diff options
Diffstat (limited to 'mail-client/trojita')
| -rw-r--r-- | mail-client/trojita/Manifest | 5 | ||||
| -rw-r--r-- | mail-client/trojita/files/trojita-0.7-CVE-2019-10734.patch | 104 | ||||
| -rw-r--r-- | mail-client/trojita/files/trojita-0.7-CVE-2020-15047.patch | 82 | ||||
| -rw-r--r-- | mail-client/trojita/files/trojita-0.7-cmake-cxx11.patch | 66 | ||||
| -rw-r--r-- | mail-client/trojita/files/trojita-0.7-qt-5.13.patch | 37 | ||||
| -rw-r--r-- | mail-client/trojita/trojita-0.7-r4.ebuild | 86 |
6 files changed, 380 insertions, 0 deletions
diff --git a/mail-client/trojita/Manifest b/mail-client/trojita/Manifest index a2832c689eb3..a0cb9bb482d8 100644 --- a/mail-client/trojita/Manifest +++ b/mail-client/trojita/Manifest @@ -1,8 +1,13 @@ +AUX trojita-0.7-CVE-2019-10734.patch 4701 BLAKE2B d7c41789e57fcab16f616702d427bffce348376f0d9fc16fc02c37257409a819bc2d157652e5671a6a2c6f7b06b64b325b3f08d8977654cf52028f7cda25f2dd SHA512 db96a566924b5d7b80787ab624af3726d5dd3459653192436a377d6482ab73801a7dcca1df1b1d937cf0d0798b827e04f8ef2c1124f91dc9da3e8036ef61e28a +AUX trojita-0.7-CVE-2020-15047.patch 3286 BLAKE2B 4cccc6eb6ad6826f176c19d8fd2cc1c23c661b222d8e884bd45ee700d8db856b45d76f90ad387bdd2b3996c3f97af89f60bd9b44c3bf4e8456a607b4f3c1e91f SHA512 82ed94860b8e71b66093548535cd5970dc28bbc5c023cb73e0474bfe33e49f889d08c095536cbda6242e260b742c59a7ada7a0a003bb4f6302f3e547da52cd48 +AUX trojita-0.7-cmake-cxx11.patch 2442 BLAKE2B ce2f29c96c93f254ccade934cfa6ad38f863c5e6b30cb9c45e92c6299a10e28a58a32a0515fe122e5beee0f82b154f9421519a6a211e6b9a3b6d1238ce09dd08 SHA512 2b2723be49d097fb1ca9d51ecbb30d2a4b3e766edc232eb8cc25b537f32c0dd0b8aeb24c3ae3b38929775f31262e36a0ba078e335076cab9b20d5ac8b41c0e60 AUX trojita-0.7-gpg-tests.patch 1465 BLAKE2B f336368c8166987dc096991a0855a05d83374b7d509dbd8b39e7a12f6f8b14b86c6405ea55882192601163cee9eadaf9ab306bfbdcae347857bf4dc2f3c5908a SHA512 e494de83085dbbd7c545e47fcb1116cfb48e787f7b8706bee51f30f74a9047d1cf835f20086355671643ee0ef88d01428683999765d4bb59c3d9d943e92c69eb AUX trojita-0.7-gpgme.patch 1416 BLAKE2B dba95c0954a6ac704e5145d140e905bf6f886db4b84f7a5dbc67ea0494b188d9ff79ccf096faaedc6a179167bc9394ced0203e9df69cc6368694e885fbb61836 SHA512 4031feb66e7ce53e5669e00dd8ca91a6a53a22207aae90e13ef38012777b76275911d78fbdcd58809571a7c649fb4025cdb7de97e9793102c62f5e8b7b0561e1 AUX trojita-0.7-qt-5.11b3.patch 9678 BLAKE2B 0bcf00db610594ff084f5ca3bcfe2d3ad40d44b461358c4b9fc730f6dba787d82837c16f2e6bc84df9d3f57ac404d7c006fc7db223efeacfb9e833b6209b4374 SHA512 c16f3a7b9555e70e61656eb8caf25f778ec14a1dfdd18f786ddc3d8ee49b28fd39c4f438d051dbf961afbaf8cafc3d84a5befa10111ba216b4dec300cd67e228 +AUX trojita-0.7-qt-5.13.patch 1044 BLAKE2B 4c110d49c9352f526470b2af255c98c8f8b80df0ddc6da5a8fdecee9a1d5000c473a17f64790ffa95e20f03431ddb7fc294bb1e20d11fd549ca4451bb030ebba SHA512 bce7713fb5bef29b2b189d281dee57ddfc57f1c0601f424aba2185668215878b9bfd3bb80f0d2f8b73219e782db5e64973e79190fe62afa8ba98327535139146 AUX trojita-0.7-qt-5.15.patch 774 BLAKE2B 0c1de7d7eebc9782d2e3e889365b283b3c5c82b7d792f167783857e8544f29f0a29284923a9b5f2974a5dbf8b9b3e6147c14654d78a57b67b8151407a63863b6 SHA512 42d45246c49ae99d9a49ed2c2186042427c8ea35b84123c876951f1d9ddcf9236acd14fd36e592041296ca6f6200e20eca786c967dade37bf8be8148dd7b3cca DIST trojita-0.7.tar.xz 1038212 BLAKE2B 92dfb01fc1849d04958fd26ea731835c7287d5a6989d8e0c97c6679ce8f1c9f33a0f67c3f293fc85188e9d289c0dddee9847f4151b6f64396f3de86635b11f32 SHA512 fe4d9316f97d913619f27d24a5023c3d8dd4a6b9fb058651be12c67188f394aa8cbb60c7593e5eb28fc12fc883b76deeeb5f4f631edd255fdec4c5862c9a91c8 EBUILD trojita-0.7-r2.ebuild 1732 BLAKE2B 4fe9fbd095244f6ca733b7fd7437669d671e96bc288161510f1c523f008abe061df3412d2303099a7511ffff96a5873cb69d8ac4b7bed7ff3176f89306c1fc17 SHA512 614426f9fe99c130354991db3fb4f1f986df2329912edbdd91a1bf201a40ea5eae8a05105f675d136a00563aea397e6ec1140f49c3a296a4b360f490dd565079 +EBUILD trojita-0.7-r4.ebuild 1931 BLAKE2B 4fbb5a511d7d756c79295344802e515d8f3d62aef2b82793d6be8be53d0fbe9383af5de8a949f3e3c6d4c608cef1d783f45e4fee538e112e21332477f832d364 SHA512 b34621b29c94c7758eb4741f3832e0da93b0a600444f3cd2d71105a51e7844a3bf741ea6d26bfc60095ea2fbb5405e7ed8de70e913a4a5e7cee0c1c6d24027fa EBUILD trojita-9999.ebuild 1791 BLAKE2B 13bf1d7c29c274cc473948fc40058de9757d6ad51911767c29c961303510f52d6f215365d90ad7d8e0085be610d4edc25df07e443757678f4ff71a8f245de14e SHA512 8f3e67e677262e29a2d26996d741f2fa4685f9c480791e95eb5d925c37dfcc2d3316b5129e0fc677951f0b174ae89e53e35223a6cbc9620f85fea5b16d0cc945 MISC metadata.xml 766 BLAKE2B b3fccdefcadc2ab93429fd991581a8b085546605ad00e68899a2d731f2217113f7271d5b53cef35dfab8063db05fd9662bdaff715a95bf73cfd8fa9c636f184f SHA512 b13adf41bd68543886b25fb0dfdc3c924e5fc050de4f4bbea383e91cb2d4542de83050695bd67b913f2707d8f6a689d6d387253c718ec7c78dd50abed3a3f633 diff --git a/mail-client/trojita/files/trojita-0.7-CVE-2019-10734.patch b/mail-client/trojita/files/trojita-0.7-CVE-2019-10734.patch new file mode 100644 index 000000000000..d52edb042ad8 --- /dev/null +++ b/mail-client/trojita/files/trojita-0.7-CVE-2019-10734.patch @@ -0,0 +1,104 @@ +From 8db7f450d52539b4c72ee968384911b6813ad1e7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Kundr=C3=A1t?= <jkt@kde.org> +Date: Thu, 25 Jun 2020 21:39:34 +0200 +Subject: [PATCH] Prevent a possible decryption oracle attack +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Thanks to Jens Mueller (Ruhr-Uni Bochum and FH Münster) for reporting +this. The gist is that an attacker can embed arbitrary ciphertext into +their messages. Trojita decrypts that, and when we hit reply, the +original *cleartext* gets quoted and put into a reply for the attacker +to see. + +Fix this by not quoting any plaintext which originated in an encrypted +message. That's pretty draconian, but hey, it works and we never came up +with any better patch. Also, given that Trojita does not encrypt +outgoing messages yet, this is probably also a conservative thing to do. + +Change-Id: I84c45b9e707eb7c99eb7183c6ef59ef41cd62c43 +CVE: CVE-2019-10734 +BUG: 404697 +--- + src/Cryptography/GpgMe++.cpp | 2 ++ + src/Gui/MessageView.cpp | 9 ++++++++- + src/Gui/PartWidget.cpp | 8 ++++++++ + src/Imap/Model/ItemRoles.h | 2 +- + 4 files changed, 19 insertions(+), 2 deletions(-) + +diff --git a/src/Cryptography/GpgMe++.cpp b/src/Cryptography/GpgMe++.cpp +index e012f603..716b8aff 100644 +--- a/src/Cryptography/GpgMe++.cpp ++++ b/src/Cryptography/GpgMe++.cpp +@@ -267,6 +267,8 @@ QVariant GpgMePart::data(int