[gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtnetwork/, dev-qt/qtnetwork/files/

["orbea" <orbea@riseup.net>]

commit:     f43c3d4f68d227b5f02e10a3e30e2752829f7776
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Sun Dec 29 14:49:33 2024 +0000
Commit:     orbea <orbea <AT> riseup <DOT> net>
CommitDate: Sun Dec 29 14:49:33 2024 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=f43c3d4f

dev-qt/qtnetwork: drop 5.15.14-r1

Signed-off-by: orbea <orbea <AT> riseup.net>

 dev-qt/qtnetwork/Manifest                          |   2 -
 .../files/qtnetwork-5.15.14-CVE-2024-39936.patch   | 178 ---------------------
 dev-qt/qtnetwork/qtnetwork-5.15.14-r1.ebuild       |  68 --------
 3 files changed, 248 deletions(-)

diff --git a/dev-qt/qtnetwork/Manifest b/dev-qt/qtnetwork/Manifest
index 910e8fc..8f1cd12 100644
--- a/dev-qt/qtnetwork/Manifest
+++ b/dev-qt/qtnetwork/Manifest
@@ -1,5 +1,3 @@
 DIST qtbase-5.15-gentoo-patchset-6.tar.xz 8288 BLAKE2B ad9695a528345dd3b8e9ce72b7bdfe8f744f16685a567bbc7862ba6c28e5a426260cb0b73e2573cb3a6f16f1785786898ffb44c90f5d75354b97e5756c7573db SHA512 97bc4d5375e1750a5578439ff320ee2e5e929df1dafe56b4e86f2de8ad26c91dc4002e45ad75d9f936347d49b9f54c0c42f8fc2cb7dfd4f54bf08a210b3bc720
-DIST qtbase-5.15.14-gentoo-kde-1.tar.xz 329640 BLAKE2B 5bd2d84f48874267a3328bf04e764f327bc8b3d574f8715fe02c4691e1ea8b2c0218ab66d55031e805d151be99956c5dfce304cac72b1edd371e2c447292e1e8 SHA512 37a7479c0fd0160fedd087f6da221484d47585f082f33f59118a75f9fa7a2e0969b9e9ed1b1234821dc6ffe55c07d22d20dc2ea4d2ee1dbd061f57bb4bf7f518
 DIST qtbase-5.15.16-gentoo-kde-1.tar.xz 319504 BLAKE2B 52675483f6be19a3efbddbe68335ee575852859137c51ca9e7cc219740a3529d270cb2af085eee8de1964c2171eab4f0c64b79c03f1bac453a4829748aff528d SHA512 0a38ce02b563f79364f3559fda4d4e13092ee79b820fb780db10e40af3bac158ee139e1a216f4de3c986eacbd933965e7ed8c261de7a65d487981887aed840dd
-DIST qtbase-everywhere-opensource-src-5.15.14.tar.xz 50887988 BLAKE2B 292814ff8b9030766ce9941f4f13af56425f385543ff41cecd5d86b0a562fd220c8d9126fc36cfa0eab96440a64ec6a497306e00a59d388d13d34c8ea10a9633 SHA512 1280e7da926ff0c888dc3455ebeb73708bf8e44a3fe77ecf015e902608d75d7304639271dedba63635f959411452cd2b64a6f9166365a3aa3440656c00120272
 DIST qtbase-everywhere-opensource-src-5.15.16.tar.xz 51392072 BLAKE2B f7f83f18f91200350eff4d2d8d56769b537540290434a1c434d7c891b0b533d5a77000b5a670228a947d74c21f131f207b31aeb96f1f2ec867bbf608202c99b0 SHA512 190581c7df9763c2550466f884784d6f38817a087ab44fe57b99c1d1ac2ea3bae94ced8a6d0873a7999e523d63831d135cd7407812c8814ac4ef957840b7058e

