Fix BZ1205130 - CTCP DoS

* master:
  update to latest upstream
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

.gitignore

@@ -1,15 +1,2 @@
-*.rpm
-/quassel-0.7.3.tar.bz2
-/quassel-0.8.0.tar.bz2
-/quassel-0.9.0.tar.bz2
-/quassel-0.9.1.tar.bz2
-/quassel-0.9.2.tar.bz2
 /quassel-0.10.0.tar.bz2
 /quassel-0.11.0.tar.bz2
-/quassel-0.12.2.tar.bz2
-/quassel-0.12.3.tar.bz2
-/quassel-0.12.4.tar.bz2
-/quassel-0.12.5.tar.bz2
-/quassel-0.13.0.tar.bz2
-/quassel-0.13.1.tar.bz2
-/quassel-0.14.0.tar.bz2

patch-src_common_types.h

@@ -1,23 +0,0 @@
-Fix with Qt5-5.14
-
-Obtained from:
-	https://github.com/quassel/quassel/commit/579e559a6322209df7cd51c34801fecff5fe734b
-
---- src/common/types.h.orig	2020-04-04 10:50:56 UTC
-+++ src/common/types.h
-@@ -140,6 +140,7 @@ Q_DECLARE_METATYPE(QHostAddress)
- typedef QList<MsgId> MsgIdList;
- typedef QList<BufferId> BufferIdList;
- 
-+#if QT_VERSION < QT_VERSION_CHECK(5, 14, 0)
- /**
-  * Catch-all stream serialization operator for enum types.
-  *
-@@ -169,6 +170,7 @@ QDataStream &operator>>(QDataStream &in, T &value) {
-     value = static_cast<T>(v);
-     return in;
- }
-+#endif
- 
- // Exceptions
- 

