[gentoo-commits] repo/proj/libressl:master commit in: net-libs/pjproject/files/, net-libs/pjproject/
commit: 11b113dbfb44fc999f737d1718592afa62e70c4c Author: orbea riseup net> AuthorDate: Mon Oct 10 15:53:10 2022 + Commit: Quentin Retornaz retornaz com> CommitDate: Tue Oct 11 22:15:44 2022 + URL:https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=11b113db net-libs/pjproject: Remove package Works with net-libs/pjproject-2.12.1-r1::gentoo Signed-off-by: orbea riseup.net> Closes: https://github.com/gentoo/libressl/pull/463 Signed-off-by: Quentin Retornaz retornaz.com> net-libs/pjproject/Manifest| 1 - ...ct-2.10-CVE-2020-15260-tls-hostname-check.patch | 125 - ...-CVE-2021-21375-negotiation-failure-crash.patch | 45 ...21-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch | 289 - .../pjproject/files/pjproject-2.10-libressl.patch | 17 -- ...ion-between-transport-destroy-and-acquire.patch | 108 .../pjproject/files/pjproject-2.9-config_site.h| 74 -- .../pjproject/files/pjproject-2.9-ssl-enable.patch | 100 --- net-libs/pjproject/metadata.xml| 29 --- net-libs/pjproject/pjproject-2.10-r2.ebuild| 126 - 10 files changed, 914 deletions(-) diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest deleted file mode 100644 index 048f8a5..000 --- a/net-libs/pjproject/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST pjproject-2.10.tar.gz 8768705 BLAKE2B 42d70867e2e0474313426f1e188586d203d6165c28a133a62dedacd2deb2899215212824d9402a48fcc66bb08a17b796d3625e1d51a8aedc9aa4b3a3bf1cb8fa SHA512 a67f083df175b536b4e6a7b7fe39e07d3ee805d6917ec64a50694542a7455c33a100889191044ab3fa679b6656774a6be045621aa53510b5f04cdde9ddd59893 diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch deleted file mode 100644 index 0d7df68..000 --- a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch +++ /dev/null @@ -1,125 +0,0 @@ -From 67e46c1ac45ad784db5b9080f5ed8b133c122872 Mon Sep 17 00:00:00 2001 -From: sauwming -Date: Mon, 8 Mar 2021 17:39:36 +0800 -Subject: [PATCH] Merge pull request from GHSA-8hcp-hm38-mfph - -* Check hostname during TLS transport selection - -* revision based on feedback - -* remove the code in create_request that has been moved - pjsip/include/pjsip/sip_dialog.h | 1 + - pjsip/src/pjsip/sip_dialog.c | 15 +++ - pjsip/src/pjsip/sip_transport.c | 13 + - pjsip/src/pjsip/sip_util.c | 11 --- - 4 files changed, 37 insertions(+), 3 deletions(-) - -diff --git a/pjsip/include/pjsip/sip_dialog.h b/pjsip/include/pjsip/sip_dialog.h -index a0214d28c..e314c2ece 100644 a/pjsip/include/pjsip/sip_dialog.h -+++ b/pjsip/include/pjsip/sip_dialog.h -@@ -165,6 +165,7 @@ struct pjsip_dialog - pjsip_route_hdr route_set; /**< Route set. */ - pj_bool_t route_set_frozen; /**< Route set has been set. */ - pjsip_auth_clt_sess auth_sess; /**< Client authentication session. */ -+pj_str_t initial_dest;/**< Initial destination host. */ - - /** Session counter. */ - int sess_count; /**< Number of sessions. */ -diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c -index 27530e4f2..9571b5a35 100644 a/pjsip/src/pjsip/sip_dialog.c -+++ b/pjsip/src/pjsip/sip_dialog.c -@@ -467,6 +467,10 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua, - - /* Save the remote info. */ - pj_strdup(dlg->pool, >remote.info_str, ); -+ -+/* Save initial destination host from transport's info */ -+pj_strdup(dlg->pool, >initial_dest, -+>tp_info.transport->remote_name.host); - - - /* Init remote's contact from Contact header. -@@ -1192,6 +1196,12 @@ static pj_status_t dlg_create_request_throw( pjsip_dialog *dlg, - return status; - } - -+/* Copy the initial destination host to tdata. This information can be -+ * used later by transport for transport selection. -+ */ -+if (dlg->initial_dest.slen) -+ pj_strdup(tdata->pool, >dest_info.name, >initial_dest); -+ - /* Done. */ - *p_tdata = tdata; - -@@ -1822,6 +1832,11 @@ static void dlg_update_routeset(pjsip_dialog *dlg, const pjsip_rx_data *rdata) - * transaction as the initial transaction that establishes dialog. - */ - if (dlg->role == PJSIP_ROLE_UAC) { -+ /* Save initial destination host from transport's info. */ -+ if (!dlg->initial_dest.slen) { -+ pj_strdup(dlg->pool, >initial_dest, -+>tp_info.transport->remote_name.host); -+ } - - /* Ignore subsequent request from remote */ - if (msg->type != PJSIP_RESPONSE_MSG) -diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c -index bef6d24fe..177274b08 100644
