Date: Tuesday, February 23, 2016 @ 13:20:33 Author: heftig Revision: 260182
1.5.4 (2.0.0 is API-incompatible) Modified: libsrtp/trunk/PKGBUILD Deleted: libsrtp/trunk/7713d5706524f9f1ee94fd6b55125357e63656d5.patch ------------------------------------------------+ 7713d5706524f9f1ee94fd6b55125357e63656d5.patch | 116 ----------------------- PKGBUILD | 43 +++----- 2 files changed, 18 insertions(+), 141 deletions(-) Deleted: 7713d5706524f9f1ee94fd6b55125357e63656d5.patch =================================================================== --- 7713d5706524f9f1ee94fd6b55125357e63656d5.patch 2016-02-23 12:20:02 UTC (rev 260181) +++ 7713d5706524f9f1ee94fd6b55125357e63656d5.patch 2016-02-23 12:20:33 UTC (rev 260182) @@ -1,116 +0,0 @@ -From 8884f4d8eb4ca7122dfcbd640b933b98ef4bab80 Mon Sep 17 00:00:00 2001 -From: jfigus <[email protected]> -Date: Thu, 30 May 2013 12:36:07 -0400 -Subject: [PATCH 1/3] Remove double-invocations to prevent buffer-overflow - vulnerability. - ---- - srtp/srtp.c | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/srtp/srtp.c b/srtp/srtp.c -index 839c1ee..41e263c 100644 ---- a/srtp/srtp.c -+++ b/srtp/srtp.c -@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) - switch(profile) { - case srtp_profile_aes128_cm_sha1_80: - crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); -- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_aes128_cm_sha1_32: - crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); -- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_null_sha1_80: - crypto_policy_set_null_cipher_hmac_sha1_80(policy); -- crypto_policy_set_null_cipher_hmac_sha1_80(policy); - break; - case srtp_profile_aes256_cm_sha1_80: - crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); -- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); - break; - case srtp_profile_aes256_cm_sha1_32: - crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); -- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); - break; - /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: --- -1.8.5.1 - - -From 8e47faf0f5b90672c7ebf2f0cf0562ee81a8b621 Mon Sep 17 00:00:00 2001 -From: jfigus <[email protected]> -Date: Thu, 30 May 2013 13:36:33 -0400 -Subject: [PATCH 2/3] Fix 32-bit tag policies to use correct profile. - ---- - srtp/srtp.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/srtp/srtp.c b/srtp/srtp.c -index 41e263c..95c1ab4 100644 ---- a/srtp/srtp.c -+++ b/srtp/srtp.c -@@ -2095,7 +2095,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) - crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_aes128_cm_sha1_32: -- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); -+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); - break; - case srtp_profile_null_sha1_80: - crypto_policy_set_null_cipher_hmac_sha1_80(policy); -@@ -2104,7 +2104,7 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) - crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); - break; - case srtp_profile_aes256_cm_sha1_32: -- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); -+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); - break; - /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: --- -1.8.5.1 - - -From 0acbb039c12b790621839facf56bfedbd071b74d Mon Sep 17 00:00:00 2001 -From: jfigus <[email protected]> -Date: Thu, 30 May 2013 16:47:02 -0400 -Subject: [PATCH 3/3] Undo the changes to the RTCP profile helper function. - The prior commit was not compliant with RFC 3711. - ---- - srtp/srtp.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/srtp/srtp.c b/srtp/srtp.c -index 95c1ab4..7fd19e6 100644 ---- a/srtp/srtp.c -+++ b/srtp/srtp.c -@@ -2095,7 +2095,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) - crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_aes128_cm_sha1_32: -- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); -+ /* We do not honor the 32-bit auth tag request since -+ * this is not compliant with RFC 3711 */ -+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_null_sha1_80: - crypto_policy_set_null_cipher_hmac_sha1_80(policy); -@@ -2104,7 +2106,9 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) - crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); - break; - case srtp_profile_aes256_cm_sha1_32: -- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); -+ /* We do not honor the 32-bit auth tag request since -+ * this is not compliant with RFC 3711 */ -+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); - break; - /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: --- -1.8.5.1 - Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-02-23 12:20:02 UTC (rev 260181) +++ PKGBUILD 2016-02-23 12:20:33 UTC (rev 260182) @@ -1,42 +1,35 @@ # $Id$ -# Maintainer: +# Maintainer: Jan Alexander Steffens (heftig) <[email protected]> # Contributor: Sergej Pupykin <[email protected]> # Contributor: Yejun Yang <yejunx AT gmail DOT com> # Contributor: Michal Krenek <[email protected]> pkgname=libsrtp -pkgver=15.1c9bd90 -pkgrel=3 -pkgdesc="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)" -url="http://srtp.sourceforge.net/srtp.html"; -arch=('i686' 'x86_64') -license=('BSD') -depends=('glibc') -makedepends=('git') -source=("git://git.linphone.org/srtp.git#commit=1c9bd90" 7713d5706524f9f1ee94fd6b55125357e63656d5.patch) -md5sums=('SKIP' - '33b3ba860560a4d9dee244caf73eceef') +pkgver=1.5.4 +pkgrel=1 +epoch=1 +pkgdesc="Library for SRTP (Secure Realtime Transport Protocol)" +url="https://github.com/cisco/libsrtp"; +arch=(i686 x86_64) +license=(BSD) +depends=(glibc) +options=(staticlibs) +source=("$pkgname-$pkgver.tar.gz::$url/archive/v$pkgver.tar.gz") +sha256sums=('56a7b521c25134f48faff26b0b1e3d4378a14986a2d3d7bc6fefb48987304ff0') -pkgver() { - cd srtp - echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD) -} - prepare() { - cd srtp - patch -p1 -i ../7713d5706524f9f1ee94fd6b55125357e63656d5.patch + cd $pkgname-$pkgver + autoreconf -fvi } build() { - cd srtp - autoconf + cd $pkgname-$pkgver ./configure --prefix=/usr - make + make libsrtp.a shared_library } package() { - cd srtp - make DESTDIR="${pkgdir}" install - + cd $pkgname-$pkgver + make DESTDIR="$pkgdir" install install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE }
