* [gentoo-commits] proj/kde-sunset:master commit in: kde-frameworks/kdelibs/files/, kde-frameworks/kdelibs/
@ 2020-12-04 13:48 Andreas Sturmlechner
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Sturmlechner @ 2020-12-04 13:48 UTC (permalink / raw
To: gentoo-commits
commit: 2e9c62e51779c37bd5cfaeaca25af0a1fd6de410
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 4 13:47:54 2020 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Fri Dec 4 13:47:54 2020 +0000
URL: https://gitweb.gentoo.org/proj/kde-sunset.git/commit/?id=2e9c62e5
kde-frameworks/kdelibs: 4.14.38 version bump w/ openssl-1.1 fix
Package-Manager: Portage-3.0.11, Repoman-3.0.2
RepoMan-Options: --force
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
.../files/kdelibs-4.14.38-CVE-2019-14744.patch | 111 +++
.../kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch | 12 +
.../files/kdelibs-4.14.38-narrowing-warning.patch | 12 +
.../files/kdelibs-4.14.38-openssl-1.1.patch | 999 +++++++++++++++++++++
.../kdelibs/files/kdelibs-4.14.38-qiodevice.patch | 19 +
kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild | 286 ++++++
6 files changed, 1439 insertions(+)
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch
new file mode 100644
index 00000000..bc71dc0f
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-CVE-2019-14744.patch
@@ -0,0 +1,111 @@
+From 2c3762feddf7e66cf6b64d9058f625a715694a00 Mon Sep 17 00:00:00 2001
+From: Kai Uwe Broulik <kde@privat.broulik.de>
+Date: Wed, 7 Aug 2019 09:47:46 +0200
+Subject: Security: remove support for $(...) in config keys with [$e] marker.
+
+It is very unclear at this point what a valid use case for this feature
+would possibly be. The old documentation only mentions $(hostname) as
+an example, which can be done with $HOSTNAME instead.
+
+Note that $(...) is still supported in Exec lines of desktop files,
+this does not require [$e] anyway (and actually works better without it,
+otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...).
+
+Thanks to Fabian Vogt for testing.
+
+(This is a backport of KDE Frameworks 5 kconfig patch to kdelibs)
+
+Differential Revision: https://phabricator.kde.org/D22989
+---
+ kdecore/config/kconfig.cpp | 32 +-------------------------------
+ kdecore/doc/README.kiosk | 12 ------------
+ kdecore/tests/kconfigtest.cpp | 6 +-----
+ 3 files changed, 2 insertions(+), 48 deletions(-)
+
+diff --git a/kdecore/config/kconfig.cpp b/kdecore/config/kconfig.cpp
+index 7ea26a5..b30584b 100644
+--- a/kdecore/config/kconfig.cpp
++++ b/kdecore/config/kconfig.cpp
+@@ -160,37 +160,7 @@ QString KConfigPrivate::expandString(const QString& value)
+ int nDollarPos = aValue.indexOf( QLatin1Char('$') );
+ while( nDollarPos != -1 && nDollarPos+1 < aValue.length()) {
+ // there is at least one $
+- if( aValue[nDollarPos+1] == QLatin1Char('(') ) {
+- int nEndPos = nDollarPos+1;
+- // the next character is not $
+- while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=QLatin1Char(')')) )
+- nEndPos++;
+- nEndPos++;
+- QString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );
+-
+- QString result;
+- QByteArray oldpath = qgetenv( "PATH" );
+- QByteArray newpath;
+- if (KGlobal::hasMainComponent()) {
+- newpath = QFile::encodeName(KGlobal::dirs()->resourceDirs("exe").join(QChar::fromLatin1(KPATH_SEPARATOR)));
+- if (!newpath.isEmpty() && !oldpath.isEmpty())
+- newpath += KPATH_SEPARATOR;
+- }
+- newpath += oldpath;
+- setenv( "PATH", newpath, 1/*overwrite*/ );
+-// FIXME: wince does not have pipes
+-#ifndef _WIN32_WCE
+- FILE *fs = popen(QFile::encodeName(cmd).data(), "r");
+- if (fs) {
+- QTextStream ts(fs, QIODevice::ReadOnly);
+- result = ts.readAll().trimmed();
+- pclose(fs);
+- }
+-#endif
+- setenv( "PATH", oldpath, 1/*overwrite*/ );
+- aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
+- nDollarPos += result.length();
+- } else if( aValue[nDollarPos+1] != QLatin1Char('$') ) {
++ if( aValue[nDollarPos+1] != QLatin1Char('$') ) {
+ int nEndPos = nDollarPos+1;
+ // the next character is not $
+ QString aVarName;
+diff --git a/kdecore/doc/README.kiosk b/kdecore/doc/README.kiosk
+index b95002d..d902c61 100644
+--- a/kdecore/doc/README.kiosk
++++ b/kdecore/doc/README.kiosk
+@@ -640,18 +640,6 @@ The following syntax is also supported:
+ Name[$ei]=${USER}
+
+
+-Shell Commands in KDE config files.
+-===================================
+-
+-Since KDE-3.1 arbitrary entries in configuration files can contain shell
+-commands. This way the value of a configuration entry can be determined
+-dynamically at runtime. In order to use this the entry must be marked
+-with [$e].
+-
+-Example:
+-Host[$e]=$(hostname)
+-
+-
+ KDE Kiosk Application API
+ ==========================
+
+diff --git a/kdecore/tests/kconfigtest.cpp b/kdecore/tests/kconfigtest.cpp
+index 78e6ad1..37ea3c2 100644
+--- a/kdecore/tests/kconfigtest.cpp
++++ b/kdecore/tests/kconfigtest.cpp
+@@ -479,12 +479,8 @@ void KConfigTest::testPath()
+ QCOMPARE(group.readPathEntry("withBraces", QString()), QString("file://" + HOMEPATH) );
+ QVERIFY(group.hasKey("URL"));
+ QCOMPARE(group.readEntry("URL", QString()), QString("file://" + HOMEPATH) );
+-#if !defined(Q_OS_WIN32) && !defined(Q_OS_MAC)
+- // I don't know if this will work on windows
+- // This test hangs on OS X
+ QVERIFY(group.hasKey("hostname"));
+- QCOMPARE(group.readEntry("hostname", QString()), QHostInfo::localHostName());
+-#endif
++ QCOMPARE(group.readEntry("hostname", QString()), QString("(hostname)")); // the $ got removed because empty var name
+ QVERIFY(group.hasKey("noeol"));
+ QCOMPARE(group.readEntry("noeol", QString()), QString("foo"));
+ }
+--
+cgit v1.1
+
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch
new file mode 100644
index 00000000..b010a6d8
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-kio-tls1x.patch
@@ -0,0 +1,12 @@
+diff -ur kdelibs-4.14.38/kio/kio/tcpslavebase.cpp kdelibs-4.14.38-kio-tls1x/kio/kio/tcpslavebase.cpp
+--- kdelibs-4.14.38/kio/kio/tcpslavebase.cpp 2017-11-05 02:51:22.000000000 +0100
++++ kdelibs-4.14.38-kio-tls1x/kio/kio/tcpslavebase.cpp 2020-01-18 18:57:45.933170939 +0100
+@@ -499,7 +499,7 @@
+ {
+ if (d->usingSSL)
+ return false;
+- return d->startTLSInternal(KTcpSocket::TlsV1) & ResultOk;
++ return d->startTLSInternal(KTcpSocket::SecureProtocols) & ResultOk;
+ }
+
+ TCPSlaveBase::SslResult TCPSlaveBase::TcpSlaveBasePrivate::startTLSInternal (KTcpSocket::SslVersion version,
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch
new file mode 100644
index 00000000..3d3c3902
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-narrowing-warning.patch
@@ -0,0 +1,12 @@
+diff -up kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp.me kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp
+--- kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp.me 2020-01-30 15:58:55.430416493 +0100
++++ kdelibs-4.14.38/kdecore/io/kfilesystemtype_p.cpp 2020-01-30 16:27:55.098089353 +0100
+@@ -94,7 +94,7 @@ KFileSystemType::Type determineFileSyste
+ //kDebug() << path << errno << strerror(errno);
+ return KFileSystemType::Unknown;
+ }
+- switch (buf.f_type) {
++ switch (static_cast<uintmax_t>(buf.f_type)) {
+ case NFS_SUPER_MAGIC:
+ case AUTOFS_SUPER_MAGIC:
+ case AUTOFSNG_SUPER_MAGIC:
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch
new file mode 100644
index 00000000..1f8352d7
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-openssl-1.1.patch
@@ -0,0 +1,999 @@
+From a015996bb55bbd63d94b227a2c82d0d97cd86ae8 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bauer <wbauer@tmo.at>
+Date: Wed, 25 Oct 2017 07:49:32 +0200
+Subject: [PATCH] Make kssl compile against OpenSSL 1.1.0
+
+OpenSSL 1.1.0 contains some source-incompatible changes, most notably
+making most of the structures opaque and introducing new getter/setter
+functions to modify the structures. This patch adds some of the newly
+introduced functions to the KOpenSSL class and modifies the code to
+call them. The implementation of those newly introduced methods
+contains both OpenSSL < 1.1 compatible code (direct structure member
+access) and calls to real functions resolved from OpenSSL>= 1.1
+library. Which implementation is used is decided at compile time. Some
+of the existing methods were renamed to match the OpenSSL 1.1 naming
+and to avoid conflicts with backward-compatibility names provided by
+OpenSSL 1.1.
+
+KSSLCertificate::toNetscape() returns empty result when built against
+OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL
+1.1 API (and there does not seem to be any).
+
+(Backport of commit 9a990c69c606126bcd60cd7718462aec2a92460d from
+kdelibs4support)
+---
+ kio/kssl/kopenssl.cpp | 250 ++++++++++++++++++++++++++++++++++++++-----
+ kio/kssl/kopenssl.h | 80 ++++++++++++--
+ kio/kssl/kssl.cpp | 4 -
+ kio/kssl/ksslcallback.c | 6 +-
+ kio/kssl/ksslcertchain.cpp | 53 +++------
+ kio/kssl/ksslcertificate.cpp | 68 +++++++-----
+ 6 files changed, 351 insertions(+), 110 deletions(-)
+
+diff --git a/kio/kssl/kopenssl.cpp b/kio/kssl/kopenssl.cpp
+index e3ca535b25..8f8b921159 100644
+--- a/kio/kssl/kopenssl.cpp
++++ b/kio/kssl/kopenssl.cpp
+@@ -75,18 +75,26 @@ static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L;
+ static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L;
+ static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L;
+ static void (*K_X509_STORE_free) (X509_STORE *) = 0L;
++static void (*K_X509_STORE_set_verify_cb)(X509_STORE *, int (*)(int, X509_STORE_CTX *)) = 0L;
+ static X509_STORE *(*K_X509_STORE_new) (void) = 0L;
+ static void (*K_X509_free) (X509 *) = 0L;
+ static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L;
+ static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L;
+ static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L;
++static void (*K_X509_get0_signature)(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x) = 0L;
+ static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L;
+ static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L;
+ static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L;
+ static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L;
+ static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static void (*K_CRYPTO_free) (void *) = 0L;
++#else
++static void (*K_CRYPTO_free)(void *, const char *, int) = 0L;
++#endif
+ static X509* (*K_X509_dup) (X509 *) = 0L;
++static ASN1_TIME *(*K_X509_getm_notBefore)(const X509 *) = 0L;
++static ASN1_TIME *(*K_X509_getm_notAfter)(const X509 *) = 0L;
+ static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L;
+ static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L;
+ static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L;
+@@ -118,13 +126,16 @@ static int (*K_SSL_get_error) (SSL*, int) = 0L;
+ static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L;
+ static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L;
+ static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L;
+-static void (*K_sk_free) (STACK*) = 0L;
+-static int (*K_sk_num) (STACK*) = 0L;
+-static char* (*K_sk_pop) (STACK*) = 0L;
+-static char* (*K_sk_value) (STACK*, int) = 0L;
+-static STACK* (*K_sk_new) (int (*)()) = 0L;
+-static int (*K_sk_push) (STACK*, char*) = 0L;
+-static STACK* (*K_sk_dup) (STACK *) = 0L;
++static X509 *(*K_X509_STORE_CTX_get_current_cert)(X509_STORE_CTX *) = 0L;
++static void (*K_X509_STORE_CTX_set_error)(X509_STORE_CTX *, int) = 0L;
++static int (*K_X509_STORE_CTX_get_error)(X509_STORE_CTX *) = 0L;
++static void (*K_OPENSSL_sk_free)(STACK *) = 0L;
++static int (*K_OPENSSL_sk_num)(STACK *) = 0L;
++static char *(*K_OPENSSL_sk_pop)(STACK *) = 0L;
++static char *(*K_OPENSSL_sk_value)(STACK *, int) = 0L;
++static STACK *(*K_OPENSSL_sk_new)(int (*)()) = 0L;
++static int (*K_OPENSSL_sk_push)(STACK *, char *) = 0L;
++static STACK *(*K_OPENSSL_sk_dup)(STACK *) = 0L;
+ static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L;
+ static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L;
+ static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L;
+@@ -164,6 +175,12 @@ static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L;
+ static int (*K_X509_check_purpose)(X509*,int,int) = 0L;
+ static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L;
+ static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L;
++static int (*K_EVP_PKEY_base_id)(EVP_PKEY *) = 0L;
++static RSA *(*K_EVP_PKEY_get0_RSA)(EVP_PKEY *) = 0L;
++static void (*K_RSA_get0_key)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L;
++static DSA *(*K_EVP_PKEY_get0_DSA)(EVP_PKEY *) = 0L;
++static void (*K_DSA_get0_pqg)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L;
++static void (*K_DSA_get0_key)(DSA *, const BIGNUM **, const BIGNUM **) = 0L;
+ static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L;
+ static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L;
+ static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L;
+@@ -410,7 +427,11 @@ KOpenSSLProxy::KOpenSSLProxy()
+ K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file");
+ K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name");
+ K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file");
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free");
++#else
++ K_CRYPTO_free = (void (*)(void *, const char *, int)) d->cryptoLib->resolveFunction("CRYPTO_free");
++#endif
+ K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509");
+ K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509");
+ K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp");
+@@ -419,15 +440,19 @@ KOpenSSLProxy::KOpenSSLProxy()
+ K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert");
+ K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new");
+ K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free");
++ K_X509_STORE_set_verify_cb = (void (*)(X509_STORE *, int (*)(int, X509_STORE_CTX *))) d->cryptoLib->resolveFunction("X509_STORE_set_verify_cb");
+ K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline");
+ K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name");
+ K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name");
++ K_X509_get0_signature = (void (*)(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *)) d->cryptoLib->resolveFunction("X509_get0_signature");
+ K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup");
+ K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file");
+ K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free");
+ K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl");
+ K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init");
+ K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup");
++ K_X509_getm_notBefore = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notBefore");
++ K_X509_getm_notAfter = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notAfter");
+ K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem");
+ K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new");
+ K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp");
+@@ -454,13 +479,26 @@ KOpenSSLProxy::KOpenSSLProxy()
+ K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new");
+ K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain");
+ K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose");
+- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free");
+- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num");
+- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop");
+- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value");
+- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new");
+- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push");
+- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup");
++ K_X509_STORE_CTX_get_current_cert = (X509 * (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_current_cert");
++ K_X509_STORE_CTX_set_error = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_error");
++ K_X509_STORE_CTX_get_error = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_error");
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_free");
++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_num");
++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_pop");
++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("OPENSSL_sk_value");
++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("OPENSSL_sk_new");
++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("OPENSSL_sk_push");
++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_dup");
++#else
++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("sk_free");
++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("sk_num");
++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("sk_pop");
++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("sk_value");
++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("sk_new");
++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("sk_push");
++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("sk_dup");
++#endif
+ K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER");
+ K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber");
+ K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey");
+@@ -504,6 +542,12 @@ KOpenSSLProxy::KOpenSSLProxy()
+ K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose");
+ K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0");
+ K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign");
++ K_EVP_PKEY_base_id = (int (*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_base_id");
++ K_EVP_PKEY_get0_RSA = (RSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_RSA");
++ K_RSA_get0_key = (void (*)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("ESA_get0_key");
++ K_EVP_PKEY_get0_DSA = (DSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_DSA");
++ K_DSA_get0_pqg = (void (*)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_pqg");
++ K_DSA_get0_key = (void (*)(DSA *, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_key");
+ K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey");
+ K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key");
+ K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp");
+@@ -866,6 +910,16 @@ void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) {
+ }
+
+
++void KOpenSSLProxy::X509_STORE_set_verify_cb(X509_STORE *store, int (*verify_cb)(int, X509_STORE_CTX *))
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ X509_STORE_set_verify_cb_func(store, verify_cb);
++#else
++ if (K_X509_STORE_set_verify_cb) (K_X509_STORE_set_verify_cb)(store, verify_cb);
++#endif
++}
++
++
+ X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) {
+ if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)();
+ return 0L;
+@@ -906,6 +960,17 @@ X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) {
+ }
+
+
++void KOpenSSLProxy::X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **algor, const X509 *x)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ if (psig) *psig = x->signature;
++ if (algor) *algor = x->sig_alg;
++#else
++ if (K_X509_get0_signature) return (K_X509_get0_signature)(psig, algor, x);
++#endif
++}
++
++
+ X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) {
+ if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m);
+ return 0L;
+@@ -934,9 +999,16 @@ void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ }
+
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ void KOpenSSLProxy::CRYPTO_free(void *x) {
+ if (K_CRYPTO_free) (K_CRYPTO_free)(x);
+ }
++#else
++void KOpenSSLProxy::CRYPTO_free(void *x, const char *file, int line)
++{
++ if (K_CRYPTO_free) K_CRYPTO_free(x, file, line);
++}
++#endif
+
+
+ X509 *KOpenSSLProxy::X509_dup(X509 *x509) {
+@@ -945,6 +1017,28 @@ X509 *KOpenSSLProxy::X509_dup(X509 *x509) {
+ }
+
+
++ASN1_TIME *KOpenSSLProxy::X509_getm_notBefore(const X509 *x)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return X509_get_notBefore(x);
++#else
++ if (K_X509_getm_notBefore) return (K_X509_getm_notBefore)(x);
++ else return 0L;
++#endif
++}
++
++
++ASN1_TIME *KOpenSSLProxy::X509_getm_notAfter(const X509 *x)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return X509_get_notAfter(x);
++#else
++ if (K_X509_getm_notAfter) return (K_X509_getm_notAfter)(x);
++ else return 0L;
++#endif
++}
++
++
+ BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) {
+ if (K_BIO_new) return (K_BIO_new)(type);
+ else return 0L;
+@@ -1093,25 +1187,25 @@ STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) {
+ }
+
+
+-void KOpenSSLProxy::sk_free(STACK *s) {
+- if (K_sk_free) (K_sk_free)(s);
++void KOpenSSLProxy::OPENSSL_sk_free(STACK *s) {
++ if (K_OPENSSL_sk_free) (K_OPENSSL_sk_free)(s);
+ }
+
+
+-int KOpenSSLProxy::sk_num(STACK *s) {
+- if (K_sk_num) return (K_sk_num)(s);
++int KOpenSSLProxy::OPENSSL_sk_num(STACK *s) {
++ if (K_OPENSSL_sk_num) return (K_OPENSSL_sk_num)(s);
+ else return -1;
+ }
+
+
+-char *KOpenSSLProxy::sk_pop(STACK *s) {
+- if (K_sk_pop) return (K_sk_pop)(s);
++char *KOpenSSLProxy::OPENSSL_sk_pop(STACK *s) {
++ if (K_OPENSSL_sk_pop) return (K_OPENSSL_sk_pop)(s);
+ else return 0L;
+ }
+
+
+-char *KOpenSSLProxy::sk_value(STACK *s, int n) {
+- if (K_sk_value) return (K_sk_value)(s, n);
++char *KOpenSSLProxy::OPENSSL_sk_value(STACK *s, int n) {
++ if (K_OPENSSL_sk_value) return (K_OPENSSL_sk_value)(s, n);
+ else return 0L;
+ }
+
+@@ -1125,20 +1219,52 @@ void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) {
+ }
+
+
+-STACK* KOpenSSLProxy::sk_dup(STACK *s) {
+- if (K_sk_dup) return (K_sk_dup)(s);
++X509 *KOpenSSLProxy::X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return v->current_cert;
++#else
++ if (K_X509_STORE_CTX_get_current_cert) return (K_X509_STORE_CTX_get_current_cert)(v);
++ else return 0L;
++#endif
++}
++
++
++void KOpenSSLProxy::X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ v->error = error;
++#else
++ if (K_X509_STORE_CTX_set_error) (K_X509_STORE_CTX_set_error)(v, error);
++#endif
++}
++
++
++int KOpenSSLProxy::X509_STORE_CTX_get_error(X509_STORE_CTX *v)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return v->error;
++#else
++ if (K_X509_STORE_CTX_get_error) return (K_X509_STORE_CTX_get_error)(v);
++ else return 0;
++#endif
++}
++
++
++STACK* KOpenSSLProxy::OPENSSL_sk_dup(STACK *s) {
++ if (K_OPENSSL_sk_dup) return (K_OPENSSL_sk_dup)(s);
+ else return 0L;
+ }
+
+
+-STACK* KOpenSSLProxy::sk_new(int (*cmp)()) {
+- if (K_sk_new) return (K_sk_new)(cmp);
++STACK* KOpenSSLProxy::OPENSSL_sk_new(int (*cmp)()) {
++ if (K_OPENSSL_sk_new) return (K_OPENSSL_sk_new)(cmp);
+ else return 0L;
+ }
+
+
+-int KOpenSSLProxy::sk_push(STACK* s, char* d) {
+- if (K_sk_push) return (K_sk_push)(s,d);
++int KOpenSSLProxy::OPENSSL_sk_push(STACK* s, char* d) {