diff --git a/dev-qt/qtnetwork/files/qtnetwork-5.15.14-CVE-2024-39936.patch b/dev-qt/qtnetwork/files/qtnetwork-5.15.14-CVE-2024-39936.patch
deleted file mode 100644
index c4445b2..0000000
--- a/dev-qt/qtnetwork/files/qtnetwork-5.15.14-CVE-2024-39936.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From 9f9a56d750caff8b4459e7e9bf82f1f4d725f72f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
-Date: Tue, 25 Jun 2024 17:09:35 +0200
-Subject: [PATCH] HTTP2: Delay any communication until encrypted() can be
- responded to
-
-We have the encrypted() signal that lets users do extra checks on the
-established connection. It is emitted as BlockingQueued, so the HTTP
-thread stalls until it is done emitting. Users can potentially call
-abort() on the QNetworkReply at that point, which is passed as a Queued
-call back to the HTTP thread. That means that any currently queued
-signal emission will be processed before the abort() call is processed.
-
-In the case of HTTP2 it is a little special since it is multiplexed and
-the code is built to start requests as they are available. This means
-that, while the code worked fine for HTTP1, since one connection only
-has one request, it is not working for HTTP2, since we try to send more
-requests in-between the encrypted() signal and the abort() call.
-
-This patch changes the code to delay any communication until the
-encrypted() signal has been emitted and processed, for HTTP2 only.
-It's done by adding a few booleans, both to know that we have to return
-early and so we can keep track of what events arose and what we need to
-resume once enough time has passed that any abort() call must have been
-processed.
-
-Fixes: QTBUG-126610
-Pick-to: 6.8 6.7 6.5 6.2 5.15 5.12
-Change-Id: Ic25a600c278203256e35f541026f34a8783235ae
-Reviewed-by: Marc Mutz <marc.mutz@qt.io>
-Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
-(cherry picked from commit b1e75376cc3adfc7da5502a277dfe9711f3e0536)
-(but really taken from upstream CVE-2024-39936-qtbase-5.15.patch)
----
- src/network/access/qhttp2protocolhandler.cpp  |  6 +--
- .../access/qhttpnetworkconnectionchannel.cpp  | 46 ++++++++++++++++++-
- .../access/qhttpnetworkconnectionchannel_p.h  |  6 +++
- 3 files changed, 53 insertions(+), 5 deletions(-)
-
-diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp
-index ead88d781ae..926f3134a0e 100644
---- a/src/network/access/qhttp2protocolhandler.cpp
-+++ b/src/network/access/qhttp2protocolhandler.cpp
-@@ -375,12 +375,12 @@ bool QHttp2ProtocolHandler::sendRequest()
-         }
-     }
- 
--    if (!prefaceSent && !sendClientPreface())
--        return false;
--
-     if (!requests.size())
-         return true;
- 
-+    if (!prefaceSent && !sendClientPreface())
-+        return false;
-+
-     m_channel->state = QHttpNetworkConnectionChannel::WritingState;
-     // Check what was promised/pushed, maybe we do not have to send a request
-     // and have a response already?
-diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp
-index 7620ca16470..13f9630c658 100644
---- a/src/network/access/qhttpnetworkconnectionchannel.cpp
-+++ b/src/network/access/qhttpnetworkconnectionchannel.cpp
-@@ -255,6 +255,10 @@ void QHttpNetworkConnectionChannel::abort()
- bool QHttpNetworkConnectionChannel::sendRequest()
- {
-     Q_ASSERT(!protocolHandler.isNull());
-+    if (waitingForPotentialAbort) {
-+        needInvokeSendRequest = true;
-+        return false; // this return value is unused
-+    }
-     return protocolHandler->sendRequest();
- }
- 
-@@ -267,21 +271,28 @@ bool QHttpNetworkConnectionChannel::sendRequest()
- void QHttpNetworkConnectionChannel::sendRequestDelayed()
- {
-     QMetaObject::invokeMethod(this, [this] {
--        Q_ASSERT(!protocolHandler.isNull());
-         if (reply)
--            protocolHandler->sendRequest();
-+            sendRequest();
-     }, Qt::ConnectionType::QueuedConnection);
- }
- 
- void QHttpNetworkConnectionChannel::_q_receiveReply()
- {
-     Q_ASSERT(!protocolHandler.isNull());
-+    if (waitingForPotentialAbort) {
-+        needInvokeReceiveReply = true;
-+        return;
-+    }
-     protocolHandler->_q_receiveReply();
- }
- 
- void QHttpNetworkConnectionChannel::_q_readyRead()
- {
-     Q_ASSERT(!protocolHandler.isNull());
-+    if (waitingForPotentialAbort) {
-+        needInvokeReadyRead = true;
-+        return;
-+    }
-     protocolHandler->_q_readyRead();
- }
- 
-@@ -1289,7 +1300,18 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
-             // Similar to HTTP/1.1 counterpart below:
-             const auto &pairs = spdyRequestsToSend.values(); // (request, reply)
-             const auto &pair = pairs.first();
-+            waitingForPotentialAbort = true;
-             emit pair.second->encrypted();
-+
-+            // We don't send or handle any received data until any effects from
-+            // emitting encrypted() have been processed. This is necessary
-+            // because the user may have called abort(). We may also abort the
-+            // whole connection if the request has been aborted and there is
-+            // no more requests to send.
-+            QMetaObject::invokeMethod(this,
-+                                      &QHttpNetworkConnectionChannel::checkAndResumeCommunication,
-+                                      Qt::QueuedConnection);
-+
-             // In case our peer has sent us its settings (window size, max concurrent streams etc.)
-             // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection).
-             QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection);
-@@ -1307,6 +1329,26 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
-     }
- }
- 
-+void QHttpNetworkConnectionChannel::checkAndResumeCommunication()
-+{
-+    Q_ASSERT(connection->connectionType() > QHttpNetworkConnection::ConnectionTypeHTTP);
-+
-+    // Because HTTP/2 requires that we send a SETTINGS frame as the first thing we do, and respond
-+    // to a SETTINGS frame with an ACK, we need to delay any handling until we can ensure that any
-+    // effects from emitting encrypted() have been processed.
-+    // This function is called after encrypted() was emitted, so check for changes.
-+
-+    if (!reply && spdyRequestsToSend.isEmpty())
-+        abort();
-+    waitingForPotentialAbort = false;
-+    if (needInvokeReadyRead)
-+        _q_readyRead();
-+    if (needInvokeReceiveReply)
-+        _q_receiveReply();
-+    if (needInvokeSendRequest)
-+        sendRequest();
-+}
-+
- void QHttpNetworkConnectionChannel::requeueSpdyRequests()
- {
-     QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values();
-diff --git a/src/network/access/qhttpnetworkconnectionchannel_p.h b/src/network/access/qhttpnetworkconnectionchannel_p.h
-index d8ac3979d19..eac44464926 100644
---- a/src/network/access/qhttpnetworkconnectionchannel_p.h
-+++ b/src/network/access/qhttpnetworkconnectionchannel_p.h
-@@ -107,6 +107,10 @@ public:
-     QAbstractSocket *socket;
-     bool ssl;
-     bool isInitialized;
-+    bool waitingForPotentialAbort = false;
-+    bool needInvokeReceiveReply = false;
-+    bool needInvokeReadyRead = false;
-+    bool needInvokeSendRequest = false;
-     ChannelState state;
-     QHttpNetworkRequest request; // current request, only used for HTTP
-     QHttpNetworkReply *reply; // current reply for this request, only used for HTTP
-@@ -187,6 +191,8 @@ public:
-     void closeAndResendCurrentRequest();
-     void resendCurrentRequest();
- 
-+    void checkAndResumeCommunication();
-+
-     bool isSocketBusy() const;
-     bool isSocketWriting() const;
-     bool isSocketWaiting() const;
--- 
-2.45.2
-

