From 1d572fff2ffd4a4c3a3426aceec9d4c85e10f383 Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Wed, 4 Jan 2023 23:58:25 +1000 Subject: [PATCH] webkit-gtk: enable gstreamer webrtc, disable experimental features --- .../patches/webkit_gtk-2.39.3.patchset | 249 +++++++++++++++++- net-libs/webkit-gtk/webkit_gtk-2.39.3.recipe | 10 +- 2 files changed, 249 insertions(+), 10 deletions(-) diff --git a/net-libs/webkit-gtk/patches/webkit_gtk-2.39.3.patchset b/net-libs/webkit-gtk/patches/webkit_gtk-2.39.3.patchset index 5fcab928f..a959f668e 100644 --- a/net-libs/webkit-gtk/patches/webkit_gtk-2.39.3.patchset +++ b/net-libs/webkit-gtk/patches/webkit_gtk-2.39.3.patchset @@ -1,4 +1,4 @@ -From 108cd7c7cf1411d4547672cb1e836a6c6e46732f Mon Sep 17 00:00:00 2001 +From 7e62f71ec95a9ed324d89c7ce1677b7bbd400e47 Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Sat, 17 Dec 2022 23:35:27 +1000 Subject: Fixe build for Haiku @@ -429,7 +429,7 @@ index d9f32f0..44556f7 100644 2.37.3 -From f707ed70f009622f84693c974618ce1a6e3884a2 Mon Sep 17 00:00:00 2001 +From f782064bc725503131f5dbc68939e0affe1acd1e Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Sat, 17 Dec 2022 23:37:24 +1000 Subject: WTF: fix build, implement platform code @@ -743,7 +743,7 @@ index e5cac15..5dabd58 100644 2.37.3 -From 01d9b43588be4ed5ae6bc45696537655ee361f05 Mon Sep 17 00:00:00 2001 +From 9e32c439102fd1a210d9ca670a4f1912a0b0b5f2 Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Sat, 17 Dec 2022 23:37:49 +1000 Subject: fix endian check @@ -769,7 +769,7 @@ index 2605e1c..afaa684 100644 2.37.3 -From 66fe015f6dd67c093db8da41dd5e260c43c84be1 Mon Sep 17 00:00:00 2001 +From 7d1d5733318f648d710ccec93f2a9ddf1e21cfa8 Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Sat, 17 Dec 2022 23:38:33 +1000 Subject: Fix build bmalloc allocator @@ -894,7 +894,7 @@ index 4315b4c..147d766 100644 2.37.3 -From 90c00073b956e188ccd3f5e2e45873c85b3a4935 Mon Sep 17 00:00:00 2001 +From cdf0ff04a1fdc1b95d07423c74bc37de9b0204f1 Mon Sep 17 00:00:00 2001 From: Gerasim Troeglazov <3dEyes@gmail.com> Date: Sat, 17 Dec 2022 23:38:56 +1000 Subject: Use __thread instead thread_local @@ -972,3 +972,242 @@ index 947baf3..cb25561 100644 -- 2.37.3 + +From f1c1e3f3f9c48692c32ad6a01e83a02413128055 Mon Sep 17 00:00:00 2001 +From: Gerasim Troeglazov <3dEyes@gmail.com> +Date: Mon, 2 Jan 2023 19:01:02 +1000 +Subject: Build with openssl 1.0 + + +diff --git a/Source/WebCore/Modules/mediastream/gstreamer/GStreamerWebRTCUtils.cpp b/Source/WebCore/Modules/mediastream/gstreamer/GStreamerWebRTCUtils.cpp +index fb4b3eb..9371e52 100644 +--- a/Source/WebCore/Modules/mediastream/gstreamer/GStreamerWebRTCUtils.cpp ++++ b/Source/WebCore/Modules/mediastream/gstreamer/GStreamerWebRTCUtils.cpp +@@ -22,13 +22,14 @@ + #if ENABLE(WEB_RTC) && USE(GSTREAMER_WEBRTC) + #include "GStreamerWebRTCUtils.h" + +-#include "OpenSSLCryptoUniquePtr.h" + #include "RTCIceCandidate.h" + #include "RTCIceProtocol.h" ++ + #include + #include + #include + #include ++#include + #include + #include + #include +@@ -292,16 +293,20 @@ std::optional parseIceCandidateSDP(const String& sdp) + + static String x509Serialize(X509* x509) + { +- auto bio = BIOPtr(BIO_new(BIO_s_mem())); ++ BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) + return { }; + +- if (!PEM_write_bio_X509(bio.get(), x509)) ++ auto scopeExit = WTF::makeScopeExit([&] { ++ BIO_free(bio); ++ }); ++ ++ if (!PEM_write_bio_X509(bio, x509)) + return { }; + + Vector buffer; + buffer.reserveCapacity(4096); +- int length = BIO_read(bio.get(), buffer.data(), 4096); ++ int length = BIO_read(bio, buffer.data(), 4096); + if (!length) + return { }; + +@@ -310,16 +315,20 @@ static String x509Serialize(X509* x509) + + static String privateKeySerialize(EVP_PKEY* privateKey) + { +- auto bio = BIOPtr(BIO_new(BIO_s_mem())); ++ BIO* bio = BIO_new(BIO_s_mem()); + if (!bio) + return { }; + +- if (!PEM_write_bio_PrivateKey(bio.get(), privateKey, nullptr, nullptr, 0, nullptr, nullptr)) ++ auto scopeExit = WTF::makeScopeExit([&] { ++ BIO_free(bio); ++ }); ++ ++ if (!PEM_write_bio_PrivateKey(bio, privateKey, nullptr, nullptr, 0, nullptr, nullptr)) + return { }; + + Vector buffer; + buffer.reserveCapacity(4096); +- int length = BIO_read(bio.get(), buffer.data(), 4096); ++ int length = BIO_read(bio, buffer.data(), 4096); + if (!length) + return { }; + +@@ -329,74 +338,66 @@ static String privateKeySerialize(EVP_PKEY* privateKey) + std::optional> generateCertificate(Ref&& origin, const PeerConnectionBackend::CertificateInformation& info) + { + ensureDebugCategoryInitialized(); +- EvpPKeyPtr privateKey; ++ EVP_PKEY* privateKey = EVP_PKEY_new(); ++ if (!privateKey) { ++ GST_WARNING("Failed to create private key"); ++ return { }; ++ } ++ ++ auto scopeExit = WTF::makeScopeExit([&] { ++ EVP_PKEY_free(privateKey); ++ }); + + switch (info.type) { + case PeerConnectionBackend::CertificateInformation::Type::ECDSAP256: { +- privateKey.reset(EVP_EC_gen("prime256v1")); +- if (!privateKey) ++ EC_KEY* ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ++ // Ensure curve name is included when EC key is serialized. ++ // Without this call, OpenSSL versions before 1.1.0 will create ++ // certificates that don't work for TLS. ++ // This is a no-op for BoringSSL and OpenSSL 1.1.0+ ++ EC_KEY_set_asn1_flag(ecKey, OPENSSL_EC_NAMED_CURVE); ++ if (!privateKey || !ecKey || !EC_KEY_generate_key(ecKey) || !EVP_PKEY_assign_EC_KEY(privateKey, ecKey)) { ++ EC_KEY_free(ecKey); + return { }; ++ } + break; + } + case PeerConnectionBackend::CertificateInformation::Type::RSASSAPKCS1v15: { +- int publicExponent = info.rsaParameters ? info.rsaParameters->publicExponent : 65537; +- auto modulusLength = info.rsaParameters ? info.rsaParameters->modulusLength : 2048; +- +- auto ctx = EvpPKeyCtxPtr(EVP_PKEY_CTX_new_from_name(nullptr, "RSA", nullptr)); +- if (!ctx) +- return { }; +- +- EVP_PKEY_keygen_init(ctx.get()); +- +- auto paramsBuilder = OsslParamBldPtr(OSSL_PARAM_BLD_new()); +- if (!paramsBuilder) +- return { }; +- +- auto exponent = BIGNUMPtr(BN_new()); +- if (!BN_set_word(exponent.get(), publicExponent)) +- return { }; +- +- auto modulus = BIGNUMPtr(BN_new()); +- if (!BN_set_word(modulus.get(), modulusLength)) +- return { }; +- +- if (!OSSL_PARAM_BLD_push_BN(paramsBuilder.get(), "n", modulus.get())) +- return { }; +- +- if (!OSSL_PARAM_BLD_push_BN(paramsBuilder.get(), "e", exponent.get())) +- return { }; +- +- if (!OSSL_PARAM_BLD_push_BN(paramsBuilder.get(), "d", nullptr)) ++ RSA* rsa = RSA_new(); ++ if (!rsa) + return { }; + +- auto params = OsslParamPtr(OSSL_PARAM_BLD_to_param(paramsBuilder.get())); +- if (!params) +- return { }; +- +- EVP_PKEY_CTX_set_params(ctx.get(), params.get()); +- +- EVP_PKEY* pkey = nullptr; +- EVP_PKEY_generate(ctx.get(), &pkey); +- if (!pkey) ++ BIGNUM* exponent = BN_new(); ++ int publicExponent = info.rsaParameters ? info.rsaParameters->publicExponent : 65537; ++ auto modulusLength = info.rsaParameters ? info.rsaParameters->modulusLength : 2048; ++ if (!BN_set_word(exponent, publicExponent) || !RSA_generate_key_ex(rsa, modulusLength, exponent, nullptr) ++ || !EVP_PKEY_assign_RSA(privateKey, rsa)) { ++ RSA_free(rsa); + return { }; +- privateKey.reset(pkey); ++ } ++ BN_free(exponent); + break; + } + } + +- auto x509 = X509Ptr(X509_new()); ++ X509* x509 = X509_new(); + if (!x509) { + GST_WARNING("Failed to create certificate"); + return { }; + } + +- X509_set_version(x509.get(), 2); ++ auto certScopeExit = WTF::makeScopeExit([&] { ++ X509_free(x509); ++ }); ++ ++ X509_set_version(x509, 2); + + // Set a random 64 bit integer as serial number. +- auto serialNumber = BIGNUMPtr(BN_new()); +- BN_rand(serialNumber.get(), 64, 0, 0); +- ASN1_INTEGER* asn1SerialNumber = X509_get_serialNumber(x509.get()); +- BN_to_ASN1_INTEGER(serialNumber.get(), asn1SerialNumber); ++ BIGNUM* serialNumber = BN_new(); ++ BN_pseudo_rand(serialNumber, 64, 0, 0); ++ ASN1_INTEGER* asn1SerialNumber = X509_get_serialNumber(x509); ++ BN_to_ASN1_INTEGER(serialNumber, asn1SerialNumber); ++ BN_free(serialNumber); + + // Set a random 8 byte base64 string as issuer/subject. + X509_NAME* name = X509_NAME_new(); +@@ -404,25 +405,25 @@ std::optional> generateCertificate(Ref&& ori + WTF::cryptographicallyRandomValues(buffer.data(), buffer.size()); + auto commonName = base64EncodeToString(buffer); + X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_ASC, (const guchar*)commonName.ascii().data(), -1, -1, 0); +- X509_set_subject_name(x509.get(), name); +- X509_set_issuer_name(x509.get(), name); ++ X509_set_subject_name(x509, name); ++ X509_set_issuer_name(x509, name); + X509_NAME_free(name); + + // Fallback to 30 days, max out at one year. + uint64_t expires = info.expires.value_or(2592000); + expires = std::min(expires, 31536000000); +- X509_gmtime_adj(X509_getm_notBefore(x509.get()), 0); +- X509_gmtime_adj(X509_getm_notAfter(x509.get()), expires); +- X509_set_pubkey(x509.get(), privateKey.get()); ++ X509_gmtime_adj(X509_getm_notBefore(x509), 0); ++ X509_gmtime_adj(X509_getm_notAfter(x509), expires); ++ X509_set_pubkey(x509, privateKey); + +- if (!X509_sign(x509.get(), privateKey.get(), EVP_sha256())) { ++ if (!X509_sign(x509, privateKey, EVP_sha256())) { + GST_WARNING("Failed to sign certificate"); + return { }; + } + +- auto pem = x509Serialize(x509.get()); ++ auto pem = x509Serialize(x509); + GST_DEBUG("Generated certificate PEM: %s", pem.ascii().data()); +- auto serializedPrivateKey = privateKeySerialize(privateKey.get()); ++ auto serializedPrivateKey = privateKeySerialize(privateKey); + Vector fingerprints; + // FIXME: Fill fingerprints. + auto expirationTime = WTF::WallTime::now().secondsSinceEpoch() + WTF::Seconds(expires); +diff --git a/Source/cmake/GStreamerChecks.cmake b/Source/cmake/GStreamerChecks.cmake +index ba8423e..f8e72e1 100644 +--- a/Source/cmake/GStreamerChecks.cmake ++++ b/Source/cmake/GStreamerChecks.cmake +@@ -73,7 +73,7 @@ if (ENABLE_MEDIA_STREAM AND ENABLE_WEB_RTC) + SET_AND_EXPOSE_TO_BUILD(USE_LIBWEBRTC FALSE) + + find_package(OpenSSL) +- if (NOT OPENSSL_FOUND OR OPENSSL_VERSION VERSION_LESS "3.0.0") ++ if (NOT OPENSSL_FOUND OR OPENSSL_VERSION VERSION_LESS "1.0.0") + message(FATAL_ERROR "OpenSSL 3 is needed for USE_GSTREAMER_WEBRTC.") + endif () + else () +-- +2.37.3 + diff --git a/net-libs/webkit-gtk/webkit_gtk-2.39.3.recipe b/net-libs/webkit-gtk/webkit_gtk-2.39.3.recipe index a7c670e59..28cb2cf95 100644 --- a/net-libs/webkit-gtk/webkit_gtk-2.39.3.recipe +++ b/net-libs/webkit-gtk/webkit_gtk-2.39.3.recipe @@ -12,7 +12,7 @@ COPYRIGHT="2009‒2022 The WebKitGTK Team" LICENSE="GNU LGPL v2 BSD (2-clause) " -REVISION="2" +REVISION="3" SOURCE_URI="https://www.webkitgtk.org/releases/webkitgtk-$portVersion.tar.xz" CHECKSUM_SHA256="6b783704f16f35e72cd6eeb546eaf6d5221ca70e70639f3906def2e9a473bf9b" SOURCE_DIR="webkitgtk-$portVersion" @@ -211,7 +211,7 @@ BUILD() -DENABLE_API_TESTS=OFF \ -DENABLE_BUBBLEWRAP_SANDBOX=OFF \ -DENABLE_DOCUMENTATION=OFF \ - -DENABLE_EXPERIMENTAL_FEATURES=ON \ + -DENABLE_EXPERIMENTAL_FEATURES=OFF \ -DENABLE_FTPDIR=ON \ -DENABLE_GAMEPAD=OFF \ -DENABLE_GEOLOCATION=ON \ @@ -219,8 +219,8 @@ BUILD() -DENABLE_GTKDOC=OFF \ -DENABLE_INTROSPECTION=ON \ -DENABLE_JOURNALD_LOG=OFF \ - -DENABLE_MEDIA_STREAM=OFF \ - -DENABLE_MEDIA_RECORDER=OFF \ + -DENABLE_MEDIA_STREAM=ON \ + -DENABLE_MEDIA_RECORDER=ON \ -DENABLE_MEDIA_SOURCE=ON \ -DENABLE_MINIBROWSER=ON \ -DENABLE_QUARTZ_TARGET=OFF \ @@ -242,7 +242,7 @@ BUILD() -DUSE_AVIF=ON \ -DUSE_GBM=OFF \ -DUSE_GSTREAMER_GL=OFF \ - -DUSE_GSTREAMER_WEBRTC=OFF \ + -DUSE_GSTREAMER_WEBRTC=ON \ -DUSE_GSTREAMER_TRANSCODER=OFF \ -DUSE_GTK4=OFF \ -DUSE_JPEGXL=ON \