role) const + switch (role) { + case Imap::Mailbox::RolePartSignatureVerifySupported: + return m_wasSigned; ++ case RolePartDecryptionSupported: ++ return m_isAllegedlyEncrypted; + case RolePartCryptoNotFinishedYet: + return m_waitingForData || + (m_crypto.valid() && +diff --git a/src/Gui/MessageView.cpp b/src/Gui/MessageView.cpp +index 7d649308..c95e0878 100644 +--- a/src/Gui/MessageView.cpp ++++ b/src/Gui/MessageView.cpp +@@ -354,7 +354,6 @@ bool MessageView::eventFilter(QObject *object, QEvent *event) + QString MessageView::quoteText() const + { + if (auto w = bodyWidget()) { +- QStringList quote = Composer::quoteText(w->quoteMe().split(QLatin1Char('\n'))); + const Imap::Message::Envelope &e = message.data(Imap::Mailbox::RoleMessageEnvelope).value<Imap::Message::Envelope>(); + QString sender; + if (!e.from.isEmpty()) +@@ -362,6 +361,14 @@ QString MessageView::quoteText() const + if (e.from.isEmpty()) + sender = tr("you"); + ++ if (messageModel->index(0, 0) /* fake message root */.child(0, 0) /* first MIME part */.data(Imap::Mailbox::RolePartDecryptionSupported).toBool()) { ++ // This is just an UX improvement shortcut: real filtering for CVE-2019-10734 is in ++ // MultipartSignedEncryptedWidget::quoteMe(). ++ // That is required because the encrypted part might not be the root part of the message. ++ return tr("On %1, %2 sent an encrypted message:\n> ...\n\n").arg(e.date.toLocalTime().toString(Qt::SystemLocaleLongDate), sender); ++ } ++ ++ QStringList quote = Composer::quoteText(w->quoteMe().split(QLatin1Char('\n'))); + // One extra newline at the end of the quoted text to separate the response + quote << QString(); + +diff --git a/src/Gui/PartWidget.cpp b/src/Gui/PartWidget.cpp +index bb27604d..96eff338 100644 +--- a/src/Gui/PartWidget.cpp ++++ b/src/Gui/PartWidget.cpp +@@ -378,6 +378,14 @@ void MultipartSignedEncryptedWidget::updateStatusIndicator() + + QString MultipartSignedEncryptedWidget::quoteMe() const + { ++ if (m_partIndex.data(Imap::Mailbox::RolePartDecryptionSupported).toBool()) { ++ // See CVE-2019-10734, the point is not to leak cleartext from encrypted content. Even when Trojita starts supporting ++ // encryption of outgoing mail, we will have to check whether the encrypted cleartext is from the same sender, whether ++ // it matches the list of recipients (which is dynamic and can be set later on), etc etc. ++ // TL;DR, this is a can of worms. ++ return tr("[Encrypted message]"); ++ } ++ + return quoteMeHelper(children()); + } + +diff --git a/src/Imap/Model/ItemRoles.h b/src/Imap/Model/ItemRoles.h +index 4588d4d0..00adb3bb 100644 +--- a/src/Imap/Model/ItemRoles.h ++++ b/src/Imap/Model/ItemRoles.h +@@ -193,7 +193,7 @@ enum { + RolePartSignatureVerifySupported, + /** @short Is the format of this particular multipart/encrypted supported and recognized? + +- See RolePartSignatureVerifySupported, this is an equivalent. ++ If true, this message part represents content of an encrypted message that Trojita can attempt to decrypt. + */ + RolePartDecryptionSupported, + /** @short Is there any point in waiting longer? +-- +GitLab + diff --git a/mail-client/trojita/files/trojita-0.7-CVE-2020-15047.patch b/mail-client/trojita/files/trojita-0.7-CVE-2020-15047.patch