quassel-0.11.0-CTCP-query-crash.patch

@@ -0,0 +1,347 @@
+commit b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
+Author: Michael Marley <michael@michaelmarley.com>
+Date:   Sat Feb 21 07:33:57 2015 -0500
+
+    Improve the message-splitting algorithm for PRIVMSG and CTCP
+    
+    This introduces a new message splitting algorithm based on
+    QTextBoundaryFinder.  It works by first starting with the entire
+    message to be sent, encoding it, and checking to see if it is over
+    the maximum message length.  If it is, it uses QTBF to find the
+    word boundary most immediately preceding the maximum length.  If no
+    suitable boundary can be found, it falls back to searching for
+    grapheme boundaries.  It repeats this process until the entire
+    message has been sent.
+    
+    Unlike what it replaces, the new splitting code is not recursive
+    and cannot cause stack overflows.  Additionally, if it is unable
+    to split a string, it will give up gracefully and not crash the
+    core or cause a thread to run away.
+    
+    This patch fixes two bugs.  The first is garbage characters caused
+    by accidentally splitting the string in the middle of a multibyte
+    character.  Since the new code splits at a character level instead
+    of a byte level, this will no longer be an issue.  The second is
+    the core crash caused by sending an overlength CTCP query ("/me")
+    containing only multibyte characters.  This bug was caused by the
+    old CTCP splitter using the byte index from lastParamOverrun() as
+    a character index for a QString.
+
+diff --git a/src/core/corebasichandler.cpp b/src/core/corebasichandler.cpp
+index dfa8a99..fbfc76c 100644
+--- a/src/core/corebasichandler.cpp
++++ b/src/core/corebasichandler.cpp
+@@ -33,6 +33,9 @@ CoreBasicHandler::CoreBasicHandler(CoreNetwork *parent)
+     connect(this, SIGNAL(putCmd(QString, const QList<QByteArray> &, const QByteArray &)),
+         network(), SLOT(putCmd(QString, const QList<QByteArray> &, const QByteArray &)));
+ 
++    connect(this, SIGNAL(putCmd(QString, const QList<QList<QByteArray>> &, const QByteArray &)),
++        network(), SLOT(putCmd(QString, const QList<QList<QByteArray>> &, const QByteArray &)));
++
+     connect(this, SIGNAL(putRawLine(const QByteArray &)),
+         network(), SLOT(putRawLine(const QByteArray &)));
+ }
+diff --git a/src/core/corebasichandler.h b/src/core/corebasichandler.h
+index 20d057f..a4b5a7f 100644
+--- a/src/core/corebasichandler.h
++++ b/src/core/corebasichandler.h
+@@ -55,6 +55,7 @@ public:
+ signals:
+     void displayMsg(Message::Type, BufferInfo::Type, const QString &target, const QString &text, const QString &sender = "", Message::Flags flags = Message::None);
+     void putCmd(const QString &cmd, const QList<QByteArray> &params, const QByteArray &prefix = QByteArray());
++    void putCmd(const QString &cmd, const QList<QList<QByteArray>> &params, const QByteArray &prefix = QByteArray());
+     void putRawLine(const QByteArray &msg);
+ 
+ protected:
+diff --git a/src/core/corenetwork.cpp b/src/core/corenetwork.cpp
+index 7e9ce26..932af6f 100644
+--- a/src/core/corenetwork.cpp
++++ b/src/core/corenetwork.cpp
+@@ -284,6 +284,16 @@ void CoreNetwork::putCmd(const QString &cmd, const QList<QByteArray> &params, co
+ }
+ 
+ 
++void CoreNetwork::putCmd(const QString &cmd, const QList<QList<QByteArray>> &params, const QByteArray &prefix)
++{
++    QListIterator<QList<QByteArray>> i(params);
++    while (i.hasNext()) {
++        QList<QByteArray> msg = i.next();
++        putCmd(cmd, msg, prefix);
++    }
++}
++
++
+ void CoreNetwork::setChannelJoined(const QString &channel)
+ {
+     _autoWhoQueue.prepend(channel.toLower()); // prepend so this new chan is the first to be checked
+@@ -980,3 +990,79 @@ void CoreNetwork::requestSetNetworkInfo(const NetworkInfo &info)
+         }
+     }
+ }
++
++
++QList<QList<QByteArray>> CoreNetwork::splitMessage(const QString &cmd, const QString &message, std::function<QList<QByteArray>(QString &)> cmdGenerator)
++{
++    QString wrkMsg(message);
++    QList<QList<QByteArray>> msgsToSend;
++
++    // do while (wrkMsg.size() > 0)
++    do {
++        // First, check to see if the whole message can be sent at once.  The
++        // cmdGenerator function is passed in by the caller and is used to encode
++        // and encrypt (if applicable) the message, since different callers might
++        // want to use different encoding or encode different values.
++        int splitPos = wrkMsg.size();
++        QList<QByteArray> initialSplitMsgEnc = cmdGenerator(wrkMsg);
++        int initialOverrun = userInputHandler()->lastParamOverrun(cmd, initialSplitMsgEnc);
++
++        if (initialOverrun) {
++            // If the message was too long to be sent, first try splitting it along
++            // word boundaries with QTextBoundaryFinder.
++            QString splitMsg(wrkMsg);
++            QTextBoundaryFinder qtbf(QTextBoundaryFinder::Word, splitMsg);
++            qtbf.setPosition(initialSplitMsgEnc[1].size() - initialOverrun);
++            QList<QByteArray> splitMsgEnc;
++            int overrun = initialOverrun;
++
++            while (overrun) {
++                splitPos = qtbf.toPreviousBoundary();
++
++                // splitPos==-1 means the QTBF couldn't find a split point at all and
++                // splitPos==0 means the QTBF could only find a boundary at the beginning of
++                // the string.  Neither one of these works for us.
++                if (splitPos > 0) {
++                    // If a split point could be found, split the message there, calculate the
++                    // overrun, and continue with the loop.
++                    splitMsg = splitMsg.left(splitPos);
++                    splitMsgEnc = cmdGenerator(splitMsg);
++                    overrun = userInputHandler()->lastParamOverrun(cmd, splitMsgEnc);
++                }
++                else {
++                    // If a split point could not be found (the beginning of the message
++                    // is reached without finding a split point short enough to send) and we
++                    // are still in Word mode, switch to Grapheme mode.  We also need to restore
++                    // the full wrkMsg to splitMsg, since splitMsg may have been cut down during
++                    // the previous attempt to find a split point.
++                    if (qtbf.type() == QTextBoundaryFinder::Word) {
++                        splitMsg = wrkMsg;
++                        splitPos = splitMsg.size();
++                        QTextBoundaryFinder graphemeQtbf(QTextBoundaryFinder::Grapheme, splitMsg);
++                        graphemeQtbf.setPosition(initialSplitMsgEnc[1].size() - initialOverrun);
++                        qtbf = graphemeQtbf;
++                    }
++                    else {
++                        // If the QTBF fails to find a split point in Grapheme mode, we give up.
++                        // This should never happen, but it should be handled anyway.
++                        qWarning() << "Unexpected failure to split message!";
++                        return msgsToSend;
++                    }
++                }
++            }
++
++            // Once a message of sendable length has been found, remove it from the wrkMsg and
++            // add it to the list of messages to be sent.
++            wrkMsg.remove(0, splitPos);
++            msgsToSend.append(splitMsgEnc);
++        }
++        else{
++            // If the entire remaining message is short enough to be sent all at once, remove
++            // it from the wrkMsg and add it to the list of messages to be sent.
++            wrkMsg.remove(0, splitPos);
++            msgsToSend.append(initialSplitMsgEnc);
++        }
++    } while (wrkMsg.size() > 0);
++
++    return msgsToSend;
++}
+diff --git a/src/core/corenetwork.h b/src/core/corenetwork.h
+index 87121ba..05565a4 100644
+--- a/src/core/corenetwork.h
++++ b/src/core/corenetwork.h
+@@ -40,6 +40,8 @@
+ 
+ #include "coresession.h"
+ 
++#include <functional>
++
+ class CoreIdentity;
+ class CoreUserInputHandler;
+ class CoreIgnoreListManager;
+@@ -93,6 +95,8 @@ public:
+     inline quint16 localPort() const { return socket.localPort(); }
+     inline quint16 peerPort() const { return socket.peerPort(); }
+ 
++    QList<QList<QByteArray>> splitMessage(const QString &cmd, const QString &message, std::function<QList<QByteArray>(QString &)> cmdGenerator);
