Hello community,

here is the log from the commit of package libzrtpcpp for openSUSE:Factory 
checked in at 2017-08-08 11:59:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libzrtpcpp (Old)
 and      /work/SRC/openSUSE:Factory/.libzrtpcpp.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "libzrtpcpp"

Tue Aug  8 11:59:16 2017 rev:38 rq:513703 version:4.6.6

Changes:
--------
--- /work/SRC/openSUSE:Factory/libzrtpcpp/libzrtpcpp.changes    2016-12-02 
16:41:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.libzrtpcpp.new/libzrtpcpp.changes       
2017-08-08 11:59:18.351463789 +0200
@@ -1,0 +2,7 @@
+Mon Jul 31 22:31:49 UTC 2017 - jeng...@inai.de
+
+- Update to new maintenance release 4.6.6
+  * Fix a memory leak, extra buffer length checks added.
+- Remove typo.diff (merged)
+
+-------------------------------------------------------------------

Old:
----
  V4.6.4.tar.gz
  typo.diff

New:
----
  V4.6.6.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libzrtpcpp.spec ++++++
--- /var/tmp/diff_new_pack.xBw82r/_old  2017-08-08 11:59:19.247337611 +0200
+++ /var/tmp/diff_new_pack.xBw82r/_new  2017-08-08 11:59:19.251337048 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libzrtpcpp
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 Name:           libzrtpcpp
 %define lname  libzrtpcpp4
-Version:        4.6.4
+Version:        4.6.6
 Release:        0
 Summary:        A ccrtp extension for ZRTP support
 License:        GPL-3.0+
@@ -28,7 +28,6 @@
 #Git-Clone:    git://github.com/wernerd/ZRTPCPP
 #Git-Web:      https://github.com/wernerd/ZRTPCPP
 Source:         https://github.com/wernerd/ZRTPCPP/archive/V%version.tar.gz
-Patch1:         typo.diff
 BuildRequires:  cmake
 BuildRequires:  gcc-c++ >= 4.7
 BuildRequires:  pkg-config
@@ -38,20 +37,20 @@
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
-This library is a GPL licensed extension to the GNU RTP Stack, ccrtp,
-that offers compatibility with Phil Zimmermann's zrtp/Zfone voice
-encryption, and which can be directly embedded into telephony
-applications.
+A library that adds RFC6189-compliant ZRTP support to the GNU ccRTP
+stack and serves as library for other RTP stacks such as PJSIP and
+GStreamer. ZRTP was developed to allow ad-hoc key negotiation to
+setup Secure RTP (SRTP) sessions.
 
 %package -n %lname
 Summary:        A ccrtp extension for ZRTP support
 Group:          System/Libraries
 
 %description -n %lname
-This library is a GPL licensed extension to the GNU RTP Stack, ccrtp,
-that offers compatibility with Phil Zimmermann's zrtp/Zfone voice
-encryption, and which can be directly embedded into telephony
-applications.
+A library that adds RFC6189-compliant ZRTP support to the GNU ccRTP
+stack and serves as library for other RTP stacks such as PJSIP and
+GStreamer. ZRTP was developed to allow ad-hoc key negotiation to
+setup Secure RTP (SRTP) sessions.
 
 %package devel
 Summary:        Headers and link library for libzrtpcpp
@@ -60,12 +59,11 @@
 Requires:       ccrtp-devel >= 2.0.0
 
 %description devel
-This package provides the header files, link libraries, and
-documentation for building applications that use libzrtpcpp.
+This package provides the header files for building applications that
+use libzrtpcpp.
 