++ if (K_OPENSSL_sk_push) return (K_OPENSSL_sk_push)(s,d);
+ else return -1;
+ }
+
+@@ -1423,6 +1549,74 @@ int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) {
+ else return -1;
+ }
+
++
++int KOpenSSLProxy::EVP_PKEY_base_id(EVP_PKEY *pkey)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return pkey->type;
++#else
++ if (K_EVP_PKEY_base_id) return (K_EVP_PKEY_base_id)(pkey);
++ else return 0;
++#endif
++}
++
++
++RSA *KOpenSSLProxy::EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return pkey->pkey.rsa;
++#else
++ if (K_EVP_PKEY_get0_RSA) return (K_EVP_PKEY_get0_RSA)(pkey);
++ else return 0L;
++#endif
++}
++
++
++void KOpenSSLProxy::RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ if (n) *n = rsa->n;
++ if (e) *e = rsa->e;
++ if (d) *d = rsa->d;
++#else
++ if (K_RSA_get0_key) (K_RSA_get0_key)(rsa, n, e, d);
++#endif
++}
++
++
++DSA *KOpenSSLProxy::EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ return pkey->pkey.dsa;
++#else
++ if (K_EVP_PKEY_get0_DSA) return (K_EVP_PKEY_get0_DSA)(pkey);
++ else return 0L;
++#endif
++}
++
++
++void KOpenSSLProxy::DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ if (p) *p = dsa->p;
++ if (q) *q = dsa->q;
++ if (g) *g = dsa->g;
++#else
++ if (K_DSA_get0_pqg) (K_DSA_get0_pqg)(dsa, p, q, g);
++#endif
++}
++
++
++void KOpenSSLProxy::DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ if (pub_key) *pub_key = dsa->pub_key;
++ if (priv_key) *priv_key = dsa->priv_key;
++#else
++ if (K_DSA_get0_key) (K_DSA_get0_key)(dsa, pub_key, priv_key);
++#endif
++}
++
+
+ int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) {
+ if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey);
+diff --git a/kio/kssl/kopenssl.h b/kio/kssl/kopenssl.h
+index ab05486336..ae3398fbef 100644
+--- a/kio/kssl/kopenssl.h
++++ b/kio/kssl/kopenssl.h
+@@ -297,6 +297,18 @@ public:
+
+
+ /*
++ * X509_getm_notBefore - get validity start
++ */
++ ASN1_TIME *X509_getm_notBefore(const X509 *x);
++
++
++ /*
++ * X509_getm_notAfter - get validity end
++ */
++ ASN1_TIME *X509_getm_notAfter(const X509 *x);
++
++
++ /*
+ * X509_STORE_CTX_new - create an X509 store context
+ */
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+@@ -313,11 +325,31 @@ public:
+ */
+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
+
++
+ /*
+ * X509_STORE_CTX_set_purpose - set the purpose of the certificate
+ */
+ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
+
++
++ /*
++ * X509_STORE_CTX_get_current_cert - get the current certificate
++ */
++ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v);
++
++
++ /*
++ * X509_STORE_CTX_set_error - set certificate error
++ */
++ void X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error);
++
++
++ /*
++ * X509_STORE_CTX_get_error - get certificate error
++ */
++ int X509_STORE_CTX_get_error(X509_STORE_CTX *v);
++
++
+ /*
+ * X509_verify_cert - verify the certificate
+ */
+@@ -337,6 +369,12 @@ public:
+
+
+ /*
++ * X509_STORE_set_verify_cb - set verify callback
++ */
++ void X509_STORE_set_verify_cb(X509_STORE *v, int (*verify_cb)(int, X509_STORE_CTX *));
++
++
++ /*
+ * X509_free - free up an X509
+ */
+ void X509_free(X509 *v);
+@@ -361,6 +399,12 @@ public:
+
+
+ /*
++ * X509_get0_signature - return X509 signature and signature algorithm
++ */
++ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x);
++
++
++ /*
+ * X509_STORE_add_lookup - add a lookup file/method to an X509 store
+ */
+ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+@@ -393,7 +437,11 @@ public:
+ /*
+ * CRYPTO_free - free up an internally allocated object
+ */
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ void CRYPTO_free(void *x);
++#else
++ void CRYPTO_free(void *x, const char *file, int line);
++#endif
+
+ /*
+ * BIO_new - create new BIO
+@@ -505,53 +553,53 @@ public:
+ /*
+ * Pop off the stack
+ */
+- char *sk_pop(STACK *s);
++ char *OPENSSL_sk_pop(STACK *s);
+
+
+ /*
+ * Free the stack
+ */
+- void sk_free(STACK *s);
++ void OPENSSL_sk_free(STACK *s);
+
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); }
++ void OPENSSL_sk_free(void *s) { return OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); }
+ #endif
+
+ /*
+ * Number of elements in the stack
+ */
+- int sk_num(STACK *s);
++ int OPENSSL_sk_num(STACK *s);
+
+
+ /*
+ * Value of element n in the stack
+ */
+- char *sk_value(STACK *s, int n);
++ char *OPENSSL_sk_value(STACK *s, int n);
+
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); }
++ char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); }
+ #endif
+
+ /*
+ * Create a new stack
+ */
+- STACK *sk_new(int (*cmp)());
++ STACK *OPENSSL_sk_new(int (*cmp)());
+
+
+ /*
+ * Add an element to the stack
+ */
+- int sk_push(STACK *s, char *d);
++ int OPENSSL_sk_push(STACK *s, char *d);
+
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
++ int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
+ #endif
+
+
+ /*
+ * Duplicate the stack
+ */
+- STACK *sk_dup(STACK *s);
++ STACK *OPENSSL_sk_dup(STACK *s);
+
+
+ /*
+@@ -800,6 +848,18 @@ public:
+
+
+ /*
++ * Get key type
++ */
++ int EVP_PKEY_base_id(EVP_PKEY *pkey);
++
++ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
++ void RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
++ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
++ void DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
++ void DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key);
++
++
++ /*
+ * Generate a RSA key
+ */
+ RSA *RSA_generate_key(int bits, unsigned long e, void
+diff --git a/kio/kssl/kssl.cpp b/kio/kssl/kssl.cpp
+index c36db55a42..faba1bb5ab 100644
+--- a/kio/kssl/kssl.cpp
++++ b/kio/kssl/kssl.cpp
+@@ -55,8 +55,6 @@
+ #warning "kssl.cc needs to be ported to QSslSocket"
+ #endif
+
+-#define sk_dup d->kossl->sk_dup
+-
+ class KSSLPrivate {
+ public:
+ KSSLPrivate() {
+@@ -212,5 +210,3 @@ bool KSSL::doesSSLWork() {
+ return m_bSSLWorks;
+ }
+
+-#undef sk_dup
+-
+diff --git a/kio/kssl/ksslcallback.c b/kio/kssl/ksslcallback.c
+index 516b916337..38e94356e8 100644
+--- a/kio/kssl/ksslcallback.c
++++ b/kio/kssl/ksslcallback.c
+@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found;
+ extern "C" {
+ static int X509Callback(int ok, X509_STORE_CTX *ctx) {
+
+- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth;
++ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth;
+ // Here is how this works. We put "ok = 1;" in any case that we
+ // don't consider to be an error. In that case, it will return OK
+ // for the certificate check as long as there are no other critical
+@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STORE_CTX *ctx) {
+
+ if (KSSL_X509CallBack_ca)
+ {
+- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0)
++ if (KOSSL::self()->X509_cmp(KOSSL::self()->X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0)
+ return 1; // Ignore errors for this certificate
+
+ KSSL_X509CallBack_ca_found = true;
+ }
+
+ if (!ok) {
+- switch (ctx->error) {
++ switch (KOSSL::self()->X509_STORE_CTX_get_error(ctx)) {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+diff --git a/kio/kssl/ksslcertchain.cpp b/kio/kssl/ksslcertchain.cpp
+index 2be7995bf8..cdfab2b5ae 100644
+--- a/kio/kssl/ksslcertchain.cpp