++
+ public slots:
+     virtual void setMyNick(const QString &mynick);
+ 
+@@ -112,6 +116,7 @@ public slots:
+     void userInput(BufferInfo bufferInfo, QString msg);
+     void putRawLine(QByteArray input);
+     void putCmd(const QString &cmd, const QList<QByteArray> &params, const QByteArray &prefix = QByteArray());
++    void putCmd(const QString &cmd, const QList<QList<QByteArray>> &params, const QByteArray &prefix = QByteArray());
+ 
+     void setChannelJoined(const QString &channel);
+     void setChannelParted(const QString &channel);
+diff --git a/src/core/coreuserinputhandler.cpp b/src/core/coreuserinputhandler.cpp
+index 33d1f67..72ac996 100644
+--- a/src/core/coreuserinputhandler.cpp
++++ b/src/core/coreuserinputhandler.cpp
+@@ -473,12 +473,16 @@ void CoreUserInputHandler::handleMsg(const BufferInfo &bufferInfo, const QString
+         return;
+ 
+     QString target = msg.section(' ', 0, 0);
+-    QByteArray encMsg = userEncode(target, msg.section(' ', 1));
++    QString msgSection = msg.section(' ', 1);
++
++    std::function<QByteArray(const QString &, const QString &)> encodeFunc = [this] (const QString &target, const QString &message) -> QByteArray {
++        return userEncode(target, message);
++    };
+ 
+ #ifdef HAVE_QCA2
+-    putPrivmsg(serverEncode(target), encMsg, network()->cipher(target));
++    putPrivmsg(target, msgSection, encodeFunc, network()->cipher(target));
+ #else
+-    putPrivmsg(serverEncode(target), encMsg);
++    putPrivmsg(target, msgSection, encodeFunc);
+ #endif
+ }
+ 
+@@ -594,11 +598,14 @@ void CoreUserInputHandler::handleSay(const BufferInfo &bufferInfo, const QString
+     if (bufferInfo.bufferName().isEmpty() || !bufferInfo.acceptsRegularMessages())
+         return;  // server buffer
+ 
+-    QByteArray encMsg = channelEncode(bufferInfo.bufferName(), msg);
++    std::function<QByteArray(const QString &, const QString &)> encodeFunc = [this] (const QString &target, const QString &message) -> QByteArray {
++        return channelEncode(target, message);
++    };
++
+ #ifdef HAVE_QCA2
+-    putPrivmsg(serverEncode(bufferInfo.bufferName()), encMsg, network()->cipher(bufferInfo.bufferName()));
++    putPrivmsg(bufferInfo.bufferName(), msg, encodeFunc, network()->cipher(bufferInfo.bufferName()));
+ #else
+-    putPrivmsg(serverEncode(bufferInfo.bufferName()), encMsg);
++    putPrivmsg(bufferInfo.bufferName(), msg, encodeFunc);
+ #endif
+     emit displayMsg(Message::Plain, bufferInfo.type(), bufferInfo.bufferName(), msg, network()->myNick(), Message::Self);
+ }
+@@ -763,56 +770,23 @@ void CoreUserInputHandler::defaultHandler(QString cmd, const BufferInfo &bufferI
+ }
+ 
+ 
+-void CoreUserInputHandler::putPrivmsg(const QByteArray &target, const QByteArray &message, Cipher *cipher)
++void CoreUserInputHandler::putPrivmsg(const QString &target, const QString &message, std::function<QByteArray(const QString &, const QString &)> encodeFunc, Cipher *cipher)
+ {
+-    // Encrypted messages need special care. There's no clear relation between cleartext and encrypted message length,
+-    // so we can't just compute the maxSplitPos. Instead, we need to loop through the splitpoints until the crypted
+-    // version is short enough...
+-    // TODO: check out how the various possible encryption methods behave length-wise and make
+-    //       this clean by predicting the length of the crypted msg.
+-    //       For example, blowfish-ebc seems to create 8-char chunks.
++    QString cmd("PRIVMSG");
++    QByteArray targetEnc = serverEncode(target);
+ 
+-    static const char *cmd = "PRIVMSG";
+-    static const char *splitter = " .,-!?";
++    std::function<QList<QByteArray>(QString &)> cmdGenerator = [&] (QString &splitMsg) -> QList<QByteArray> {
++        QByteArray splitMsgEnc = encodeFunc(target, splitMsg);
+ 
+-    int maxSplitPos = message.count();
+-    int splitPos = maxSplitPos;
+-    forever {
+-        QByteArray crypted = message.left(splitPos);
+-        bool isEncrypted = false;
+ #ifdef HAVE_QCA2
+-        if (cipher && !cipher->key().isEmpty() && !message.isEmpty()) {
+-            isEncrypted = cipher->encrypt(crypted);
++        if (cipher && !cipher->key().isEmpty() && !splitMsg.isEmpty()) {
++            cipher->encrypt(splitMsgEnc);
+         }
+ #endif
+-        int overrun = lastParamOverrun(cmd, QList<QByteArray>() << target << crypted);
+-        if (overrun) {
+-            // In case this is not an encrypted msg, we can just cut off at the end
+-            if (!isEncrypted)
+-                maxSplitPos = message.count() - overrun;
+-
+-            splitPos = -1;
+-            for (const char *splitChar = splitter; *splitChar != 0; splitChar++) {
+-                splitPos = qMax(splitPos, message.lastIndexOf(*splitChar, maxSplitPos) + 1); // keep split char on old line
+-            }
+-            if (splitPos <= 0 || splitPos > maxSplitPos)
+-                splitPos = maxSplitPos;
+-
+-            maxSplitPos = splitPos - 1;
+-            if (maxSplitPos <= 0) { // this should never happen, but who knows...
+-                qWarning() << tr("[Error] Could not encrypt your message: %1").arg(message.data());
+-                return;
+-            }
+-            continue; // we never come back here for !encrypted!
+-        }
+-
+-        // now we have found a valid splitpos (or didn't need to split to begin with)
+-        putCmd(cmd, QList<QByteArray>() << target << crypted);
+-        if (splitPos < message.count())
+-            putPrivmsg(target, message.mid(splitPos), cipher);
++        return QList<QByteArray>() << targetEnc << splitMsgEnc;
++    };
+ 
+-        return;
+-    }
++    putCmd(cmd, network()->splitMessage(cmd, message, cmdGenerator));
+ }
+ 
+ 
+diff --git a/src/core/coreuserinputhandler.h b/src/core/coreuserinputhandler.h
+index 69a429e..6e69ce6 100644
+--- a/src/core/coreuserinputhandler.h
++++ b/src/core/coreuserinputhandler.h
+@@ -88,7 +88,7 @@ protected:
+ private:
+     void doMode(const BufferInfo& bufferInfo, const QChar &addOrRemove, const QChar &mode, const QString &nickList);
+     void banOrUnban(const BufferInfo &bufferInfo, const QString &text, bool ban);
+-    void putPrivmsg(const QByteArray &target, const QByteArray &message, Cipher *cipher = 0);
++    void putPrivmsg(const QString &target, const QString &message, std::function<QByteArray(const QString &, const QString &)> encodeFunc, Cipher *cipher = 0);
+ 
+ #ifdef HAVE_QCA2
+     QByteArray encrypt(const QString &target, const QByteArray &message, bool *didEncrypt = 0) const;
+diff --git a/src/core/ctcpparser.cpp b/src/core/ctcpparser.cpp
+index fba3d13..37b0af3 100644
+--- a/src/core/ctcpparser.cpp
++++ b/src/core/ctcpparser.cpp
+@@ -312,29 +312,13 @@ QByteArray CtcpParser::pack(const QByteArray &ctcpTag, const QByteArray &message
+ 
+ void CtcpParser::query(CoreNetwork *net, const QString &bufname, const QString &ctcpTag, const QString &message)
+ {
+-    QList<QByteArray> params;
+-    params << net->serverEncode(bufname) << lowLevelQuote(pack(net->serverEncode(ctcpTag), net->userEncode(bufname, message)));
+-
+-    static const char *splitter = " .,-!?";
+-    int maxSplitPos = message.count();
+-    int splitPos = maxSplitPos;
++    QString cmd("PRIVMSG");
+ 
+-    int overrun = net->userInputHandler()->lastParamOverrun("PRIVMSG", params);
+-    if (overrun) {
+-        maxSplitPos = message.count() - overrun -2;
+-        splitPos = -1;
+-        for (const char *splitChar = splitter; *splitChar != 0; splitChar++) {
+-            splitPos = qMax(splitPos, message.lastIndexOf(*splitChar, maxSplitPos) + 1); // keep split char on old line
+-        }
+-        if (splitPos <= 0 || splitPos > maxSplitPos)
+-            splitPos = maxSplitPos;
+-
+-        params = params.mid(0, 1) <<  lowLevelQuote(pack(net->serverEncode(ctcpTag), net->userEncode(bufname, message.left(splitPos))));
+-    }
+-    net->putCmd("PRIVMSG", params);
++    std::function<QList<QByteArray>(QString &)> cmdGenerator = [&] (QString &splitMsg) -> QList<QByteArray> {
++        return QList<QByteArray>() << net->serverEncode(bufname) << lowLevelQuote(pack(net->serverEncode(ctcpTag), net->userEncode(bufname, splitMsg)));
++    };
+ 
+-    if (splitPos < message.count())
+-        query(net, bufname, ctcpTag, message.mid(splitPos));
++    net->putCmd(cmd, net->splitMessage(cmd, message, cmdGenerator));
+ }
+ 
+ 