new file mode 100644 index 000000000000..44f1a5dab018 --- /dev/null +++ b/mail-client/trojita/files/trojita-0.7-CVE-2020-15047.patch @@ -0,0 +1,82 @@ +From 77ddd5d44f2bf4155d0c9b6f7d05f01713b32d5d Mon Sep 17 00:00:00 2001 +From: Jan Kundrát <jkt@kde.org> +Date: Thu, 25 Jun 2020 11:30:51 +0200 +Subject: [PATCH] SMTP: Do not ignore TLS errors + +This fixes a CVE-2020-15047 (category: CWE-295). Since commit 0083eea5ed +which added initial, experimental support for SMTP message submission, +we have apparently never implemented proper SSL/TLS error handling, and +the code has ever since just kept silently ignoring any certificate +verification errors. As a result, Trojita was susceptible to a MITM +attack when sending e-mails. The information leaked include user's +authentication details, including the password, and the content of sent +messages. + +Sorry for this :(. + +Now, this patch re-enabes proper TLS error handling. It was not possible +to directly re-use our code for TLS key pinning which we are using for +IMAP connections. In the Qt TLS code, the decision to accept or not +accept a TLS connection is a blocking one, so the IMAP code relies upon +the protocol state machine (i.e., another layer) for deciding whether to +use or not to use the just-established TLS connection. Implementing an +equivalent code in the SMTP library would be nice, but this hot-fix has +a priority. As a result, SMTP connections to hosts with, e.g., +self-signed TLS certs, are no longer possible. Let's hope that this is +not a practical problem with Lets Encrypt anymore. + +Thanks to Damian Poddebniak for reporting this bug. + +Change-Id: Icd6bbb2b0fb3e45159fc9699ebd07ab84262fe37 +CVE: CVE-2020-15047 +BUG: 423453 +--- + +diff --git a/src/MSA/SMTP.cpp b/src/MSA/SMTP.cpp +index 3a05451..ac1eefc 100644 +--- a/src/MSA/SMTP.cpp ++++ b/src/MSA/SMTP.cpp +@@ -21,6 +21,7 @@ + along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + #include "SMTP.h" ++#include "UiUtils/Formatting.h" + + namespace MSA + { +@@ -32,8 +33,8 @@ + user(user), failed(false), isWaitingForPassword(false), sendingMode(MODE_SMTP_INVALID) + { + qwwSmtp = new QwwSmtpClient(this); +- // FIXME: handle SSL errors properly +- connect(qwwSmtp, &QwwSmtpClient::sslErrors, qwwSmtp, &QwwSmtpClient::ignoreSslErrors); ++ // FIXME: handle SSL errors in the same way as we handle IMAP TLS errors, with key pinning, etc. ++ connect(qwwSmtp, &QwwSmtpClient::sslErrors, this, &SMTP::handleSslErrors); + connect(qwwSmtp, &QwwSmtpClient::connected, this, &AbstractMSA::sending); + connect(qwwSmtp, &QwwSmtpClient::done, this, &SMTP::handleDone); + connect(qwwSmtp, &QwwSmtpClient::socketError, this, &SMTP::handleError); +@@ -78,6 +79,12 @@ + emit error(msg); + } + ++void SMTP::handleSslErrors(const QList<QSslError>& errors) ++{ ++ auto msg = UiUtils::Formatting::sslErrorsToHtml(errors); ++ emit error(tr("<p>Cannot send message due to an SSL/TLS error</p>\n%1").arg(msg)); ++} ++ + void SMTP::setPassword(const QString &password) + { + pass = password; +diff --git a/src/MSA/SMTP.h b/src/MSA/SMTP.h +index 453407d..913bb87 100644 +--- a/src/MSA/SMTP.h ++++ b/src/MSA/SMTP.h +@@ -43,6 +43,7 @@ + virtual void setPassword(const QString &password); + void handleDone(bool ok); + void handleError(QAbstractSocket::SocketError err, const QString &msg); ++ void handleSslErrors(const QList<QSslError>& errors); + private: + QwwSmtpClient *qwwSmtp; + QString host; diff --git a/mail-client/trojita/files/trojita-0.7-cmake-cxx11.patch b/mail-client/trojita/files/trojita-0.7-cmake-cxx11.patch new file mode 100644 index 000000000000..71ab15950b83 --- /dev/null +++ b/mail-client/trojita/files/trojita-0.7-cmake-cxx11.patch @@ -0,0 +1,66 @@ +From e2e35bfda75a2f4950408c93ede72fabfe86360e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Kundr=C3=A1t?= <jkt@kde.org> +Date: Wed, 19 Oct 2016 22:15:16 +0200 +Subject: [PATCH] cmake: Speed up cmake by using native features for enforcing + C++11 + +This saves about 8 seconds in my (limited) testing with a 2016-era +laptop with plenty of RAM and a fast SSD. + +We still attempt to support ancient pre-3.1 CMake by adding that blurb +into CXXFLAGS, maybe it even works. + +I should probably start tracking time I spend supporting old +environments and evaluate whether this is worth the effort. Once we are +ready to distribute flatpaks/appimages/whatevers, I suspect that my life +will become much easier. + +Change-Id: Ibbbe3d8440a7d29ef27440a99938d313bfe9699f +--- + CMakeLists.txt | 26 ++-- + 24 files changed, 8 insertions(+), 468 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 9393b19c..92a682f7 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -18,6 +18,14 @@ if(POLICY CMP0043) + cmake_policy(SET CMP0043 OLD) + endif() + ++if(CMAKE_VERSION VERSION_LESS "3.1") ++ # If you aren't using and old Linux with an old GCC and old CMake, please just upgrade. ++ set(CMAKE_CXX_FLAGS "--std=c++11 ${CMAKE_CXX_FLAGS}") ++else() ++ set(CMAKE_CXX_STANDARD 11) ++ set(CMAKE_CXX_STANDARD_REQUIRED ON) ++endif() ++ + # Set a default build type if none was specified. This was shamelessly stolen + # from VTK's cmake setup because these guys produce both CMake and a project that + # manipulates this variable, and the web is full of posts where people say that +@@ -34,24 +42,6 @@ endif() + + set(CMAKE_POSITION_INDEPENDENT_CODE ON) + +-include(FindCXXFeatures) +-if(NOT CXXFeatures_auto_FOUND) +- message(SEND_ERROR "Your compiler doesn't support C++11's auto") +-endif() +-if(NOT CXXFeatures_static_assert_FOUND) +- message(SEND_ERROR "Your compiler doesn't support C++11's static_assert") +-endif() +-if(NOT CXXFeatures_alignof_FOUND) +- message(SEND_ERROR "Your compiler doesn't support C++11's alignof") +-endif() +-if(NOT CXXFeatures_nullptr_FOUND) +- message(SEND_ERROR "Your compiler doesn't support C++11's nullptr") +-endif() +-if(NOT CXXFeatures_lambda_FOUND) +- message(SEND_ERROR "Your compiler doesn't support C++11's lambda functions") +-endif() +-set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${CXX11_COMPILER_FLAGS}") +- + include(TrojitaOption) + + trojita_option(WITH_DESKTOP "Build desktop version" ON) diff --git a/mail-client/trojita/files/trojita-0.7-qt-5.13.patch b/mail-client/trojita/files/trojita-0.7-qt-5.13.patch new file mode 100644 index 000000000000..9f1ab3e7e887 --- /dev/null +++ b/mail-client/trojita/files/trojita-0.7-qt-5.13.patch @@ -0,0 +1,37 @@ +From 39772585033c1c0aff96f297e93de7be53f9b114 Mon Sep 17 00:00:00 2001 +From: Heiko Becker <heirecka@exherbo.org> +Date: Sat, 23 Mar 2019 01:17:11 +0100 +Subject: [PATCH] tests: Fix build with Qt 5.13 + +QTest::toString(QModelIndex) was added in +7ef0b575b38d267bd3dc14ff46935d556562ff00 and thus causes a build +error with Qt 5.13 because it's redefined here. + +Change-Id: I015800e49cf8d0e87f3541642406396f150d0eeb +--- + tests/Imap/test_Imap_BodyParts.