Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Kenton Groombridge <concord@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-voip/mumble/, net-voip/mumble/files/
Date: Wed, 31 Aug 2022 14:52:32
Message-Id: 1661957426.f1a4d26b145ab141e374a878321a89afb71feea0.concord@gentoo
1 commit: f1a4d26b145ab141e374a878321a89afb71feea0
2 Author: Kenton Groombridge <concord <AT> gentoo <DOT> org>
3 AuthorDate: Wed Aug 31 14:21:22 2022 +0000
4 Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
5 CommitDate: Wed Aug 31 14:50:26 2022 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1a4d26b
7
8 net-voip/mumble: move crypto threads patch to dev space
9
10 This patch is also shared with net-voip/murmur.
11
12 Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
13
14 net-voip/mumble/Manifest | 1 +
15 .../mumble/files/mumble-1.4-crypto-threads.patch | 131 ---------------------
16 net-voip/mumble/mumble-1.4.274-r1.ebuild | 3 +-
17 3 files changed, 3 insertions(+), 132 deletions(-)
18
19 diff --git a/net-voip/mumble/Manifest b/net-voip/mumble/Manifest
20 index 6adcf87553bb..ba7d6f1036de 100644
21 --- a/net-voip/mumble/Manifest
22 +++ b/net-voip/mumble/Manifest
23 @@ -1,4 +1,5 @@
24 DIST mumble-1.3.4.tar.gz 8592741 BLAKE2B bcde3fd859ec4faea06f996cd4c583af7c0b8409cca79cb05ef8ba7fcdeac9e49ed1d07a4131225dd582da7610190d4006abc731fd4276b2288e02e8c18effb6 SHA512 e2dde5aad30d1a931e7acd8d7db0b8c785d3a268d0b8cf5626fa03953a51bcadb719c6682c440d02524e83beee13d73d8f5bb3fdf98ab1c82d3ecf824cc25f68
25 +DIST mumble-1.4-crypto-threads.patch.xz 1472 BLAKE2B 18f64d7b63a5ac253792e31fe272870a8e6a8bec542c163c6f63e9c80157329ce07e3d8753aa4c29429980903207c457c6488ff81d7dffcc48426a022a8d1767 SHA512 981db1f7d877fa9ab92875449486074c31ea269a48db49cafa9e37380dfb1140d7d4a225765d2f5333b27aa2d271427287ac5c7d32a525eded455d734aca7d8b
26 DIST mumble-1.4-odr.patch.xz 1088 BLAKE2B 48a7b04ef31f7d0f4cc7e5632ba8f328e5a7fa6961cd971b66a761366351a9a99e3cecce911c90701688083e03f2b63e6838083a8ab669f86fe0fecf23a8596d SHA512 600807cbd893f585c621e7267ee16e2828428fff17aa7eb36b8595164356ef73be2765a41ff9cd7c549c11a63abbf593b0172e56e07571e1c0a3c86fd14e5f15
27 DIST mumble-1.4-openssl3.patch.xz 4172 BLAKE2B 5b68f023e218628a4d73b0991dcc7790ce5f92ce6a27c372c5e80b1f3a8beafa3ddd6416b884705b321aee31ea4f5e09dda6ceb240272dde64f420fbeb06845a SHA512 3a4e504f3365e93418cb85d0da4e6f2f54ab904283743907604bb39276560a4215d9bea1b225601789d1c3d84d270c04840ec57cd04e3df1204cc586ea42562a
28 DIST mumble-1.4.274.tar.gz 9446657 BLAKE2B db1909eaab0bd1fca1f65023ff695c753af7721032305ad0c2da8246cfd91f0ed097fe0dc3b6e09c96a78f1b9df671847e1c48f3f24ac58b477148b91e24e660 SHA512 6a585b75db966c45783eab9097dc93d597ef1b718a3b7b9cf544f92c94d4305c2cac6c959931ade62d5d104a89cb41e7ca44347d49ec170687fc92d2e8b718a2
29
30 diff --git a/net-voip/mumble/files/mumble-1.4-crypto-threads.patch b/net-voip/mumble/files/mumble-1.4-crypto-threads.patch
31 deleted file mode 100644
32 index 0ad371cd6c63..000000000000
33 --- a/net-voip/mumble/files/mumble-1.4-crypto-threads.patch
34 +++ /dev/null
35 @@ -1,131 +0,0 @@
36 -commit f8d47db318f302f5a7d343f15c9936c7030c49c4
37 -Author: Terry Geng <terry@×××××××.com>
38 -Date: Sun Dec 12 22:39:38 2021 -0500
39 -
40 - FIX(crypto): Sharing EVP context between threads crushes Mumble
41 -
42 - Functions ocb_encrypt and ocb_decrypt share the same set
43 - of encrypt and decrypt contexts. However, they are invoked
44 - in different threads (audio input thread and server
45 - handler thread).
46 - This may lead to conflicts that would crash Mumble.
47 - This patch separates contexts used in these two functions
48 - to avoid such conflicts.
49 -
50 - Fixes #5361
51 -
52 -diff --git a/src/crypto/CryptStateOCB2.cpp b/src/crypto/CryptStateOCB2.cpp
53 -index 640fdedac..3b3473ffe 100644
54 ---- a/src/crypto/CryptStateOCB2.cpp
55 -+++ b/src/crypto/CryptStateOCB2.cpp
56 -@@ -30,7 +30,9 @@
57 - #include <cstring>
58 - #include <openssl/rand.h>
59 -
60 --CryptStateOCB2::CryptStateOCB2() : CryptState(), enc_ctx(EVP_CIPHER_CTX_new()), dec_ctx(EVP_CIPHER_CTX_new()) {
61 -+CryptStateOCB2::CryptStateOCB2()
62 -+ : CryptState(), enc_ctx_ocb_enc(EVP_CIPHER_CTX_new()), dec_ctx_ocb_enc(EVP_CIPHER_CTX_new()),
63 -+ enc_ctx_ocb_dec(EVP_CIPHER_CTX_new()), dec_ctx_ocb_dec(EVP_CIPHER_CTX_new()) {
64 - for (int i = 0; i < 0x100; i++)
65 - decrypt_history[i] = 0;
66 - memset(raw_key, 0, AES_KEY_SIZE_BYTES);
67 -@@ -39,8 +41,10 @@ CryptStateOCB2::CryptStateOCB2() : CryptState(), enc_ctx(EVP_CIPHER_CTX_new()),
68 - }
69 -
70 - CryptStateOCB2::~CryptStateOCB2() noexcept {
71 -- EVP_CIPHER_CTX_free(enc_ctx);
72 -- EVP_CIPHER_CTX_free(dec_ctx);
73 -+ EVP_CIPHER_CTX_free(enc_ctx_ocb_enc);
74 -+ EVP_CIPHER_CTX_free(dec_ctx_ocb_enc);
75 -+ EVP_CIPHER_CTX_free(enc_ctx_ocb_dec);
76 -+ EVP_CIPHER_CTX_free(dec_ctx_ocb_dec);
77 - }
78 -
79 - bool CryptStateOCB2::isValid() const {
80 -@@ -257,25 +261,28 @@ static void inline ZERO(keyblock &block) {
81 - block[i] = 0;
82 - }
83 -
84 --#define AESencrypt(src, dst, key) \
85 -- { \
86 -- int outlen = 0; \
87 -- EVP_EncryptInit_ex(enc_ctx, EVP_aes_128_ecb(), NULL, key, NULL); \
88 -- EVP_CIPHER_CTX_set_padding(enc_ctx, 0); \
89 -- EVP_EncryptUpdate(enc_ctx, reinterpret_cast< unsigned char * >(dst), &outlen, \
90 -- reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE); \
91 -- EVP_EncryptFinal_ex(enc_ctx, reinterpret_cast< unsigned char * >(dst + outlen), &outlen); \
92 -+#define AESencrypt_ctx(src, dst, key, enc_ctx) \
93 -+ { \
94 -+ int outlen = 0; \
95 -+ EVP_EncryptInit_ex(enc_ctx, EVP_aes_128_ecb(), NULL, key, NULL); \
96 -+ EVP_CIPHER_CTX_set_padding(enc_ctx, 0); \
97 -+ EVP_EncryptUpdate(enc_ctx, reinterpret_cast< unsigned char * >(dst), &outlen, \
98 -+ reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE); \
99 -+ EVP_EncryptFinal_ex(enc_ctx, reinterpret_cast< unsigned char * >((dst) + outlen), &outlen); \
100 - }
101 --#define AESdecrypt(src, dst, key) \
102 -- { \
103 -- int outlen = 0; \
104 -- EVP_DecryptInit_ex(dec_ctx, EVP_aes_128_ecb(), NULL, key, NULL); \
105 -- EVP_CIPHER_CTX_set_padding(dec_ctx, 0); \
106 -- EVP_DecryptUpdate(dec_ctx, reinterpret_cast< unsigned char * >(dst), &outlen, \
107 -- reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE); \
108 -- EVP_DecryptFinal_ex(dec_ctx, reinterpret_cast< unsigned char * >(dst + outlen), &outlen); \
109 -+#define AESdecrypt_ctx(src, dst, key, dec_ctx) \
110 -+ { \
111 -+ int outlen = 0; \
112 -+ EVP_DecryptInit_ex(dec_ctx, EVP_aes_128_ecb(), NULL, key, NULL); \
