mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-28 22:57:37 +00:00
extra/qt to 4.8.3-4
This commit is contained in:
parent
2ac203ebe3
commit
9489844688
2 changed files with 75 additions and 3 deletions
|
@ -14,7 +14,7 @@
|
|||
pkgbase=qt
|
||||
pkgname=('qt' 'qt-private-headers')
|
||||
pkgver=4.8.3
|
||||
pkgrel=2
|
||||
pkgrel=4
|
||||
arch=('i686' 'x86_64')
|
||||
url='http://qt-project.org/'
|
||||
license=('GPL3' 'LGPL')
|
||||
|
@ -28,14 +28,16 @@ source=("http://releases.qt-project.org/qt4/source/${_pkgfqn}.tar.gz"
|
|||
'assistant.desktop' 'designer.desktop' 'linguist.desktop'
|
||||
'qtconfig.desktop'
|
||||
'improve-cups-support.patch'
|
||||
'fix-crash-in-assistant.patch')
|
||||
'fix-crash-in-assistant.patch'
|
||||
'disable-ssl-compression.patch')
|
||||
md5sums=('a663b6c875f8d7caa8ac9c30e4a4ec3b'
|
||||
'fc211414130ab2764132e7370f8e5caa'
|
||||
'85179f5e0437514f8639957e1d8baf62'
|
||||
'f11852b97583610f3dbb669ebc3e21bc'
|
||||
'6b771c8a81dd90b45e8a79afa0e5bbfd'
|
||||
'b9fb6b953cec428d59c026b1ef370e86'
|
||||
'57590084078b6379f0501f7728b02ae2')
|
||||
'57590084078b6379f0501f7728b02ae2'
|
||||
'94e9e433342018bf35e8d6d968b7432c')
|
||||
|
||||
build() {
|
||||
cd "${srcdir}"/${_pkgfqn}
|
||||
|
@ -45,6 +47,9 @@ build() {
|
|||
|
||||
patch -p1 -i "${srcdir}"/fix-crash-in-assistant.patch
|
||||
|
||||
# Security fix
|
||||
patch -p1 -i "${srcdir}"/disable-ssl-compression.patch
|
||||
|
||||
export QT4DIR="${srcdir}"/${_pkgfqn}
|
||||
export LD_LIBRARY_PATH=${QT4DIR}/lib:${LD_LIBRARY_PATH}
|
||||
|
||||
|
|
67
extra/qt/disable-ssl-compression.patch
Normal file
67
extra/qt/disable-ssl-compression.patch
Normal file
|
@ -0,0 +1,67 @@
|
|||
From d41dc3e101a694dec98d7bbb582d428d209e5401 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Moore <rich@kde.org>
|
||||
Date: Fri, 14 Sep 2012 00:13:08 +0100
|
||||
Subject: [PATCH] Disable SSL compression by default.
|
||||
|
||||
Disable SSL compression by default since this appears to be the a likely
|
||||
cause of the currently hyped CRIME attack.
|
||||
|
||||
This is a backport of 5ea896fbc63593f424a7dfbb11387599c0025c74
|
||||
|
||||
Change-Id: I6eeefb23c6b140a9633b28ed85879459c474348a
|
||||
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
||||
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
||||
---
|
||||
src/network/ssl/qssl.cpp | 5 +++--
|
||||
src/network/ssl/qsslconfiguration.cpp | 4 +++-
|
||||
src/network/ssl/qsslconfiguration_p.h | 4 +++-
|
||||
3 files changed, 9 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp
|
||||
index 49e086f..9578178 100644
|
||||
--- a/src/network/ssl/qssl.cpp
|
||||
+++ b/src/network/ssl/qssl.cpp
|
||||
@@ -148,8 +148,9 @@ QT_BEGIN_NAMESPACE
|
||||
|
||||
By default, SslOptionDisableEmptyFragments is turned on since this causes
|
||||
problems with a large number of servers. SslOptionDisableLegacyRenegotiation
|
||||
- is also turned on, since it introduces a security risk. The other options
|
||||
- are turned off.
|
||||
+ is also turned on, since it introduces a security risk.
|
||||
+ SslOptionDisableCompression is turned on to prevent the attack publicised by
|
||||
+ CRIME. The other options are turned off.
|
||||
|
||||
Note: Availability of above options depends on the version of the SSL
|
||||
backend in use.
|
||||
diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp
|
||||
index 24c7b77..3a05f54 100644
|
||||
--- a/src/network/ssl/qsslconfiguration.cpp
|
||||
+++ b/src/network/ssl/qsslconfiguration.cpp
|
||||
@@ -201,7 +201,9 @@ bool QSslConfiguration::isNull() const
|
||||
d->privateKey.isNull() &&
|
||||
d->peerCertificate.isNull() &&
|
||||
d->peerCertificateChain.count() == 0 &&
|
||||
- d->sslOptions == (QSsl::SslOptionDisableEmptyFragments|QSsl::SslOptionDisableLegacyRenegotiation));
|
||||
+ d->sslOptions == ( QSsl::SslOptionDisableEmptyFragments
|
||||
+ |QSsl::SslOptionDisableLegacyRenegotiation
|
||||
+ |QSsl::SslOptionDisableCompression));
|
||||
}
|
||||
|
||||
/*!
|
||||
diff --git a/src/network/ssl/qsslconfiguration_p.h b/src/network/ssl/qsslconfiguration_p.h
|
||||
index 74f17cd..c36b651 100644
|
||||
--- a/src/network/ssl/qsslconfiguration_p.h
|
||||
+++ b/src/network/ssl/qsslconfiguration_p.h
|
||||
@@ -83,7 +83,9 @@ public:
|
||||
: protocol(QSsl::SecureProtocols),
|
||||
peerVerifyMode(QSslSocket::AutoVerifyPeer),
|
||||
peerVerifyDepth(0),
|
||||
- sslOptions(QSsl::SslOptionDisableEmptyFragments|QSsl::SslOptionDisableLegacyRenegotiation)
|
||||
+ sslOptions(QSsl::SslOptionDisableEmptyFragments
|
||||
+ |QSsl::SslOptionDisableLegacyRenegotiation
|
||||
+ |QSsl::SslOptionDisableCompression)
|
||||
{ }
|
||||
|
||||
QSslCertificate peerCertificate;
|
||||
--
|
||||
1.7.10
|
Loading…
Reference in a new issue