diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /net-libs/libsrtp/files | |
reinit the tree, so we can have metadata
Diffstat (limited to 'net-libs/libsrtp/files')
8 files changed, 232 insertions, 0 deletions
diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch b/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch new file mode 100644 index 000000000000..90a8f019fd43 --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch @@ -0,0 +1,11 @@ +--- srtp/crypto/replay/rdb.c.orig 2012-03-20 14:52:32.890017830 +0100 ++++ srtp/crypto/replay/rdb.c 2012-03-20 14:56:31.670017835 +0100 +@@ -115,7 +115,7 @@ + + /* shift the window forward by delta bits*/ + v128_left_shift(&rdb->bitmask, delta); +- v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-delta); ++ v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-1); + rdb->window_start += delta; + + } diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch b/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch new file mode 100644 index 000000000000..43b8843603c1 --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch @@ -0,0 +1,52 @@ +--- srtp/Makefile.in ++++ srtp/Makefile.in +@@ -65,11 +65,11 @@ + + + # implicit rules for object files and test apps + + %.o: %.c +- $(COMPILE) -c $< -o $@ ++ $(COMPILE) -fPIC -c $< -o $@ + + %$(EXE): %.c + $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS) + + +@@ -103,10 +103,16 @@ + + libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi) + ar cr libsrtp.a $^ + $(RANLIB) libsrtp.a + ++libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi) ++ $(CC) $(LDFLAGS) -shared -Wl,-soname,libsrtp.so.1 -o libsrtp.so.1.0 $^ ++ ++libsrtp.dylib: $(srtpobj) $(cryptobj) $(gdoi) ++ $(CC) $(LDFLAGS) -dynamiclib -install_name $(libdir)/libsrtp.1.dylib -o libsrtp.1.0.dylib $^ ++ + # libcryptomath.a contains general-purpose routines that are used to + # generate tables and verify cryptoalgorithm implementations - this + # library is not meant to be included in production code + + cryptomath = crypto/math/math.o crypto/math/gf2_8.o +@@ -195,10 +198,20 @@ + $(INSTALL) -d $(DESTDIR)$(includedir)/srtp + $(INSTALL) -d $(DESTDIR)$(libdir) + cp include/*.h $(DESTDIR)$(includedir)/srtp + cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp + if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi ++ if [ -f libsrtp.so.1.0 ]; then \ ++ cp libsrtp.so.1.0 $(DESTDIR)$(libdir)/; \ ++ ln -s libsrtp.so.1.0 $(DESTDIR)$(libdir)/libsrtp.so.1; \ ++ ln -s libsrtp.so.1.0 $(DESTDIR)$(libdir)/libsrtp.so; \ ++ fi ++ if [ -f libsrtp.1.0.dylib ]; then \ ++ cp libsrtp.1.0.dylib $(DESTDIR)$(libdir)/; \ ++ ln -s libsrtp.1.0.dylib $(DESTDIR)$(libdir)/libsrtp.1.dylib; \ ++ ln -s libsrtp.1.0.dylib $(DESTDIR)$(libdir)/libsrtp.dylib; \ ++ fi + + uninstall: + rm -rf $(DESTDIR)$(includedir)/srtp + rm -rf $(DESTDIR)$(libdir)/libsrtp.a diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch b/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch new file mode 100644 index 000000000000..4e70a0ddd34e --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch @@ -0,0 +1,55 @@ +Description: Hack build routines to compile shared library +Author: loki_val and solar +Origin: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch +Last-Update: 2010-03-19 +--- a/Makefile.in ++++ b/Makefile.in +@@ -15,7 +15,7 @@ + + .PHONY: all test build_table_apps + +-all: test ++all: libsrtp.so test + + runtest: build_table_apps test + @echo "running libsrtp test applications..." +@@ -67,7 +67,7 @@ + # implicit rules for object files and test apps + + %.o: %.c +- $(COMPILE) -c $< -o $@ ++ $(COMPILE) -fPIC -c $< -o $@ + + %$(EXE): %.c + $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS) +@@ -105,6 +105,9 @@ + ar cr libsrtp.a $^ + $(RANLIB) libsrtp.a + ++libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi) ++ $(CC) $(LDFLAGS) -shared -Wl,-soname,libsrtp.so.0 -o libsrtp.so.0.0 $^ ++ + # libcryptomath.a contains general-purpose routines that are used to + # generate tables and verify cryptoalgorithm implementations - this + # library is not meant to be included in production code +@@ -198,6 +201,11 @@ + cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp + if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi + if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi ++ if [ -f libsrtp.so.0.0 ]; then \ ++ cp libsrtp.so.0.0 $(DESTDIR)$(libdir)/; \ ++ ln -s libsrtp.so.0.0 $(DESTDIR)$(libdir)/libsrtp.so.0; \ ++ ln -s libsrtp.so.0.0 $(DESTDIR)$(libdir)/libsrtp.so; \ ++ fi + + uninstall: + rm -f $(DESTDIR)$(includedir)/srtp/*.h +@@ -206,7 +214,7 @@ + + clean: + rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \ +- libcryptomath.a libsrtp.a core *.core test/core ++ libcryptomath.a libsrtp.a libsrtp.so.0.0 core *.core test/core + for a in * */* */*/*; do \ + if [ -f "$$a~" ] ; then rm -f $$a~; fi; \ + done; diff --git a/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch b/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch new file mode 100644 index 000000000000..2c71faf48ba9 --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch @@ -0,0 +1,19 @@ +diff --git a/Makefile.in b/Makefile.in +index 1a40de2..02f090c 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -252,13 +252,13 @@ libsrtpdoc: + install: + $(INSTALL) -d $(DESTDIR)$(includedir)/srtp + $(INSTALL) -d $(DESTDIR)$(libdir) +- $(INSTALL) -d $(DESTDIR)$(bindir) + cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp + cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp + if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi + if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi + if [ -f libsrtp.dll.a ]; then cp libsrtp.dll.a $(DESTDIR)$(libdir)/; fi + if [ -f libsrtp.$(SHAREDLIBSUFFIX) ]; then \ ++ $(INSTALL) -d $(DESTDIR)$(SHAREDLIB_DIR); \ + cp libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \ + ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBSUFFIXNOVER); \ + fi diff --git a/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch b/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch new file mode 100644 index 000000000000..f3f1f0e5c1ae --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile.in b/Makefile.in +index 002d25d..1a40de2 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -260,7 +260,7 @@ install: + if [ -f libsrtp.dll.a ]; then cp libsrtp.dll.a $(DESTDIR)$(libdir)/; fi + if [ -f libsrtp.$(SHAREDLIBSUFFIX) ]; then \ + cp libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \ +- cp libsrtp.$(SHAREDLIBSUFFIXNOVER) $(DESTDIR)$(SHAREDLIB_DIR)/; \ ++ ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBSUFFIXNOVER); \ + fi + if [ "$(pkgconfig_DATA)" != "" ]; then \ + $(INSTALL) -d $(DESTDIR)$(pkgconfigdir); \ diff --git a/net-libs/libsrtp/files/libsrtp-2.1.0-pcap-automagic-r0.patch b/net-libs/libsrtp/files/libsrtp-2.1.0-pcap-automagic-r0.patch new file mode 100644 index 000000000000..b29fa1ba4f95 --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-2.1.0-pcap-automagic-r0.patch @@ -0,0 +1,17 @@ +diff -uNr libsrtp-2.1.0.ORIG/configure.in libsrtp-2.1.0/configure.in +--- libsrtp-2.1.0.ORIG/configure.in 2017-09-18 23:53:18.241631991 +0100 ++++ libsrtp-2.1.0/configure.in 2017-09-18 23:55:30.077635461 +0100 +@@ -272,10 +272,13 @@ + AC_SUBST([HMAC_OBJS]) + + dnl Checking for PCAP ++AC_ARG_ENABLE([pcap], AS_HELP_STRING([--disable-pcap], [Build without `pcap' library (-lpcap)])) ++AS_IF([test "x$enable_pcap" != "xno"], [ + AC_CHECK_LIB([pcap], [pcap_create], + [LIBS="-lpcap $LIBS" + AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap)]) + AC_SUBST([HAVE_PCAP], [1])]) ++]) + + AC_MSG_CHECKING([whether to redirect logging to stdout]) + AC_ARG_ENABLE([log-stdout], diff --git a/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff new file mode 100644 index 000000000000..dcafe177638b --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff @@ -0,0 +1,46 @@ +diff --git a/srtp/srtp.c b/srtp/srtp.c +index 839c1ee..7fd19e6 100644 +--- a/srtp/srtp.c ++++ b/srtp/srtp.c +@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + switch(profile) { + case srtp_profile_aes128_cm_sha1_80: + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); +- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: + crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); +- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_null_sha1_80: + crypto_policy_set_null_cipher_hmac_sha1_80(policy); +- crypto_policy_set_null_cipher_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_80: + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); +- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_32: + crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); +- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + /* the following profiles are not (yet) supported */ + case srtp_profile_null_sha1_32: +@@ -2100,6 +2095,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: ++ /* We do not honor the 32-bit auth tag request since ++ * this is not compliant with RFC 3711 */ + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_null_sha1_80: +@@ -2109,6 +2106,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_32: ++ /* We do not honor the 32-bit auth tag request since ++ * this is not compliant with RFC 3711 */ + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + /* the following profiles are not (yet) supported */ diff --git a/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch b/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch new file mode 100644 index 000000000000..12c677e2e5aa --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch @@ -0,0 +1,19 @@ +--- a/configure.in 2015-03-25 15:37:31.953386365 +0000 ++++ b/configure.in 2015-03-25 15:39:49.192183689 +0000 +@@ -182,6 +182,8 @@ + AC_SUBST(HMAC_OBJS) + + dnl Checking for PCAP ++AC_ARG_ENABLE([pcap], AS_HELP_STRING([--disable-pcap], [Build without `pcap' library (-lpcap)])) ++AS_IF([test "x$enable_pcap" != "xno"], [ + AC_CHECK_LIB([pcap],[pcap_create], + [PCAP=1 + LIBS="-lpcap $LIBS" +@@ -189,6 +191,7 @@ + AC_DEFINE(HAVE_PCAP, 1, [Define to 1 if you have the `pcap' library (-lpcap)]) + AC_SUBST(HAVE_PCAP) + ]) ++]) + + AC_MSG_CHECKING(whether to use syslog for error reporting) + AC_ARG_ENABLE(syslog, |