[gentoo-commits] repo/proj/libressl:master commit in: net-libs/pjproject/, net-libs/pjproject/files/
commit: de95d5bb2d85d57be5c31fad028d148f5321d542 Author: orbea riseup net> AuthorDate: Wed Jul 6 04:11:55 2022 + Commit: Quentin Retornaz retornaz com> CommitDate: Sun Jul 10 22:49:23 2022 + URL:https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=de95d5bb net-libs/pjproject: Remove old version Signed-off-by: orbea riseup.net> Closes: https://github.com/gentoo/libressl/pull/437 Signed-off-by: Quentin Retornaz retornaz.com> net-libs/pjproject/Manifest| 1 - .../pjproject/files/pjproject-2.7.2-libressl.patch | 98 -- .../files/pjproject-2.7.2-ssl-flipflop.patch | 103 --- net-libs/pjproject/pjproject-2.7.2-r2.ebuild | 114 - 4 files changed, 316 deletions(-) diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest index 6adb41c..048f8a5 100644 --- a/net-libs/pjproject/Manifest +++ b/net-libs/pjproject/Manifest @@ -1,2 +1 @@ DIST pjproject-2.10.tar.gz 8768705 BLAKE2B 42d70867e2e0474313426f1e188586d203d6165c28a133a62dedacd2deb2899215212824d9402a48fcc66bb08a17b796d3625e1d51a8aedc9aa4b3a3bf1cb8fa SHA512 a67f083df175b536b4e6a7b7fe39e07d3ee805d6917ec64a50694542a7455c33a100889191044ab3fa679b6656774a6be045621aa53510b5f04cdde9ddd59893 -DIST pjproject-2.7.2.tar.bz2 4994233 BLAKE2B 44ecaf0997d5dd9b18e0b811cead7c9104e63894fa06fb1d64e79b60fa4210968fd90ef47e5f5be3629675363c8756ce3bc1834caa9700654ab4c53efe676ee7 SHA512 3d355ffcbbeed62cfc711e574a987dc06043ccf4f2625820adffa89167022b8306fcee3fada71d3d45e7b902fc9c65ac8221de101cbafed25362a3921f702afd diff --git a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch b/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch deleted file mode 100644 index 07efa9c..000 --- a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch +++ /dev/null @@ -1,98 +0,0 @@ -Index: /third_party/srtp/crypto/hash/hmac_ossl.c -=== /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5725) -+++ /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5726) -@@ -52,6 +52,8 @@ - #include - #include -+#include - - #define SHA1_DIGEST_SIZE 20 -+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER)) - - /* the debug module for authentiation */ -@@ -77,5 +79,5 @@ - /* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated -using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */ --#if OPENSSL_VERSION_NUMBER < 0x1010L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x1010L - { - /* allocate memory for auth and HMAC_CTX structures */ -@@ -122,5 +124,5 @@ - hmac_ctx = (HMAC_CTX*)a->state; - --#if OPENSSL_VERSION_NUMBER < 0x1010L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x1010L - HMAC_CTX_cleanup(hmac_ctx); - -Index: /pjlib/src/pj/ssl_sock_ossl.c -=== /pjlib/src/pj/ssl_sock_ossl.c (revision 5725) -+++ /pjlib/src/pj/ssl_sock_ossl.c (revision 5726) -@@ -56,6 +56,10 @@ - #include - #include -- --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#include -+ -+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER)) -+ -+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \ -+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL - - # include -@@ -115,5 +119,5 @@ - - --#if OPENSSL_VERSION_NUMBER >= 0x1010L -+#if !USING_LIBRESSL && OPENSSL_VERSION_NUMBER >= 0x1010L - # define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */ - # define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x) -@@ -539,5 +543,5 @@ - - /* Init OpenSSL lib */ --#if OPENSSL_VERSION_NUMBER < 0x1010L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x1010L - SSL_library_init(); - SSL_load_error_strings(); -@@ -560,5 +564,7 @@ - const char *cname; - --#if OPENSSL_VERSION_NUMBER < 0x1010L -+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\ -+|| OPENSSL_VERSION_NUMBER < 0x1010L -+ - meth = (SSL_METHOD*)SSLv23_server_method(); - if (!meth) -@@ -603,5 +609,6 @@ - SSL_set_session(ssl, SSL_SESSION_new()); - --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \ -+&& OPENSSL_VERSION_NUMBER >= 0x1000200fL - openssl_curves_num = SSL_get_shared_curve(ssl,-1); - if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves)) -@@ -795,5 +802,6 @@ - - /* Determine SSL method to use */ --#if OPENSSL_VERSION_NUMBER < 0x1010L -+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\ -+|| OPENSSL_VERSION_NUMBER < 0x1010L - switch (ssock->param.proto) { - case PJ_SSL_SOCK_PROTO_TLS1: -@@ -1232,5 +1240,6 @@ - static pj_status_t set_curves_list(pj_ssl_sock_t *ssock) - { --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >=
[gentoo-commits] repo/proj/libressl:master commit in: net-libs/pjproject/, net-libs/pjproject/files/
commit: df7659707786500b32825b8407c13c30b9ef4201 Author: orbea riseup net> AuthorDate: Wed Jul 6 04:10:42 2022 + Commit: Quentin Retornaz retornaz com> CommitDate: Sun Jul 10 22:49:19 2022 + URL:https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=df765970 net-libs/pjproject: Add 2.10-r2 Signed-off-by: orbea riseup.net> Signed-off-by: Quentin Retornaz retornaz.com> net-libs/pjproject/Manifest| 1 + ...ct-2.10-CVE-2020-15260-tls-hostname-check.patch | 125 + ...-CVE-2021-21375-negotiation-failure-crash.patch | 45 ...21-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch | 289 + .../pjproject/files/pjproject-2.10-libressl.patch | 17 ++ ...ion-between-transport-destroy-and-acquire.patch | 108 .../pjproject/files/pjproject-2.9-config_site.h| 74 ++ .../pjproject/files/pjproject-2.9-ssl-enable.patch | 100 +++ net-libs/pjproject/metadata.xml| 8 +- net-libs/pjproject/pjproject-2.10-r2.ebuild| 126 + 10 files changed, 890 insertions(+), 3 deletions(-) diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest index 0b9f89a..6adb41c 100644 --- a/net-libs/pjproject/Manifest +++ b/net-libs/pjproject/Manifest @@ -1 +1,2 @@ +DIST pjproject-2.10.tar.gz 8768705 BLAKE2B 42d70867e2e0474313426f1e188586d203d6165c28a133a62dedacd2deb2899215212824d9402a48fcc66bb08a17b796d3625e1d51a8aedc9aa4b3a3bf1cb8fa SHA512 a67f083df175b536b4e6a7b7fe39e07d3ee805d6917ec64a50694542a7455c33a100889191044ab3fa679b6656774a6be045621aa53510b5f04cdde9ddd59893 DIST pjproject-2.7.2.tar.bz2 4994233 BLAKE2B 44ecaf0997d5dd9b18e0b811cead7c9104e63894fa06fb1d64e79b60fa4210968fd90ef47e5f5be3629675363c8756ce3bc1834caa9700654ab4c53efe676ee7 SHA512 3d355ffcbbeed62cfc711e574a987dc06043ccf4f2625820adffa89167022b8306fcee3fada71d3d45e7b902fc9c65ac8221de101cbafed25362a3921f702afd diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch new file mode 100644 index 000..0d7df68 --- /dev/null +++ b/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch @@ -0,0 +1,125 @@ +From 67e46c1ac45ad784db5b9080f5ed8b133c122872 Mon Sep 17 00:00:00 2001 +From: sauwming +Date: Mon, 8 Mar 2021 17:39:36 +0800 +Subject: [PATCH] Merge pull request from GHSA-8hcp-hm38-mfph + +* Check hostname during TLS transport selection + +* revision based on feedback + +* remove the code in create_request that has been moved +--- + pjsip/include/pjsip/sip_dialog.h | 1 + + pjsip/src/pjsip/sip_dialog.c | 15 +++ + pjsip/src/pjsip/sip_transport.c | 13 + + pjsip/src/pjsip/sip_util.c | 11 --- + 4 files changed, 37 insertions(+), 3 deletions(-) + +diff --git a/pjsip/include/pjsip/sip_dialog.h b/pjsip/include/pjsip/sip_dialog.h +index a0214d28c..e314c2ece 100644 +--- a/pjsip/include/pjsip/sip_dialog.h b/pjsip/include/pjsip/sip_dialog.h +@@ -165,6 +165,7 @@ struct pjsip_dialog + pjsip_route_hdr route_set; /**< Route set. */ + pj_bool_t route_set_frozen; /**< Route set has been set. */ + pjsip_auth_clt_sess auth_sess; /**< Client authentication session. */ ++pj_str_t initial_dest;/**< Initial destination host. */ + + /** Session counter. */ + int sess_count; /**< Number of sessions. */ +diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c +index 27530e4f2..9571b5a35 100644 +--- a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c +@@ -467,6 +467,10 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua, + + /* Save the remote info. */ + pj_strdup(dlg->pool, >remote.info_str, ); ++ ++/* Save initial destination host from transport's info */ ++pj_strdup(dlg->pool, >initial_dest, ++>tp_info.transport->remote_name.host); + + + /* Init remote's contact from Contact header. +@@ -1192,6 +1196,12 @@ static pj_status_t dlg_create_request_throw( pjsip_dialog *dlg, + return status; + } + ++/* Copy the initial destination host to tdata. This information can be ++ * used later by transport for transport selection. ++ */ ++if (dlg->initial_dest.slen) ++ pj_strdup(tdata->pool, >dest_info.name, >initial_dest); ++ + /* Done. */ + *p_tdata = tdata; + +@@ -1822,6 +1832,11 @@ static void dlg_update_routeset(pjsip_dialog *dlg, const pjsip_rx_data *rdata) + * transaction as the initial transaction that establishes dialog. + */ + if (dlg->role == PJSIP_ROLE_UAC) { ++ /* Save initial destination host from transport's info. */ ++ if (!dlg->initial_dest.slen) { ++ pj_strdup(dlg->pool, >initial_dest, ++>tp_info.transport->remote_name.host); ++ } + +
[gentoo-commits] repo/proj/libressl:master commit in: net-libs/pjproject/
commit: 728e446b77b519069608454d30b95a7fdcdd40c4 Author: Quentin Retornaz retornaz com> AuthorDate: Sun May 2 23:38:05 2021 + Commit: Quentin Retornaz retornaz com> CommitDate: Sun May 2 23:38:05 2021 + URL:https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=728e446b net-libs/pjproject: remove libressl USE flag Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Quentin Retornaz retornaz.com> net-libs/pjproject/metadata.xml | 2 -- net-libs/pjproject/pjproject-2.7.2-r2.ebuild | 7 ++- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/net-libs/pjproject/metadata.xml b/net-libs/pjproject/metadata.xml index ebb6d87..e737916 100644 --- a/net-libs/pjproject/metadata.xml +++ b/net-libs/pjproject/metadata.xml @@ -15,7 +15,6 @@ Include G.711 codecs in the build Include G.722 codec in the build Include G.722.1 codec in the build - Include G.729 codec via net-libs/bcg729 Include iLBC codec in the build Include Linear/L16 codec family in the build Include libyuv in the build @@ -23,7 +22,6 @@ Include resampling implementations in the build Include SILK support in the build Include Video4Linux v2 support in the build - Include VP8 and VP9 codec support in the build Enable WebRTC support diff --git a/net-libs/pjproject/pjproject-2.7.2-r2.ebuild b/net-libs/pjproject/pjproject-2.7.2-r2.ebuild index e31ed4a..e7a5866 100644 --- a/net-libs/pjproject/pjproject-2.7.2-r2.ebuild +++ b/net-libs/pjproject/pjproject-2.7.2-r2.ebuild @@ -15,7 +15,7 @@ SLOT="0" CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16" VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv" SOUND_FLAGS="alsa oss portaudio" -IUSE="amr debug doc epoll examples ipv6 libressl opus resample silk ssl static-libs webrtc ${CODEC_FLAGS} ${VIDEO_FLAGS} ${SOUND_FLAGS}" +IUSE="amr debug doc epoll examples ipv6 opus resample silk ssl static-libs webrtc ${CODEC_FLAGS} ${VIDEO_FLAGS} ${SOUND_FLAGS}" PATCHES=( "${FILESDIR}"/${P}-ssl-flipflop.patch @@ -37,10 +37,7 @@ RDEPEND="alsa? ( media-libs/alsa-lib ) openh264? ( media-libs/openh264 ) resample? ( media-libs/libsamplerate ) - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) - ) + ssl? ( dev-libs/openssl:0= ) net-libs/libsrtp:0" DEPEND="${RDEPEND}