From f0003b92674a1f4555dd14ffa271622a3889cd84 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Mon, 4 Jul 2016 12:31:40 +0200
Subject: gajim: Fix against GnuPG 2.1.13

GnuPG 2.1.13 has introduced a KEY_CONSIDERED status, which isn't really
picked up well by Gajim:

https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000390.html

There is also a new NOTATION_FLAGS status, but that shouldn't have an
effect on Gajim.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 modules/user/aszlig/programs/gajim/default.nix        |  2 +-
 modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch

(limited to 'modules/user')

diff --git a/modules/user/aszlig/programs/gajim/default.nix b/modules/user/aszlig/programs/gajim/default.nix
index 4c8a4304..d1218445 100644
--- a/modules/user/aszlig/programs/gajim/default.nix
+++ b/modules/user/aszlig/programs/gajim/default.nix
@@ -41,7 +41,7 @@ let
     patches = (o.patches or []) ++ singleton (pkgs.substituteAll {
       src = ./config.patch;
       nix_config = pkgs.writeText "gajim.config" (import ./config.nix lib);
-    });
+    }) ++ singleton ./gnupg-2.1.13.patch;
     postPatch = (o.postPatch or "") + ''
       sed -i -e '/^export/i export GTK2_RC_FILES="${gtkTheme}"' \
         scripts/gajim.in
diff --git a/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
new file mode 100644
index 00000000..c2898cab
--- /dev/null
+++ b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
@@ -0,0 +1,12 @@
+--- a/src/common/gnupg.py	1970-01-01 01:00:01.000000000 +0100
++++ b/src/common/gnupg.py	2016-07-04 12:23:04.660012839 +0200
+@@ -229,7 +229,8 @@
+                      "DECRYPTION_OKAY", "INV_SGNR", "FILE_START", "FILE_ERROR",
+                      "FILE_DONE", "PKA_TRUST_GOOD", "PKA_TRUST_BAD", "BADMDC",
+                      "GOODMDC", "NO_SGNR", "NOTATION_NAME", "NOTATION_DATA",
+-                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG"):
++                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG",
++                     "KEY_CONSIDERED"):
+             pass
+         elif key == "BADSIG":
+             self.valid = False
-- 
cgit 1.4.1


From 6d2e8976d8fefbafa91638ab0b43aa4a93c4c0d9 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Mon, 4 Jul 2016 12:34:05 +0200
Subject: taalo-build: Set pipefail for nix-instantiate

If the nix-instantiate step in taalo-build should fail, we want it to
fail altogether rather than just going on and bailing out very late
(with an exit status of 0) when the readlink call fails.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 modules/user/aszlig/programs/taalo-build/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'modules/user')

diff --git a/modules/user/aszlig/programs/taalo-build/default.nix b/modules/user/aszlig/programs/taalo-build/default.nix
index 3e89436a..55356e9f 100644
--- a/modules/user/aszlig/programs/taalo-build/default.nix
+++ b/modules/user/aszlig/programs/taalo-build/default.nix
@@ -63,6 +63,7 @@ let
     #!${pkgs.stdenv.shell}
     if tmpdir="$("${pkgs.coreutils}/bin/mktemp" -d -t taalo-build.XXXXXX)"; then
       trap "rm -rf '$tmpdir'" EXIT
+      set -o pipefail
       drvs="$(nix-instantiate --add-root "$tmpdir/derivation" --indirect "$@" \
         | cut -d'!' -f1)" || exit 1
       ${backend} $("${pkgs.coreutils}/bin/readlink" $drvs)
-- 
cgit 1.4.1


From 5b1fef1e9dba778bed0586534744133c17215bca Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Mon, 4 Jul 2016 12:50:09 +0200
Subject: gajim: Fix patch for fixing with GnuPG 2.1.13

The previous patch didn't handle the KEY_CONSIDERED status at the
correct position, because the status will be returned during signing and
not during verification.

