[arch-commits] Commit in libsrtp/repos (6 files)
Eric Bélanger
eric at nymeria.archlinux.org
Thu Feb 6 23:19:34 UTC 2014
Date: Friday, February 7, 2014 @ 00:19:34
Author: eric
Revision: 205552
archrelease: copy trunk to extra-i686, extra-x86_64
Added:
libsrtp/repos/extra-i686/7713d5706524f9f1ee94fd6b55125357e63656d5.patch
(from rev 205551, libsrtp/trunk/7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
libsrtp/repos/extra-i686/PKGBUILD
(from rev 205551, libsrtp/trunk/PKGBUILD)
libsrtp/repos/extra-x86_64/7713d5706524f9f1ee94fd6b55125357e63656d5.patch
(from rev 205551, libsrtp/trunk/7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
libsrtp/repos/extra-x86_64/PKGBUILD
(from rev 205551, libsrtp/trunk/PKGBUILD)
Deleted:
libsrtp/repos/extra-i686/PKGBUILD
libsrtp/repos/extra-x86_64/PKGBUILD
-------------------------------------------------------------+
/PKGBUILD | 84 +++++++
extra-i686/7713d5706524f9f1ee94fd6b55125357e63656d5.patch | 116 ++++++++++
extra-i686/PKGBUILD | 36 ---
extra-x86_64/7713d5706524f9f1ee94fd6b55125357e63656d5.patch | 116 ++++++++++
extra-x86_64/PKGBUILD | 36 ---
5 files changed, 316 insertions(+), 72 deletions(-)
Copied: libsrtp/repos/extra-i686/7713d5706524f9f1ee94fd6b55125357e63656d5.patch (from rev 205551, libsrtp/trunk/7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
===================================================================
--- extra-i686/7713d5706524f9f1ee94fd6b55125357e63656d5.patch (rev 0)
+++ extra-i686/7713d5706524f9f1ee94fd6b55125357e63656d5.patch 2014-02-06 23:19:34 UTC (rev 205552)
@@ -0,0 +1,116 @@
+From 8884f4d8eb4ca7122dfcbd640b933b98ef4bab80 Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 12:36:07 -0400
+Subject: [PATCH 1/3] Remove double-invocations to prevent buffer-overflow
+ vulnerability.
+
+---
+ srtp/srtp.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 839c1ee..41e263c 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_80:
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
+
+From 8e47faf0f5b90672c7ebf2f0cf0562ee81a8b621 Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 13:36:33 -0400
+Subject: [PATCH 2/3] Fix 32-bit tag policies to use correct profile.
+
+---
+ srtp/srtp.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 41e263c..95c1ab4 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2095,7 +2095,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+@@ -2104,7 +2104,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
+
+From 0acbb039c12b790621839facf56bfedbd071b74d Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 16:47:02 -0400
+Subject: [PATCH 3/3] Undo the changes to the RTCP profile helper function.
+ The prior commit was not compliant with RFC 3711.
+
+---
+ srtp/srtp.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 95c1ab4..7fd19e6 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2095,7 +2095,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+@@ -2104,7 +2106,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
++ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
Deleted: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD 2014-02-06 23:18:56 UTC (rev 205551)
+++ extra-i686/PKGBUILD 2014-02-06 23:19:34 UTC (rev 205552)
@@ -1,36 +0,0 @@
-# $Id$
-# Maintainer:
-# Contributor: Sergej Pupykin <pupykin.s+arch at gmail.com>
-# Contributor: Yejun Yang <yejunx AT gmail DOT com>
-# Contributor: Michal Krenek <mikos at sg1.cz>
-
-pkgname=libsrtp
-pkgver=15.1c9bd90
-pkgrel=2
-pkgdesc="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
-url="http://srtp.sourceforge.net/srtp.html"
-arch=('i686' 'x86_64')
-license=('BSD')
-depends=('glibc')
-makedepends=('git')
-source=("git://git.linphone.org/srtp.git#commit=1c9bd90")
-md5sums=('SKIP')
-
-pkgver() {
- cd srtp
- echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD)
-}
-
-build() {
- cd srtp
- autoconf
- ./configure --prefix=/usr
- make
-}
-
-package() {
- cd srtp
- make DESTDIR="${pkgdir}" install
-
- install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
-}
Copied: libsrtp/repos/extra-i686/PKGBUILD (from rev 205551, libsrtp/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2014-02-06 23:19:34 UTC (rev 205552)
@@ -0,0 +1,42 @@
+# $Id$
+# Maintainer:
+# Contributor: Sergej Pupykin <pupykin.s+arch at gmail.com>
+# Contributor: Yejun Yang <yejunx AT gmail DOT com>
+# Contributor: Michal Krenek <mikos at sg1.cz>
+
+pkgname=libsrtp
+pkgver=15.1c9bd90
+pkgrel=3
+pkgdesc="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+url="http://srtp.sourceforge.net/srtp.html"
+arch=('i686' 'x86_64')
+license=('BSD')
+depends=('glibc')
+makedepends=('git')
+source=("git://git.linphone.org/srtp.git#commit=1c9bd90" 7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
+md5sums=('SKIP'
+ '33b3ba860560a4d9dee244caf73eceef')
+
+pkgver() {
+ cd srtp
+ echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD)
+}
+
+prepare() {
+ cd srtp
+ patch -p1 -i ../7713d5706524f9f1ee94fd6b55125357e63656d5.patch
+}
+
+build() {
+ cd srtp
+ autoconf
+ ./configure --prefix=/usr
+ make
+}
+
+package() {
+ cd srtp
+ make DESTDIR="${pkgdir}" install
+
+ install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
+}
Copied: libsrtp/repos/extra-x86_64/7713d5706524f9f1ee94fd6b55125357e63656d5.patch (from rev 205551, libsrtp/trunk/7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
===================================================================
--- extra-x86_64/7713d5706524f9f1ee94fd6b55125357e63656d5.patch (rev 0)
+++ extra-x86_64/7713d5706524f9f1ee94fd6b55125357e63656d5.patch 2014-02-06 23:19:34 UTC (rev 205552)
@@ -0,0 +1,116 @@
+From 8884f4d8eb4ca7122dfcbd640b933b98ef4bab80 Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 12:36:07 -0400
+Subject: [PATCH 1/3] Remove double-invocations to prevent buffer-overflow
+ vulnerability.
+
+---
+ srtp/srtp.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 839c1ee..41e263c 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_80:
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
+
+From 8e47faf0f5b90672c7ebf2f0cf0562ee81a8b621 Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 13:36:33 -0400
+Subject: [PATCH 2/3] Fix 32-bit tag policies to use correct profile.
+
+---
+ srtp/srtp.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 41e263c..95c1ab4 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2095,7 +2095,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+@@ -2104,7 +2104,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
+
+From 0acbb039c12b790621839facf56bfedbd071b74d Mon Sep 17 00:00:00 2001
+From: jfigus <jfig_us at yahoo.com>
+Date: Thu, 30 May 2013 16:47:02 -0400
+Subject: [PATCH 3/3] Undo the changes to the RTCP profile helper function.
+ The prior commit was not compliant with RFC 3711.
+
+---
+ srtp/srtp.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 95c1ab4..7fd19e6 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2095,7 +2095,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+@@ -2104,7 +2106,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
++ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+--
+1.8.5.1
+
Deleted: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2014-02-06 23:18:56 UTC (rev 205551)
+++ extra-x86_64/PKGBUILD 2014-02-06 23:19:34 UTC (rev 205552)
@@ -1,36 +0,0 @@
-# $Id$
-# Maintainer:
-# Contributor: Sergej Pupykin <pupykin.s+arch at gmail.com>
-# Contributor: Yejun Yang <yejunx AT gmail DOT com>
-# Contributor: Michal Krenek <mikos at sg1.cz>
-
-pkgname=libsrtp
-pkgver=15.1c9bd90
-pkgrel=2
-pkgdesc="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
-url="http://srtp.sourceforge.net/srtp.html"
-arch=('i686' 'x86_64')
-license=('BSD')
-depends=('glibc')
-makedepends=('git')
-source=("git://git.linphone.org/srtp.git#commit=1c9bd90")
-md5sums=('SKIP')
-
-pkgver() {
- cd srtp
- echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD)
-}
-
-build() {
- cd srtp
- autoconf
- ./configure --prefix=/usr
- make
-}
-
-package() {
- cd srtp
- make DESTDIR="${pkgdir}" install
-
- install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
-}
Copied: libsrtp/repos/extra-x86_64/PKGBUILD (from rev 205551, libsrtp/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD (rev 0)
+++ extra-x86_64/PKGBUILD 2014-02-06 23:19:34 UTC (rev 205552)
@@ -0,0 +1,42 @@
+# $Id$
+# Maintainer:
+# Contributor: Sergej Pupykin <pupykin.s+arch at gmail.com>
+# Contributor: Yejun Yang <yejunx AT gmail DOT com>
+# Contributor: Michal Krenek <mikos at sg1.cz>
+
+pkgname=libsrtp
+pkgver=15.1c9bd90
+pkgrel=3
+pkgdesc="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+url="http://srtp.sourceforge.net/srtp.html"
+arch=('i686' 'x86_64')
+license=('BSD')
+depends=('glibc')
+makedepends=('git')
+source=("git://git.linphone.org/srtp.git#commit=1c9bd90" 7713d5706524f9f1ee94fd6b55125357e63656d5.patch)
+md5sums=('SKIP'
+ '33b3ba860560a4d9dee244caf73eceef')
+
+pkgver() {
+ cd srtp
+ echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD)
+}
+
+prepare() {
+ cd srtp
+ patch -p1 -i ../7713d5706524f9f1ee94fd6b55125357e63656d5.patch
+}
+
+build() {
+ cd srtp
+ autoconf
+ ./configure --prefix=/usr
+ make
+}
+
+package() {
+ cd srtp
+ make DESTDIR="${pkgdir}" install
+
+ install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
+}
More information about the arch-commits
mailing list