++++ b/kio/kssl/ksslcertchain.cpp
+@@ -44,16 +44,6 @@
+ #include <kdebug.h>
+ #include <QtCore/QStringList>
+
+-#ifdef KSSL_HAVE_SSL
+-#define sk_new d->kossl->sk_new
+-#define sk_push d->kossl->sk_push
+-#define sk_free d->kossl->sk_free
+-#define sk_value d->kossl->sk_value
+-#define sk_num d->kossl->sk_num
+-#define sk_dup d->kossl->sk_dup
+-#define sk_pop d->kossl->sk_pop
+-#endif
+-
+ class KSSLCertChainPrivate {
+ public:
+ KSSLCertChainPrivate() {
+@@ -79,11 +69,11 @@ KSSLCertChain::~KSSLCertChain() {
+ STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
+
+ for (;;) {
+- X509* x5 = sk_X509_pop(x);
++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x)));
+ if (!x5) break;
+ d->kossl->X509_free(x5);
+ }
+- sk_X509_free(x);
++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x));
+ }
+ #endif
+ delete d;
+@@ -106,7 +96,7 @@ KSSLCertChain *KSSLCertChain::replicate() {
+
+ int KSSLCertChain::depth() {
+ #ifdef KSSL_HAVE_SSL
+- return sk_X509_num((STACK_OF(X509)*)_chain);
++ return d->kossl->OPENSSL_sk_num(static_cast<STACK *>(_chain));
+ #endif
+ return 0;
+ }
+@@ -123,8 +113,8 @@ QList<KSSLCertificate *> KSSLCertChain::getChain() const {
+ #ifdef KSSL_HAVE_SSL
+ STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
+
+- for (int i = 0; i < sk_X509_num(x); i++) {
+- X509* x5 = sk_X509_value(x, i);
++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) {
++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i));
+ if (!x5) continue;
+ KSSLCertificate *nc = new KSSLCertificate;
+ nc->setCert(d->kossl->X509_dup(x5));
+@@ -142,18 +132,18 @@ void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) {
+ STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
+
+ for (;;) {
+- X509* x5 = sk_X509_pop(x);
++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK*>(x)));
+ if (!x5) break;
+ d->kossl->X509_free(x5);
+ }
+- sk_X509_free(x);
+- _chain = NULL;
++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK*>(x));
++ _chain = NULL;
+ }
+
+ if (chain.isEmpty()) return;
+- _chain = (void *)sk_new(NULL);
++ _chain = (void *)d->kossl->OPENSSL_sk_new(NULL);
+ foreach (KSSLCertificate *x, chain) {
+- sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert()));
++ d->kossl->OPENSSL_sk_push(static_cast<STACK*>(_chain), d->kossl->X509_dup(x->getCert()));
+ }
+
+ #endif
+@@ -166,23 +156,23 @@ if (_chain) {
+ STACK_OF(X509) *x = (STACK_OF(X509) *)_chain;
+
+ for (;;) {
+- X509* x5 = sk_X509_pop(x);
++ X509 *x5 = reinterpret_cast<X509 *>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x)));
+ if (!x5) break;
+ d->kossl->X509_free(x5);
+ }
+- sk_X509_free(x);
++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x));
+ _chain = NULL;
+ }
+
+ if (!stack_of_x509) return;
+
+-_chain = (void *)sk_new(NULL);
++_chain = (void *)d->kossl->OPENSSL_sk_new(NULL);
+ STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509;
+
+- for (int i = 0; i < sk_X509_num(x); i++) {
+- X509* x5 = sk_X509_value(x, i);
++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) {
++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i));
+ if (!x5) continue;
+- sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5));
++ d->kossl->OPENSSL_sk_push(reinterpret_cast<STACK *>(_chain), d->kossl->X509_dup(x5));
+ }
+
+ #else
+@@ -202,14 +192,3 @@ void KSSLCertChain::setCertChain(const QStringList& chain) {
+ setChain(cl);
+ }
+
+-
+-#ifdef KSSL_HAVE_SSL
+-#undef sk_new
+-#undef sk_push
+-#undef sk_free
+-#undef sk_value
+-#undef sk_num
+-#undef sk_dup
+-#undef sk_pop
+-#endif
+-
+diff --git a/kio/kssl/ksslcertificate.cpp b/kio/kssl/ksslcertificate.cpp
+index 0d4fbd9cdc..c93d5c5b22 100644
+--- a/kio/kssl/ksslcertificate.cpp
++++ b/kio/kssl/ksslcertificate.cpp
+@@ -200,14 +200,17 @@ QString KSSLCertificate::getSignatureText() const {
+ char *s;
+ int n, i;
+
+- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm);
++ const X509_ALGOR *algor;
++ const ASN1_BIT_STRING *sig;
++ d->kossl->X509_get0_signature(&sig, &algor, d->m_cert);
++ i = d->kossl->OBJ_obj2nid(algor->algorithm);
+ rc = i18n("Signature Algorithm: ");
+ rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i));
+
+ rc += '\n';
+ rc += i18n("Signature Contents:");
+- n = d->m_cert->signature->length;
+- s = (char *)d->m_cert->signature->data;
++ n = sig->length;
++ s = (char *)sig->data;
+ for (i = 0; i < n; ++i) {
+ if (i%20 != 0) {
+ rc += ':';
+@@ -233,9 +236,10 @@ void KSSLCertificate::getEmails(QStringList &to) const {
+ }
+
+ STACK *s = d->kossl->X509_get1_email(d->m_cert);
++ const int size = d->kossl->OPENSSL_sk_num(s);
+ if (s) {
+- for(int n=0; n < s->num; n++) {
+- to.append(d->kossl->sk_value(s,n));
++ for(int n=0; n < size; n++) {
++ to.append(d->kossl->OPENSSL_sk_value(s,n));
+ }
+ d->kossl->X509_email_free(s);
+ }
+@@ -317,13 +321,13 @@ QString rc = "";
+ EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert);
+ if (pkey) {
+ #ifndef NO_RSA
+- if (pkey->type == EVP_PKEY_RSA) {
++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) {
+ rc = "RSA";
+ }
+ else
+ #endif
+ #ifndef NO_DSA
+- if (pkey->type == EVP_PKEY_DSA) {
++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) {
+ rc = "DSA";
+ }
+ else
+@@ -347,8 +351,10 @@ char *x = NULL;
+ if (pkey) {
+ rc = i18nc("Unknown", "Unknown key algorithm");
+ #ifndef NO_RSA
+- if (pkey->type == EVP_PKEY_RSA) {
+- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n);
++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) {
++ const BIGNUM *n, *e;
++ d->kossl->RSA_get0_key(d->kossl->EVP_PKEY_get0_RSA(pkey), &n, &e, NULL);
++ x = d->kossl->BN_bn2hex(n);
+ rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n';
+
+ rc += i18n("Modulus: ");
+@@ -364,15 +370,18 @@ char *x = NULL;
+ rc += '\n';
+ d->kossl->OPENSSL_free(x);
+
+- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e);
++ x = d->kossl->BN_bn2hex(e);
+ rc += i18n("Exponent: 0x") + QLatin1String(x) +
+ QLatin1String("\n");
+ d->kossl->OPENSSL_free(x);
+ }
+ #endif
+ #ifndef NO_DSA
+- if (pkey->type == EVP_PKEY_DSA) {
+- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p);
++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) {
++ DSA *dsa = d->kossl->EVP_PKEY_get0_DSA(pkey);
++ const BIGNUM *p, *q, *g;
++ d->kossl->DSA_get0_pqg(dsa, &p, &q, &g);
++ x = d->kossl->BN_bn2hex(p);
+ // hack - this may not be always accurate
+ rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n';
+
+@@ -389,7 +398,7 @@ char *x = NULL;
+ rc += '\n';
+ d->kossl->OPENSSL_free(x);
+
+- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q);
++ x = d->kossl->BN_bn2hex(q);
+ rc += i18n("160 bit prime factor: ");
+ for (unsigned int i = 0; i < strlen(x); i++) {
+ if (i%40 != 0 && i%2 == 0) {
+@@ -403,7 +412,7 @@ char *x = NULL;
+ rc += '\n';
+ d->kossl->OPENSSL_free(x);
+
+- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g);
++ x = d->kossl->BN_bn2hex(g);
+ rc += QString("g: ");
+ for (unsigned int i = 0; i < strlen(x); i++) {
+ if (i%40 != 0 && i%2 == 0) {
+@@ -417,7 +426,9 @@ char *x = NULL;
+ rc += '\n';
+ d->kossl->OPENSSL_free(x);
+
+- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key);
++ const BIGNUM *pub_key;
++ d->kossl->DSA_get0_key(dsa, &pub_key, NULL);