113 -+ EVP_CIPHER_CTX_set_padding(dec_ctx, 0); \
114 -+ EVP_DecryptUpdate(dec_ctx, reinterpret_cast< unsigned char * >(dst), &outlen, \
115 -+ reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE); \
116 -+ EVP_DecryptFinal_ex(dec_ctx, reinterpret_cast< unsigned char * >((dst) + outlen), &outlen); \
117 - }
118 -
119 -+#define AESencrypt(src, dst, key) AESencrypt_ctx(src, dst, key, enc_ctx_ocb_enc)
120 -+#define AESdecrypt(src, dst, key) AESdecrypt_ctx(src, dst, key, dec_ctx_ocb_enc)
121 -+
122 - bool CryptStateOCB2::ocb_encrypt(const unsigned char *plain, unsigned char *encrypted, unsigned int len,
123 - const unsigned char *nonce, unsigned char *tag, bool modifyPlainOnXEXStarAttack) {
124 - keyblock checksum, delta, tmp, pad;
125 -@@ -345,6 +352,12 @@ bool CryptStateOCB2::ocb_encrypt(const unsigned char *plain, unsigned char *encr
126 - return success;
127 - }
128 -
129 -+#undef AESencrypt
130 -+#undef AESdecrypt
131 -+
132 -+#define AESencrypt(src, dst, key) AESencrypt_ctx(src, dst, key, enc_ctx_ocb_dec)
133 -+#define AESdecrypt(src, dst, key) AESdecrypt_ctx(src, dst, key, dec_ctx_ocb_dec)
134 -+
135 - bool CryptStateOCB2::ocb_decrypt(const unsigned char *encrypted, unsigned char *plain, unsigned int len,
136 - const unsigned char *nonce, unsigned char *tag) {
137 - keyblock checksum, delta, tmp, pad;
138 -@@ -392,9 +405,9 @@ bool CryptStateOCB2::ocb_decrypt(const unsigned char *encrypted, unsigned char *
139 - return success;
140 - }
141 -
142 -+#undef AESencrypt
143 -+#undef AESdecrypt
144 - #undef BLOCKSIZE
145 - #undef SHIFTBITS
146 - #undef SWAPPED
147 - #undef HIGHBIT
148 --#undef AESencrypt
149 --#undef AESdecrypt
150 -diff --git a/src/crypto/CryptStateOCB2.h b/src/crypto/CryptStateOCB2.h
151 -index cc3f1c0bc..0fd3000ad 100644
152 ---- a/src/crypto/CryptStateOCB2.h
153 -+++ b/src/crypto/CryptStateOCB2.h
154 -@@ -44,8 +44,10 @@ private:
155 - unsigned char decrypt_iv[AES_BLOCK_SIZE];
156 - unsigned char decrypt_history[0x100];
157 -
158 -- EVP_CIPHER_CTX *enc_ctx;
159 -- EVP_CIPHER_CTX *dec_ctx;
160 -+ EVP_CIPHER_CTX *enc_ctx_ocb_enc;
161 -+ EVP_CIPHER_CTX *dec_ctx_ocb_enc;
162 -+ EVP_CIPHER_CTX *enc_ctx_ocb_dec;
163 -+ EVP_CIPHER_CTX *dec_ctx_ocb_dec;
164 - };
165 -
166 -
167
168 diff --git a/net-voip/mumble/mumble-1.4.274-r1.ebuild b/net-voip/mumble/mumble-1.4.274-r1.ebuild
169 index 7780adddc12b..b8308735543a 100644
170 --- a/net-voip/mumble/mumble-1.4.274-r1.ebuild
171 +++ b/net-voip/mumble/mumble-1.4.274-r1.ebuild
172 @@ -25,6 +25,7 @@ else
173 fi
174
175 SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-openssl3.patch.xz"
176 +SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-crypto-threads.patch.xz"
177 SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-odr.patch.xz"
178
179 LICENSE="BSD MIT"
180 @@ -74,7 +75,7 @@ BDEPEND="
181
182 PATCHES=(
183 "${WORKDIR}/${PN}-1.4-openssl3.patch"
184 - "${FILESDIR}/${PN}-1.4-crypto-threads.patch"
185 + "${WORKDIR}/${PN}-1.4-crypto-threads.patch"
186 "${WORKDIR}/${PN}-1.4-odr.patch"
187 )
Report Message
Find on MARC Find on Google Groups