quassel-gcc11.patch

@@ -1,39 +0,0 @@
-diff --git a/src/common/protocols/datastream/datastreampeer.cpp b/src/common/protocols/datastream/datastreampeer.cpp
-index 033639e..8c65f79 100644
---- src/common/protocols/datastream/datastreampeer.cpp
-+++ src/common/protocols/datastream/datastreampeer.cpp
-@@ -18,6 +18,8 @@
-  *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
-  ***************************************************************************/
- 
-+#include <limits>
-+
- #include <QtEndian>
- #include <QDataStream>
- #include <QHostAddress>
-diff --git a/src/common/remotepeer.cpp b/src/common/remotepeer.cpp
-index bc9f9d0..89bee40 100644
---- src/common/remotepeer.cpp
-+++ src/common/remotepeer.cpp
-@@ -18,6 +18,8 @@
-  *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
-  ***************************************************************************/
- 
-+#include  <limits>
-+
- #include <QtEndian>
- 
- #include <QHostAddress>
-diff --git a/src/core/coretransfer.cpp b/src/core/coretransfer.cpp
-index cf12088..031aaa0 100644
---- src/core/coretransfer.cpp
-+++ src/core/coretransfer.cpp
-@@ -18,6 +18,8 @@
-  *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
-  ***************************************************************************/
- 
-+#include <limits>
-+
- #include <QtEndian>
- 
- #include <QCoreApplication>

