Wolfgang Bauer authored Oct 25, 2017 and Ralf Habacker committed Jan 14, 2020

OpenSSL 1.1.0 contains some source-incompatible changes, most notably
making most of the structures opaque and introducing new getter/setter
functions to modify the structures. This patch adds some of the newly
introduced functions to the KOpenSSL class and modifies the code to
call them. The implementation of those newly introduced methods
contains both OpenSSL < 1.1 compatible code (direct structure member
access) and calls to real functions resolved from OpenSSL>= 1.1
library. Which implementation is used is decided at compile time. Some
of the existing methods were renamed to match the OpenSSL 1.1 naming
and to avoid conflicts with backward-compatibility names provided by
OpenSSL 1.1.

KSSLCertificate::toNetscape() returns empty result when built against
OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL
1.1 API (and there does not seem to be any).

(Backport of commit 9a990c69c606126bcd60cd7718462aec2a92460d from
kdelibs4support)

Summary:
Exclude kconf_update from being catched by uac on Windows

FIXED-IN:4.14.40
BUG:384334

Test Plan:
Compiled at https://build.opensuse.org/package/show/windows%3Amingw%3Awin32/mingw32-kdelibs4
and tested with KMyMoney snapshot for Windows downloadable
from https://software.opensuse.org/package/mingw32-kmymoney-portable

Reviewed at https://git.reviewboard.kde.org/r/130239/

It is very unclear at this point what a valid use case for this feature
would possibly be. The old documentation only mentions $(hostname) as
an example, which can be done with $HOSTNAME instead.

Note that $(...) is still supported in Exec lines of desktop files,
this does not require [$e] anyway (and actually works better without it,
otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...).

Thanks to Fabian Vogt for testing.

(This is a backport of KDE Frameworks 5 kconfig patch to kdelibs)

Differential Revision: https://phabricator.kde.org/D22989

Fixes T11309

CCMAIL: kossebau@kde.org

This explicitly sets the execution level to 'asInvoker', preventing
Windows' UAC heuristics from deciding that because its name mentions
"update", it probably needs to escalate privileges.

FIXED-IN:4.14.38
BUG:384334
REVIEW:130239

GIT_SILENT

GIT_SILENT

Arfrever Frehtes Taifersar Arahesis authored Sep 09, 2017 and Albert Astals Cid committed Sep 09, 2017

Summary: Forwarding a user-contributed patch.

Reviewers: aacid

Reviewed By: aacid

Differential Revision: https://phabricator.kde.org/D7748

GIT_SILENT

GIT_SILENT

Otherwise it errors out with:
"CMake Error at kdeui/CMakeLists.txt:316 (else): A duplicate ELSE
command was found inside an IF block."
Also adjust the indentation to match the surrounding lines and remove
the arguments from else() and endif().

Konqueror's about page doesn't show icons if the breeze icon theme is
used.
The reason is that khtml doesn't support SVG images.
This patch is supposed to fix it by allowing to use Qt's support in that
case.

This is a backport of commit ed5c039f2d1996545b95a24e9bff4264144f9f6d
in khtml

FIXED-IN: 4.14.35
CCBUG: 355872

GIT_SILENT

GIT_SILENT

CVE-2017-8422

GIT_SILENT

Andreas Schwab authored Apr 17, 2017 and Albert Astals Cid committed Apr 17, 2017

BUG: 373323

Backport from KF5 kio

GIT_SILENT

Fixup to commit 947ffe60 ("backport 02c3192 - Patch some memory leaks"),
which backported part of the fix in the wrong order, as it was first
returning and then deleting a pointer.

Noticed by Matthew Rezny <rezny@FreeBSD.org>.

GIT_SILENT

Remove user/password information
For https: remove path and query

Backport from kio f9d0cb47cf94e209f6171ac0e8d774e68156a6e4

This fixes building with GCC 7 which fails with
"ISO C++ forbids comparison between pointer and integer [-fpermissive]"

GIT_SILENT

GIT_SILENT

GIT_SILENT

This makes sure the reply from the user is used and sent back.

Fixes commit b68911a6.

(manual backport of commit 856a96852f566ed7eb855810e347f95003c25017 and
commit bd4be07823e422fa15bf4273e0bb9df35b866e35 from khtml)

GIT_SILENT

Backported from e2a6886 in kitemmodels.

If the row being removed from the source model isn't shown by KRFPM,
it's correct that we don't need to emit any signals, however we still
need to tell our base class QSFPM so that it updates the mappings
of the visible siblings below that removed row.

Testcase: deleting the Last Search folder in kmail
(full integration test for this testcase will be added to mailcommon).

REVIEW: 128428
CCBUG: 349789

Ignaz Forster authored Oct 22, 2016 and Albert Astals Cid committed Oct 22, 2016

Programs using KFileDialog's setConfirmOverwrite(true) (e.g. LibreOffice with KDE4 integration, Mozilla products with KDE4 integration, several components of the PIM suite) will trigger the following strange behaviour:
If the file name in the save file dialog is empty and the user selects "Save", the dialog will ask if you want to overwrite the current directory (instead of just ignoring the empty input).

By moving the query below the directory checks the order is correct again, showing the overwrite confirmation dialog only if the field contains a unique filename.

Looking at the code this also affects Frameworks 5 / kio, though I haven't tested it yet.

Acked by dfaure

REVIEW: 120127

Gerhard Gappmeier authored Oct 22, 2016 and Albert Astals Cid committed Oct 22, 2016

RFC3986 defines the following syntax for URI schemes
scheme = alpha *( alpha | digit | "+" | "-" | "." )

The '.' was missing which leaded to the problem that
xdg-open opc.tcp://localhost didn't work.

Background:
xdg-open calls kde-open which then uses KUrl and so leaded to this
problem. Of course this bug may affect also many other locations
using KUrl::isRelativeUrl.

This fix also adds a unit test to test the fix and avoid future
regressions.

Acked by dfaure

REVIEW: 129208