So this time, let's handle it during signing and actually test it (I did
and it worked).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

(limited to 'modules/user')

diff --git a/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
index c2898cab..a67188af 100644
--- a/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
+++ b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
@@ -1,12 +1,11 @@
 --- a/src/common/gnupg.py	1970-01-01 01:00:01.000000000 +0100
-+++ b/src/common/gnupg.py	2016-07-04 12:23:04.660012839 +0200
-@@ -229,7 +229,8 @@
-                      "DECRYPTION_OKAY", "INV_SGNR", "FILE_START", "FILE_ERROR",
-                      "FILE_DONE", "PKA_TRUST_GOOD", "PKA_TRUST_BAD", "BADMDC",
-                      "GOODMDC", "NO_SGNR", "NOTATION_NAME", "NOTATION_DATA",
--                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG"):
-+                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG",
-+                     "KEY_CONSIDERED"):
++++ b/src/common/gnupg.py	2016-07-04 12:44:42.680621101 +0200
+@@ -613,7 +613,7 @@
+                    "GOOD_PASSPHRASE", "BEGIN_SIGNING", "CARDCTRL", "INV_SGNR",
+                    "NO_SGNR", "MISSING_PASSPHRASE", "NEED_PASSPHRASE_PIN",
+                    "SC_OP_FAILURE", "SC_OP_SUCCESS", "PROGRESS",
+-                   "PINENTRY_LAUNCHED"):
++                   "PINENTRY_LAUNCHED", "KEY_CONSIDERED"):
              pass
-         elif key == "BADSIG":
-             self.valid = False
+         elif key in ("KEYEXPIRED", "SIGEXPIRED"):
+             self.status = 'key expired'
-- 
cgit 1.4.1


From 0fdabe7ab999ab12b06af6bb2f7aea5d3df81dc3 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Mon, 4 Jul 2016 13:18:11 +0200
Subject: gajim: Provide more complete fix for GnuPG 2.1.13

The previous attempts only fixed the KEY_CONSIDERED status line for a
few specific GnuPG functions, but after looking up the GnuPG source code
the status line can happen on virtually *any* function that looks up one
or more keys.

So this time, we're going to add handling of KEY_CONSIDERED to every
single status line handler.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 .../user/aszlig/programs/gajim/gnupg-2.1.13.patch  | 56 ++++++++++++++++++++--
 1 file changed, 53 insertions(+), 3 deletions(-)

(limited to 'modules/user')