quassel.appdata.xml

@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Copyright 2016 Ben Rosser <rosser.bjr@gmail.com> -->
-<component type="desktop">
-	<id>quassel.desktop</id>
-	<metadata_license>CC0-1.0</metadata_license>
-	<project_license>GPL-3.0</project_license>
-	<name>Quassel</name>
-	<summary>Modern IRC client</summary>
-	<description>
-		<p>
-Quassel IRC is a modern, cross-platform, distributed IRC client, meaning that
-one (or multiple) client(s) can attach to and detach from a central core: much
-like the popular combination of screen and a text-based IRC client such as
-WeeChat, but graphical. In addition to this unique feature, we aim to bring a
-pleasurable, comfortable chatting experience to all major platforms, making
-communication with your peers not only convenient, but also available everywhere.
-		</p>
-		<p>
-And the best of all: It's free - as in beer and as in speech.
-		</p>
-		<p>
-This application is the "monolithic" build of Quassel; it can be used on its own
-without setting up a core.
-		</p>
-	</description>
-	<screenshots>
-		<screenshot type="default">
-			<image>http://quassel-irc.org/files/images/20080914-011743-quasselkde4.preview.png</image>
-			<caption>Quassel, with a dark theme enabled</caption>
-		</screenshot>
-		<screenshot type="default">
-			<image>http://quassel-irc.org/files/images/quassel_win7.preview.png</image>
-			<caption>
-The default quassel white theme. Quassel runs on all major desktop platforms,
-and many smartphones as well.
-			</caption>
-		</screenshot>
-	</screenshots>
-
-</component>
-

quassel.conf

@@ -1,8 +0,0 @@
-# Configuration file for quasselcore service.
-
-# (List of) IP address(es) that quasselcore should listen on.
-# Defaults to ::,127.0.0.1
-LISTEN=::,127.0.0.1
-
-# Port that quasselcore runs on, defaults to 4242.
-PORT=4242

quassel.spec

@@ -1,315 +1,136 @@
-%global quassel_data_dir    %{_var}/lib/quassel
-
 Name:    quassel
 Summary: A modern distributed IRC system
-Version: 0.14.0
-Release: 3%{?dist}
+Version: 0.11.0
+Release: 2%{?dist}
 
 License: GPLv2 or GPLv3
-URL:     https://quassel-irc.org/
-Source0: https://quassel-irc.org/pub/quassel-%{version}.tar.bz2
+Group:   Applications/Internet
+URL:     http://quassel-irc.org/
+Source0: http://quassel-irc.org/pub/quassel-%{version}.tar.bz2
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
-BuildRequires: cmake
-BuildRequires: dbusmenu-qt5-devel
+Buildrequires: cmake
 BuildRequires: desktop-file-utils
-BuildRequires: extra-cmake-modules
-BuildRequires: kf5-kconfigwidgets-devel
-BuildRequires: kf5-kcoreaddons-devel
-BuildRequires: kf5-knotifications-devel
-BuildRequires: kf5-knotifyconfig-devel
-BuildRequires: kf5-ktextwidgets-devel
-BuildRequires: kf5-kwidgetsaddons-devel
-BuildRequires: kf5-kwindowsystem-devel
-BuildRequires: kf5-kxmlgui-devel
-BuildRequires: kf5-rpm-macros
+buildRequires: kdebase-workspace-devel
+BuildRequires: kde-filesystem
 BuildRequires: openssl-devel
-BuildRequires: perl-generators
-BuildRequires: phonon-qt5-devel
-BuildRequires: qca-qt5-devel
-BuildRequires: qt5-linguist
-BuildRequires: qt5-qtbase-devel
-BuildRequires: qt5-qtscript-devel
-BuildRequires: qt5-qtwebkit-devel
-BuildRequires: qt5-qtmultimedia-devel
-BuildRequires: openldap-devel
-BuildRequires: boost-devel
-
-BuildRequires: systemd
-BuildRequires: systemd-rpm-macros
-
-BuildRequires: libappstream-glib
-
-Requires: oxygen-icon-theme
-
+BuildRequires: qt4-devel
+BuildRequires: qt4-webkit-devel
 Provides: %{name}-gui = %{version}-%{release}
 
 Requires: %{name}-common = %{version}-%{release}
 
-# Systemd service file and configuration script.
-Source1: quasselcore.service
-Source2: quassel.conf
-Source3: quassel.sysusers
+# BZ1205130 - CTCP query Denial of Service
+## Upstream patch git commit id b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
+Patch0: quassel-0.11.0-CTCP-query-crash.patch
 
 %description
-Quassel IRC is a modern, distributed IRC client,
-meaning that one (or multiple) client(s) can attach
-to and detach from a central core --
-much like the popular combination of screen and a
+Quassel IRC is a modern, distributed IRC client, 
+meaning that one (or multiple) client(s) can attach 
+to and detach from a central core -- 
+much like the popular combination of screen and a 
 text-based IRC client such as WeeChat, but graphical
 
 %package common
 Summary: Quassel common/shared files
+Group: Applications/Internet
 # not strictly required, but helps this get pulled out when
 # someone removes %%name or %%name-client
 Requires: %{name}-gui = %{version}-%{release}
 # put here for convenience, instead of all subpkgs which
 # provide %%{name}-gui
+%{?_kde4_version:Requires: kdelibs4 >= %{_kde4_version}}
+%{?_qt4_version:Requires: qt4 >= %{_qt4_version}}
 BuildArch: noarch
 %description common
 %{summary}.
 
