gentoo auto-resync : 13:07:2022 - 13:36:46

author: V3n3RiX <venerix@koprulu.sector> 2022-07-13 13:36:46 +0100
committer: V3n3RiX <venerix@koprulu.sector> 2022-07-13 13:36:46 +0100
commit: 7b02e37a04e4051a91a109814d386711f41f9a4b (patch)
tree: d0689f14f1d1df3a6a2525512a6812b146064a9e /net-libs
parent: 5c0c70d5917e66743293789a6d6fd7d72250eb32 (diff)
15 files changed, 58 insertions, 944 deletions
diff --git a/net-libs/Manifest.gz b/net-libs/Manifest.gz
index f77ba78ebca3..678c68fec6b7 100644
--- a/net-libs/Manifest.gz
+++ b/net-libs/Manifest.gz
diff --git a/net-libs/libad9361-iio/Manifest b/net-libs/libad9361-iio/Manifest
index 13b3c65712cf..d2b0267d167e 100644
--- a/net-libs/libad9361-iio/Manifest
+++ b/net-libs/libad9361-iio/Manifest
@@ -2,7 +2,7 @@ AUX libad9361-iio-0.2-cmake-gnuinstalldirs.patch 1815 BLAKE2B b6836af3ce9f1bf3d8
 AUX libad9361-iio-0.2-fix-lld-tests.patch 2089 BLAKE2B fb462846e61b94e9b1a0aaa444c24fbdec12c12d19761dac402b70914ed7b88ed0821015d2d9bf6a6eef8b860b40642727649597f74af2a4d6a4cb18b5ffd8fc SHA512 6d79873358441229e024b99c722138bd76f8a228d5aad79432c212be88b6bfc3e662fa63ccce355ac4ea1e732f20d3c51ded1fbf51785f68e57eea6668ef32b1
 AUX libad9361-iio-0.2-libdir-pkgconfig.patch 513 BLAKE2B 77291cea5d1dfa99646673881b5c7acf248928103476605946aa4decc09bc87aaf210378bea2846cd1ab1b8717ed54baa8c1028c0223b53a28b86a06021fe2e2 SHA512 9d161de025db149ad27b6e6ce6b9b1a7b4f4c6293b3936a2f8bb004bcdc70e88680d781c76e882cd2d1b2afcecd0b3624e45e8864f2b45bb19b20bc3f80dacb1
 DIST libad9361-iio-0.2.tar.gz 167678 BLAKE2B 9880114bc53f3d4975dbe0773f8d112e40b0df47e34985bdc68c5b6740aee2c140ced39353929a793c2b327b5811461436ceb2934c2a71fc7b92b218092d468d SHA512 f95fa955531198ab33c16d41685d23140e875b2eafa1da10cdf60a7bf1ae760e86e2d3d28c9ab36a3a7b7a90e36bb53456dec1d6e537a1574a5505b7595e764c
-EBUILD libad9361-iio-0.2-r1.ebuild 758 BLAKE2B d81208c182f607eee214db6105ba729fdcfa9bf3dd7d5df44986ee7592732498fed33e10e6ad34f44ffab2349233a38b2b6ddcc2b3a946e190b87f13c6c98272 SHA512 7b1dfa6f5520e84dc6dacc02baeb2be2aee6a115f1c794a6cbc41b2938c55679508cc1742f7da57ac0306e0d264dfc3d8d9a8a578870dc3d1d9da53e235e3410
+EBUILD libad9361-iio-0.2-r1.ebuild 763 BLAKE2B 9fbbe38e6efba6f01640b339a6d6e08a5695bd6c1ffffefd970057b5b989fd988607071166f8759109f7c71527b3fe404e38c0b025016f9bbfb78d5184c54656 SHA512 ebc2dd5a8882762d7308f740b6cd690b4ace1e496f646ef490381973d0f1c598e87115ae0e5a5be9b4d7c6a0ae2b6d4aa23c83a91c43e7f4872b23d42e9b0eef
 EBUILD libad9361-iio-0.2.ebuild 826 BLAKE2B 832a9a9aced0c02089ef6394db31edddee0a70e0f384012c668e63926a0e4b9f197f6376c62ee45f1600d582daaa433860050530bf3fa06069ec14e917dbeedc SHA512 60b37610799f64713e44eacd6e2f459cdbe5af370404c4525b72859c62c88e3fbd79ec7e0226fb9980bd3705af2cc07901da233e8bd5109364bb9613607a3620
 EBUILD libad9361-iio-9999.ebuild 758 BLAKE2B d81208c182f607eee214db6105ba729fdcfa9bf3dd7d5df44986ee7592732498fed33e10e6ad34f44ffab2349233a38b2b6ddcc2b3a946e190b87f13c6c98272 SHA512 7b1dfa6f5520e84dc6dacc02baeb2be2aee6a115f1c794a6cbc41b2938c55679508cc1742f7da57ac0306e0d264dfc3d8d9a8a578870dc3d1d9da53e235e3410
 MISC metadata.xml 442 BLAKE2B 4aaee897fc8e0ec7c1081c20bcee1470aaeebd3f14252177861cbaff053a29c4b4b6a5476015252d8a75e8dd191d45e3c3c6f0cd6a08f41d3374831f3c392ac0 SHA512 b8e19d2f3382733f2756c406a7f08635956973c32cd8ec400bed18445dffb51d0595c09040de74bf907d32f6119976326b4ba914d29e74e65a9bc7eb1d3016cc
diff --git a/net-libs/libad9361-iio/libad9361-iio-0.2-r1.ebuild b/net-libs/libad9361-iio/libad9361-iio-0.2-r1.ebuild
index 596e74764626..830e26abd214 100644
--- a/net-libs/libad9361-iio/libad9361-iio-0.2-r1.ebuild
+++ b/net-libs/libad9361-iio/libad9361-iio-0.2-r1.ebuild
@@ -12,7 +12,7 @@ if [[ ${PV} == 9999 ]]; then
 	inherit git-r3
 else
 	SRC_URI="https://github.com/analogdevicesinc/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-	KEYWORDS="~amd64 ~riscv ~x86"
+	KEYWORDS="~amd64 ~arm ~riscv ~x86"
 fi
 
 LICENSE="LGPL-2.1"
diff --git a/net-libs/libiio/Manifest b/net-libs/libiio/Manifest
index b824434090db..cb29191703f0 100644
--- a/net-libs/libiio/Manifest
+++ b/net-libs/libiio/Manifest
@@ -1,4 +1,4 @@
 DIST libiio-0.21.tar.gz 446893 BLAKE2B 02b6af8e78ab95fa68b146808c58dd012846837646bb0e7e60af890c0e867ed9bb798596e6ff773d6da9efa2750859d23a0f83d874510273ef1d1db8f9424bcb SHA512 5bbacd6a1141654f4825f00c1c2b27223e6cc324c80d7bcbb49e29997a83d585e45c0c52331ca10ee881c2f340b535984c3d667b61d8377a77e5c0f5cb1d2dc0
-EBUILD libiio-0.21.ebuild 653 BLAKE2B 31569ca18d0e4679192e7071bb40178e7158ba274830bbb29ed1695deaa83165c2f26ecebff525bd42776d220698913444fc3726fa340516a434ba38c190bb30 SHA512 4f82109a4a73fb4457f33693dcd2f6743b35d877ba18c6f3e7ee81b5da943731378529c2dac7eded098d7d95150650cb18441e383c615e268c50d6298553a0e1
+EBUILD libiio-0.21.ebuild 658 BLAKE2B 980a3c5b1a33871eaa52cd08fa0ca793d7ca0126dfe18cd3b7a3b1c6d846a0c2937bd759e0cc2366c93393219c6e785fbfc0dae7c0a004bb86535ed9228027f0 SHA512 25b6c8dd1fafde201d0c8f5dad5c8ff51e3dba8b4f299a8065eef4a55a790df00c69d237eccdcd6d6fe9c01fae411835002ba5864e8f6b514532fe655cc583dc
 EBUILD libiio-9999.ebuild 646 BLAKE2B f0aab4ca851902093054483125caa8eb716837fa79068db1d161bb0c25452b31cb87b1309481c485bdb33796b24894a62985e6a2a44d950927304fe61a7bb63a SHA512 b5e15bcacc13feea24df1b35f288eb44a204c707ba321faac6a7ce13173e7e792a69c3698e3e941996e50c845cfcaa432dd76f407a4c5b093def967122c7d829
 MISC metadata.xml 507 BLAKE2B 505f5ab82f68dd736cfc6ee3433576894fcaa76cbce1c37e98973150fbd8e99026f6da3fe9c5a91626c61b2c1c9a7d85180a16ca822e5f0d0984902957eb5d7e SHA512 f7c7fd7619c757d20eb2255e6b5b2ccf1ae21e7b5fd1ce55210528d009fa8d516656bef0f7ef4ad7e99ed4cab26febfb4421b53de92a8203496558c6963eb6c8
diff --git a/net-libs/libiio/libiio-0.21.ebuild b/net-libs/libiio/libiio-0.21.ebuild
index bd8c312d30af..9e0145ed05ba 100644
--- a/net-libs/libiio/libiio-0.21.ebuild
+++ b/net-libs/libiio/libiio-0.21.ebuild
@@ -12,7 +12,7 @@ if [ "${PV}" = "9999" ]; then
 	inherit git-r3
 else
 	SRC_URI="https://github.com/analogdevicesinc/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-	KEYWORDS="~amd64 ~riscv ~x86"
+	KEYWORDS="~amd64 ~arm ~riscv ~x86"
 fi
 
 LICENSE="LGPL-2.1"
diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest
index a4f7310abc92..cc7173dec389 100644
--- a/net-libs/pjproject/Manifest
+++ b/net-libs/pjproject/Manifest
@@ -1,13 +1,5 @@
-AUX pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch 4724 BLAKE2B a098969ca78f538848a6616d6168dc74dc4d6c09f348e0e6436089341827346f52c3feb43a4de13453df940cad65b02f650c9e3cdfae4b449da0a5140e0fda54 SHA512 49846fd649f664ce29098800d4f9acee95ac4c06ff5499495b5bcc78269a33e9e66e9df126755aba9c48481c3a87040ff0a6bf1e4fc64bdf0492c55d428978f0
-AUX pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch 1564 BLAKE2B 30f7af19ae18c071b62e31a6a049e4e67f7b391a65ab52ef8d5270ef504a4057b35679c580ba056c9b1b3e5813fde5ccc8ca863bead4f62156e39f8c2947e4d2 SHA512 9fb5b8961e7c69cf8a902eaa28cb2147faf8f0809467911454758b793832831240992a3c27ecb722a4ea066df909c0cf12b4b1bf139037f647828eb4cc16fee0
-AUX pjproject-2.10-CVE-2021-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch 10321 BLAKE2B 6e69e2476439d2f6ca97cd94376d3ffe924840289abe49bf33ecc10c1b67d33457e4231a47851b1e749600f3d7b4a4980b1e5bada06bfc1df5334f6a51b0e8f1 SHA512 58faf870bae4ec94cfc78ca9397e476b7db26c69bb4de5dd6bdaa63f6a8cca95438a182661b485afb04872899c41a8f8ff72c5cfbad35c41cbdc5e9831813c4a
-AUX pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch 3929 BLAKE2B fc7e12b7e8e9ff35556aa153496c2f7decd13bc78493d8c6f24449f063fe9c76b1772f6dc2b6cfc279c9731cc08735b27cd990ac6c4648c18e7f08c2c9fc3810 SHA512 e230041cff87d97947ad8caeb80c4858b8a1d435251d79b281fc0035da04aab549d1d5dc085681d98410da7e37359bb2ed721d132b321cce9a7326e4ff52c40f
 AUX pjproject-2.12.1-CVE-2022-31031.patch 1408 BLAKE2B 7a541dc0e0e9508374084121a81e258a19d4e050232c47cc5be67b8115da0fffb96de6e17a311a53e137ed5313109b2ac9513ff85bb17f3ecf7e066160c9019f SHA512 c6bb01cb3a50399075b264be7fb5f20f58c269cf6a71082e76865eda6393d6f546ddf4e09367e354db90b5064ea9ffd61e1783ad988e222eaccb523d90cda16b
-AUX pjproject-2.9-config_site.h 2168 BLAKE2B 39d526e7a2ca79ea2c1e453d95d420a6245e7a93641227a908660fea553a8b66d5dfb6b7108b49dc0686de6522c2485b72a6e7511096cbfe50bdb2800d559e6f SHA512 d6456b7fa36b3256613eea515b78f0884fa6b56705817cd421a962f3c3302bf0efa69006432dffca49400ef75dc99ebc7639d270aebe5bc2d4a9a9515cc56408
-AUX pjproject-2.9-ssl-enable.patch 3515 BLAKE2B d68479ba509513828d8488b60358ba00651c87d0b39b9bc800fe0d38294f2afad43fd7f4ee5c260bd62044d17b010112c59363277739f4ae7d20940943437539 SHA512 5fd3e681801e6e2cd56ec177d71a65422ec22b788adfad3920562616c737188f71097a545d9c59bd6a3d876ba143f90f731d165d8c68da25aa93b03c009753e8
-DIST pjproject-2.10.tar.gz 8768705 BLAKE2B 42d70867e2e0474313426f1e188586d203d6165c28a133a62dedacd2deb2899215212824d9402a48fcc66bb08a17b796d3625e1d51a8aedc9aa4b3a3bf1cb8fa SHA512 a67f083df175b536b4e6a7b7fe39e07d3ee805d6917ec64a50694542a7455c33a100889191044ab3fa679b6656774a6be045621aa53510b5f04cdde9ddd59893
+AUX pjproject-2.12.1-config_site.h 3213 BLAKE2B f7e4d26e83591071b8527417a0a2cf4970efff6789bff22df643ce5c350d249973cf830266a6710b3000d46c3638fe5000008efb1fea8fa6d83521cf109fcc21 SHA512 058dbe06adee83f3e288950af8776012e07181aec969f7d0a6104b63f7b3168d4db4a8e18c7f6170b12ec51ce22d4fe0074fd000682bc71a9251937b77f6ea51
 DIST pjproject-2.12.1.tar.gz 9660659 BLAKE2B d893f22d995c9570e4003f80adf15144cf39e09d5843a88e3a616a529a91164ec7b012ea66ede8d55bfe4ec0dc4eca7d230f07fc66f06dfafaea9d5ff72910fa SHA512 9087456024b8886e56660cebc45c7093b3b91cd6b08a3926fa2c0de452989ac84ceb4e27413c0311bde95f271341ee44d9681f81f83602a4e16151f1831d773b
-EBUILD pjproject-2.10-r1.ebuild 3339 BLAKE2B 7bdb4fd1731d2a32750b73970f06c70188309227b727f50f13819e435adcb897f42bb9408c0ef5c151a12dd6954a01205740b11aea657cb53ead6112a9c9036a SHA512 6b7f60dd30b96d600197d4ed5d1d3002df152c0101c359c644a45787ed7112dc1667065d96ab8001ffa1f8c9de0e8d505be9040aca3cd188b7cb155fa0caeb54
-EBUILD pjproject-2.10-r2.ebuild 3423 BLAKE2B 0e58af6dfdd8428c17fb46a02e80b2d88a8bf63ce56ad7c436790871ef0926994ac8040650a2f3dbf08f7c3d39a1ad50dcae3e39f10e4fd75964b1c0ecfe927d SHA512 3f7113dadd6d693b44b98148bdd2f78a41a55c108511da2f2316275d7f613225b8c6bf01ae6a8feab273e07bbfa74da9ea4e2824629d129bdd5fd23680636702
-EBUILD pjproject-2.12.1.ebuild 3158 BLAKE2B a99c10f66f5b1a3575a7d162a8344afdb9c34ab36fe760aad584311a05905ef22e69c184709c1324fd5c84088ab81ccac18e71b716fb36731128561967a44d5e SHA512 297000bbea349b45c8639f1bbd726a37d9be262c3674190f65f817a0b43ff60d7054e43a19d61469ac865e6ebeae4ac26189be69aacdc32608a215da2689d763
+EBUILD pjproject-2.12.1-r1.ebuild 3767 BLAKE2B 43aee564ff729068b542290f2f0621a90f8eebec6d13769b825531d558d43ccfb881f0e989396e642d10c74a9d2b47c1668477a060c120a81cac366c92f47f83 SHA512 024175f3809a76dbcfca5df3dec3faae837019ff627f5befab035ba99950514ab506b4be7f95c6d1d28bc3741a3e62a0cd4ee864e17aa354c489e1b679b972bc
 MISC metadata.xml 1379 BLAKE2B f3506d3ae96c52e71f9c1a9bf455134094b3d13152e5ef25cb8fada275aa5fc876f6fcb058bafe2cd12a0fcb4462929ea97e2ba4e98953eed75cbbd3f39497a6 SHA512 22fe7d0284fba79bb1f69d15f2ccbcab8b95cc2f4b9151d2b1721b85c760e22dcdbb511eff52263dcb331bef686ed88695b71d78b2d94beaed8429e11322994d
diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch
deleted file mode 100644
index 0d7df686a157..000000000000
--- a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch
+++ /dev/null
@@ -1,125 +0,0 @@
-From 67e46c1ac45ad784db5b9080f5ed8b133c122872 Mon Sep 17 00:00:00 2001
-From: sauwming <ming@teluu.com>
-Date: Mon, 8 Mar 2021 17:39:36 +0800
-Subject: [PATCH] Merge pull request from GHSA-8hcp-hm38-mfph
-
-* Check hostname during TLS transport selection
-
-* revision based on feedback
-
-* remove the code in create_request that has been moved
----
- pjsip/include/pjsip/sip_dialog.h |  1 +
- pjsip/src/pjsip/sip_dialog.c     | 15 +++++++++++++++
- pjsip/src/pjsip/sip_transport.c  | 13 +++++++++++++
- pjsip/src/pjsip/sip_util.c       | 11 ++++++++---
- 4 files changed, 37 insertions(+), 3 deletions(-)
-
-diff --git a/pjsip/include/pjsip/sip_dialog.h b/pjsip/include/pjsip/sip_dialog.h
-index a0214d28c..e314c2ece 100644
---- a/pjsip/include/pjsip/sip_dialog.h
-+++ b/pjsip/include/pjsip/sip_dialog.h
-@@ -165,6 +165,7 @@ struct pjsip_dialog
-     pjsip_route_hdr	route_set;  /**< Route set.			    */
-     pj_bool_t		route_set_frozen; /**< Route set has been set.	    */
-     pjsip_auth_clt_sess	auth_sess;  /**< Client authentication session.	    */
-+    pj_str_t		initial_dest;/**< Initial destination host.  	    */
- 
-     /** Session counter. */
-     int			sess_count; /**< Number of sessions.		    */
-diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c
-index 27530e4f2..9571b5a35 100644
---- a/pjsip/src/pjsip/sip_dialog.c
-+++ b/pjsip/src/pjsip/sip_dialog.c
-@@ -467,6 +467,10 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua,
- 
-     /* Save the remote info. */
-     pj_strdup(dlg->pool, &dlg->remote.info_str, &tmp);
-+    
-+    /* Save initial destination host from transport's info */
-+    pj_strdup(dlg->pool, &dlg->initial_dest,
-+    	      &rdata->tp_info.transport->remote_name.host);
- 
- 
-     /* Init remote's contact from Contact header.
-@@ -1192,6 +1196,12 @@ static pj_status_t dlg_create_request_throw( pjsip_dialog *dlg,
- 	    return status;
-     }
- 
-+    /* Copy the initial destination host to tdata. This information can be
-+     * used later by transport for transport selection.
-+     */
-+    if (dlg->initial_dest.slen)
-+    	pj_strdup(tdata->pool, &tdata->dest_info.name, &dlg->initial_dest);
-+
-     /* Done. */
-     *p_tdata = tdata;
- 
-@@ -1822,6 +1832,11 @@ static void dlg_update_routeset(pjsip_dialog *dlg, const pjsip_rx_data *rdata)
-      * transaction as the initial transaction that establishes dialog.
-      */
-     if (dlg->role == PJSIP_ROLE_UAC) {
-+    	/* Save initial destination host from transport's info. */
-+    	if (!dlg->initial_dest.slen) {
-+    	    pj_strdup(dlg->pool, &dlg->initial_dest,
-+    	      	      &rdata->tp_info.transport->remote_name.host);
-+    	}
- 
- 	/* Ignore subsequent request from remote */
- 	if (msg->type != PJSIP_RESPONSE_MSG)
-diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
-index bef6d24fe..177274b08 100644
---- a/pjsip/src/pjsip/sip_transport.c
-+++ b/pjsip/src/pjsip/sip_transport.c
-@@ -2335,6 +2335,19 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
- 		    if (!tp_iter->tp->is_shutdown &&
- 			!tp_iter->tp->is_destroying)
- 		    {
-+			if ((type & PJSIP_TRANSPORT_SECURE) && tdata) {
-+			    /* For secure transport, make sure tdata's
-+			     * destination host matches the transport's
-+			     * remote host.
-+			     */
-+			    if (pj_stricmp(&tdata->dest_info.name,
-+				  	   &tp_iter->tp->remote_name.host))
-+			    {
-+			    	tp_iter = tp_iter->next;
-+			    	continue;
-+			    }
-+			}
-+
- 			if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER &&
- 			    sel->u.listener)
- 			{
-diff --git a/pjsip/src/pjsip/sip_util.c b/pjsip/src/pjsip/sip_util.c
-index a1bf878ea..cf916805d 100644
---- a/pjsip/src/pjsip/sip_util.c
-+++ b/pjsip/src/pjsip/sip_util.c
-@@ -1417,7 +1417,10 @@ PJ_DEF(pj_status_t) pjsip_endpt_send_request_stateless(pjsip_endpoint *endpt,
-      */
-     if (tdata->dest_info.addr.count == 0) {
- 	/* Copy the destination host name to TX data */
--	pj_strdup(tdata->pool, &tdata->dest_info.name, &dest_info.addr.host);
-+	if (!tdata->dest_info.name.slen) {
-+	    pj_strdup(tdata->pool, &tdata->dest_info.name,
-+	    	      &dest_info.addr.host);
-+	}
- 
- 	pjsip_endpt_resolve( endpt, tdata->pool, &dest_info, stateless_data,
- 			     &stateless_send_resolver_callback);
-@@ -1810,8 +1813,10 @@ PJ_DEF(pj_status_t) pjsip_endpt_send_response( pjsip_endpoint *endpt,
- 	}
-     } else {
- 	/* Copy the destination host name to TX data */
--	pj_strdup(tdata->pool, &tdata->dest_info.name, 
--		  &res_addr->dst_host.addr.host);
-+	if (!tdata->dest_info.name.slen) {
-+	    pj_strdup(tdata->pool, &tdata->dest_info.name, 
-+		      &res_addr->dst_host.addr.host);
-+	}
- 
- 	pjsip_endpt_resolve(endpt, tdata->pool, &res_addr->dst_host, 
- 			    send_state, &send_response_resolver_cb);
--- 
-2.26.2
-
diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch
deleted file mode 100644
index 9dc9016e491a..000000000000
--- a/net-libs/pjproject/files/pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 97b3d7addbaa720b7ddb0af9bf6f3e443e664365 Mon Sep 17 00:00:00 2001
-From: Nanang Izzuddin <nanang@teluu.com>
-Date: Mon, 8 Mar 2021 16:09:34 +0700
-Subject: [PATCH] Merge pull request from GHSA-hvq6-f89p-frvp
-
----
- pjmedia/src/pjmedia/sdp_neg.c | 14 ++++++++++++--
- 1 file changed, 12 insertions(+), 2 deletions(-)
-
-diff --git a/pjmedia/src/pjmedia/sdp_neg.c b/pjmedia/src/pjmedia/sdp_neg.c
-index f4838f75d..9f76b5200 100644
---- a/pjmedia/src/pjmedia/sdp_neg.c
-+++ b/pjmedia/src/pjmedia/sdp_neg.c
-@@ -304,7 +304,6 @@ PJ_DEF(pj_status_t) pjmedia_sdp_neg_modify_local_offer2(
- {
-     pjmedia_sdp_session *new_offer;
-     pjmedia_sdp_session *old_offer;
--    char media_used[PJMEDIA_MAX_SDP_MEDIA];
-     unsigned oi; /* old offer media index */
-     pj_status_t status;
- 
-@@ -323,8 +322,19 @@ PJ_DEF(pj_status_t) pjmedia_sdp_neg_modify_local_offer2(
-     /* Change state to STATE_LOCAL_OFFER */
-     neg->state = PJMEDIA_SDP_NEG_STATE_LOCAL_OFFER;
- 
-+    /* When there is no active local SDP in state PJMEDIA_SDP_NEG_STATE_DONE,
-+     * it means that the previous initial SDP nego must have been failed,
-+     * so we'll just set the local SDP offer here.
-+     */
-+    if (!neg->active_local_sdp) {
-+	neg->initial_sdp_tmp = NULL;
-+	neg->initial_sdp = pjmedia_sdp_session_clone(pool, local);
-+	neg->neg_local_sdp = pjmedia_sdp_session_clone(pool, local);
-+
-+	return PJ_SUCCESS;
-+    }
-+
-     /* Init vars */
--    pj_bzero(media_used, sizeof(media_used));
-     old_offer = neg->active_local_sdp;
-     new_offer = pjmedia_sdp_session_clone(pool, local);
- 
--- 
-2.26.2
-
diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2021-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2021-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch
deleted file mode 100644
index ba31cf19eda7..000000000000
--- a/net-libs/pjproject/files/pjproject-2.10-CVE-2021-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch
+++ /dev/null
@@ -1,289 +0,0 @@
-From d5f95aa066f878b0aef6a64e60b61e8626e664cd Mon Sep 17 00:00:00 2001
-From: Nanang Izzuddin <nanang@teluu.com>
-Date: Fri, 23 Jul 2021 10:49:21 +0700
-Subject: [PATCH] Merge pull request from GHSA-cv8x-p47p-99wr
-
-* - Avoid SSL socket parent/listener getting destroyed during handshake by increasing parent's reference count.
-- Add missing SSL socket close when the newly accepted SSL socket is discarded in SIP TLS transport.
-
-* - Fix silly mistake: accepted active socket created without group lock in SSL socket.
-- Replace assertion with normal validation check of SSL socket instance in OpenSSL verification callback (verify_cb()) to avoid crash, e.g: if somehow race condition with SSL socket destroy happens or OpenSSL application data index somehow gets corrupted.
----
- pjlib/src/pj/ssl_sock_imp_common.c  | 47 +++++++++++++++++++++--------
- pjlib/src/pj/ssl_sock_ossl.c        | 45 ++++++++++++++++++++++-----
- pjsip/src/pjsip/sip_transport_tls.c | 23 +++++++++++++-
- 3 files changed, 95 insertions(+), 20 deletions(-)
-
-diff --git a/pjlib/src/pj/ssl_sock_imp_common.c b/pjlib/src/pj/ssl_sock_imp_common.c
-index 025832da4..24533b397 100644
---- a/pjlib/src/pj/ssl_sock_imp_common.c
-+++ b/pjlib/src/pj/ssl_sock_imp_common.c
-@@ -255,6 +255,8 @@ static pj_bool_t on_handshake_complete(pj_ssl_sock_t *ssock,
- 
-     /* Accepting */
-     if (ssock->is_server) {
-+	pj_bool_t ret = PJ_TRUE;
-+
- 	if (status != PJ_SUCCESS) {
- 	    /* Handshake failed in accepting, destroy our self silently. */
- 
-@@ -272,6 +274,12 @@ static pj_bool_t on_handshake_complete(pj_ssl_sock_t *ssock,
- 		      status);
- 	    }
- 
-+	    /* Decrement ref count of parent */
-+	    if (ssock->parent->param.grp_lock) {
-+		pj_grp_lock_dec_ref(ssock->parent->param.grp_lock);
-+		ssock->parent = NULL;
-+	    }
-+
- 	    /* Originally, this is a workaround for ticket #985. However,
- 	     * a race condition may occur in multiple worker threads
- 	     * environment when we are destroying SSL objects while other
-@@ -315,23 +323,29 @@ static pj_bool_t on_handshake_complete(pj_ssl_sock_t *ssock,
- 
- 	    return PJ_FALSE;
- 	}
-+
- 	/* Notify application the newly accepted SSL socket */
- 	if (ssock->param.cb.on_accept_complete2) {
--	    pj_bool_t ret;
- 	    ret = (*ssock->param.cb.on_accept_complete2) 
- 		    (ssock->parent, ssock, (pj_sockaddr_t*)&ssock->rem_addr, 
- 		    pj_sockaddr_get_len((pj_sockaddr_t*)&ssock->rem_addr), 
- 		    status);
--	    if (ret == PJ_FALSE)
--		return PJ_FALSE;	
- 	} else if (ssock->param.cb.on_accept_complete) {
--	    pj_bool_t ret;
- 	    ret = (*ssock->param.cb.on_accept_complete)
- 		      (ssock->parent, ssock, (pj_sockaddr_t*)&ssock->rem_addr,
- 		       pj_sockaddr_get_len((pj_sockaddr_t*)&ssock->rem_addr));
--	    if (ret == PJ_FALSE)
--		return PJ_FALSE;
- 	}
-+
-+	/* Decrement ref count of parent and reset parent (we don't need it
-+	 * anymore, right?).
-+	 */
-+	if (ssock->parent->param.grp_lock) {
-+	    pj_grp_lock_dec_ref(ssock->parent->param.grp_lock);
-+	    ssock->parent = NULL;
-+	}
-+
-+	if (ret == PJ_FALSE)
-+	    return PJ_FALSE;
-     }
- 
-     /* Connecting */
-@@ -930,9 +944,13 @@ static pj_bool_t ssock_on_accept_complete (pj_ssl_sock_t *ssock_parent,
-     if (status != PJ_SUCCESS)
- 	goto on_return;
- 
-+    /* Set parent and add ref count (avoid parent destroy during handshake) */
-+    ssock->parent = ssock_parent;
-+    if (ssock->parent->param.grp_lock)
-+	pj_grp_lock_add_ref(ssock->parent->param.grp_lock);
-+
-     /* Update new SSL socket attributes */
-     ssock->sock = newsock;
--    ssock->parent = ssock_parent;
-     ssock->is_server = PJ_TRUE;
-     if (ssock_parent->cert) {
- 	status = pj_ssl_sock_set_certificate(ssock, ssock->pool, 
-@@ -957,16 +975,20 @@ static pj_bool_t ssock_on_accept_complete (pj_ssl_sock_t *ssock_parent,
-     ssock->asock_rbuf = (void**)pj_pool_calloc(ssock->pool, 
- 					       ssock->param.async_cnt,
- 					       sizeof(void*));
--    if (!ssock->asock_rbuf)
--        return PJ_ENOMEM;
-+    if (!ssock->asock_rbuf) {
-+	status = PJ_ENOMEM;
-+	goto on_return;
-+    }
- 
-     for (i = 0; i<ssock->param.async_cnt; ++i) {
- 	ssock->asock_rbuf[i] = (void*) pj_pool_alloc(
- 					    ssock->pool, 
- 					    ssock->param.read_buffer_size + 
- 					    sizeof(read_data_t*));
--        if (!ssock->asock_rbuf[i])
--            return PJ_ENOMEM;
-+	if (!ssock->asock_rbuf[i]) {
-+	    status = PJ_ENOMEM;
-+	    goto on_return;
-+	}
-     }
- 
-     /* If listener socket has group lock, automatically create group lock
-@@ -980,7 +1002,7 @@ static pj_bool_t ssock_on_accept_complete (pj_ssl_sock_t *ssock_parent,
- 	    goto on_return;
- 
- 	pj_grp_lock_add_ref(glock);
--	asock_cfg.grp_lock = ssock->param.grp_lock = glock;
-+	ssock->param.grp_lock = glock;
- 	pj_grp_lock_add_handler(ssock->param.grp_lock, ssock->pool, ssock,
- 				ssl_on_destroy);
-     }
-@@ -1008,6 +1030,7 @@ static pj_bool_t ssock_on_accept_complete (pj_ssl_sock_t *ssock_parent,
- 
-     /* Create active socket */
-     pj_activesock_cfg_default(&asock_cfg);
-+    asock_cfg.grp_lock = ssock->param.grp_lock;
-     asock_cfg.async_cnt = ssock->param.async_cnt;
-     asock_cfg.concurrency = ssock->param.concurrency;
-     asock_cfg.whole_data = PJ_TRUE;
-diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
-index 88a2a6b94..df4f4f96a 100644
---- a/pjlib/src/pj/ssl_sock_ossl.c
-+++ b/pjlib/src/pj/ssl_sock_ossl.c
-@@ -327,7 +327,8 @@ static pj_status_t STATUS_FROM_SSL_ERR(char *action, pj_ssl_sock_t *ssock,
- 	ERROR_LOG("STATUS_FROM_SSL_ERR", err, ssock);
-     }
- 
--    ssock->last_err = err;
-+    if (ssock)
-+	ssock->last_err = err;
-     return GET_STATUS_FROM_SSL_ERR(err);
- }
- 
-@@ -344,7 +345,8 @@ static pj_status_t STATUS_FROM_SSL_ERR2(char *action, pj_ssl_sock_t *ssock,
-     /* Dig for more from OpenSSL error queue */
-     SSLLogErrors(action, ret, err, len, ssock);
- 
--    ssock->last_err = ssl_err;
-+    if (ssock)
-+	ssock->last_err = ssl_err;
-     return GET_STATUS_FROM_SSL_ERR(ssl_err);
- }
- 
-@@ -786,6 +788,13 @@ static pj_status_t init_openssl(void)
- 
-     /* Create OpenSSL application data index for SSL socket */
-     sslsock_idx = SSL_get_ex_new_index(0, "SSL socket", NULL, NULL, NULL);
-+    if (sslsock_idx == -1) {
-+	status = STATUS_FROM_SSL_ERR2("Init", NULL, -1, ERR_get_error(), 0);
-+	PJ_LOG(1,(THIS_FILE,
-+	       "Fatal error: failed to get application data index for "
-+	       "SSL socket"));
-+	return status;
-+    }
- 
- #if defined(PJ_SSL_SOCK_OSSL_USE_THREAD_CB) && \
-     PJ_SSL_SOCK_OSSL_USE_THREAD_CB != 0 && OPENSSL_VERSION_NUMBER < 0x10100000L
-@@ -819,21 +828,36 @@ static int password_cb(char *buf, int num, int rwflag, void *user_data)
- }
- 
- 
--/* SSL password callback. */
-+/* SSL certificate verification result callback.
-+ * Note that this callback seems to be always called from library worker
-+ * thread, e.g: active socket on_read_complete callback, which should have
-+ * already been equipped with race condition avoidance mechanism (should not
-+ * be destroyed while callback is being invoked).
-+ */
- static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
- {
--    pj_ssl_sock_t *ssock;
--    SSL *ossl_ssl;
-+    pj_ssl_sock_t *ssock = NULL;
-+    SSL *ossl_ssl = NULL;
-     int err;
- 
-     /* Get SSL instance */
-     ossl_ssl = X509_STORE_CTX_get_ex_data(x509_ctx, 
- 				    SSL_get_ex_data_X509_STORE_CTX_idx());
--    pj_assert(ossl_ssl);
-+    if (!ossl_ssl) {
-+	PJ_LOG(1,(THIS_FILE,
-+		  "SSL verification callback failed to get SSL instance"));
-+	goto on_return;
-+    }
- 
-     /* Get SSL socket instance */
-     ssock = SSL_get_ex_data(ossl_ssl, sslsock_idx);
--    pj_assert(ssock);
-+    if (!ssock) {
-+	/* SSL socket may have been destroyed */
-+	PJ_LOG(1,(THIS_FILE,
-+		  "SSL verification callback failed to get SSL socket "
-+		  "instance (sslsock_idx=%d).", sslsock_idx));
-+	goto on_return;
-+    }
- 
-     /* Store verification status */
-     err = X509_STORE_CTX_get_error(x509_ctx);
-@@ -911,6 +935,7 @@ static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
-     if (PJ_FALSE == ssock->param.verify_peer)
- 	preverify_ok = 1;
- 
-+on_return:
-     return preverify_ok;
- }
- 
-@@ -1474,6 +1499,12 @@ static void ssl_destroy(pj_ssl_sock_t *ssock)
- static void ssl_reset_sock_state(pj_ssl_sock_t *ssock)
- {
-     ossl_sock_t *ossock = (ossl_sock_t *)ssock;
-+
-+    /* Detach from SSL instance */
-+    if (ossock->ossl_ssl) {
-+	SSL_set_ex_data(ossock->ossl_ssl, sslsock_idx, NULL);
-+    }
-+
-     /**
-      * Avoid calling SSL_shutdown() if handshake wasn't completed.
-      * OpenSSL 1.0.2f complains if SSL_shutdown() is called during an
-diff --git a/pjsip/src/pjsip/sip_transport_tls.c b/pjsip/src/pjsip/sip_transport_tls.c
-index 56a06cf99..24e43ef60 100644
---- a/pjsip/src/pjsip/sip_transport_tls.c
-+++ b/pjsip/src/pjsip/sip_transport_tls.c
-@@ -1333,9 +1333,26 @@ static pj_bool_t on_accept_complete2(pj_ssl_sock_t *ssock,
-     PJ_UNUSED_ARG(src_addr_len);
- 
-     listener = (struct tls_listener*) pj_ssl_sock_get_user_data(ssock);
-+    if (!listener) {
-+	/* Listener already destroyed, e.g: after TCP accept but before SSL
-+	 * handshake is completed.
-+	 */
-+	if (new_ssock && accept_status == PJ_SUCCESS) {
-+	    /* Close the SSL socket if the accept op is successful */
-+	    PJ_LOG(4,(THIS_FILE,
-+		      "Incoming TLS connection from %s (sock=%d) is discarded "
-+		      "because listener is already destroyed",
-+		      pj_sockaddr_print(src_addr, addr, sizeof(addr), 3),
-+		      new_ssock));
-+
-+	    pj_ssl_sock_close(new_ssock);
-+	}
-+
-+	return PJ_FALSE;
-+    }
- 
-     if (accept_status != PJ_SUCCESS) {
--	if (listener && listener->tls_setting.on_accept_fail_cb) {
-+	if (listener->tls_setting.on_accept_fail_cb) {
- 	    pjsip_tls_on_accept_fail_param param;
- 	    pj_ssl_sock_info ssi;
- 
-@@ -1358,6 +1375,8 @@ static pj_bool_t on_accept_complete2(pj_ssl_sock_t *ssock,
-     PJ_ASSERT_RETURN(new_ssock, PJ_TRUE);
- 
-     if (!listener->is_registered) {
-+	pj_ssl_sock_close(new_ssock);
-+
- 	if (listener->tls_setting.on_accept_fail_cb) {
- 	    pjsip_tls_on_accept_fail_param param;
- 	    pj_bzero(&param, sizeof(param));
-@@ -1409,6 +1428,8 @@ static pj_bool_t on_accept_complete2(pj_ssl_sock_t *ssock,
- 			 ssl_info.grp_lock, &tls);
-     
-     if (status != PJ_SUCCESS) {
-+	pj_ssl_sock_close(new_ssock);
-+
- 	if (listener->tls_setting.on_accept_fail_cb) {
- 	    pjsip_tls_on_accept_fail_param param;
- 	    pj_bzero(&param, sizeof(param));
--- 
-2.31.1
-
diff --git a/net-libs/pjproject/files/pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch b/net-libs/pjproject/files/pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch
deleted file mode 100644
index b036951d9edd..000000000000
--- a/net-libs/pjproject/files/pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-From 90a16c523bfdf4d43c10506c972c5fd4250b2856 Mon Sep 17 00:00:00 2001
-From: Nanang Izzuddin <nanang@teluu.com>
-Date: Fri, 20 Nov 2020 10:52:22 +0700
-Subject: [PATCH] Race condition between transport destroy and acquire (#2470)
-
-* Handle race condition between transport_idle_callback() and pjsip_tpmgr_acquire_transport2().
-* Add transport destroy state check as additional of transport shutdown state check
----
- pjsip/src/pjsip/sip_transaction.c |  2 +-
- pjsip/src/pjsip/sip_transport.c   | 34 +++++++++++++++++++++++++------
- 2 files changed, 29 insertions(+), 7 deletions(-)
-
-diff --git a/pjsip/src/pjsip/sip_transaction.c b/pjsip/src/pjsip/sip_transaction.c
-index 2b4ece7df..f663c7f4b 100644
---- a/pjsip/src/pjsip/sip_transaction.c
-+++ b/pjsip/src/pjsip/sip_transaction.c
-@@ -2443,7 +2443,7 @@ static void tsx_update_transport( pjsip_transaction *tsx,
- 	pjsip_transport_add_ref(tp);
- 	pjsip_transport_add_state_listener(tp, &tsx_tp_state_callback, tsx,
- 					    &tsx->tp_st_key);
--        if (tp->is_shutdown) {
-+	if (tp->is_shutdown || tp->is_destroying) {
- 	    pjsip_transport_state_info info;
- 
- 	    pj_bzero(&info, sizeof(info));
-diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
-index 06fce358c..bef6d24fe 100644
---- a/pjsip/src/pjsip/sip_transport.c
-+++ b/pjsip/src/pjsip/sip_transport.c
-@@ -1071,6 +1071,19 @@ static void transport_idle_callback(pj_timer_heap_t *timer_heap,
- 	return;
- 
-     entry->id = PJ_FALSE;
-+
-+    /* Set is_destroying flag under transport manager mutex to avoid
-+     * race condition with pjsip_tpmgr_acquire_transport2().
-+     */
-+    pj_lock_acquire(tp->tpmgr->lock);
-+    if (pj_atomic_get(tp->ref_cnt) == 0) {
-+	tp->is_destroying = PJ_TRUE;
-+    } else {
-+	pj_lock_release(tp->tpmgr->lock);
-+	return;
-+    }
-+    pj_lock_release(tp->tpmgr->lock);
-+
-     pjsip_transport_destroy(tp);
- }
- 
-@@ -1392,8 +1405,8 @@ PJ_DEF(pj_status_t) pjsip_transport_shutdown2(pjsip_transport *tp,
-     mgr = tp->tpmgr;
-     pj_lock_acquire(mgr->lock);
- 
--    /* Do nothing if transport is being shutdown already */
--    if (tp->is_shutdown) {
-+    /* Do nothing if transport is being shutdown/destroyed already */
-+    if (tp->is_shutdown || tp->is_destroying) {
- 	pj_lock_release(mgr->lock);
- 	pj_lock_release(tp->lock);
- 	return PJ_SUCCESS;
-@@ -2256,6 +2269,13 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
- 	    return PJSIP_ETPNOTSUITABLE;
- 	}
- 
-+	/* Make sure the transport is not being destroyed */
-+	if (seltp->is_destroying) {
-+	    pj_lock_release(mgr->lock);
-+	    TRACE_((THIS_FILE,"Transport to be acquired is being destroyed"));
-+	    return PJ_ENOTFOUND;
-+	}
-+
- 	/* We could also verify that the destination address is reachable
- 	 * from this transport (i.e. both are equal), but if application
- 	 * has requested a specific transport to be used, assume that
-@@ -2311,8 +2331,10 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
- 	    if (tp_entry) {
- 		transport *tp_iter = tp_entry;
- 		do {
--		    /* Don't use transport being shutdown */
--		    if (!tp_iter->tp->is_shutdown) {
-+		    /* Don't use transport being shutdown/destroyed */
-+		    if (!tp_iter->tp->is_shutdown &&
-+			!tp_iter->tp->is_destroying)
-+		    {
- 			if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER &&
- 			    sel->u.listener)
- 			{
-@@ -2382,7 +2404,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
- 	    TRACE_((THIS_FILE, "Transport found but from different listener"));
- 	}
- 
--	if (tp_ref!=NULL && !tp_ref->is_shutdown) {
-+	if (tp_ref!=NULL && !tp_ref->is_shutdown && !tp_ref->is_destroying) {
- 	    /*
- 	     * Transport found!
- 	     */
-@@ -2624,7 +2646,7 @@ PJ_DEF(pj_status_t) pjsip_transport_add_state_listener (
- 
-     PJ_ASSERT_RETURN(tp && cb && key, PJ_EINVAL);
- 
--    if (tp->is_shutdown) {
-+    if (tp->is_shutdown || tp->is_destroying) {
- 	*key = NULL;
- 	return PJ_EINVALIDOP;
-     }
--- 
-2.26.2
-
diff --git a/net-libs/pjproject/files/pjproject-2.9-config_site.h b/net-libs/pjproject/files/pjproject-2.12.1-config_site.h
index d41ac1d1947b..37d094e24bbc 100644
--- a/net-libs/pjproject/files/pjproject-2.9-config_site.h
+++ b/net-libs/pjproject/files/pjproject-2.12.1-config_site.h
@@ -6,10 +6,25 @@
 
 #include <sys/select.h>
 
-/* handled by ebuild, default to disabled here */
-#ifndef PJMEDIA_HAS_SRTP
-#define PJMEDIA_HAS_SRTP 0
-#endif
+#define GENTOO_INVALID	(Gentoo compile failure - please report a bug on bugs.gentoo.org)
+
+/* asterisk_malloc_debug.h is not required ... most of the operations are no-ops regardless
+ * and I can't see why asterisk is looking to compile this directly into pjproject */
+
+/*
+ * Defining PJMEDIA_HAS_SRTP to 0 does NOT disable Asterisk's ability to use srtp.
+ * It only disables the pjmedia srtp transport which Asterisk doesn't use.
+ * The reason for the disable is that while Asterisk works fine with older libsrtp
+ * versions, newer versions of pjproject won't compile with them.
+ *
+ * Disabling this depends on an additional pjproject patch.  So just leave it
+ * enabled for the time being, as it has always been enabled.
+ */
+#define PJMEDIA_HAS_SRTP 1
+
+/* Ability to change this has ABI implications, force it on */
+/* Can be reconsidered in future:  https://bugs.gentoo.org/680496 */
+#define PJ_HAS_IPV6 1
 
 #define PJ_MAX_HOSTNAME (256)
 #define PJSIP_MAX_URL_SIZE (512)
@@ -33,6 +48,7 @@
 #define PJSIP_MAX_DIALOG_COUNT	((64*1024)-1)
 #define PJSIP_UDP_SO_SNDBUF_SIZE	(512*1024)
 #define PJSIP_UDP_SO_RCVBUF_SIZE	(512*1024)
+#define PJ_DEBUG			0
 #define PJSIP_SAFE_MODULE		0
 #define PJ_HAS_STRICMP_ALNUM		0
 
@@ -50,19 +66,19 @@
   Enabling it will result in SEGFAULTS when URIs containing escape sequences are encountered.
 */
 #undef PJSIP_UNESCAPE_IN_PLACE
-#define PJSIP_MAX_PKT_LEN			32000
+#define PJSIP_MAX_PKT_LEN			65535
 
 #undef PJ_TODO
 #define PJ_TODO(x)
 
 /* Defaults too low for WebRTC */
-#define PJ_ICE_MAX_CAND 32
+#define PJ_ICE_MAX_CAND 64
 #define PJ_ICE_MAX_CHECKS (PJ_ICE_MAX_CAND * PJ_ICE_MAX_CAND)
 
 /* Increase limits to allow more formats */
 #define	PJMEDIA_MAX_SDP_FMT   64
 #define	PJMEDIA_MAX_SDP_BANDW   4
-#define	PJMEDIA_MAX_SDP_ATTR   (PJMEDIA_MAX_SDP_FMT*2 + 4)
+#define	PJMEDIA_MAX_SDP_ATTR   (PJMEDIA_MAX_SDP_FMT*3 + 4)
 #define	PJMEDIA_MAX_SDP_MEDIA   16
 
 /*
@@ -72,3 +88,10 @@
  */
 #define PJSIP_TCP_KEEP_ALIVE_INTERVAL	0
 #define PJSIP_TLS_KEEP_ALIVE_INTERVAL	0
+
+#define PJSIP_TSX_UAS_CONTINUE_ON_TP_ERROR 0
+#define PJ_SSL_SOCK_OSSL_USE_THREAD_CB 0
+#define PJSIP_AUTH_ALLOW_MULTIPLE_AUTH_HEADER 1
+
+/* Required to enable things like USE=video. */
+#define PJMEDIA_HAS_VIDEO GENTOO_INVALID
diff --git a/net-libs/pjproject/files/pjproject-2.9-ssl-enable.patch b/net-libs/pjproject/files/pjproject-2.9-ssl-enable.patch
deleted file mode 100644
index bb8a11d7f457..000000000000
--- a/net-libs/pjproject/files/pjproject-2.9-ssl-enable.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 2942c73cd3b3389ec1a35258f22ac9d0f0742de1 Mon Sep 17 00:00:00 2001
-From: Jaco Kroon <jaco@iewc.co.za>
-Date: Thu, 24 May 2018 15:40:33 +0200
-Subject: [PATCH] Fix support for --enable-ssl.
-
-This change enables the explicit use of --enable-ssl in such a way that
-package managers such as portage (Gentoo) that explicitly does
---enable-ssl or --disable-ssl will get the results that it's looking
-for.
-
-Without this specifying --enable-ssl would end up actually disabling it.
-
-Additionally, if --enable-ssl is specified but the script ends up being
-unable to enable ssl it will fail.
----
- aconfigure    | 16 ++++++++++++----
- aconfigure.ac | 15 ++++++++++++---
- 2 files changed, 24 insertions(+), 7 deletions(-)
-
-diff --git a/aconfigure b/aconfigure
-index 0cf17faae..57bdfba87 100755
---- a/aconfigure
-+++ b/aconfigure
-@@ -8001,8 +8001,9 @@ if test "${enable_ssl+set}" = set; then :
- $as_echo "Checking if SSL support is disabled... yes" >&6; }
- 	        fi
- 
--else
-+fi
- 
-+if test "x$ac_no_ssl" != "x1"; then
- 	        if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
-                     CFLAGS="$CFLAGS -I$with_ssl/include"
-                     CPPFLAGS="$CPPFLAGS -I$with_ssl/include"
-@@ -8317,16 +8318,23 @@ $as_echo "GnuTLS library found, SSL support enabled" >&6; }
- 
-             		ac_ssl_backend="gnutls"
-         	    else
--            		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ** No GnuTLS libraries found, disabling SSL support **" >&5
--$as_echo "** No GnuTLS libraries found, disabling SSL support **" >&6; }
-+			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ** No GnuTLS libraries found **" >&5
-+$as_echo "** No GnuTLS libraries found **" >&6; }
-         	    fi
- 
-         	fi
- 
-+		if test "x$ac_ssl_backend" = "x"; then
-+		    if test "x$enable_ssl" = "xyes"; then
-+			as_fn_error $? "SSL Support requested but neither OpenSSL nor GnuTLS operational" "$LINENO" 5
-+		    else
-+			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: No SSL detected, disabling SSL support" >&5
-+$as_echo "No SSL detected, disabling SSL support" >&6; }
-+		    fi
-+		fi
- fi
- 
- 
--
- # Check whether --with-opencore-amrnb was given.
- if test "${with_opencore_amrnb+set}" = set; then :
-   withval=$with_opencore_amrnb; as_fn_error $? "This option is obsolete and replaced by --with-opencore-amr=DIR" "$LINENO" 5
-diff --git a/aconfigure.ac b/aconfigure.ac
-index 8d7d944a1..45c42756b 100644
---- a/aconfigure.ac
-+++ b/aconfigure.ac
-@@ -1607,7 +1607,8 @@ AC_ARG_ENABLE(ssl,
- 		 AC_MSG_RESULT([Checking if SSL support is disabled... yes])
- 	        fi
- 	      ],
--	      [
-+	      [])
-+if test "x$ac_no_ssl" != "x1"; then
- 	        if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
-                     CFLAGS="$CFLAGS -I$with_ssl/include"
-                     CPPFLAGS="$CPPFLAGS -I$with_ssl/include"
-@@ -1692,11 +1693,19 @@ AC_ARG_ENABLE(ssl,
- 			AC_DEFINE(PJ_SSL_SOCK_IMP, PJ_SSL_SOCK_IMP_GNUTLS)
-             		ac_ssl_backend="gnutls"
-         	    else
--            		AC_MSG_RESULT([** No GnuTLS libraries found, disabling SSL support **])
-+			AC_MSG_RESULT([** No GnuTLS libraries found **])
-         	    fi
-         	
-         	fi
--	      ])
-+
-+		if test "x$ac_ssl_backend" = "x"; then
-+		    if test "x$enable_ssl" = "xyes"; then
-+			AC_MSG_ERROR([SSL Support requested but neither OpenSSL nor GnuTLS operational])
-+		    else
-+			AC_MSG_RESULT([No SSL detected, disabling SSL support])
-+		    fi
-+		fi
-+fi
- 
- dnl # Obsolete option --with-opencore-amrnb
- AC_ARG_WITH(opencore-amrnb,
--- 
-2.23.0
-
diff --git a/net-libs/pjproject/pjproject-2.10-r1.ebuild b/net-libs/pjproject/pjproject-2.10-r1.ebuild
deleted file mode 100644
index 3db743937f47..000000000000
--- a/net-libs/pjproject/pjproject-2.10-r1.ebuild
+++ /dev/null
@@ -1,124 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools flag-o-matic toolchain-funcs
-
-DESCRIPTION="Open source SIP, Media, and NAT Traversal Library"
-HOMEPAGE="https://www.pjsip.org/"
-SRC_URI="https://github.com/pjsip/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86"
-
-LICENSE="GPL-2"
-SLOT="0/${PV}"
-
-# g729 not included due to special bcg729 handling.
-CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16"
-VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv vpx"
-SOUND_FLAGS="alsa portaudio"
-IUSE="amr debug epoll examples ipv6 opus resample silk ssl static-libs webrtc
-	${CODEC_FLAGS} g729
-	${VIDEO_FLAGS}
-	${SOUND_FLAGS}"
-
-PATCHES=(
-	"${FILESDIR}/pjproject-2.9-ssl-enable.patch"
-	"${FILESDIR}/pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch"
-	"${FILESDIR}/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch"
-	"${FILESDIR}/pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch"
-)
-
-RDEPEND="net-libs/libsrtp:=
-	alsa? ( media-libs/alsa-lib )
-	amr? ( media-libs/opencore-amr )
-	ffmpeg? ( media-video/ffmpeg:= )
-	g729? ( media-libs/bcg729 )
-	gsm? ( media-sound/gsm )
-	ilbc? ( media-libs/libilbc )
-	openh264? ( media-libs/openh264 )
-	opus? ( media-libs/opus )
-	portaudio? ( media-libs/portaudio )
-	resample? ( media-libs/libsamplerate )
-	sdl? ( media-libs/libsdl )
-	speex? (
-		media-libs/speex
-		media-libs/speexdsp
-	)
-	ssl? (
-		dev-libs/openssl:0=
-	)
-"
-DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-src_prepare() {
-	default
-	rm configure || die "Unable to remove unwanted wrapper"
-	mv aconfigure.ac configure.ac || die "Unable to rename configure script source"
-	eautoreconf
-
-	cp "${FILESDIR}/pjproject-2.9-config_site.h" "${S}/pjlib/include/pj/config_site.h" || die "Unable to create config_site.h"
-}
-
-src_configure() {
-	local myconf=()
-	local videnable="--disable-video"
-	local t
-
-	use debug || append-cflags -DNDEBUG=1
-	use ipv6 && append-cflags -DPJ_HAS_IPV6=1
-	append-cflags -DPJMEDIA_HAS_SRTP=1
-
-	for t in ${CODEC_FLAGS}; do
-		myconf+=( $(use_enable ${t} ${t}-codec) )
-	done
-	myconf+=( $(use_enable g729 bcg729) )
-
-	for t in ${VIDEO_FLAGS}; do
-		myconf+=( $(use_enable ${t}) )
-		use "${t}" && videnable="--enable-video"
-	done
-
-	[ "${videnable}" = "--enable-video" ] && append-cflags -DPJMEDIA_HAS_VIDEO=1
-
-	LD="$(tc-getCC)" econf \
-		--enable-shared \
-		--with-external-srtp \
-		${videnable} \
-		$(use_enable alsa sound) \
-		$(use_enable amr opencore-amr) \
-		$(use_enable epoll) \
-		$(use_enable opus) \
-		$(use_enable portaudio ext-sound) \
-		$(use_enable resample libsamplerate) \
-		$(use_enable resample resample-dll) \
-		$(use_enable resample) \
-		$(use_enable silk) \
-		$(use_enable speex speex-aec) \
-		$(use_enable ssl) \
-		$(use_with gsm external-gsm) \
-		$(use_with portaudio external-pa) \
-		$(use_with speex external-speex) \
-		$(usex webrtc '' --disable-libwebrtc) \
-		"${myconf[@]}"
-}
-
-src_compile() {
-	emake dep LD="$(tc-getCC)"
-	emake LD="$(tc-getCC)"
-}
-
-src_install() {
-	default
-
-	newbin pjsip-apps/bin/pjsua-${CHOST} pjsua
-	newbin pjsip-apps/bin/pjsystest-${CHOST} pjsystest
-
-	if use examples; then
-		insinto "/usr/share/doc/${PF}/examples"
-		doins -r pjsip-apps/src/samples
-	fi
-
-	use static-libs || rm "${ED}/usr/$(get_libdir)"/*.a || die "Error removing static archives"
-}
diff --git a/net-libs/pjproject/pjproject-2.10-r2.ebuild b/net-libs/pjproject/pjproject-2.10-r2.ebuild
deleted file mode 100644
index c4474ea97453..000000000000
--- a/net-libs/pjproject/pjproject-2.10-r2.ebuild
+++ /dev/null
@@ -1,125 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools flag-o-matic toolchain-funcs
-
-DESCRIPTION="Open source SIP, Media, and NAT Traversal Library"
-HOMEPAGE="https://www.pjsip.org/"
-SRC_URI="https://github.com/pjsip/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86"
-
-LICENSE="GPL-2"
-SLOT="0/${PV}"
-
-# g729 not included due to special bcg729 handling.
-CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16"
-VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv vpx"
-SOUND_FLAGS="alsa portaudio"
-IUSE="amr debug epoll examples ipv6 opus resample silk ssl static-libs webrtc
-	${CODEC_FLAGS} g729
-	${VIDEO_FLAGS}
-	${SOUND_FLAGS}"
-
-PATCHES=(
-	"${FILESDIR}/pjproject-2.9-ssl-enable.patch"
-	"${FILESDIR}/pjproject-2.10-race-condition-between-transport-destroy-and-acquire.patch"
-	"${FILESDIR}/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch"
-	"${FILESDIR}/pjproject-2.10-CVE-2021-21375-negotiation-failure-crash.patch"
-	"${FILESDIR}/pjproject-2.10-CVE-2021-32686-AST-2021-009-GHSA-cv8x-p47p-99wr.patch"
-)
-
-RDEPEND="net-libs/libsrtp:=
-	alsa? ( media-libs/alsa-lib )
-	amr? ( media-libs/opencore-amr )
-	ffmpeg? ( media-video/ffmpeg:= )
-	g729? ( media-libs/bcg729 )
-	gsm? ( media-sound/gsm )
-	ilbc? ( media-libs/libilbc )
-	openh264? ( media-libs/openh264 )
-	opus? ( media-libs/opus )
-	portaudio? ( media-libs/portaudio )
-	resample? ( media-libs/libsamplerate )
-	sdl? ( media-libs/libsdl )
-	speex? (
-		media-libs/speex
-		media-libs/speexdsp
-	)
-	ssl? (
-		dev-libs/openssl:0=
-	)
-"
-DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-src_prepare() {
-	default
-	rm configure || die "Unable to remove unwanted wrapper"
-	mv aconfigure.ac configure.ac || die "Unable to rename configure script source"
-	eautoreconf
-
-	cp "${FILESDIR}/pjproject-2.9-config_site.h" "${S}/pjlib/include/pj/config_site.h" || die "Unable to create config_site.h"
-}
-
-src_configure() {
-	local myconf=()
-	local videnable="--disable-video"
-	local t
-
-	use debug || append-cflags -DNDEBUG=1
-	use ipv6 && append-cflags -DPJ_HAS_IPV6=1
-	append-cflags -DPJMEDIA_HAS_SRTP=1
-
-	for t in ${CODEC_FLAGS}; do
-		myconf+=( $(use_enable ${t} ${t}-codec) )
-	done
-	myconf+=( $(use_enable g729 bcg729) )
-
-	for t in ${VIDEO_FLAGS}; do
-		myconf+=( $(use_enable ${t}) )
-		use "${t}" && videnable="--enable-video"
-	done
-
-	[ "${videnable}" = "--enable-video" ] && append-cflags -DPJMEDIA_HAS_VIDEO=1
-
-	LD="$(tc-getCC)" econf \
-		--enable-shared \
-		--with-external-srtp \
-		${videnable} \
-		$(use_enable alsa sound) \
-		$(use_enable amr opencore-amr) \
-		$(use_enable epoll) \
-		$(use_enable opus) \
-		$(use_enable portaudio ext-sound) \
-		$(use_enable resample libsamplerate) \
-		$(use_enable resample resample-dll) \
-		$(use_enable resample) \
-		$(use_enable silk) \
-		$(use_enable speex speex-aec) \
-		$(use_enable ssl) \
-		$(use_with gsm external-gsm) \
-		$(use_with portaudio external-pa) \
-		$(use_with speex external-speex) \
-		$(usex webrtc '' --disable-libwebrtc) \
-		"${myconf[@]}"
-}
-
-src_compile() {
-	emake dep LD="$(tc-getCC)"
-	emake LD="$(tc-getCC)"
-}
-
-src_install() {
-	default
-
-	newbin pjsip-apps/bin/pjsua-${CHOST} pjsua
-	newbin pjsip-apps/bin/pjsystest-${CHOST} pjsystest
-
-	if use examples; then
-		insinto "/usr/share/doc/${PF}/examples"
-		doins -r pjsip-apps/src/samples
-	fi
-
-	use static-libs || rm "${ED}/usr/$(get_libdir)"/*.a || die "Error removing static archives"
-}
diff --git a/net-libs/pjproject/pjproject-2.12.1.ebuild b/net-libs/pjproject/pjproject-2.12.1-r1.ebuild
index e4b5b281a448..bbf767978443 100644
--- a/net-libs/pjproject/pjproject-2.12.1.ebuild
+++ b/net-libs/pjproject/pjproject-2.12.1-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
-
+# TODO: Figure out a way to disable SRTP from pjproject entirely.
 EAPI=8
 
 inherit autotools flag-o-matic toolchain-funcs
@@ -8,7 +8,7 @@ inherit autotools flag-o-matic toolchain-funcs
 DESCRIPTION="Open source SIP, Media, and NAT Traversal Library"
 HOMEPAGE="https://www.pjsip.org/"
 SRC_URI="https://github.com/pjsip/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86"
+KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86"
 
 LICENSE="GPL-2"
 SLOT="0/${PV}"
@@ -17,7 +17,7 @@ SLOT="0/${PV}"
 CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16"
 VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv vpx"
 SOUND_FLAGS="alsa portaudio"
-IUSE="amr debug epoll examples ipv6 opus resample silk ssl static-libs webrtc
+IUSE="amr debug epoll examples opus resample silk ssl static-libs webrtc
 	${CODEC_FLAGS} g729
 	${VIDEO_FLAGS}
 	${SOUND_FLAGS}"
@@ -55,21 +55,36 @@ src_prepare() {
 	mv aconfigure.ac configure.ac || die "Unable to rename configure script source"
 	eautoreconf
 
-	cp "${FILESDIR}/pjproject-2.9-config_site.h" "${S}/pjlib/include/pj/config_site.h" || die "Unable to create config_site.h"
+	cp "${FILESDIR}/pjproject-2.12.1-config_site.h" "${S}/pjlib/include/pj/config_site.h" || die "Unable to create config_site.h"
 }
 
 _pj_enable() {
 	usex "$1" '' "--disable-${2:-$1}"
 }
 
+_pj_get_define() {
+	local r="$(sed -nre "s/^#define[[:space:]]+$1[[:space:]]+//p" "${S}/pjlib/include/pj/config_site.h")"
+	[[ -z "${r}" ]] && die "Unable to fine #define $1 in config_site.h"
+	echo "$r"
+}
+
+_pj_set_define() {
+	local c=$(_pj_get_define "$1")
+	[[ "$c" = "$2" ]] && return 0
+	sed -re "s/^#define[[:space:]]+$1[[:space:]].*/#define $1 $2/" -i "${S}/pjlib/include/pj/config_site.h" || die "sed failed updating $1 to $2."
+	[[ "$(_pj_get_define "$1")" != "$2" ]] && die "sed failed to perform update for $1 to $2."
+}
+
+_pj_use_set_define() {
+	_pj_set_define "$2" $(usex "$1" 1 0)
+}
+
 src_configure() {
 	local myconf=()
 	local videnable="--disable-video"
 	local t
 
 	use debug || append-cflags -DNDEBUG=1
-	use ipv6 && append-cflags -DPJ_HAS_IPV6=1
-	append-cflags -DPJMEDIA_HAS_SRTP=1
 
 	for t in ${CODEC_FLAGS}; do
 		myconf+=( $(_pj_enable ${t} ${t}-codec) )
@@ -81,7 +96,7 @@ src_configure() {
 		use "${t}" && videnable="--enable-video"
 	done
 
-	[ "${videnable}" = "--enable-video" ] && append-cflags -DPJMEDIA_HAS_VIDEO=1
+	[ "${videnable}" = "--enable-video" ] && _pj_set_define PJMEDIA_HAS_VIDEO 1 || _pj_set_define PJMEDIA_HAS_VIDEO 0
 
 	LD="$(tc-getCC)" econf \
 		--enable-shared \
author	V3n3RiX <venerix@koprulu.sector>	2022-07-13 13:36:46 +0100
committer	V3n3RiX <venerix@koprulu.sector>	2022-07-13 13:36:46 +0100
commit	7b02e37a04e4051a91a109814d386711f41f9a4b (patch)
tree	d0689f14f1d1df3a6a2525512a6812b146064a9e /net-libs
parent	5c0c70d5917e66743293789a6d6fd7d72250eb32 (diff)