diff --git a/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
index a67188af..062d173f 100644
--- a/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
+++ b/modules/user/aszlig/programs/gajim/gnupg-2.1.13.patch
@@ -1,6 +1,56 @@
---- a/src/common/gnupg.py	1970-01-01 01:00:01.000000000 +0100
-+++ b/src/common/gnupg.py	2016-07-04 12:44:42.680621101 +0200
-@@ -613,7 +613,7 @@
+diff --git a/src/common/gnupg.py b/src/common/gnupg.py
+index 2743f7a..44d494f 100644
+--- a/src/common/gnupg.py
++++ b/src/common/gnupg.py
+@@ -229,7 +229,8 @@ class Verify(object):
+                      "DECRYPTION_OKAY", "INV_SGNR", "FILE_START", "FILE_ERROR",
+                      "FILE_DONE", "PKA_TRUST_GOOD", "PKA_TRUST_BAD", "BADMDC",
+                      "GOODMDC", "NO_SGNR", "NOTATION_NAME", "NOTATION_DATA",
+-                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG"):
++                     "PROGRESS", "PINENTRY_LAUNCHED", "NEWSIG",
++                     "KEY_CONSIDERED"):
+             pass
+         elif key == "BADSIG":
+             self.valid = False
+@@ -330,7 +331,7 @@ class ImportResult(object):
+     }
+ 
+     def handle_status(self, key, value):
+-        if key == "IMPORTED":
++        if key in ("IMPORTED", "KEY_CONSIDERED"):
+             # this duplicates info we already see in import_ok & import_problem
+             pass
+         elif key == "NODATA":
+@@ -510,7 +511,7 @@ class Crypt(Verify, TextHandler):
+         if key in ("ENC_TO", "USERID_HINT", "GOODMDC", "END_DECRYPTION",
+                    "BEGIN_SIGNING", "NO_SECKEY", "ERROR", "NODATA", "PROGRESS",
+                    "CARDCTRL", "BADMDC", "SC_OP_FAILURE", "SC_OP_SUCCESS",
+-                   "PINENTRY_LAUNCHED"):
++                   "PINENTRY_LAUNCHED", "KEY_CONSIDERED"):
+             # in the case of ERROR, this is because a more specific error
+             # message will have come first
+             pass
+@@ -559,7 +560,7 @@ class GenKey(object):
+ 
+     def handle_status(self, key, value):
+         if key in ("PROGRESS", "GOOD_PASSPHRASE", "NODATA", "KEY_NOT_CREATED",
+-                   "PINENTRY_LAUNCHED"):
++                   "PINENTRY_LAUNCHED", "KEY_CONSIDERED"):
+             pass
+         elif key == "KEY_CREATED":
+             (self.type,self.fingerprint) = value.split()
+@@ -582,7 +583,9 @@ class DeleteResult(object):
+     }
+ 
+     def handle_status(self, key, value):
+-        if key == "DELETE_PROBLEM":
++        if key == "KEY_CONSIDERED":
++            pass
++        elif key == "DELETE_PROBLEM":
+             self.status = self.problem_reason.get(value,
+                                                   "Unknown error: %r" % value)
+         else:
+@@ -613,7 +616,7 @@ class Sign(TextHandler):
                     "GOOD_PASSPHRASE", "BEGIN_SIGNING", "CARDCTRL", "INV_SGNR",
                     "NO_SGNR", "MISSING_PASSPHRASE", "NEED_PASSPHRASE_PIN",
                     "SC_OP_FAILURE", "SC_OP_SUCCESS", "PROGRESS",
-- 
cgit 1.4.1


From d7a721d7267e19dd114625e8e3d5c96c95c84e89 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Mon, 4 Jul 2016 13:30:11 +0200
Subject: gajim: Add python-axolotl as a runtime dependency

This is needed to run the OMEMO plugin:

https://github.com/omemo/gajim-omemo

I'm using drvAttrs directly here, so that we can pass
propagatedBuildInputs properly to the wrapper (without duplicating the
dependencies all over the place).

Ideally, this will be fixed in <nixpkgs> but in a much more fine-grained
way in that we are going to have Nix expressions for every single plugin
and its dependencies.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 modules/user/aszlig/programs/gajim/default.nix | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'modules/user')

diff --git a/modules/user/aszlig/programs/gajim/default.nix b/modules/user/aszlig/programs/gajim/default.nix
index d1218445..a3200b8a 100644
--- a/modules/user/aszlig/programs/gajim/default.nix
+++ b/modules/user/aszlig/programs/gajim/default.nix
@@ -37,11 +37,16 @@ let
     gtk-enable-animations = 0
   '';
 
-  gajimPatched = overrideDerivation pkgs.gajim (o: {
+  gajimPatched = let
+    o = pkgs.gajim.drvAttrs;
+  in pkgs.stdenv.mkDerivation (pkgs.gajim.drvAttrs // {
     patches = (o.patches or []) ++ singleton (pkgs.substituteAll {
       src = ./config.patch;
       nix_config = pkgs.writeText "gajim.config" (import ./config.nix lib);
     }) ++ singleton ./gnupg-2.1.13.patch;
+    propagatedBuildInputs = (o.propagatedBuildInputs or []) ++ [
+      pkgs.pythonPackages.python-axolotl
+    ];
     postPatch = (o.postPatch or "") + ''
       sed -i -e '/^export/i export GTK2_RC_FILES="${gtkTheme}"' \
         scripts/gajim.in
-- 
cgit 1.4.1