 %package core
 Summary: Quassel core component
-
-# Weak dependency on qt5 postgresql bindings.
-# We use a weak dependency here so they can be uninstalled if necessary.
-Recommends: qt5-qtbase-postgresql
-
+Group: Applications/Internet
 %description core
-The Quassel IRC Core maintains a connection with the
+The Quassel IRC Core maintains a connection with the 
 server, and allows for multiple clients to connect
 
 %package client
 Summary: Quassel client
+Group: Applications/Internet
 Provides: %{name}-gui = %{version}-%{release}
 Requires: %{name}-common = %{version}-%{release}
 %description client
-Quassel client
+Quassel client 
 
 
 %prep
-%autosetup -p0 -n %{name}-%{version}
+%setup -q -n %{name}-%{version}
+
+%patch0 -p1
 
 %build
-%cmake_kf5 \
-  -DWANT_MONO=1 -DUSE_QT5=1 -DWITH_KDE=1 -DHAVE_SSL=1 -DENABLE_SHARED=OFF
+mkdir build
+pushd build
+%{cmake_kde4} .. -DWANT_MONO=1 -DWITH_KDE=1 
+popd
 
-%cmake_build
+make %{?_smp_mflags} -C build
 
 %install
-%cmake_install
+rm -rf $RPM_BUILD_ROOT
+
+make install/fast DESTDIR=${RPM_BUILD_ROOT} -C build
 
 # unpackaged files
-rm -f %{buildroot}/%{_datadir}/pixmaps/quassel.png
+rm -f $RPM_BUILD_ROOT%{_datadir}/pixmaps/quassel.png
 
-# Install quassel.conf for systemd file
-install -Dp -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}.conf
+%clean
+rm -rf $RPM_BUILD_ROOT
 
-# Install systemd service file
-install -Dp -m 0644 %{SOURCE1} %{buildroot}/%{_unitdir}/quasselcore.service
+%post common
+touch --no-create %{_kde4_iconsdir}/hicolor &> /dev/null || :
 
-# Install the systemd-sysusers config
-install -Dp -m 0644 %{SOURCE3} %{buildroot}%{_sysusersdir}/%{name}.conf
+%postun common
+if [ $1 -eq 0 ] ; then
+  touch --no-create %{_kde4_iconsdir}/hicolor &> /dev/null
+  gtk-update-icon-cache %{_kde4_iconsdir}/hicolor &> /dev/null || :
+fi
 
-# Home directory for quassel user
-install -d -m 0750 %{buildroot}/%{quassel_data_dir}
+%posttrans common
+gtk-update-icon-cache %{_kde4_iconsdir}/hicolor &> /dev/null || :
 
-# Install AppStream metadata
-install -d -m 0755 %{buildroot}%{_datadir}/metainfo
-install -p -m 0644 data/*.appdata.xml %{buildroot}%{_datadir}/metainfo/
-
-%check
-appstream-util validate-relax --nonet %{buildroot}/%{_datadir}/metainfo/*.appdata.xml
-
-# Core pre/post macros.
-%pre core
-%sysusers_create_compat %{SOURCE3}
-
-%post core
-# Install quassel service.
-%systemd_post quasselcore.service
-
-%preun core
-%systemd_preun quasselcore.service
-
-%postun core
-%systemd_postun_with_restart quasselcore.service
-
-%files
-%{_kf5_bindir}/quassel
-%{_kf5_datadir}/applications/quassel.desktop
-%{_datadir}/metainfo/quassel.appdata.xml
+%files 
+%defattr(-,root,root,-)
+%{_kde4_bindir}/quassel
+%{_kde4_datadir}/applications/kde4/quassel.desktop
 
 %files common
-%doc README.md
-%license COPYING gpl-2.0.txt gpl-3.0.txt
-%{_kf5_datadir}/knotifications5/quassel.notifyrc
-%{_kf5_datadir}/quassel/
-%{_kf5_datadir}/icons/hicolor/*/*/*
+%defattr(-,root,root,-)
+%doc COPYING README
+%doc gpl-2.0.txt gpl-3.0.txt
+%{_kde4_appsdir}/quassel/
+%{_kde4_iconsdir}/hicolor/*/*/*
 
 %files core
-%doc README.md
-%license COPYING gpl-2.0.txt gpl-3.0.txt
-%{_kf5_bindir}/quasselcore
-%dir %attr(-,quassel,quassel) %{quassel_data_dir}
-%{_unitdir}/quasselcore.service
-%config(noreplace) %{_sysconfdir}/quassel.conf
-%{_sysusersdir}/%{name}.conf
+%defattr(-,root,root,-)
+%doc COPYING README
+%doc gpl-2.0.txt gpl-3.0.txt
+%{_kde4_bindir}/quasselcore
 
-%files client
-%{_kf5_bindir}/quasselclient
-%{_kf5_datadir}/applications/quasselclient.desktop
-%{_datadir}/metainfo/quasselclient.appdata.xml
+%files client 
+%defattr(-,root,root,-)
+%{_kde4_bindir}/quasselclient
+%{_kde4_datadir}/applications/kde4/quasselclient.desktop
 