++ x = d->kossl->BN_bn2hex(pub_key);
+ rc += i18n("Public key: ");
+ for (unsigned int i = 0; i < strlen(x); i++) {
+ if (i%40 != 0 && i%2 == 0) {
+@@ -682,7 +693,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
+ return errors;
+ }
+
+- X509_STORE_set_verify_cb_func(certStore, X509Callback);
++ d->kossl->X509_STORE_set_verify_cb(certStore, X509Callback);
+
+ certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file());
+ if (!certLookup) {
+@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
+ KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0;
+ KSSL_X509CallBack_ca_found = false;
+
+- certStoreCTX->error = X509_V_OK;
++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK);
+ rc = d->kossl->X509_verify_cert(certStoreCTX);
+- int errcode = certStoreCTX->error;
++ int errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX);
+ if (ca && !KSSL_X509CallBack_ca_found) {
+ ksslv = KSSLCertificate::Irrelevant;
+ } else {
+@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi
+ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX,
+ X509_PURPOSE_NS_SSL_SERVER);
+
+- certStoreCTX->error = X509_V_OK;
++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK);
+ rc = d->kossl->X509_verify_cert(certStoreCTX);
+- errcode = certStoreCTX->error;
++ errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX);
+ ksslv = processError(errcode);
+ }
+ d->kossl->X509_STORE_CTX_free(certStoreCTX);
+@@ -978,7 +989,7 @@ KSSLCertificate::KSSLValidation KSSLCertificate::processError(int ec) {
+
+ QString KSSLCertificate::getNotBefore() const {
+ #ifdef KSSL_HAVE_SSL
+- return ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert));
++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notBefore(d->m_cert));
+ #else
+ return QString();
+ #endif
+@@ -987,7 +998,7 @@ QString KSSLCertificate::getNotBefore() const {
+
+ QString KSSLCertificate::getNotAfter() const {
+ #ifdef KSSL_HAVE_SSL
+- return ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert));
++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notAfter(d->m_cert));
+ #else
+ return QString();
+ #endif
+@@ -996,7 +1007,7 @@ QString KSSLCertificate::getNotAfter() const {
+
+ QDateTime KSSLCertificate::getQDTNotBefore() const {
+ #ifdef KSSL_HAVE_SSL
+- return ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL);
++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notBefore(d->m_cert), NULL);
+ #else
+ return QDateTime::currentDateTime();
+ #endif
+@@ -1005,7 +1016,7 @@ QDateTime KSSLCertificate::getQDTNotBefore() const {
+
+ QDateTime KSSLCertificate::getQDTNotAfter() const {
+ #ifdef KSSL_HAVE_SSL
+- return ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL);
++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notAfter(d->m_cert), NULL);
+ #else
+ return QDateTime::currentDateTime();
+ #endif
+@@ -1210,7 +1221,8 @@ typedef struct NETSCAPE_X509_st
+ // what a piece of crap this is
+ QByteArray KSSLCertificate::toNetscape() {
+ QByteArray qba;
+-#ifdef KSSL_HAVE_SSL
++ // no equivalent in OpenSSL 1.1.0 (?), so behave as if we had no OpenSSL at all
++#if KSSL_HAVE_SSL && OPENSSL_VERSION_NUMBER < 0x10100000L
+ NETSCAPE_X509 nx;
+ ASN1_OCTET_STRING hdr;
+ KTemporaryFile ktf;
+@@ -1293,10 +1305,10 @@ QStringList KSSLCertificate::subjAltNames() const {
+ return rc;
+ }
+
+- int cnt = d->kossl->sk_GENERAL_NAME_num(names);
++ int cnt = d->kossl->OPENSSL_sk_num((STACK *)names);
+
+ for (int i = 0; i < cnt; i++) {
+- const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i);
++ const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->OPENSSL_sk_value(names, i);
+ if (val->type != GEN_DNS) {
+ continue;
+ }
+@@ -1308,7 +1320,7 @@ QStringList KSSLCertificate::subjAltNames() const {
+ rc += s;
+ }
+ }
+- d->kossl->sk_free(names);
++ d->kossl->OPENSSL_sk_free(names);
+ #endif
+ return rc;
+ }
+--
+2.13.6
+
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch
new file mode 100644
index 00000000..80bf12d4
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.38-qiodevice.patch
@@ -0,0 +1,19 @@
+diff -up kdelibs-4.14.38/kimgio/jp2.cpp.me kdelibs-4.14.38/kimgio/jp2.cpp
+--- kdelibs-4.14.38/kimgio/jp2.cpp.me 2020-08-27 17:41:44.809195175 +0200
++++ kdelibs-4.14.38/kimgio/jp2.cpp 2020-08-27 17:55:29.534742787 +0200
+@@ -103,13 +103,13 @@ static void jas_stream_initbuf(jas_strea
+ stream->bufmode_ |= bufmode & JAS_STREAM_BUFMODEMASK;
+ }
+
+-static int qiodevice_read(jas_stream_obj_t *obj, char *buf, int cnt)
++static int qiodevice_read(jas_stream_obj_t *obj, char *buf, unsigned int cnt)
+ {
+ QIODevice *io = (QIODevice*) obj;
+ return io->read(buf, cnt);
+ }
+
+-static int qiodevice_write(jas_stream_obj_t *obj, char *buf, int cnt)
++static int qiodevice_write(jas_stream_obj_t *obj, char *buf, unsigned int cnt)
+ {
+ QIODevice *io = (QIODevice*) obj;
+ return io->write(buf, cnt);
diff --git a/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild b/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild
new file mode 100644
index 00000000..ef347772
--- /dev/null
+++ b/kde-frameworks/kdelibs/kdelibs-4.14.38.ebuild
@@ -0,0 +1,286 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+QT_MINIMAL="4.8.7"
+inherit cmake-utils flag-o-matic toolchain-funcs xdg-utils
+
+DESCRIPTION="Libraries needed for programs by KDE"
+HOMEPAGE="https://www.kde.org/"
+SRC_URI="mirror://kde/stable/applications/17.08.3/src/${P}.tar.xz"
+
+KEYWORDS="~amd64 ~arm ~x86 ~amd64-linux ~x86-linux"
+LICENSE="LGPL-2.1"
+SLOT="4/4.14"
+IUSE="cpu_flags_x86_3dnow acl altivec +bzip2 debug doc fam +handbook kerberos
+libressl lzma cpu_flags_x86_mmx nls openexr opengl +plasma +policykit qt3support spell
+test cpu_flags_x86_sse cpu_flags_x86_sse2 ssl +udev +udisks +upower webkit zeroconf"
+
+REQUIRED_USE="
+ opengl? ( plasma )
+ udisks? ( udev )
+ upower? ( udev )
+"
+
+# needs the kate regression testsuite from svn
+RESTRICT="test"
+
+COMMONDEPEND="
+ app-text/docbook-xml-dtd:4.2
+ app-text/docbook-xsl-stylesheets
+ dev-lang/perl
+ >=dev-libs/libattica-0.4.2
+ dev-libs/libdbusmenu-qt[qt4(-)]
+ dev-libs/libpcre[unicode]
+ dev-libs/libxml2
+ dev-libs/libxslt
+ >=dev-qt/designer-${QT_MINIMAL}:4
+ >=dev-qt/qtcore-${QT_MINIMAL}:4[qt3support?,ssl]
+ >=dev-qt/qtdbus-${QT_MINIMAL}:4
+ >=dev-qt/qtdeclarative-${QT_MINIMAL}:4
+ >=dev-qt/qtgui-${QT_MINIMAL}:4[accessibility,dbus(+)]
+ >=dev-qt/qtscript-${QT_MINIMAL}:4
+ >=dev-qt/qtsvg-${QT_MINIMAL}:4
+ media-libs/fontconfig
+ media-libs/freetype:2
+ media-libs/giflib:=
+ media-libs/libpng:0=
+ media-libs/phonon[qt4(-)]
+ sys-libs/libutempter
+ sys-libs/zlib
+ virtual/jpeg:0
+ x11-libs/libICE
+ x11-libs/libSM
+ x11-libs/libX11
+ x11-libs/libXau
+ x11-libs/libXcursor
+ x11-libs/libXdmcp
+ x11-libs/libXext
+ x11-libs/libXfixes
+ x11-libs/libXft
+ x11-libs/libXpm
+ x11-libs/libXrender
+ x11-libs/libXScrnSaver
+ x11-libs/libXtst
+ x11-misc/shared-mime-info
+ acl? ( virtual/acl )
+ bzip2? ( app-arch/bzip2 )
+ fam? ( virtual/fam )
+ kerberos? ( virtual/krb5 )
+ openexr? (
+ media-libs/openexr:=
+ media-libs/ilmbase:=
+ )
+ opengl? ( >=dev-qt/qtopengl-${QT_MINIMAL}:4 )
+ plasma? (
+ app-crypt/qca:2-qt4
+ >=dev-qt/qtsql-${QT_MINIMAL}:4[qt3support?]