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tests/Imap/test_Imap_BodyParts.cpp b/tests/Imap/test_Imap_BodyParts.cpp +index f1c577fa..b6e0421d 100644 +--- a/tests/Imap/test_Imap_BodyParts.cpp ++++ b/tests/Imap/test_Imap_BodyParts.cpp +@@ -51,6 +51,7 @@ struct Data { + + Q_DECLARE_METATYPE(QList<Data>) + ++#if QT_VERSION < QT_VERSION_CHECK(5, 13, 0) + namespace QTest { + template <> + char *toString(const QModelIndex &index) +@@ -60,6 +61,7 @@ char *toString(const QModelIndex &index) + return qstrdup(buf.toUtf8().constData()); + } + } ++#endif + + using namespace Imap::Mailbox; + +-- +GitLab + diff --git a/mail-client/trojita/trojita-0.7-r4.ebuild b/mail-client/trojita/trojita-0.7-r4.ebuild new file mode 100644 index 000000000000..e9b7c9e515a5 --- /dev/null +++ b/mail-client/trojita/trojita-0.7-r4.ebuild @@ -0,0 +1,86 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +if [[ ${PV} = *9999* ]]; then + EGIT_REPO_URI="https://anongit.kde.org/${PN}.git" + inherit git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.xz" + KEYWORDS="~amd64 ~x86" +fi +inherit cmake virtualx xdg + +DESCRIPTION="A Qt IMAP e-mail client" +HOMEPAGE="http://trojita.flaska.net/" + +LICENSE="|| ( GPL-2 GPL-3 )" +SLOT="0" +IUSE="+crypt +dbus debug +password test +zlib" + +REQUIRED_USE="password? ( dbus )" +RESTRICT="!test? ( test )" + +BDEPEND=" + dev-qt/linguist-tools:5 + zlib? ( virtual/pkgconfig ) +" +RDEPEND=" + dev-qt/qtcore:5 + dev-qt/qtgui:5 + dev-qt/qtnetwork:5[ssl] + dev-qt/qtsql:5[sqlite] + dev-qt/qtsvg:5 + dev-qt/qtwebkit:5 + dev-qt/qtwidgets:5 + crypt? ( + >=app-crypt/gpgme-1.8.0[cxx,qt5] + dev-libs/mimetic + ) + dbus? ( dev-qt/qtdbus:5 ) + password? ( dev-libs/qtkeychain[qt5(+)] ) + zlib? ( sys-libs/zlib ) +" +DEPEND="${RDEPEND} + test? ( dev-qt/qttest:5 ) +" + +DOCS=( README LICENSE ) + +PATCHES=( + "${FILESDIR}/${P}-gpgme.patch" + "${FILESDIR}/${P}-gpg-tests.patch" + "${FILESDIR}/${P}-qt-5.11b3.patch" + "${FILESDIR}/${P}-qt-5.13.patch" # bug 730058 + "${FILESDIR}/${P}-qt-5.15.patch" + "${FILESDIR}/${P}-CVE-2019-10734.patch" # KDE-bug 404697 + "${FILESDIR}/${P}-CVE-2020-15047.patch" # bug 729596 + "${FILESDIR}/${P}-cmake-cxx11.patch" +) + +src_prepare() { + cmake_src_prepare + + # the build system is taking a look at `git describe ... --dirty` and + # gentoo's modifications to CMakeLists.txt break these + sed -e "s/--dirty//" -i cmake/TrojitaVersion.cmake || die "Cannot fix the version check" +} + +src_configure() { + local mycmakeargs=( + -DWITH_CRYPTO_MESSAGES=$(usex crypt) + -DWITH_GPGMEPP=$(usex crypt) + -DWITH_MIMETIC=$(usex crypt) + -DWITH_DBUS=$(usex dbus) + -DWITH_QTKEYCHAIN_PLUGIN=$(usex password) + -DWITH_TESTS=$(usex test) + -DWITH_ZLIB=$(usex zlib) + ) + + cmake_src_configure +} + +src_test() { + virtx cmake_src_test +} |