 
 %changelog
-* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.14.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.14.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Fri Feb 25 2022 Chris Egeland <phuzion@fedoraproject.org> - 0.14.0-1
-- New upstream release (rhbz#1917071)
-
-* Thu Feb 10 2022 Timothée Ravier <tim@siosm.fr> - 0.13.1-11
-- Use systemd sysusers config to create user and group
-- Use upstream AppStream metadata
-
-* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.1-10
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.1-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Thu Jun 17 2021 Chris Egeland <chris@chrisegeland.com> - 0.13.1-8
-- Added security fix for CVE-2021-34825
-
-* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.13.1-7
-- Rebuilt for updated systemd-rpm-macros
-  See https://pagure.io/fesco/issue/2583.
-
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.1-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Fri Oct 16 2020 Jeff Law <law@redhat.com> - 0.13.1-6
-- Fix missing #include for gcc-11
-
-* Mon Jul 13 2020 Marie Loise Nolden <loise@kde.org> - 0.13.1-5
-- Fix for Qt 5.14.2 from FreeBSD ports tree
-
-* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.1-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.1-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Sat Feb 16 2019 Ben Rosser <rosser.bjr@gmail.com> - 0.13.1-2
-- Add a weak dep (Recommends) on qt5-qtbase-postgresql.
-
-* Fri Feb 15 2019 Ben Rosser <rosser.bjr@gmail.com> - 0.13.1-1
-- Updated to latest upstream release, 0.13.1 (rhbz#1677722).
-
-* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Mon Nov 19 2018 Ben Rosser <rosser.bjr@gmail.com> - 0.13.0-1
-- Updated to latest upstream release, 0.13.0.
-- Add support for reloading quasselcore daemon via SIGHUP (#1380176).
-
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.5-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Mon Apr 30 2018 Ben Rosser <rosser.bjr@gmail.com> - 0.12.5-1
-- Updated to latest upstream release (#1571443, #1573318, #1573319).
-
-* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.4-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.4-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.4-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Tue Feb 14 2017 Ben Rosser <rosser.bjr@gmail.com> - 0.12.4-4
-- Remove quassel firewalld service file now that firewalld ships it.
-
-* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.4-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Fri Sep  9 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.4-2
-- Include appstream metadata for client and monolithic client.
-
-* Mon Apr 25 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.4-1
-- Update to latest upstream quassel release
-
-* Sat Apr 23 2016 Christian Dersch <lupinix@mailbox.org> - 0.12.3-6
-- Enabled SSL support
-
-* Sat Apr 23 2016 Christian Dersch <lupinix@mailbox.org> - 0.12.3-5
-- migrated to Qt5
-- modernized spec
-
-* Mon Mar 21 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.3-4
-- Use attr macro instead of chown to install quassel user homedir, that's much safer
-- BuildRequires firewalld-filesystem, so the post script actually works, whoops
-
-* Wed Mar 16 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.3-3
-- Modify quassel configuration to listen on all IPv4 and IPv6 interfaces
-- Added firewalld service for tcp/4242 to core
-
-* Wed Feb 24 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.3-2
-- Merged patch from John Villalovos to add a service file
-- Added quassel user/group to -core subpackage
-- Added configuration file and startup script to -core subpackage
-
-* Tue Feb 09 2016 Ben Rosser <rosser.bjr@gmail.com> 0.12.3-1
-- Update to latest upstream quassel release
-- The CVE patch is not necessary for 0.12.3 or greater
-
-* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.2-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Tue Dec 15 2015 Christian Dersch <lupinix@mailbox.org> - 0.12.2-6
-- Added security fix for CVE-2015-8547
-
-* Thu Sep 24 2015 Adam Miller <maxamillion@fedoraproject.org> - 0.12.2-5
-- Bump spec release because I typo'd and now it's in koji forever
-
-* Thu Sep 24 2015 Adam Miller <maxamillion@fedoraproject.org> - 0.12.2-3
-- Add oxygen-icon-theme requirement for BZ#1198788
-
-* Wed Sep 16 2015 Richard Hughes <rhughes@redhat.com> - 0.12.2-2
-- Remove the AppData file as the desktop file is no longer valid.
-
-* Mon Aug 03 2015 Adam Miller <maxamillion@fedoraproject.org> - 0.12.2-1
-- Update to latest upstream release.
-
-* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11.0-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
-
-* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 0.11.0-4
-- Rebuilt for GCC 5 C++11 ABI change
-
-* Thu Mar 26 2015 Richard Hughes <rhughes@redhat.com> - 0.11.0-3
-- Add an AppData file for the software center
-
 * Tue Mar 24 2015 Adam Miller <maxamillion@fedoraproject.org> - 0.11.0-2
 - BZ1205130 - patch for CTCP Denial of Service
 
 * Wed Sep 24 2014 Adam Miller <maxamillion@fedoraproject.org> - 0.11.0-1
 - Update to latest upstream
 
-* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.10.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
-
 * Wed Jul 09 2014 Adam Miller <maxamillion@fedoraproject.org> - 0.10.0-1
 - Update to latest upstream release
 
-* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
 * Fri Jan 24 2014 Adam Miller <maxamillion@fedoraproject.org> - 0.9.2-1
 - Update to latest upstream release
 
@@ -377,7 +198,7 @@ appstream-util validate-relax --nonet %{buildroot}/%{_datadir}/metainfo/*.appdat
 * Fri Apr 24 2009 Steven M. Parrish <tuxbrewr@fedoraproject.org> - 0.4.1-1
 - New upstream release
 
-* Tue Apr 14 2009 Steven M. Parrish <tuxbrewr@fedoraproject.org> - 0.4.0-2
+* Tue Apr 13 2009 Steven M. Parrish <tuxbrewr@fedoraproject.org> - 0.4.0-2
 - Enabled KDE integration
 
 * Fri Feb 20 2009 Steven M. Parirsh <tuxbrewr@fedoraproject.org> 0.4.0-1

quassel.sysusers

@@ -1 +0,0 @@
-u quassel - "quasselcore daemon" /var/lib/quassel

quassel_0.11.1_CVE-2015-8547.diff

@@ -1,12 +0,0 @@
-diff -Naur quassel-0.11.1/src/core/coreuserinputhandler.cpp quassel-0.11.1.patched/src/core/coreuserinputhandler.cpp
---- quassel-0.11.1/src/core/coreuserinputhandler.cpp	2015-04-23 23:00:06.000000000 +0200
-+++ quassel-0.11.1.patched/src/core/coreuserinputhandler.cpp	2015-12-15 20:21:56.170741238 +0100
-@@ -232,7 +232,7 @@
-     if (!isNumber || maxModes == 0) maxModes = 1;
- 
-     QStringList nickList;
--    if (nicks == "*") { // All users in channel
-+    if (nicks == "*" && bufferInfo.type() == BufferInfo::ChannelBuffer) { // All users in channel
-         const QList<IrcUser*> users = network()->ircChannel(bufferInfo.bufferName())->ircUsers();
-         foreach(IrcUser *user, users) {
-             if ((addOrRemove == '+' && !network()->ircChannel(bufferInfo.bufferName())->userModes(user).contains(mode))

quassel_0.13.1_CVE-2021-34825.patch

@@ -1,18 +0,0 @@
-diff --git src/core/sslserver.cpp src/core/sslserver.cpp
-index de420bd8..e4fcbc32 100644
---- src/core/sslserver.cpp
-+++ src/core/sslserver.cpp
-@@ -52,6 +52,13 @@ SslServer::SslServer(QObject *parent)
- 
-     // Initialize the certificates for first-time usage
-     if (!loadCerts()) {
-+        // If the core is unable to load a certificate, and "--require-ssl" is specified,
-+        // do not proceed, throw an exception and quit. This prevents the core from falling
-+        // back to a plaintext-only core when they should be expecting SSL/TLS only.
-+        if (Quassel::isOptionSet("require-ssl")) {
-+            throw ExitException{EXIT_FAILURE, tr("--require-ssl is set, but no SSL certificate is available. Exiting.\n"
-+                                                 "Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.")};
-+        }
-         if (!sslWarningShown) {
-             quWarning()
-             << "SslServer: Unable to set certificate file\n"

quasselclient.appdata.xml

@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Copyright 2016 Ben Rosser <rosser.bjr@gmail.com> -->
-<component type="desktop">
-	<id>quasselclient.desktop</id>
-	<metadata_license>CC0-1.0</metadata_license>
-	<project_license>GPL-3.0</project_license>
-	<name>Quassel Client</name>
-	<summary>Modern distributed IRC client</summary>
-	<description>
-		<p>
-Quassel IRC is a modern, cross-platform, distributed IRC client, meaning that
-one (or multiple) client(s) can attach to and detach from a central core: much
-like the popular combination of screen and a text-based IRC client such as
-WeeChat, but graphical. In addition to this unique feature, we aim to bring a
-pleasurable, comfortable chatting experience to all major platforms, making
-communication with your peers not only convenient, but also available everywhere.
-		</p>
-		<p>
-And the best of all: It's free - as in beer and as in speech.
-		</p>
-		<p>
-This application is the client-only version of Quassel. You must first set up
-(or have been given an account on) the quassel core before using this.
-		</p>
-	</description>
-	<screenshots>
-		<screenshot type="default">
-			<image>http://quassel-irc.org/files/images/20080914-011743-quasselkde4.preview.png</image>
-			<caption>Quassel, with a dark theme enabled</caption>
-		</screenshot>
-		<screenshot type="default">
-			<image>http://quassel-irc.org/files/images/quassel_win7.preview.png</image>
-			<caption>
-The default quassel white theme. Quassel runs on all major desktop platforms,
-and many smartphones as well.
-			</caption>
-		</screenshot>
-	</screenshots>
-
-</component>
-

quasselcore.service

@@ -1,13 +0,0 @@
-[Unit]
-Description=Quassel core service
-After=network.target
-
-[Service]
-Type=simple
-EnvironmentFile=-/etc/quassel.conf
-User=quassel
-ExecStart=/usr/bin/quasselcore --configdir=/var/lib/quassel --listen=${LISTEN} --port=${PORT}
-ExecReload=/bin/kill -HUP $MAINPID
-
-[Install]
-WantedBy=multi-user.target

sources

@@ -1 +1 @@
-SHA512 (quassel-0.14.0.tar.bz2) = ea6b9723acab5ce73f760692770c1340c03bf277d2c99a2520345bfb6a7bb6fdc64a01dccfd7026341b46ee727821e1bcc2f487be72dfbc155f1de1ad264763f
+b6a89db333eb225760f95becd3680ca8  quassel-0.11.0.tar.bz2