From b145349b5520089b00522a9d3e1e527f29944251 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luis=20Guzm=C3=A1n?= <ark@switnet.org>
Date: Wed, 13 Dec 2023 08:39:03 +0000
Subject: [PATCH] libtgowt: apply system libsrtp2 usage for libtgowt

---
 ...aac699b1a53242ffe2664e3724533bf64f97.patch |  31 +++
 ...a2a95da261d709664aefa2787258f1d24142.patch |  35 ++++
 ...27d9cbe59428b13f3e9f731d4dc0d55354e4.patch | 182 ++++++++++++++++++
 ...ebb3d5b2ad4021a25858a73f2a167e9d6027.patch |  52 +++++
 helpers/make-libtgowt                         |  14 +-
 5 files changed, 312 insertions(+), 2 deletions(-)
 create mode 100644 helpers/DATA/libtgowt/00_0614aac699b1a53242ffe2664e3724533bf64f97.patch
 create mode 100644 helpers/DATA/libtgowt/01_7998a2a95da261d709664aefa2787258f1d24142.patch
 create mode 100644 helpers/DATA/libtgowt/02_fdb627d9cbe59428b13f3e9f731d4dc0d55354e4.patch
 create mode 100644 helpers/DATA/libtgowt/03_87e6ebb3d5b2ad4021a25858a73f2a167e9d6027.patch

diff --git a/helpers/DATA/libtgowt/00_0614aac699b1a53242ffe2664e3724533bf64f97.patch b/helpers/DATA/libtgowt/00_0614aac699b1a53242ffe2664e3724533bf64f97.patch
new file mode 100644
index 00000000..6433b4da
--- /dev/null
+++ b/helpers/DATA/libtgowt/00_0614aac699b1a53242ffe2664e3724533bf64f97.patch
@@ -0,0 +1,31 @@
+From 0614aac699b1a53242ffe2664e3724533bf64f97 Mon Sep 17 00:00:00 2001
+From: John Preston <johnprestonmail@gmail.com>
+Date: Fri, 28 Apr 2023 14:32:00 +0400
+Subject: [PATCH] Build: Add explicit libsrtp_config.
+
+---
+ src/third_party/libsrtp_config/config.h | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+ create mode 100644 src/third_party/libsrtp_config/config.h
+
+diff --git a/src/third_party/libsrtp_config/config.h b/src/third_party/libsrtp_config/config.h
+new file mode 100644
+index 00000000..1edcdc5c
+--- /dev/null
++++ b/src/third_party/libsrtp_config/config.h
+@@ -0,0 +1,15 @@
++#define PACKAGE_VERSION "2.5.0"
++#define PACKAGE_STRING "libsrtp2 2.5.0"
++
++#define GCM
++#define OPENSSL
++#define CPU_CISC 1
++#define HAVE_INTTYPES_H 1
++#define HAVE_STDINT_H 1
++#define HAVE_STDLIB_H 1
++#define HAVE_SYS_TYPES_H 1
++#define HAVE_UINT8_T 1
++#define HAVE_UINT16_T 1
++#define HAVE_UINT32_T 1
++#define HAVE_UINT64_T 1
++#define HAVE_INT32_T 1
diff --git a/helpers/DATA/libtgowt/01_7998a2a95da261d709664aefa2787258f1d24142.patch b/helpers/DATA/libtgowt/01_7998a2a95da261d709664aefa2787258f1d24142.patch
new file mode 100644
index 00000000..cf357ff9
--- /dev/null
+++ b/helpers/DATA/libtgowt/01_7998a2a95da261d709664aefa2787258f1d24142.patch
@@ -0,0 +1,35 @@
+From 7998a2a95da261d709664aefa2787258f1d24142 Mon Sep 17 00:00:00 2001
+From: Nicholas Guriev <nicholas@guriev.su>
+Date: Tue, 20 Jun 2023 09:47:41 +0300
+Subject: [PATCH] Exclude libSRTP from the orig tarball
+
+---
+ debian/copyright | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/debian/copyright b/debian/copyright
+index d8431c08..9f9247fe 100644
+--- a/debian/copyright
++++ b/debian/copyright
+@@ -3,6 +3,7 @@ Upstream-Name: tg_owt
+ Upstream-Contact: John Preston <johnprestonmail@gmail.com>
+ Source: https://github.com/desktop-app/tg_owt
+ Files-Excluded: src/third_party/abseil-cpp/*
++                src/third_party/libsrtp/*
+                 src/third_party/rnnoise/*
+                 src/third_party/yasm/*
+ Comment: Exclude RNNoise non-free model, and also, unused libraries and binaries.
+@@ -94,10 +95,6 @@ Files: src/third_party/crc32c/*
+ License: BSD-3-Clause
+ Copyright: 2008,2017,2021, The CRC32C Authors
+ 
+-Files: src/third_party/libsrtp/*
+-License: BSD-3-Clause
+-Copyright: 2001-2017, Cisco Systems, Inc.
+-
+ Files: src/third_party/libyuv/*
+ License: BSD-3-Clause
+ Copyright: 2011-2022, The LibYuv Project Authors
+-- 
+GitLab
+
diff --git a/helpers/DATA/libtgowt/02_fdb627d9cbe59428b13f3e9f731d4dc0d55354e4.patch b/helpers/DATA/libtgowt/02_fdb627d9cbe59428b13f3e9f731d4dc0d55354e4.patch
new file mode 100644
index 00000000..7ca2fbf7
--- /dev/null
+++ b/helpers/DATA/libtgowt/02_fdb627d9cbe59428b13f3e9f731d4dc0d55354e4.patch
@@ -0,0 +1,182 @@
+From fdb627d9cbe59428b13f3e9f731d4dc0d55354e4 Mon Sep 17 00:00:00 2001
+From: Nicholas Guriev <nicholas@guriev.su>
+Date: Thu, 4 May 2023 16:21:09 +0300
+Subject: [PATCH] New Unbundle-libSRTP.patch
+
+Link against the updated library from the libsrtp2-dev package which already
+has a fix of OpenSSL 3.0.0 incompatibility.
+
+Gbp-Dch: full
+---
+ debian/control                        |   1 +
+ debian/patches/Unbundle-libSRTP.patch | 124 ++++++++++++++++++++++++++
+ debian/patches/series                 |   1 +
+ 3 files changed, 126 insertions(+)
+ create mode 100644 debian/patches/Unbundle-libSRTP.patch
+
+diff --git a/debian/control b/debian/control
+index c9aa2912..516aa47e 100644
+--- a/debian/control
++++ b/debian/control
+@@ -20,6 +20,7 @@ Build-Depends-Arch:
+  libpipewire-0.3-dev,
+  libprotobuf-dev,
+  libpulse-dev,
++ libsrtp2-dev,
+  libssl-dev,
+  libswresample-dev,
+  libswscale-dev,
+diff --git a/debian/patches/Unbundle-libSRTP.patch b/debian/patches/Unbundle-libSRTP.patch
+new file mode 100644
+index 00000000..466ad0ff
+--- /dev/null
++++ b/debian/patches/Unbundle-libSRTP.patch
+@@ -0,0 +1,124 @@
++Description: Avoid private symbols and link against system-wide libSRTP
++ The package no longer uses outdated bundled copy of the library. The change
++ fixes incompatibility with OpenSSL 3.0.0 or later.
++ .
++ The excluded code in SrtpSession looks unreachable from the call integration
++ in Telegram Desktop. Though, I can't 100% confirm this.
++Author: Nicholas Guriev <guriev-ns@ya.ru>
++Forwarded: https://github.com/desktop-app/tg_owt/pull/123
++Last-Update: Thu, 04 May 2023 16:21:09 +0300
++
++--- a/CMakeLists.txt
+++++ b/CMakeLists.txt
++@@ -2658,6 +2658,9 @@ if (TG_OWT_USE_PROTOBUF)
++     list(APPEND export_targets proto)
++ endif()
++ 
+++if (LIBSRTP_FOUND)
+++    target_compile_definitions(tg_owt PRIVATE HAVE_LIBSRTP)
+++endif()
++ if (NOT absl_FOUND)
++     include(cmake/libabsl.cmake)
++     list(APPEND export_targets libabsl)
++--- a/cmake/libsrtp.cmake
+++++ b/cmake/libsrtp.cmake
++@@ -1,3 +1,16 @@
+++find_package(PkgConfig REQUIRED)
+++pkg_check_modules(LIBSRTP libsrtp2)
+++
+++if (LIBSRTP_FOUND)
+++    add_library(libsrtp INTERFACE EXCLUDE_FROM_ALL)
+++    add_library(tg_owt::libsrtp ALIAS libsrtp)
+++
+++    target_include_directories(libsrtp INTERFACE ${LIBSRTP_INCLUDE_DIRS} ${LIBSRTP_CFLAGS_OTHER})
+++    target_link_libraries(libsrtp INTERFACE ${LIBSRTP_LINK_LIBRARIES} ${LIBSRTP_LDFLAGS_OTHER})
+++
+++    return()
+++endif()
+++
++ add_library(libsrtp OBJECT EXCLUDE_FROM_ALL)
++ init_target(libsrtp)
++ add_library(tg_owt::libsrtp ALIAS libsrtp)
++--- a/src/pc/external_hmac.cc
+++++ b/src/pc/external_hmac.cc
++@@ -15,7 +15,6 @@
++ 
++ #include "rtc_base/logging.h"
++ #include "rtc_base/zero_memory.h"
++-#include "third_party/libsrtp/include/srtp.h"
++ 
++ // Begin test case 0 */
++ static const uint8_t kExternalHmacTestCase0Key[20] = {
++--- a/src/pc/external_hmac.h
+++++ b/src/pc/external_hmac.h
++@@ -30,9 +30,12 @@
++ 
++ #include <stdint.h>
++ 
++-#include "third_party/libsrtp/crypto/include/crypto_types.h"
++-#include "third_party/libsrtp/include/srtp.h"
++-#include "third_party/libsrtp/include/srtp_priv.h"
+++#ifdef HAVE_LIBSRTP
+++# include <srtp2/auth.h>
+++# include <srtp2/srtp.h>
+++#else
+++# include "srtp_priv.h"
+++#endif
++ 
++ #define EXTERNAL_HMAC_SHA1 SRTP_HMAC_SHA1 + 1
++ #define HMAC_KEY_LENGTH 20
++--- a/src/pc/srtp_session.cc
+++++ b/src/pc/srtp_session.cc
++@@ -30,8 +30,12 @@
++ #include "rtc_base/thread_annotations.h"
++ #include "rtc_base/time_utils.h"
++ #include "system_wrappers/include/metrics.h"
++-#include "third_party/libsrtp/include/srtp.h"
++-#include "third_party/libsrtp/include/srtp_priv.h"
+++
+++#ifdef HAVE_LIBSRTP
+++# include <srtp2/srtp.h>
+++#else
+++# include "srtp_priv.h"
+++#endif
++ 
++ namespace cricket {
++ 
++@@ -290,6 +294,7 @@ bool SrtpSession::UnprotectRtcp(void* p,
++ bool SrtpSession::GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len) {
++   RTC_DCHECK(thread_checker_.IsCurrent());
++   RTC_DCHECK(IsExternalAuthActive());
+++#ifndef HAVE_LIBSRTP
++   if (!IsExternalAuthActive()) {
++     return false;
++   }
++@@ -313,6 +318,10 @@ bool SrtpSession::GetRtpAuthParams(uint8
++   *key_len = external_hmac->key_length;
++   *tag_len = rtp_auth_tag_len_;
++   return true;
+++#else
+++  RTC_LOG_F(LS_WARNING) << "unavailable";
+++  return false;
+++#endif
++ }
++ 
++ int SrtpSession::GetSrtpOverhead() const {
++@@ -336,6 +345,7 @@ bool SrtpSession::GetSendStreamPacketInd
++                                            int in_len,
++                                            int64_t* index) {
++   RTC_DCHECK(thread_checker_.IsCurrent());
+++#ifndef HAVE_LIBSRTP
++   srtp_hdr_t* hdr = reinterpret_cast<srtp_hdr_t*>(p);
++   srtp_stream_ctx_t* stream = srtp_get_stream(session_, hdr->ssrc);
++   if (!stream) {
++@@ -346,6 +356,10 @@ bool SrtpSession::GetSendStreamPacketInd
++   *index = static_cast<int64_t>(rtc::NetworkToHost64(
++       srtp_rdbx_get_packet_index(&stream->rtp_rdbx) << 16));
++   return true;
+++#else
+++  RTC_LOG_F(LS_WARNING) << "unavailable";
+++  return false;
+++#endif
++ }
++ 
++ bool SrtpSession::DoSetKey(int type,
+#diff --git a/debian/patches/series b/debian/patches/series
+#index 7dc5c619..0dd4e655 100644
+#--- a/debian/patches/series
+#+++ b/debian/patches/series
+#@@ -3,4 +3,5 @@ Convert-endianness.patch
+# Fix-libabsl-include.patch
+# Packaged-PipeWire.patch
+# Skip-RNNoise.patch
+#+Unbundle-libSRTP.patch
+# Backport-to-stable-libvpx.patch
+diff --git a/debian/patches/series b/debian/patches/series
+index fefeb174..bc834658 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -4,5 +4,6 @@ Fix-libabsl-include.patch
+ Packaged-PipeWire.patch
+ Prefer-std-bit-over-absl-bits.patch
+ Skip-RNNoise.patch
++Unbundle-libSRTP.patch
+ Backport-to-stable-Abseil.patch
+ Backport-to-stable-libvpx.patch
+-- 
+GitLab
+
diff --git a/helpers/DATA/libtgowt/03_87e6ebb3d5b2ad4021a25858a73f2a167e9d6027.patch b/helpers/DATA/libtgowt/03_87e6ebb3d5b2ad4021a25858a73f2a167e9d6027.patch
new file mode 100644
index 00000000..d745e3ac
--- /dev/null
+++ b/helpers/DATA/libtgowt/03_87e6ebb3d5b2ad4021a25858a73f2a167e9d6027.patch
@@ -0,0 +1,52 @@
+From 87e6ebb3d5b2ad4021a25858a73f2a167e9d6027 Mon Sep 17 00:00:00 2001
+From: Nicholas Guriev <nicholas@guriev.su>
+Date: Sat, 24 Jun 2023 13:00:54 +0300
+Subject: [PATCH] Update Unbundle-libSRTP.patch and Unbundle-libyuv.patch
+
+ * Remove EXCLUDE_FROM_ALL property from INTERFACE libraries.
+ * It is meaningless and interferes backporting to bullseye.
+
+Gbp-Dch: ignore
+---
+ debian/patches/Unbundle-libSRTP.patch | 4 ++--
+ debian/patches/Unbundle-libyuv.patch  | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/debian/patches/Unbundle-libSRTP.patch b/debian/patches/Unbundle-libSRTP.patch
+index 466ad0ff..b51e2fe3 100644
+--- a/debian/patches/Unbundle-libSRTP.patch
++++ b/debian/patches/Unbundle-libSRTP.patch
+@@ -10,7 +10,7 @@ Last-Update: Thu, 04 May 2023 16:21:09 +0300
+ 
+ --- a/CMakeLists.txt
+ +++ b/CMakeLists.txt
+-@@ -2658,6 +2658,9 @@ if (TG_OWT_USE_PROTOBUF)
++@@ -2655,6 +2655,9 @@ if (TG_OWT_USE_PROTOBUF)
+      list(APPEND export_targets proto)
+  endif()
+  
+@@ -27,7 +27,7 @@ Last-Update: Thu, 04 May 2023 16:21:09 +0300
+ +pkg_check_modules(LIBSRTP libsrtp2)
+ +
+ +if (LIBSRTP_FOUND)
+-+    add_library(libsrtp INTERFACE EXCLUDE_FROM_ALL)
+++    add_library(libsrtp INTERFACE)
+ +    add_library(tg_owt::libsrtp ALIAS libsrtp)
+ +
+ +    target_include_directories(libsrtp INTERFACE ${LIBSRTP_INCLUDE_DIRS} ${LIBSRTP_CFLAGS_OTHER})
+#diff --git a/debian/patches/Unbundle-libyuv.patch b/debian/patches/Unbundle-libyuv.patch
+#index 1ad9956d..5fd3d54e 100644
+#--- a/debian/patches/Unbundle-libyuv.patch
+#+++ b/debian/patches/Unbundle-libyuv.patch
+#@@ -7,7 +7,7 @@ Last-Update: Sat, 24 Jun 2023 11:53:26 +0300
+# @@ -1,3 +1,12 @@
+# +find_library(LIBYUV_PATH yuv)
+# +if (LIBYUV_PATH)
+#-+    add_library(libyuv INTERFACE EXCLUDE_FROM_ALL)
+#++    add_library(libyuv INTERFACE)
+# +    add_library(tg_owt::libyuv ALIAS libyuv)
+# +
+# +    target_link_libraries(libyuv INTERFACE ${LIBYUV_PATH})
+-- 
+GitLab
+
diff --git a/helpers/make-libtgowt b/helpers/make-libtgowt
index e2ffcd4e..789b160f 100644
--- a/helpers/make-libtgowt
+++ b/helpers/make-libtgowt
@@ -17,13 +17,23 @@
 #    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 #
 
-VERSION=4
+VERSION=5
 EXTERNAL='deb-src http://ftp.debian.org/debian bullseye-backports main'
 REPOKEY=0E98404D386FA1D9
 BACKPORT=true
 
 . ./config
 
-changelog "Backported from debian bullseye as dependency for telegram-desktop"
+# Apply patches to use system's libsrtp2
+for patch in $(ls -v ${DATA}/*.patch)
+do
+    echo "Applying $patch"
+    patch --no-backup-if-mismatch -Np1 < $patch
+done
+
+# Manually remove third_party src
+rm -r src/third_party/libsrtp
+
+changelog "Applied libsrtp system usage update to bullseye-backports."
 
 package
-- 
GitLab