+ )
+ policykit? ( sys-auth/polkit-qt[qt4(-)] )
+ spell? ( app-text/enchant:= )
+ ssl? (
+ libressl? ( dev-libs/libressl:0= )
+ !libressl? ( dev-libs/openssl:0= )
+ )
+ udev? ( virtual/udev )
+ webkit? ( >=dev-qt/qtwebkit-${QT_MINIMAL}:4 )
+ zeroconf? ( net-dns/avahi[mdnsresponder-compat] )
+"
+DEPEND="${COMMONDEPEND}
+ >=dev-qt/qttest-${QT_MINIMAL}:4
+ doc? ( app-doc/doxygen )
+ nls? ( virtual/libintl )
+ test? ( dev-util/cppunit )
+"
+RDEPEND="${COMMONDEPEND}
+ !dev-qt/qtphonon
+ >=app-crypt/gnupg-2.0.11
+ app-misc/ca-certificates
+ kde-frameworks/kdelibs-env:4
+ kde-frameworks/oxygen-icons
+ sys-apps/dbus[X]
+ x11-apps/iceauth
+ x11-apps/rgb
+ x11-misc/xdg-utils
+ plasma? ( !sci-libs/plasma )
+ udev? ( app-misc/media-player-info )
+ udisks? ( sys-fs/udisks:2 )
+ upower? ( >=sys-power/upower-0.9.23 )
+"
+PDEPEND="
+ dev-util/automoc
+ virtual/pkgconfig
+ x11-base/xorg-proto
+ >=x11-libs/libXtst-1.1.0
+ x11-misc/xdg-utils
+ handbook? ( kde-apps/khelpcenter:* )
+ policykit? ( kde-plasma/polkit-kde-agent:* )
+"
+
+DOCS=( AUTHORS README{,-WIN32.TXT} TODO )
+
+PATCHES=(
+ "${FILESDIR}/dist/01_gentoo_set_xdg_menu_prefix-1.patch"
+ "${FILESDIR}/dist/02_gentoo_append_xdg_config_dirs-1.patch"
+ "${FILESDIR}/${PN}-4.14.5-fatalwarnings.patch"
+ "${FILESDIR}/${PN}-4.14.5-mimetypes.patch"
+ "${FILESDIR}/${PN}-4.4.90-xslt.patch"
+ "${FILESDIR}/${PN}-4.6.3-no_suid_kdeinit.patch"
+ "${FILESDIR}/${PN}-4.8.1-norpath.patch"
+ "${FILESDIR}/${PN}-4.9.3-werror.patch"
+ "${FILESDIR}/${PN}-4.10.0-udisks.patch"
+ "${FILESDIR}/${PN}-4.14.20-FindQt4.patch"
+ "${FILESDIR}/${PN}-4.14.22-webkit.patch"
+ "${FILESDIR}/${PN}-4.14.35-3dnow.patch"
+ "${FILESDIR}/${PN}-4.14.35-kde3support.patch"
+ "${FILESDIR}/${PN}-4.14.35-plasma4.patch"
+ "${FILESDIR}/${PN}-4.14.37-exiv2-cmake.patch"
+ "${FILESDIR}/${P}-CVE-2019-14744.patch"
+ "${FILESDIR}/${P}-kio-tls1x.patch"
+ "${FILESDIR}/${P}-narrowing-warning.patch"
+ "${FILESDIR}/${P}-openssl-1.1.patch"
+ "${FILESDIR}/${P}-qiodevice.patch"
+)
+
+src_prepare() {
+ cmake-utils_src_prepare
+
+ # Rename applications.menu (needs 01_gentoo_set_xdg_menu_prefix-1.patch to work)
+ sed -e 's|FILES[[:space:]]applications.menu|FILES applications.menu RENAME kde-4-applications.menu|g' \
+ -i kded/CMakeLists.txt || die "Sed on CMakeLists.txt for applications.menu failed."
