summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJaco Kroon <jaco@uls.co.za>2021-07-24 10:36:57 +0200
committerJoonas Niilola <juippis@gentoo.org>2022-06-15 16:32:11 +0300
commit74bc4476b50218718af7c43038176f1d69c50e61 (patch)
tree0b4526f51d0f3303d65bd533e0bd5bd74a331308
parentsys-cluster/glusterfs: version 10.2 (diff)
downloadgentoo-74bc4476b50218718af7c43038176f1d69c50e61.tar.gz
gentoo-74bc4476b50218718af7c43038176f1d69c50e61.tar.bz2
gentoo-74bc4476b50218718af7c43038176f1d69c50e61.zip
net-libs/pjproject: Version 2.12.1.
Upstream release. Remove the need for custom patches (which is still required but no longer applies, instead, rely on ./configure detecting openssl, we do depend on it, and only --disable-ssl works, passing --enable-ssl also effectively disables ssl). Compile tested asterisk 13, 16 and 18 (in-tree versions) against this. Would appreciate a double-check on this one. One version from each is sufficient. Since the two libraries that were the target of parallel build failures are now one, I believe the parallel build issue is fixed too. Included patch for CVE-2022-31031 Closes: https://bugs.gentoo.org/833765 Closes: https://bugs.gentoo.org/817803 Closes: https://bugs.gentoo.org/808099 Closes: https://bugs.gentoo.org/834491 Bug: https://bugs.gentoo.org/803614 Bug: https://bugs.gentoo.org/765799 Bug: https://bugs.gentoo.org/829894 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Closes: https://github.com/gentoo/gentoo/pull/21761 Signed-off-by: Joonas Niilola <juippis@gentoo.org>
-rw-r--r--net-libs/pjproject/Manifest1
-rw-r--r--net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch41
-rw-r--r--net-libs/pjproject/pjproject-2.12.1.ebuild125
3 files changed, 167 insertions, 0 deletions
diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest
index 048f8a59e96f..b0c9fcafc2b1 100644
--- a/net-libs/pjproject/Manifest
+++ b/net-libs/pjproject/Manifest
@@ -1 +1,2 @@
DIST pjproject-2.10.tar.gz 8768705 BLAKE2B 42d70867e2e0474313426f1e188586d203d6165c28a133a62dedacd2deb2899215212824d9402a48fcc66bb08a17b796d3625e1d51a8aedc9aa4b3a3bf1cb8fa SHA512 a67f083df175b536b4e6a7b7fe39e07d3ee805d6917ec64a50694542a7455c33a100889191044ab3fa679b6656774a6be045621aa53510b5f04cdde9ddd59893
+DIST pjproject-2.12.1.tar.gz 9660659 BLAKE2B d893f22d995c9570e4003f80adf15144cf39e09d5843a88e3a616a529a91164ec7b012ea66ede8d55bfe4ec0dc4eca7d230f07fc66f06dfafaea9d5ff72910fa SHA512 9087456024b8886e56660cebc45c7093b3b91cd6b08a3926fa2c0de452989ac84ceb4e27413c0311bde95f271341ee44d9681f81f83602a4e16151f1831d773b
diff --git a/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch b/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch
new file mode 100644
index 000000000000..637b7f374ffc
--- /dev/null
+++ b/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch
@@ -0,0 +1,41 @@
+From 450baca94f475345542c6953832650c390889202 Mon Sep 17 00:00:00 2001
+From: sauwming <ming@teluu.com>
+Date: Tue, 7 Jun 2022 12:00:13 +0800
+Subject: [PATCH] Merge pull request from GHSA-26j7-ww69-c4qj
+
+---
+ pjlib-util/src/pjlib-util/stun_simple.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/pjlib-util/src/pjlib-util/stun_simple.c b/pjlib-util/src/pjlib-util/stun_simple.c
+index 722519584..d0549176d 100644
+--- a/pjlib-util/src/pjlib-util/stun_simple.c
++++ b/pjlib-util/src/pjlib-util/stun_simple.c
+@@ -54,6 +54,7 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len,
+ {
+ pj_uint16_t msg_type, msg_len;
+ char *p_attr;
++ int attr_max_cnt = PJ_ARRAY_SIZE(msg->attr);
+
+ PJ_CHECK_STACK();
+
+@@ -83,7 +84,7 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len,
+ msg->attr_count = 0;
+ p_attr = (char*)buf + sizeof(pjstun_msg_hdr);
+
+- while (msg_len > 0) {
++ while (msg_len > 0 && msg->attr_count < attr_max_cnt) {
+ pjstun_attr_hdr **attr = &msg->attr[msg->attr_count];
+ pj_uint32_t len;
+ pj_uint16_t attr_type;
+@@ -111,6 +112,10 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len,
+ p_attr += len;
+ ++msg->attr_count;
+ }
++ if (msg->attr_count == attr_max_cnt) {
++ PJ_LOG(4, (THIS_FILE, "Warning: max number attribute %d reached.",
++ attr_max_cnt));
++ }
+
+ return PJ_SUCCESS;
+ }
diff --git a/net-libs/pjproject/pjproject-2.12.1.ebuild b/net-libs/pjproject/pjproject-2.12.1.ebuild
new file mode 100644
index 000000000000..7571fc933d02
--- /dev/null
+++ b/net-libs/pjproject/pjproject-2.12.1.ebuild
@@ -0,0 +1,125 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools flag-o-matic toolchain-funcs
+
+DESCRIPTION="Open source SIP, Media, and NAT Traversal Library"
+HOMEPAGE="https://www.pjsip.org/"
+SRC_URI="https://github.com/pjsip/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86"
+
+LICENSE="GPL-2"
+SLOT="0/${PV}"
+
+# g729 not included due to special bcg729 handling.
+CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16"
+VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv vpx"
+SOUND_FLAGS="alsa portaudio"
+IUSE="amr debug epoll examples ipv6 opus resample silk ssl static-libs webrtc
+ ${CODEC_FLAGS} g729
+ ${VIDEO_FLAGS}
+ ${SOUND_FLAGS}"
+
+RDEPEND="net-libs/libsrtp:=
+ alsa? ( media-libs/alsa-lib )
+ amr? ( media-libs/opencore-amr )
+ ffmpeg? ( media-video/ffmpeg:= )
+ g729? ( media-libs/bcg729 )
+ gsm? ( media-sound/gsm )
+ ilbc? ( media-libs/libilbc )
+ openh264? ( media-libs/openh264 )
+ opus? ( media-libs/opus )
+ portaudio? ( media-libs/portaudio )
+ resample? ( media-libs/libsamplerate )
+ sdl? ( media-libs/libsdl )
+ speex? (
+ media-libs/speex
+ media-libs/speexdsp
+ )
+ ssl? (
+ dev-libs/openssl:0=
+ )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+PATCHES=(
+ "${FILESDIR}/pjproject-2.12.1-CVE-2022-31031.patch"
+)
+
+src_prepare() {
+ default
+ rm configure || die "Unable to remove unwanted wrapper"
+ mv aconfigure.ac configure.ac || die "Unable to rename configure script source"
+ eautoreconf
+
+ cp "${FILESDIR}/pjproject-2.9-config_site.h" "${S}/pjlib/include/pj/config_site.h" || die "Unable to create config_site.h"
+}
+
+_pj_enable() {
+ usex "$1" '' "--disable-${2:-$1}"
+}
+
+src_configure() {
+ local myconf=()
+ local videnable="--disable-video"
+ local t
+
+ use debug || append-cflags -DNDEBUG=1
+ use ipv6 && append-cflags -DPJ_HAS_IPV6=1
+ append-cflags -DPJMEDIA_HAS_SRTP=1
+
+ for t in ${CODEC_FLAGS}; do
+ myconf+=( $(_pj_enable ${t} ${t}-codec) )
+ done
+ myconf+=( $(_pj_enable g729 bcg729) )
+
+ for t in ${VIDEO_FLAGS}; do
+ myconf+=( $(_pj_enable ${t}) )
+ use "${t}" && videnable="--enable-video"
+ done
+
+ [ "${videnable}" = "--enable-video" ] && append-cflags -DPJMEDIA_HAS_VIDEO=1
+
+ LD="$(tc-getCC)" econf \
+ --enable-shared \
+ --with-external-srtp \
+ ${videnable} \
+ $(_pj_enable alsa sound) \
+ $(_pj_enable amr opencore-amr) \
+ $(_pj_enable epoll) \
+ $(_pj_enable opus) \
+ $(_pj_enable portaudio ext-sound) \
+ $(_pj_enable resample libsamplerate) \
+ $(_pj_enable resample resample-dll) \
+ $(_pj_enable resample) \
+ $(_pj_enable silk) \
+ $(_pj_enable speex speex-aec) \
+ $(_pj_enable ssl) \
+ $(_pj_enable webrtc libwebrtc) \
+ $(use_with gsm external-gsm) \
+ $(use_with portaudio external-pa) \
+ $(use_with speex external-speex) \
+ "${myconf[@]}"
+}
+
+src_compile() {
+ emake dep LD="$(tc-getCC)"
+ emake LD="$(tc-getCC)"
+}
+
+src_install() {
+ default
+
+ newbin pjsip-apps/bin/pjsua-${CHOST} pjsua
+ newbin pjsip-apps/bin/pjsystest-${CHOST} pjsystest
+
+ if use examples; then
+ insinto "/usr/share/doc/${PF}/examples"
+ doins -r pjsip-apps/src/samples
+ fi
+
+ use static-libs || rm "${ED}/usr/$(get_libdir)"/*.a || die "Error removing static archives"
+}