diff --git a/dev-qt/qtnetwork/qtnetwork-5.15.14-r1.ebuild b/dev-qt/qtnetwork/qtnetwork-5.15.14-r1.ebuild
deleted file mode 100644
index 8436598..0000000
--- a/dev-qt/qtnetwork/qtnetwork-5.15.14-r1.ebuild
+++ /dev/null
@@ -1,68 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-if [[ ${PV} != *9999* ]]; then
-	QT5_KDEPATCHSET_REV=1
-	KEYWORDS="amd64 arm arm64 ~hppa ~loong ppc ppc64 ~riscv ~sparc x86"
-fi
-
-QT5_MODULE="qtbase"
-inherit qt5-build
-
-DESCRIPTION="Network abstraction library for the Qt5 framework"
-
-IUSE="gssapi libproxy sctp +ssl"
-
-DEPEND="
-	=dev-qt/qtcore-${QT5_PV}*:5=
-	sys-libs/zlib:=
-	gssapi? ( virtual/krb5 )
-	libproxy? ( net-libs/libproxy )
-	sctp? ( kernel_linux? ( net-misc/lksctp-tools ) )
-	ssl? ( >=dev-libs/openssl-1.1.1:0= )
-"
-RDEPEND="${DEPEND}"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-5.15.7-libressl.patch" #562050
-	"${FILESDIR}/${P}-CVE-2024-39936.patch" # bug 935869
-)
-
-QT5_TARGET_SUBDIRS=(
-	src/network
-	src/plugins/bearer/generic
-)
-
-QT5_GENTOO_CONFIG=(
-	libproxy:libproxy:
-	ssl::SSL
-	ssl::OPENSSL
-	ssl:openssl-linked:LINKED_OPENSSL
-)
-
-QT5_GENTOO_PRIVATE_CONFIG=(
-	:network
-)
-
-src_configure() {
-	local myconf=(
-		$(qt_use gssapi feature-gssapi)
-		$(qt_use libproxy)
-		$(qt_use sctp)
-		$(usev ssl -openssl-linked)
-		-no-dtls # Required for libressl
-	)
-	qt5-build_src_configure
-}
-
-src_install() {
-	qt5-build_src_install
-
-	# workaround for bug 652650
-	if use ssl; then
-		sed -e "/^#define QT_LINKED_OPENSSL/s/$/ true/" \
-			-i "${D}${QT5_HEADERDIR}"/Gentoo/${PN}-qconfig.h || die
-	fi
-}