Bug#771761: unblock: kde4libs/4:4.14.2-4
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package kde4libs
Fixes RC bug. This is the last part of the three package fix that
will allow declining to accept a certificate for SSL to work.
unblock kde4libs/4:4.14.2-4
diff -Nru kde4libs-4.14.2/debian/changelog kde4libs-4.14.2/debian/changelog
--- kde4libs-4.14.2/debian/changelog 2014-10-23 22:51:47.000000000 -0400
+++ kde4libs-4.14.2/debian/changelog 2014-12-01 21:41:09.000000000 -0500
@@ -1,3 +1,14 @@
+kde4libs (4:4.14.2-4) unstable; urgency=medium
+
+ * Team upload.
+ * Add debian/patches/allow_cancel_ssl.diff (cherry-picked from 4.14.3) to
+ make it possible for cancelling certificate acceptance succeed (Closes:
+ #771744)
+ - Note: This completes the fixes for this issue. See #769852 for
+ kdepimlibs and #750995 for kdepim-runtime for the rest
+
+ -- Scott Kitterman <scott@kitterman.com> Mon, 01 Dec 2014 18:21:17 -0500
+
kde4libs (4:4.14.2-3) unstable; urgency=medium
* Manually fix symbols files.
diff -Nru kde4libs-4.14.2/debian/patches/allow_cancel_ssl.diff kde4libs-4.14.2/debian/patches/allow_cancel_ssl.diff
--- kde4libs-4.14.2/debian/patches/allow_cancel_ssl.diff 1969-12-31 19:00:00.000000000 -0500
+++ kde4libs-4.14.2/debian/patches/allow_cancel_ssl.diff 2014-12-01 18:20:00.000000000 -0500
@@ -0,0 +1,89 @@
+commit 38a89ca0195dedee30240647b86c7b6df6788723
+Author: Dawit Alemayehu <adawit@kde.org>
+Date: Tue Nov 4 07:23:56 2014 -0500
+
+ Allow user to cancel out of the certificate accept duration dialog box.
+
+ BUG: 335375
+ FIXED-IN: 4.14.3
+ REVIEW: 120975
+
+diff --git a/kio/kio/tcpslavebase.cpp b/kio/kio/tcpslavebase.cpp
+index cdf28f0..fe83310 100644
+--- a/kio/kio/tcpslavebase.cpp
++++ b/kio/kio/tcpslavebase.cpp
+@@ -815,45 +815,51 @@ TCPSlaveBase::SslResult TCPSlaveBase::verifyServerCertificate()
+ message = message.trimmed();
+
+ int msgResult;
++ QDateTime ruleExpiry = QDateTime::currentDateTime();
+ do {
+ msgResult = messageBox(WarningYesNoCancel, message,
+ i18n("Server Authentication"),
+ i18n("&Details"), i18n("Co&ntinue"));
+- if (msgResult == KMessageBox::Yes) {
++ switch (msgResult) {
++ case KMessageBox::Yes:
+ //Details was chosen- show the certificate and error details
+ messageBox(SSLMessageBox /*the SSL info dialog*/, d->host);
+- } else if (msgResult == KMessageBox::Cancel) {
+- return ResultFailed;
+- } else if (msgResult != KMessageBox::No) {
++ break;
++ case KMessageBox::No: {
++ //fall through on KMessageBox::No
++ const int result = messageBox(WarningYesNoCancel,
++ i18n("Would you like to accept this "
++ "certificate forever without "
++ "being prompted?"),
++ i18n("Server Authentication"),
++ i18n("&Forever"),
++ i18n("&Current Session only"));
++ if (result == KMessageBox::Yes) {
++ //accept forever ("for a very long time")
++ ruleExpiry = ruleExpiry.addYears(1000);
++ } else if (result == KMessageBox::No) {
++ //accept "for a short time", half an hour.
++ ruleExpiry = ruleExpiry.addSecs(30*60);
++ } else {
++ msgResult = KMessageBox::Yes;
++ }
++ break;
++ }
++ case KMessageBox::Cancel:
++ return ResultFailed;
++ default:
+ kWarning() << "Unexpected MessageBox response received:" << msgResult;
+ return ResultFailed;
+ }
+- //fall through on KMessageBox::No
+ } while (msgResult == KMessageBox::Yes);
+
+- //Save the user's choice to ignore the SSL errors.
+-
+- msgResult = messageBox(WarningYesNo,
+- i18n("Would you like to accept this "
+- "certificate forever without "
+- "being prompted?"),
+- i18n("Server Authentication"),
+- i18n("&Forever"),
+- i18n("&Current Session only"));
+- QDateTime ruleExpiry = QDateTime::currentDateTime();
+- if (msgResult == KMessageBox::Yes) {
+- //accept forever ("for a very long time")
+- ruleExpiry = ruleExpiry.addYears(1000);
+- } else {
+- //accept "for a short time", half an hour.
+- ruleExpiry = ruleExpiry.addSecs(30*60);
+- }
+-
+ //TODO special cases for wildcard domain name in the certificate!
+ //rule = KSslCertificateRule(d->socket.peerCertificateChain().first(), whatever);
+
+ rule.setExpiryDateTime(ruleExpiry);
+ rule.setIgnoredErrors(d->sslErrors);
++
++ //Save the user's choice to ignore the SSL errors.
+ cm->setRule(rule);
+
+ return ResultOk | ResultOverridden;
diff -Nru kde4libs-4.14.2/debian/patches/series kde4libs-4.14.2/debian/patches/series
--- kde4libs-4.14.2/debian/patches/series 2014-10-23 22:51:47.000000000 -0400
+++ kde4libs-4.14.2/debian/patches/series 2014-12-01 18:20:43.000000000 -0500
@@ -28,3 +28,4 @@
disable_bogus_test.diff
disable_bogus_tests
fix_solidlex_destroy_signature.patch
+allow_cancel_ssl.diff
Reply to: