Bug#1121604: trixie-pu: package kleopatra/24.12.3-1+bpo13u1
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: kleopatra@packages.debian.org, hefee@debian.org
Control: affects -1 + src:kleopatra
User: release.debian.org@packages.debian.org
Usertags: pu
[ Reason ]
The version in Trixie is affected by #1120106, that makes it impossible
to use Kleoatra to decrypt files from terminal or from the GNOME shell,
Nautilus (file browser in GNOME).
[ Impact ]
GNOME users cannot really use Kleopatras features.
There are workarounds:
* You can open Kleopatra anf than select the file to decrypt.
* Similarly, if Kleopatra is already running, then double clicking on an
encrypted file will work.
* Once a single .gpg file has been decrypted in either of these ways,
subsequently .gpg files can be decrypted by double-clicking. They will
open in Kleopatra as expected, regardless of whether Kleopatra is
already open. This needs to done once every time Tails starts.
The bigger picture - Kleopatra is used within Tails and it is
recommend in the SecureDrop workflow (Tails 7.x is based on Trixie):
The SecureDrop (https://securedrop.org/) workflow for journalists, who receive
information from whistleblowers, relies on the functionality to open
pgp encrypted files from a file browser.
In the context of Tails they made it smoother by adding
a application/pgp-encrypted=org.kde.kleopatra.desktop file association.
[ Tests ]
The patch is provided by upstream and is released within KDEPIM 25.04,
so this patch was tested by a lot users already.
I tested this patch manually on my system and on Tails [1].
Uploaded a patched version to unstable. As unstable still has the same
version than stable (extect a patch to build against GpgME 2).
GpgME 2 is a backend that Kleopatra uses, that is not important in this
context.
https://gitlab.tails.boum.org/tails/tails/-/issues/21281#note_273448
[ Risks ]
The patch is narrow and short, so I think we will not end up with
new issues.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
Added an upstream patch and updates its hunks.
[ Other info ]
You are dooing a great job! Many thanks for doing the release work.
diff -Nru kleopatra-24.12.3/debian/changelog kleopatra-24.12.3/debian/changelog
--- kleopatra-24.12.3/debian/changelog 2025-03-29 18:49:59.000000000 +0100
+++ kleopatra-24.12.3/debian/changelog 2025-11-29 09:48:27.000000000 +0100
@@ -1,3 +1,11 @@
+kleopatra (4:24.12.3-1+bpo13u1) trixie; urgency=medium
+
+ [ Sandro Knauß ]
+ * Fix "Fails to start with a file argument on GNOME" by import upstream
+ patches. (Closes: #1120106)
+
+ -- Sandro Knauß <hefee@debian.org> Sat, 29 Nov 2025 09:48:27 +0100
+
kleopatra (4:24.12.3-1) unstable; urgency=medium
[ Patrick Franz ]
diff -Nru kleopatra-24.12.3/debian/patches/series kleopatra-24.12.3/debian/patches/series
--- kleopatra-24.12.3/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ kleopatra-24.12.3/debian/patches/series 2025-11-29 09:48:00.000000000 +0100
@@ -0,0 +1,2 @@
+# Fixed in 25.08.0
+upstream_rework-pinentry-parenting-on-wayland.patch
diff -Nru kleopatra-24.12.3/debian/patches/upstream_rework-pinentry-parenting-on-wayland.patch kleopatra-24.12.3/debian/patches/upstream_rework-pinentry-parenting-on-wayland.patch
--- kleopatra-24.12.3/debian/patches/upstream_rework-pinentry-parenting-on-wayland.patch 1970-01-01 01:00:00.000000000 +0100
+++ kleopatra-24.12.3/debian/patches/upstream_rework-pinentry-parenting-on-wayland.patch 2025-11-29 09:48:00.000000000 +0100
@@ -0,0 +1,156 @@
+From 22b75981b4c8b4c3bed9f8bddccb5473135f9be3 Mon Sep 17 00:00:00 2001
+From: Tobias Fella <tobias.fella@gnupg.com>
+Date: Wed, 12 Mar 2025 15:16:06 +0100
+Subject: [PATCH] Rework pinentry parenting on wayland
+
+The previous approach didn't work well when multiple kleopatra windows are involved, since we always exported the main window.
+Instead, we now listen to the focused window changing and always export this one. KWindowSystem makes sure that we don't actually
+export the same window twice and that windows that are deleted are cleaned up properly, so this shouldn't leak any resources.
+---
+ src/kleopatraapplication.cpp | 36 +++++++++++++++++++++++++++++++-----
+ src/mainwindow.cpp | 35 -----------------------------------
+ src/mainwindow.h | 2 --
+ 3 files changed, 31 insertions(+), 42 deletions(-)
+
+--- a/src/kleopatraapplication.cpp
++++ b/src/kleopatraapplication.cpp
+@@ -63,6 +63,11 @@
+ #include <KMessageBox>
+ #include <KWindowSystem>
+
++#if __has_include(<KWaylandExtras>)
++#include <KWaylandExtras>
++#define HAVE_WAYLAND
++#endif
++
+ #include <QDesktopServices>
+ #include <QDir>
+ #include <QFile>
+@@ -306,6 +311,12 @@ public:
+ }
+ return mw;
+ }
++ void exportFocusWindow()
++ {
++#ifdef HAVE_WAYLAND
++ KWaylandExtras::self()->exportWindow(QGuiApplication::focusWindow());
++#endif
++ }
+ };
+
+ class KleopatraProxyStyle : public QProxyStyle
+@@ -380,6 +391,26 @@ void KleopatraApplication::init()
+ d->sysTray->show();
+ }
+ #endif
++
++#ifdef HAVE_WAYLAND
++ connect(KWaylandExtras::self(), &KWaylandExtras::windowExported, this, [](const auto, const auto &token) {
++ qputenv("PINENTRY_GEOM_HINT", QUrl::toPercentEncoding(token));
++ });
++ connect(qApp, &QGuiApplication::focusWindowChanged, this, [this](auto w) {
++ if (!w) {
++ return;
++ }
++ d->exportFocusWindow();
++ });
++
++ QMetaObject::invokeMethod(
++ this,
++ [this]() {
++ d->exportFocusWindow();
++ },
++ Qt::QueuedConnection);
++#endif
++
+ if (!Kleo::userIsElevated()) {
+ // For users running Kleo with elevated permissions on Windows we
+ // always quit the application when the last window is closed.
+@@ -686,11 +717,6 @@ void KleopatraApplication::toggleMainWin
+ } else {
+ openOrRaiseMainWindow();
+ }
+- if (mainWindow()->isVisible()) {
+- mainWindow()->exportWindow();
+- } else {
+- mainWindow()->unexportWindow();
+- }
+ }
+
+ void KleopatraApplication::restoreMainWindow()
+--- a/src/mainwindow.cpp
++++ b/src/mainwindow.cpp
+@@ -96,11 +96,6 @@
+
+ #include <KSharedConfig>
+
+-#if __has_include(<KWaylandExtras>)
+-#include <KWaylandExtras>
+-#define HAVE_WAYLAND
+-#endif
+-
+ #include <chrono>
+ #include <vector>
+ using namespace std::chrono_literals;
+@@ -476,20 +471,6 @@ MainWindow::Private::Private(MainWindow
+ ui.searchTab->tabWidget()->setFlatModel(flatModel);
+ ui.searchTab->tabWidget()->setHierarchicalModel(hierarchicalModel);
+
+-#ifdef HAVE_WAYLAND
+- connect(KWaylandExtras::self(), &KWaylandExtras::windowExported, q, [this](const auto &window, const auto &token) {
+- if (window == q->windowHandle()) {
+- qputenv("PINENTRY_GEOM_HINT", QUrl::toPercentEncoding(token));
+- }
+- });
+- QMetaObject::invokeMethod(
+- q,
+- [this]() {
+- q->exportWindow();
+- },
+- Qt::QueuedConnection);
+-#endif
+-
+ setupActions();
+
+ ui.stackWidget->setCurrentWidget(ui.searchTab);
+@@ -876,7 +857,6 @@ void MainWindow::closeEvent(QCloseEvent
+ setEnabled(true);
+ }
+ }
+- unexportWindow();
+ if (isQuitting || qApp->isSavingSession() || Kleo::userIsElevated()) {
+ d->ui.searchTab->tabWidget()->saveViews();
+ KConfigGroup grp(KConfigGroup(KSharedConfig::openConfig(), autoSaveGroup()));
+@@ -982,21 +962,6 @@ void MainWindow::saveProperties(KConfigG
+ cg.writeEntry("hidden", isHidden());
+ }
+
+-void MainWindow::exportWindow()
+-{
+-#ifdef HAVE_WAYLAND
+- (void)winId(); // Ensures that windowHandle() returns the window
+- KWaylandExtras::self()->exportWindow(windowHandle());
+-#endif
+-}
+-
+-void MainWindow::unexportWindow()
+-{
+-#ifdef HAVE_WAYLAND
+- KWaylandExtras::self()->unexportWindow(windowHandle());
+-#endif
+-}
+-
+ KeyListController *MainWindow::keyListController()
+ {
+ return &d->controller;
+--- a/src/mainwindow.h
++++ b/src/mainwindow.h
+@@ -32,8 +32,6 @@ public:
+
+ public Q_SLOTS:
+ void importCertificatesFromFile(const QStringList &files);
+- void exportWindow();
+- void unexportWindow();
+
+ protected:
+ QByteArray savedGeometry;
Reply to: