From 62672f3756ecf218252098211d78c13369ab6d28 Mon Sep 17 00:00:00 2001
From: Nicholas Guriev <nicholas@guriev.su>
Date: Thu, 4 May 2023 16:21:09 +0300
Subject: [PATCH] Unbundle libSRTP

Avoid private symbols and link against system-wide libSRTP. The excluded code
in SrtpSession looks unreachable from the call integration in Telegram Desktop.
---
 CMakeLists.txt          |  3 +++
 cmake/libsrtp.cmake     | 13 +++++++++++++
 src/pc/external_hmac.cc |  1 -
 src/pc/external_hmac.h  |  9 ++++++---
 src/pc/srtp_session.cc  | 16 ++++++++++++++--
 5 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index af7d24c21..66bec8fdf 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2647,6 +2647,9 @@ if (TG_OWT_USE_PROTOBUF)
     list(APPEND export_targets proto)
 endif()
 
+if (LIBSRTP_FOUND)
+    target_compile_definitions(tg_owt PRIVATE HAVE_LIBSRTP)
+endif()
 if (NOT absl_FOUND)
     list(APPEND export_targets libabsl)
 endif()
diff --git a/cmake/libsrtp.cmake b/cmake/libsrtp.cmake
index 5124312d2..01f051606 100644
--- a/cmake/libsrtp.cmake
+++ b/cmake/libsrtp.cmake
@@ -1,3 +1,16 @@
+find_package(PkgConfig REQUIRED)
+pkg_check_modules(LIBSRTP libsrtp2)
+
+if (LIBSRTP_FOUND)
+    add_library(libsrtp INTERFACE EXCLUDE_FROM_ALL)
+    add_library(tg_owt::libsrtp ALIAS libsrtp)
+
+    target_include_directories(libsrtp INTERFACE ${LIBSRTP_INCLUDE_DIRS} ${LIBSRTP_CFLAGS_OTHER})
+    target_link_libraries(libsrtp INTERFACE ${LIBSRTP_LINK_LIBRARIES} ${LIBSRTP_LDFLAGS_OTHER})
+
+    return()
+endif()
+
 add_library(libsrtp OBJECT EXCLUDE_FROM_ALL)
 init_target(libsrtp)
 add_library(tg_owt::libsrtp ALIAS libsrtp)
diff --git a/src/pc/external_hmac.cc b/src/pc/external_hmac.cc
index 27b5d0e5a..222f5d9ae 100644
--- a/src/pc/external_hmac.cc
+++ b/src/pc/external_hmac.cc
@@ -15,7 +15,6 @@
 
 #include "rtc_base/logging.h"
 #include "rtc_base/zero_memory.h"
-#include "third_party/libsrtp/include/srtp.h"
 
 // Begin test case 0 */
 static const uint8_t kExternalHmacTestCase0Key[20] = {
diff --git a/src/pc/external_hmac.h b/src/pc/external_hmac.h
index c5071fc19..8fdc2f1a7 100644
--- a/src/pc/external_hmac.h
+++ b/src/pc/external_hmac.h
@@ -30,9 +30,12 @@
 
 #include <stdint.h>
 
-#include "third_party/libsrtp/crypto/include/crypto_types.h"
-#include "third_party/libsrtp/include/srtp.h"
-#include "third_party/libsrtp/include/srtp_priv.h"
+#ifdef HAVE_LIBSRTP
+# include <srtp2/auth.h>
+# include <srtp2/srtp.h>
+#else
+# include "srtp_priv.h"
+#endif
 
 #define EXTERNAL_HMAC_SHA1 SRTP_HMAC_SHA1 + 1
 #define HMAC_KEY_LENGTH 20
diff --git a/src/pc/srtp_session.cc b/src/pc/srtp_session.cc
index 7d1aaf2d6..7b5a789b0 100644
--- a/src/pc/srtp_session.cc
+++ b/src/pc/srtp_session.cc
@@ -30,8 +30,12 @@
 #include "rtc_base/thread_annotations.h"
 #include "rtc_base/time_utils.h"
 #include "system_wrappers/include/metrics.h"
-#include "third_party/libsrtp/include/srtp.h"
-#include "third_party/libsrtp/include/srtp_priv.h"
+
+#ifdef HAVE_LIBSRTP
+# include <srtp2/srtp.h>
+#else
+# include "srtp_priv.h"
+#endif
 
 namespace cricket {
 
@@ -290,6 +294,9 @@ bool SrtpSession::UnprotectRtcp(void* p, int in_len, int* out_len) {
 bool SrtpSession::GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len) {
   RTC_DCHECK(thread_checker_.IsCurrent());
   RTC_DCHECK(IsExternalAuthActive());
+#ifdef HAVE_LIBSRTP
+  return false;
+#else
   if (!IsExternalAuthActive()) {
     return false;
   }
@@ -313,6 +320,7 @@ bool SrtpSession::GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len) {
   *key_len = external_hmac->key_length;
   *tag_len = rtp_auth_tag_len_;
   return true;
+#endif
 }
 
 int SrtpSession::GetSrtpOverhead() const {
@@ -336,6 +344,9 @@ bool SrtpSession::GetSendStreamPacketIndex(void* p,
                                            int in_len,
                                            int64_t* index) {
   RTC_DCHECK(thread_checker_.IsCurrent());
+#ifdef HAVE_LIBSRTP
+  return false;
+#else
   srtp_hdr_t* hdr = reinterpret_cast<srtp_hdr_t*>(p);
   srtp_stream_ctx_t* stream = srtp_get_stream(session_, hdr->ssrc);
   if (!stream) {
@@ -346,6 +357,7 @@ bool SrtpSession::GetSendStreamPacketIndex(void* p,
   *index = static_cast<int64_t>(rtc::NetworkToHost64(
       srtp_rdbx_get_packet_index(&stream->rtp_rdbx) << 16));
   return true;
+#endif
 }
 
 bool SrtpSession::DoSetKey(int type,