 %prep
 %setup -qn ZRTPCPP-%version
-%patch -P 1 -p1
 chmod a-x INSTALL
 
 %build
@@ -94,8 +92,8 @@
 %make_install
 popd
 
-%post   -p /sbin/ldconfig -n %lname
-%postun -p /sbin/ldconfig -n %lname
+%post   -n %lname -p /sbin/ldconfig
+%postun -n %lname -p /sbin/ldconfig
 
 %files -n %lname
 %defattr(-,root,root)

++++++ V4.6.4.tar.gz -> V4.6.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/CMakeLists.txt 
new/ZRTPCPP-4.6.6/CMakeLists.txt
--- old/ZRTPCPP-4.6.4/CMakeLists.txt    2016-11-10 19:28:11.000000000 +0100
+++ new/ZRTPCPP-4.6.6/CMakeLists.txt    2017-06-02 09:05:34.000000000 +0200
@@ -14,9 +14,9 @@
 
 SET(CPACK_PACKAGE_VERSION_MAJOR 4)
 SET(CPACK_PACKAGE_VERSION_MINOR 6)
-SET(CPACK_PACKAGE_VERSION_PATCH 4)
+SET(CPACK_PACKAGE_VERSION_PATCH 6)
 
-set (VERSION 4.6.4)
+set (VERSION 4.6.6)
 set (SOVERSION 4)
 
 # Define supported command line parameters.
@@ -33,7 +33,7 @@
 option(SDES "Include SDES when not building for CCRTP." OFF)
 option(AXO "Include Axolotl support when not building for CCRTP." OFF)
 
-option(ANDROID "Generate Android makefiles (Android.mk)" ON)
+option(ANDROID "Generate Android makefiles (Android.mk)" OFF)
 option(JAVA "Generate Java support files (requires JDK and SWIG)" OFF)
 
 #
@@ -155,28 +155,30 @@
 
 endif()
 
-if (SQLITE)
-    pkg_check_modules(SQLITE3 sqlite3>=3.7)
-    if (SQLITE3_FOUND)
-        check_include_files(sqlite3.h HAVE_SQLITE_H)
-        set(LIBS ${LIBS} -lsqlite3)
-        MESSAGE(STATUS "Using SQLite based ZRTP cache")
-    else()
-        message(FATAL_ERROR "SQLite3 library not found")
-    endif()
-elseif(SQLCIPHER)
-    pkg_check_modules(SQLCIPHER sqlcipher>=3.7)
-    if (SQLCIPHER_FOUND)
-        set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} 
${SQLCIPHER_INCLUDE_DIRS}) 
-        check_include_files(sqlite3.h HAVE_SQLCIPHER_H)
-        set(LIBS ${LIBS} -lsqlcipher)
-        MESSAGE(STATUS "Using SQlCipher based ZRTP cache")
-        add_definitions(-DSQL_CIPHER -DSQLITE_HAS_CODEC)
+if (NOT ANDROID)
+    if (SQLITE)
+        pkg_check_modules(SQLITE3 sqlite3>=3.7)
+        if (SQLITE3_FOUND)
+            check_include_files(sqlite3.h HAVE_SQLITE_H)
+            set(LIBS ${LIBS} -lsqlite3)
+            MESSAGE(STATUS "Using SQLite based ZRTP cache")
+        else()
+            message(FATAL_ERROR "SQLite3 library not found")
+        endif()
+    elseif(SQLCIPHER)
+        pkg_check_modules(SQLCIPHER sqlcipher>=3.7)
+        if (SQLCIPHER_FOUND)
+            set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} 
${SQLCIPHER_INCLUDE_DIRS})
+            check_include_files(sqlite3.h HAVE_SQLCIPHER_H)
+            set(LIBS ${LIBS} -lsqlcipher)
+            MESSAGE(STATUS "Using SQlCipher based ZRTP cache")
+            add_definitions(-DSQL_CIPHER -DSQLITE_HAS_CODEC)
+        else()
+            message(FATAL_ERROR "SQLCipher library not found")
+        endif()
     else()
-        message(FATAL_ERROR "SQLCipher library not found")
+        MESSAGE(STATUS "Using file based ZRTP cache")
     endif()
-else()
-    MESSAGE(STATUS "Using file based ZRTP cache")
 endif()
 
 # necessary and required modules checked, ready to generate config.h in 
top-level build directory
@@ -184,14 +186,11 @@
 
 add_definitions(-g -O2 -fno-strict-aliasing)
 if(CMAKE_COMPILER_IS_GNUCXX)
-#    add_definitions(-Wno-long-long -Wno-char-subscripts)
-#    add_definitions(-Wall -ansi -pedantic)
-#    add_definitions(-Wall -pedantic)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -pedantic -std=c99")
-    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -pedantic -std=c++11")
     add_definitions(-DNEW_STDCPP)
 endif()
 
