + diff --git a/kde-apps/messagelib/messagelib-25.08.3-r2.ebuild b/kde-apps/messagelib/messagelib-25.08.3-r2.ebuild new file mode 100644 index 000000000000..e150b61fa303 --- /dev/null +++ b/kde-apps/messagelib/messagelib-25.08.3-r2.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +ECM_QTHELP="true" +ECM_TEST="forceoptional" +PVCUT=$(ver_cut 1-3) +KFMIN=6.16.0 +QTMIN=6.9.1 +inherit ecm gear.kde.org + +DESCRIPTION="Libraries for messaging functions" + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="6/$(ver_cut 1-2)" +KEYWORDS="~amd64 ~arm64" +IUSE="speech" + +# bug 579630 +RESTRICT="test" + +DEPEND=" + dev-cpp/gpgmepp:= + dev-libs/qgpgme:= + >=dev-libs/openssl-3.0.0:= + >=dev-libs/ktextaddons-1.6.0:6[speech?] + >=dev-qt/qtbase-${QTMIN}:6[gui,network,widgets] + >=dev-qt/qtwebengine-${QTMIN}:6[widgets] + >=kde-apps/akonadi-${PVCUT}:6= + >=kde-apps/akonadi-contacts-${PVCUT}:6= + >=kde-apps/akonadi-mime-${PVCUT}:6= + >=kde-apps/akonadi-search-${PVCUT}:6= + >=kde-apps/grantleetheme-${PVCUT}:6= + >=kde-apps/kidentitymanagement-${PVCUT}:6= + >=kde-apps/kldap-${PVCUT}:6= + >=kde-apps/kmailtransport-${PVCUT}:6= + >=kde-apps/kmbox-${PVCUT}:6= + >=kde-apps/kmime-${PVCUT}:6= + >=kde-apps/kpimtextedit-${PVCUT}:6=[speech(-)=] + >=kde-apps/libgravatar-${PVCUT}:6= + >=kde-apps/libkdepim-${PVCUT}:6= + >=kde-apps/libkleo-${PVCUT}:6= + >=kde-apps/mimetreeparser-${PVCUT}:6= + >=kde-apps/pimcommon-${PVCUT}:6= + >=kde-frameworks/karchive-${KFMIN}:6 + >=kde-frameworks/kcalendarcore-${KFMIN}:6 + >=kde-frameworks/kcodecs-${KFMIN}:6 + >=kde-frameworks/kcolorscheme-${KFMIN}:6 + >=kde-frameworks/kcompletion-${KFMIN}:6 + >=kde-frameworks/kconfig-${KFMIN}:6 + >=kde-frameworks/kcontacts-${KFMIN}:6 + >=kde-frameworks/kcoreaddons-${KFMIN}:6 + >=kde-frameworks/kguiaddons-${KFMIN}:6 + >=kde-frameworks/ki18n-${KFMIN}:6 + >=kde-frameworks/kiconthemes-${KFMIN}:6 + >=kde-frameworks/kio-${KFMIN}:6 + >=kde-frameworks/kitemmodels-${KFMIN}:6 + >=kde-frameworks/kitemviews-${KFMIN}:6 + >=kde-frameworks/kjobwidgets-${KFMIN}:6 + >=kde-frameworks/knotifications-${KFMIN}:6 + >=kde-frameworks/kservice-${KFMIN}:6 + >=kde-frameworks/ktexttemplate-${KFMIN}:6 + >=kde-frameworks/ktextwidgets-${KFMIN}:6 + >=kde-frameworks/kwidgetsaddons-${KFMIN}:6 + >=kde-frameworks/kwindowsystem-${KFMIN}:6 + >=kde-frameworks/kxmlgui-${KFMIN}:6 + >=kde-frameworks/sonnet-${KFMIN}:6 + >=kde-frameworks/syntax-highlighting-${KFMIN}:6 +" +RDEPEND="${DEPEND}" + +PATCHES=( "${FILESDIR}/${P}-dont-ignore-ssl-errs.patch" ) + +src_configure() { + local mycmakeargs=( + $(cmake_use_find_package speech KF6TextEditTextToSpeech) + ) + + ecm_src_configure +}