+
+ if ! use opengl; then
+ sed -i -e "/if/ s/QT_QTOPENGL_FOUND/FALSE/" \
+ plasma/CMakeLists.txt plasma/tests/CMakeLists.txt includes/CMakeLists.txt \
+ || die "failed to sed out QT_QTOPENGL_FOUND"
+ fi
+}
+
+src_configure() {
+ local mycmakeargs=(
+ -DWITH_HSPELL=OFF
+ -DWITH_ASPELL=OFF
+ -DKDE_DEFAULT_HOME=.kde4
+ -DKDE_DISTRIBUTION_TEXT=Gentoo
+ -DKDE4_BUILD_TESTS=OFF
+ -DKAUTH_BACKEND=POLKITQT-1
+ -DSYSCONF_INSTALL_DIR="${EPREFIX}"/etc
+ -DWITH_Soprano=OFF
+ -DWITH_SharedDesktopOntologies=OFF
+ -DCMAKE_DISABLE_FIND_PACKAGE_Strigi=ON
+ -DBUILD_doc=$(usex handbook)
+ -DHAVE_X86_3DNOW=$(usex cpu_flags_x86_3dnow)
+ -DHAVE_PPC_ALTIVEC=$(usex altivec)
+ -DHAVE_X86_MMX=$(usex cpu_flags_x86_mmx)
+ -DHAVE_X86_SSE=$(usex cpu_flags_x86_sse)
+ -DHAVE_X86_SSE2=$(usex cpu_flags_x86_sse2)
+ -DWITH_ACL=$(usex acl)
+ -DWITH_BZip2=$(usex bzip2)
+ -DWITH_FAM=$(usex fam)
+ -DWITH_Jasper=OFF
+ -DWITH_GSSAPI=$(usex kerberos)
+ -DWITH_LibLZMA=$(usex lzma)
+ -DWITH_Libintl=$(usex nls)
+ -DWITH_OpenEXR=$(usex openexr)
+ -DWITH_PLASMA4SUPPORT=$(usex plasma)
+ -DWITH_QCA2=$(usex plasma)
+ -DWITH_PolkitQt-1=$(usex policykit)
+ -DWITH_KDE3SUPPORT=$(usex qt3support)
+ -DWITH_ENCHANT=$(usex spell)
+ -DWITH_OpenSSL=$(usex ssl)
+ -DWITH_UDev=$(usex udev)
+ -DWITH_SOLID_UDISKS2=$(usex udisks)
+ -DWITH_KDEWEBKIT=$(usex webkit)
+ -DWITH_Avahi=$(usex zeroconf)
+ )
+
+ use zeroconf || mycmakeargs+=( -DWITH_DNSSD=OFF )
+
+ if use debug; then
+ # Set "real" debug mode
+ CMAKE_KDE_BUILD_TYPE="Debugfull"
+ else
+ # Handle common release builds
+ append-cppflags -DQT_NO_DEBUG
+ fi
+
+ tc-is-cross-compiler || cmakeargs+=( -DCMAKE_INSTALL_PREFIX="${EPREFIX}/usr" )
+ #qmake -query QT_INSTALL_LIBS unavailable when cross-compiling
+ tc-is-cross-compiler && cmakeargs+=( -DQT_LIBRARY_DIR="${ROOT}"/usr/$(get_libdir)/qt4 )
+ #kde-config -path data unavailable when cross-compiling
+ tc-is-cross-compiler && cmakeargs+=( -DKDE4_DATA_DIR="${ROOT}"/usr/share/apps/ )
+
+ cmake-utils_src_configure
+}
+
+src_compile() {
+ cmake-utils_src_compile
+
+ # The building of apidox is not managed anymore by the build system
+ if use doc; then
+ einfo "Building API documentation"
+ cd "${S}"/doc/api/
+ ./doxygen.sh "${S}" || die "APIDOX generation failed"
+ fi
+}
+
+src_install() {
+ for doc in "${S}"/*/{AUTHORS,ChangeLog*,README*,TODO}; do
+ [[ -f ${doc} && -s ${doc} ]] && newdoc "${doc}" "$(basename $(dirname ${doc})).$(basename ${doc})"
+ done
+
+ cmake-utils_src_install
+
+ # We don't want /usr/share/doc/HTML to be compressed,
+ # because then khelpcenter can't find the docs
+ [[ -d ${ED}/usr/share/doc/HTML ]] &&
+ docompress -x /usr/share/doc/HTML
+
+ # use system certificates
+ rm -f "${ED}"/usr/share/apps/kssl/ca-bundle.crt || die
+ dosym ../../../../etc/ssl/certs/ca-certificates.crt /usr/share/apps/kssl/ca-bundle.crt
+
+ if use doc; then
+ einfo "Installing API documentation. This could take a bit of time."
+ cd "${S}"/doc/api/
+ docinto /HTML/en/kdelibs-apidox
+ dodoc -r ${P}-apidocs/*
+ fi
+
+ # We don't package it, so don't install headers
+ rm -r "${ED}"/usr/include/KDE/Nepomuk || die
+
+ einfo Installing environment file.
+ # Since 44qt4 is sourced earlier QT_PLUGIN_PATH is defined.
+ echo "COLON_SEPARATED=QT_PLUGIN_PATH" > "${T}/77kde"
+ echo "QT_PLUGIN_PATH=${EPREFIX}/usr/$(get_libdir)/kde4/plugins" >> "${T}/77kde"
+ doenvd "${T}/77kde"
+}
+
+pkg_postinst() {
+ xdg_desktop_database_update
+ xdg_mimeinfo_database_update
+
+ if use zeroconf; then
+ elog
+ elog "To make zeroconf support available in applications make sure that the avahi daemon"
+ elog "is running."
+ elog
+ elog "If you also want to use zeroconf for hostname resolution, emerge sys-auth/nss-mdns"
+ elog "and enable multicast dns lookups by editing the 'hosts:' line in /etc/nsswitch.conf"
+ elog "to include 'mdns', e.g.:"
+ elog " hosts: files mdns dns"
+ elog
+ fi
+}
+
+pkg_prerm() {
+ # Remove ksycoca4 global database
+ rm -f "${EROOT%/}"/usr/share/kde4/services/ksycoca4 || die
+}
+
+pkg_postrm() {
+ xdg_desktop_database_update
+ xdg_mimeinfo_database_update
+}
^ permalink raw reply related [flat|nested] 2+ messages in thread* [gentoo-commits] proj/kde-sunset:master commit in: kde-frameworks/kdelibs/files/, kde-frameworks/kdelibs/
@ 2020-08-16 16:45 Andreas Sturmlechner
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Sturmlechner @ 2020-08-16 16:45 UTC (permalink / raw
To: gentoo-commits
commit: 3421b7a366762d852cf27faec152ebd9408e7910
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Sun Aug 16 16:19:30 2020 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sun Aug 16 16:44:48 2020 +0000
URL: https://gitweb.gentoo.org/proj/kde-sunset.git/commit/?id=3421b7a3
kde-frameworks/kdelibs: Add support for exiv-0.27
Thanks-to: Tommy Yu <y <AT> metatoaster.com>
Package-Manager: Portage-3.0.2, Repoman-2.3.23
RepoMan-Options: --force
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
.../kdelibs/files/kdelibs-4.14.37-exiv2-cmake.patch | 12 ++++++++++++
kde-frameworks/kdelibs/kdelibs-4.14.37.ebuild | 1 +
2 files changed, 13 insertions(+)
diff --git a/kde-frameworks/kdelibs/files/kdelibs-4.14.37-exiv2-cmake.patch b/kde-frameworks/kdelibs/files/kdelibs-4.14.37-exiv2-cmake.patch
new file mode 100644
index 00000000..bca02430
--- /dev/null
+++ b/kde-frameworks/kdelibs/files/kdelibs-4.14.37-exiv2-cmake.patch
@@ -0,0 +1,12 @@
+--- a/cmake/modules/FindExiv2.cmake.orig 2014-11-07 07:33:50.000000000 +0900
++++ b/cmake/modules/FindExiv2.cmake 2018-12-24 15:47:52.000000000 +0900
+@@ -57,7 +57,7 @@
+
+ # Get the version number from exiv2/version.hpp and store it in the cache:
+ if(EXIV2_INCLUDE_DIR AND NOT EXIV2_VERSION)
+- file(READ ${EXIV2_INCLUDE_DIR}/exiv2/version.hpp EXIV2_VERSION_CONTENT)
++ file(READ ${EXIV2_INCLUDE_DIR}/exiv2/exv_conf.h EXIV2_VERSION_CONTENT)
+ string(REGEX MATCH "#define EXIV2_MAJOR_VERSION +\\( *([0-9]+) *\\)" _dummy "${EXIV2_VERSION_CONTENT}")
+ set(EXIV2_VERSION_MAJOR "${CMAKE_MATCH_1}")
+
+
diff --git a/kde-frameworks/kdelibs/kdelibs-4.14.37.ebuild b/kde-frameworks/kdelibs/kdelibs-4.14.37.ebuild
index b50daca5..2c8db386 100644
--- a/kde-frameworks/kdelibs/kdelibs-4.14.37.ebuild
+++ b/kde-frameworks/kdelibs/kdelibs-4.14.37.ebuild
@@ -138,6 +138,7 @@ PATCHES=(
"${FILESDIR}/${PN}-4.14.35-3dnow.patch"
"${FILESDIR}/${PN}-4.14.35-kde3support.patch"
"${FILESDIR}/${PN}-4.14.35-plasma4.patch"
+ "${FILESDIR}/${PN}-4.14.37-exiv2-cmake.patch"
)
src_prepare() {
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-12-04 13:48 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-04 13:48 [gentoo-commits] proj/kde-sunset:master commit in: kde-frameworks/kdelibs/files/, kde-frameworks/kdelibs/ Andreas Sturmlechner
-- strict thread matches above, loose matches on Subject: below --
2020-08-16 16:45 Andreas Sturmlechner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox