While trying to enable srtp's OpenSSL support, I ran into a build error and noticed that the patch for bug #764778 hand not been fully cherry-picked from upstream, there were 3 remaining references to sha1_ctx_t which were left unpatched.
I am attaching both the fixed 020141104~c270245.patch and the delta against the current version of the patch. Cheers, Jeremy
diff --git a/debian/patches/020141104~c270245.patch b/debian/patches/020141104~c270245.patch index 777c8d2..1fddf50 100644 --- a/debian/patches/020141104~c270245.patch +++ b/debian/patches/020141104~c270245.patch @@ -3,7 +3,7 @@ Origin: upstream, https://github.com/cisco/libsrtp/commit/c270245 Author: jfigus <[email protected]> Forwarded: yes Bug-Debian: http://bugs.debian.org/764778 -Last-Update: 2015-06-02 +Last-Update: 2015-07-29 --- a/crypto/hash/hmac.c +++ b/crypto/hash/hmac.c @@ -266,20 +266,20 @@ Last-Update: 2015-06-02 */ -static inline void sha1_init (sha1_ctx_t *ctx) -+static inline void srtp_sha1_init (sha1_ctx_t *ctx) ++static inline void srtp_sha1_init (srtp_sha1_ctx_t *ctx) { EVP_MD_CTX_init(ctx); EVP_DigestInit(ctx, EVP_sha1()); } -static inline void sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) -+static inline void srtp_sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) ++static inline void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) { EVP_DigestUpdate(ctx, M, octets_in_msg); } -static inline void sha1_final (sha1_ctx_t *ctx, uint32_t *output) -+static inline void srtp_sha1_final (sha1_ctx_t *ctx, uint32_t *output) ++static inline void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) { unsigned int len = 0;
Description: Rename SHA1 functions to avoid conflicts with downstream packages. Origin: upstream, https://github.com/cisco/libsrtp/commit/c270245 Author: jfigus <[email protected]> Forwarded: yes Bug-Debian: http://bugs.debian.org/764778 Last-Update: 2015-07-29 --- a/crypto/hash/hmac.c +++ b/crypto/hash/hmac.c @@ -141,11 +141,11 @@ debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64)); /* initialize sha1 context */ - sha1_init(&state->init_ctx); + srtp_sha1_init(&state->init_ctx); /* hash ipad ^ key */ - sha1_update(&state->init_ctx, ipad, 64); - memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t)); + srtp_sha1_update(&state->init_ctx, ipad, 64); + memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t)); return err_status_ok; } @@ -153,7 +153,7 @@ err_status_t hmac_start(hmac_ctx_t *state) { - memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t)); + memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t)); return err_status_ok; } @@ -165,7 +165,7 @@ octet_string_hex_string(message, msg_octets)); /* hash message into sha1 context */ - sha1_update(&state->ctx, message, msg_octets); + srtp_sha1_update(&state->ctx, message, msg_octets); return err_status_ok; } @@ -183,7 +183,7 @@ /* hash message, copy output into H */ hmac_update(state, (const uint8_t*)message, msg_octets); - sha1_final(&state->ctx, H); + srtp_sha1_final(&state->ctx, H); /* * note that we don't need to debug_print() the input, since the @@ -193,16 +193,16 @@ octet_string_hex_string((uint8_t *)H, 20)); /* re-initialize hash context */ - sha1_init(&state->ctx); + srtp_sha1_init(&state->ctx); /* hash opad ^ key */ - sha1_update(&state->ctx, (uint8_t *)state->opad, 64); + srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64); /* hash the result of the inner hash */ - sha1_update(&state->ctx, (uint8_t *)H, 20); + srtp_sha1_update(&state->ctx, (uint8_t *)H, 20); /* the result is returned in the array hash_value[] */ - sha1_final(&state->ctx, hash_value); + srtp_sha1_final(&state->ctx, hash_value); /* copy hash_value to *result */ for (i=0; i < tag_len; i++) --- a/crypto/hash/hmac_ossl.c +++ b/crypto/hash/hmac_ossl.c @@ -163,11 +163,11 @@ debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, sizeof(ipad))); /* initialize sha1 context */ - sha1_init(&state->init_ctx); + srtp_sha1_init(&state->init_ctx); state->init_ctx_initialized = 1; /* hash ipad ^ key */ - sha1_update(&state->init_ctx, ipad, sizeof(ipad)); + srtp_sha1_update(&state->init_ctx, ipad, sizeof(ipad)); return (hmac_start(state)); } @@ -192,7 +192,7 @@ octet_string_hex_string(message, msg_octets)); /* hash message into sha1 context */ - sha1_update(&state->ctx, message, msg_octets); + srtp_sha1_update(&state->ctx, message, msg_octets); return err_status_ok; } @@ -211,8 +211,8 @@ } /* hash message, copy output into H */ - sha1_update(&state->ctx, message, msg_octets); - sha1_final(&state->ctx, H); + srtp_sha1_update(&state->ctx, message, msg_octets); + srtp_sha1_final(&state->ctx, H); /* * note that we don't need to debug_print() the input, since the @@ -222,16 +222,16 @@ octet_string_hex_string((uint8_t*)H, sizeof(H))); /* re-initialize hash context */ - sha1_init(&state->ctx); + srtp_sha1_init(&state->ctx); /* hash opad ^ key */ - sha1_update(&state->ctx, (uint8_t*)state->opad, sizeof(state->opad)); + srtp_sha1_update(&state->ctx, (uint8_t*)state->opad, sizeof(state->opad)); /* hash the result of the inner hash */ - sha1_update(&state->ctx, (uint8_t*)H, sizeof(H)); + srtp_sha1_update(&state->ctx, (uint8_t*)H, sizeof(H)); /* the result is returned in the array hash_value[] */ - sha1_final(&state->ctx, hash_value); + srtp_sha1_final(&state->ctx, hash_value); /* copy hash_value to *result */ for (i = 0; i < tag_len; i++) { --- a/crypto/hash/sha1.c +++ b/crypto/hash/sha1.c @@ -77,17 +77,17 @@ uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */ void -sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { - sha1_ctx_t ctx; +srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { + srtp_sha1_ctx_t ctx; - sha1_init(&ctx); - sha1_update(&ctx, msg, octets_in_msg); - sha1_final(&ctx, hash_value); + srtp_sha1_init(&ctx); + srtp_sha1_update(&ctx, msg, octets_in_msg); + srtp_sha1_final(&ctx, hash_value); } /* - * sha1_core(M, H) computes the core compression function, where M is + * srtp_sha1_core(M, H) computes the core compression function, where M is * the next part of the message (in network byte order) and H is the * intermediate state { H0, H1, ...} (in host byte order) * @@ -99,7 +99,7 @@ */ void -sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { +srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { uint32_t H0; uint32_t H1; uint32_t H2; @@ -186,7 +186,7 @@ } void -sha1_init(sha1_ctx_t *ctx) { +srtp_sha1_init(srtp_sha1_ctx_t *ctx) { /* initialize state vector */ ctx->H[0] = 0x67452301; @@ -204,7 +204,7 @@ } void -sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { +srtp_sha1_update(srtp_sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { int i; uint8_t *buf = (uint8_t *)ctx->M; @@ -227,13 +227,13 @@ /* process a whole block */ - debug_print(mod_sha1, "(update) running sha1_core()", NULL); + debug_print(mod_sha1, "(update) running srtp_sha1_core()", NULL); - sha1_core(ctx->M, ctx->H); + srtp_sha1_core(ctx->M, ctx->H); } else { - debug_print(mod_sha1, "(update) not running sha1_core()", NULL); + debug_print(mod_sha1, "(update) not running srtp_sha1_core()", NULL); for (i=ctx->octets_in_buffer; i < (ctx->octets_in_buffer + octets_in_msg); i++) @@ -247,12 +247,12 @@ } /* - * sha1_final(ctx, output) computes the result for ctx and copies it + * srtp_sha1_final(ctx, output) computes the result for ctx and copies it * into the twenty octets located at *output */ void -sha1_final(sha1_ctx_t *ctx, uint32_t *output) { +srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output) { uint32_t A, B, C, D, E, TEMP; uint32_t W[80]; int i, t; @@ -339,11 +339,11 @@ } - debug_print(mod_sha1, "(final) running sha1_core()", NULL); + debug_print(mod_sha1, "(final) running srtp_sha1_core()", NULL); if (ctx->octets_in_buffer >= 56) { - debug_print(mod_sha1, "(final) running sha1_core() again", NULL); + debug_print(mod_sha1, "(final) running srtp_sha1_core() again", NULL); /* we need to do one final run of the compression algo */ --- a/crypto/include/hmac.h +++ b/crypto/include/hmac.h @@ -51,8 +51,8 @@ typedef struct { uint8_t opad[64]; - sha1_ctx_t ctx; - sha1_ctx_t init_ctx; + srtp_sha1_ctx_t ctx; + srtp_sha1_ctx_t init_ctx; #ifdef OPENSSL int ctx_initialized; int init_ctx_initialized; --- a/crypto/include/sha1.h +++ b/crypto/include/sha1.h @@ -56,15 +56,15 @@ #include <openssl/evp.h> #include <stdint.h> -typedef EVP_MD_CTX sha1_ctx_t; +typedef EVP_MD_CTX srtp_sha1_ctx_t; /* - * sha1_init(&ctx) initializes the SHA1 context ctx + * srtp_sha1_init(&ctx) initializes the SHA1 context ctx * - * sha1_update(&ctx, msg, len) hashes the len octets starting at msg + * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg * into the SHA1 context * - * sha1_final(&ctx, output) performs the final processing of the SHA1 + * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1 * context and writes the result to the 20 octets at output * * Return values are ignored on the EVP functions since all three @@ -72,18 +72,18 @@ * */ -static inline void sha1_init (sha1_ctx_t *ctx) +static inline void srtp_sha1_init (srtp_sha1_ctx_t *ctx) { EVP_MD_CTX_init(ctx); EVP_DigestInit(ctx, EVP_sha1()); } -static inline void sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) +static inline void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) { EVP_DigestUpdate(ctx, M, octets_in_msg); } -static inline void sha1_final (sha1_ctx_t *ctx, uint32_t *output) +static inline void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) { unsigned int len = 0; @@ -97,7 +97,7 @@ uint32_t M[16]; /* message buffer */ int octets_in_buffer; /* octets of message in buffer */ uint32_t num_bits_in_msg; /* total number of bits in message */ -} sha1_ctx_t; +} srtp_sha1_ctx_t; /* * sha1(&ctx, msg, len, output) hashes the len octets starting at msg @@ -110,33 +110,33 @@ sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]); /* - * sha1_init(&ctx) initializes the SHA1 context ctx + * srtp_sha1_init(&ctx) initializes the SHA1 context ctx * - * sha1_update(&ctx, msg, len) hashes the len octets starting at msg + * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg * into the SHA1 context * - * sha1_final(&ctx, output) performs the final processing of the SHA1 + * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1 * context and writes the result to the 20 octets at output * */ void -sha1_init(sha1_ctx_t *ctx); +srtp_sha1_init(srtp_sha1_ctx_t *ctx); void -sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); +srtp_sha1_update(srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); void -sha1_final(sha1_ctx_t *ctx, uint32_t output[5]); +srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]); /* - * The sha1_core function is INTERNAL to SHA-1, but it is declared + * The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared * here because it is also used by the cipher SEAL 3.0 in its key * setup algorithm. */ /* - * sha1_core(M, H) computes the core sha1 compression function, where M is + * srtp_sha1_core(M, H) computes the core sha1 compression function, where M is * the next part of the message and H is the intermediate state {H0, * H1, ...} * @@ -145,7 +145,7 @@ */ void -sha1_core(const uint32_t M[16], uint32_t hash_value[5]); +srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]); #endif /* else OPENSSL */ --- a/crypto/test/sha1_driver.c +++ b/crypto/test/sha1_driver.c @@ -102,7 +102,7 @@ err_status_t sha1_test_case_validate(const hash_test_case_t *test_case) { - sha1_ctx_t ctx; + srtp_sha1_ctx_t ctx; uint32_t hash_value[5]; if (test_case == NULL) @@ -113,9 +113,9 @@ if (test_case->data_len > MAX_HASH_DATA_LEN) return err_status_bad_param; - sha1_init(&ctx); - sha1_update(&ctx, test_case->data, test_case->data_len); - sha1_final(&ctx, hash_value); + srtp_sha1_init(&ctx); + srtp_sha1_update(&ctx, test_case->data, test_case->data_len); + srtp_sha1_final(&ctx, hash_value); if (0 == memcmp(test_case->hash, hash_value, 20)) { #if VERBOSE printf("PASSED: reference value: %s\n",
signature.asc
Description: OpenPGP digital signature
