net-voip/mumble: move crypto threads patch to dev space

This patch is also shared with net-voip/murmur.

Signed-off-by: Kenton Groombridge <concord@gentoo.org>

3 files changed, 3 insertions, 132 deletions

diff --git a/net-voip/mumble/Manifest b/net-voip/mumble/Manifest
index 6adcf87553bb..ba7d6f1036de 100644
--- a/net-voip/mumble/Manifest
+++ b/net-voip/mumble/Manifest
@@ -1,4 +1,5 @@
 DIST mumble-1.3.4.tar.gz 8592741 BLAKE2B bcde3fd859ec4faea06f996cd4c583af7c0b8409cca79cb05ef8ba7fcdeac9e49ed1d07a4131225dd582da7610190d4006abc731fd4276b2288e02e8c18effb6 SHA512 e2dde5aad30d1a931e7acd8d7db0b8c785d3a268d0b8cf5626fa03953a51bcadb719c6682c440d02524e83beee13d73d8f5bb3fdf98ab1c82d3ecf824cc25f68
+DIST mumble-1.4-crypto-threads.patch.xz 1472 BLAKE2B 18f64d7b63a5ac253792e31fe272870a8e6a8bec542c163c6f63e9c80157329ce07e3d8753aa4c29429980903207c457c6488ff81d7dffcc48426a022a8d1767 SHA512 981db1f7d877fa9ab92875449486074c31ea269a48db49cafa9e37380dfb1140d7d4a225765d2f5333b27aa2d271427287ac5c7d32a525eded455d734aca7d8b
 DIST mumble-1.4-odr.patch.xz 1088 BLAKE2B 48a7b04ef31f7d0f4cc7e5632ba8f328e5a7fa6961cd971b66a761366351a9a99e3cecce911c90701688083e03f2b63e6838083a8ab669f86fe0fecf23a8596d SHA512 600807cbd893f585c621e7267ee16e2828428fff17aa7eb36b8595164356ef73be2765a41ff9cd7c549c11a63abbf593b0172e56e07571e1c0a3c86fd14e5f15
 DIST mumble-1.4-openssl3.patch.xz 4172 BLAKE2B 5b68f023e218628a4d73b0991dcc7790ce5f92ce6a27c372c5e80b1f3a8beafa3ddd6416b884705b321aee31ea4f5e09dda6ceb240272dde64f420fbeb06845a SHA512 3a4e504f3365e93418cb85d0da4e6f2f54ab904283743907604bb39276560a4215d9bea1b225601789d1c3d84d270c04840ec57cd04e3df1204cc586ea42562a
 DIST mumble-1.4.274.tar.gz 9446657 BLAKE2B db1909eaab0bd1fca1f65023ff695c753af7721032305ad0c2da8246cfd91f0ed097fe0dc3b6e09c96a78f1b9df671847e1c48f3f24ac58b477148b91e24e660 SHA512 6a585b75db966c45783eab9097dc93d597ef1b718a3b7b9cf544f92c94d4305c2cac6c959931ade62d5d104a89cb41e7ca44347d49ec170687fc92d2e8b718a2
diff --git a/net-voip/mumble/files/mumble-1.4-crypto-threads.patch b/net-voip/mumble/files/mumble-1.4-crypto-threads.patch
deleted file mode 100644
index 0ad371cd6c63..000000000000
--- a/net-voip/mumble/files/mumble-1.4-crypto-threads.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-commit f8d47db318f302f5a7d343f15c9936c7030c49c4
-Author: Terry Geng <terry@terriex.com>
-Date:   Sun Dec 12 22:39:38 2021 -0500
-
-    FIX(crypto): Sharing EVP context between threads crushes Mumble
-    
-    Functions ocb_encrypt and ocb_decrypt share the same set
-    of encrypt and decrypt contexts. However, they are invoked
-    in different threads (audio input thread and server
-    handler thread).
-    This may lead to conflicts that would crash Mumble.
-    This patch separates contexts used in these two functions
-    to avoid such conflicts.
-    
-    Fixes #5361
-
-diff --git a/src/crypto/CryptStateOCB2.cpp b/src/crypto/CryptStateOCB2.cpp
-index 640fdedac..3b3473ffe 100644
---- a/src/crypto/CryptStateOCB2.cpp
-+++ b/src/crypto/CryptStateOCB2.cpp
-@@ -30,7 +30,9 @@
- #include <cstring>
- #include <openssl/rand.h>
- 
--CryptStateOCB2::CryptStateOCB2() : CryptState(), enc_ctx(EVP_CIPHER_CTX_new()), dec_ctx(EVP_CIPHER_CTX_new()) {
-+CryptStateOCB2::CryptStateOCB2()
-+	: CryptState(), enc_ctx_ocb_enc(EVP_CIPHER_CTX_new()), dec_ctx_ocb_enc(EVP_CIPHER_CTX_new()),
-+	  enc_ctx_ocb_dec(EVP_CIPHER_CTX_new()), dec_ctx_ocb_dec(EVP_CIPHER_CTX_new()) {
- 	for (int i = 0; i < 0x100; i++)
- 		decrypt_history[i] = 0;
- 	memset(raw_key, 0, AES_KEY_SIZE_BYTES);
-@@ -39,8 +41,10 @@ CryptStateOCB2::CryptStateOCB2() : CryptState(), enc_ctx(EVP_CIPHER_CTX_new()),
- }
- 
- CryptStateOCB2::~CryptStateOCB2() noexcept {
--	EVP_CIPHER_CTX_free(enc_ctx);
--	EVP_CIPHER_CTX_free(dec_ctx);
-+	EVP_CIPHER_CTX_free(enc_ctx_ocb_enc);
-+	EVP_CIPHER_CTX_free(dec_ctx_ocb_enc);
-+	EVP_CIPHER_CTX_free(enc_ctx_ocb_dec);
-+	EVP_CIPHER_CTX_free(dec_ctx_ocb_dec);
- }
- 
- bool CryptStateOCB2::isValid() const {
-@@ -257,25 +261,28 @@ static void inline ZERO(keyblock &block) {
- 		block[i] = 0;
- }
- 
--#define AESencrypt(src, dst, key)                                                                 \
--	{                                                                                             \
--		int outlen = 0;                                                                           \
--		EVP_EncryptInit_ex(enc_ctx, EVP_aes_128_ecb(), NULL, key, NULL);                          \
--		EVP_CIPHER_CTX_set_padding(enc_ctx, 0);                                                   \
--		EVP_EncryptUpdate(enc_ctx, reinterpret_cast< unsigned char * >(dst), &outlen,             \
--						  reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE);        \
--		EVP_EncryptFinal_ex(enc_ctx, reinterpret_cast< unsigned char * >(dst + outlen), &outlen); \
-+#define AESencrypt_ctx(src, dst, key, enc_ctx)                                                      \
-+	{                                                                                               \
-+		int outlen = 0;                                                                             \
-+		EVP_EncryptInit_ex(enc_ctx, EVP_aes_128_ecb(), NULL, key, NULL);                            \
-+		EVP_CIPHER_CTX_set_padding(enc_ctx, 0);                                                     \
-+		EVP_EncryptUpdate(enc_ctx, reinterpret_cast< unsigned char * >(dst), &outlen,               \
-+						  reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE);          \
-+		EVP_EncryptFinal_ex(enc_ctx, reinterpret_cast< unsigned char * >((dst) + outlen), &outlen); \
- 	}
--#define AESdecrypt(src, dst, key)                                                                 \
--	{                                                                                             \
--		int outlen = 0;                                                                           \
--		EVP_DecryptInit_ex(dec_ctx, EVP_aes_128_ecb(), NULL, key, NULL);                          \
--		EVP_CIPHER_CTX_set_padding(dec_ctx, 0);                                                   \
--		EVP_DecryptUpdate(dec_ctx, reinterpret_cast< unsigned char * >(dst), &outlen,             \
--						  reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE);        \
--		EVP_DecryptFinal_ex(dec_ctx, reinterpret_cast< unsigned char * >(dst + outlen), &outlen); \
-+#define AESdecrypt_ctx(src, dst, key, dec_ctx)                                                      \
-+	{                                                                                               \
-+		int outlen = 0;                                                                             \
-+		EVP_DecryptInit_ex(dec_ctx, EVP_aes_128_ecb(), NULL, key, NULL);                            \
-+		EVP_CIPHER_CTX_set_padding(dec_ctx, 0);                                                     \
-+		EVP_DecryptUpdate(dec_ctx, reinterpret_cast< unsigned char * >(dst), &outlen,               \
-+						  reinterpret_cast< const unsigned char * >(src), AES_BLOCK_SIZE);          \
-+		EVP_DecryptFinal_ex(dec_ctx, reinterpret_cast< unsigned char * >((dst) + outlen), &outlen); \
- 	}
- 
-+#define AESencrypt(src, dst, key) AESencrypt_ctx(src, dst, key, enc_ctx_ocb_enc)
-+#define AESdecrypt(src, dst, key) AESdecrypt_ctx(src, dst, key, dec_ctx_ocb_enc)
-+
- bool CryptStateOCB2::ocb_encrypt(const unsigned char *plain, unsigned char *encrypted, unsigned int len,
- 								 const unsigned char *nonce, unsigned char *tag, bool modifyPlainOnXEXStarAttack) {
- 	keyblock checksum, delta, tmp, pad;
-@@ -345,6 +352,12 @@ bool CryptStateOCB2::ocb_encrypt(const unsigned char *plain, unsigned char *encr
- 	return success;
- }
- 
-+#undef AESencrypt
-+#undef AESdecrypt
-+
-+#define AESencrypt(src, dst, key) AESencrypt_ctx(src, dst, key, enc_ctx_ocb_dec)
-+#define AESdecrypt(src, dst, key) AESdecrypt_ctx(src, dst, key, dec_ctx_ocb_dec)
-+
- bool CryptStateOCB2::ocb_decrypt(const unsigned char *encrypted, unsigned char *plain, unsigned int len,
- 								 const unsigned char *nonce, unsigned char *tag) {
- 	keyblock checksum, delta, tmp, pad;
-@@ -392,9 +405,9 @@ bool CryptStateOCB2::ocb_decrypt(const unsigned char *encrypted, unsigned char *
- 	return success;
- }
- 
-+#undef AESencrypt
-+#undef AESdecrypt
- #undef BLOCKSIZE
- #undef SHIFTBITS
- #undef SWAPPED
- #undef HIGHBIT
--#undef AESencrypt
--#undef AESdecrypt
-diff --git a/src/crypto/CryptStateOCB2.h b/src/crypto/CryptStateOCB2.h
-index cc3f1c0bc..0fd3000ad 100644
---- a/src/crypto/CryptStateOCB2.h
-+++ b/src/crypto/CryptStateOCB2.h
-@@ -44,8 +44,10 @@ private:
- 	unsigned char decrypt_iv[AES_BLOCK_SIZE];
- 	unsigned char decrypt_history[0x100];
- 
--	EVP_CIPHER_CTX *enc_ctx;
--	EVP_CIPHER_CTX *dec_ctx;
-+	EVP_CIPHER_CTX *enc_ctx_ocb_enc;
-+	EVP_CIPHER_CTX *dec_ctx_ocb_enc;
-+	EVP_CIPHER_CTX *enc_ctx_ocb_dec;
-+	EVP_CIPHER_CTX *dec_ctx_ocb_dec;
- };
- 
- 
diff --git a/net-voip/mumble/mumble-1.4.274-r1.ebuild b/net-voip/mumble/mumble-1.4.274-r1.ebuild
index 7780adddc12b..b8308735543a 100644
--- a/net-voip/mumble/mumble-1.4.274-r1.ebuild
+++ b/net-voip/mumble/mumble-1.4.274-r1.ebuild
@@ -25,6 +25,7 @@ else
 fi
 
 SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-openssl3.patch.xz"
+SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-crypto-threads.patch.xz"
 SRC_URI+=" https://dev.gentoo.org/~concord/distfiles/${PN}-1.4-odr.patch.xz"
 
 LICENSE="BSD MIT"
@@ -74,7 +75,7 @@ BDEPEND="
 
 PATCHES=(
 	"${WORKDIR}/${PN}-1.4-openssl3.patch"
-	"${FILESDIR}/${PN}-1.4-crypto-threads.patch"
+	"${WORKDIR}/${PN}-1.4-crypto-threads.patch"
 	"${WORKDIR}/${PN}-1.4-odr.patch"
 )