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -pedantic -std=c++11")
+
 if (AXO)
     add_definitions(-DAXO_SUPPORT)
 endif()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/NEWS.md new/ZRTPCPP-4.6.6/NEWS.md
--- old/ZRTPCPP-4.6.4/NEWS.md   2016-11-10 19:28:11.000000000 +0100
+++ new/ZRTPCPP-4.6.6/NEWS.md   2017-06-02 09:05:34.000000000 +0200
@@ -1,3 +1,15 @@
+## GNU ZRTP 4.6.6 ##
+
+Small fix in zrtp/crypto/zrtpDh.cpp to fix a small memory leak.
+
+
+## GNU ZRTP 4.6.5 ##
+
+Cleanup compiler flags, reduce visibility for Android build,
+check some buffer length. No functional enhancements, no changes
+in API.
+
+
 ## GNU ZRTP 4.6.4 ##
 
 Some fixes to slience Windows C/C++ compiler, fix a few include
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/buildNativeAndroidTivi.sh 
new/ZRTPCPP-4.6.6/buildNativeAndroidTivi.sh
--- old/ZRTPCPP-4.6.4/buildNativeAndroidTivi.sh 1970-01-01 01:00:00.000000000 
+0100
+++ new/ZRTPCPP-4.6.6/buildNativeAndroidTivi.sh 2017-06-02 09:05:34.000000000 
+0200
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+# This script builds the specific variant of zrtpcpp as used by Silent Phone
+# on Android. The script always runs on a clean build directory and copies
+# the resulting static library to the SPA jni directory.
+# The script requires some environment variables which are either set by the
+# build system (Jenkins for example) or by a shell script that call this 
script.
+
+set -x
+
+if [ ! -d "${WORKSPACE}/silentphone2" ]; then
+    echo '***** Variable WORKSPACE does not point to correct directory *****'
+    exit 1
+fi
+
+if [ "x$ANDROID_NDK" = "x" ]; then
+    echo '***** Variable ANDROID_NDK not set *****'
+    exit 1
+fi
+
+#if [ "x$SC_BUILD_TYPE" = "xDEVELOP" ]; then
+#    BUILD_TYPE=Debug
+#    echo "*** building develop configuration"
+#else
+#   BUILD_TYPE="Release"
+#   echo "*** building release configuration"
+#fi
+
+# remove old build dir and files that may hang around after an unsuccessful 
build
+rm -rf buildTiviAndroid
+rm -f buildinfo_*.c
+
+mkdir buildTiviAndroid
+pushd buildTiviAndroid
+
+cmake -DTIVI=true -DBUILD_STATIC=true -DAXO=true -DANDROID=true ..  # 
-DCMAKE_BUILD_TYPE=$BUILD_TYPE ..
+
+pushd clients/tivi/android
+
+if ndk-build; then
+    echo "ZRTPCPP Android build OK."
+else
+    echo "ZRTPCPP Android build failed!"
+    exit 1
+fi
+
+cp obj/local/armeabi-v7a/libzrtpcpp.a 
${WORKSPACE}/silentphone2/jni/armeabi-v7a/
+
+popd
+popd
+
+# remove build dir and generated temporary files
+rm -rf buildTiviAndroid
+rm buildinfo_*.c
+
+exit 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/clients/ccrtp/ZrtpQueue.h 
new/ZRTPCPP-4.6.6/clients/ccrtp/ZrtpQueue.h
--- old/ZRTPCPP-4.6.4/clients/ccrtp/ZrtpQueue.h 2016-11-10 19:28:11.000000000 
+0100
+++ new/ZRTPCPP-4.6.6/clients/ccrtp/ZrtpQueue.h 2017-06-02 09:05:34.000000000 
+0200
@@ -430,7 +430,7 @@
      *
      * @see setMultiStrParams()
      */
-    DEPRECATED std::string getMultiStrParams() {return 
getMultiStrParams(NULL); }
+    DEPRECATED_ZRTP std::string getMultiStrParams() {return 
getMultiStrParams(NULL); }
 
     /**
      * Set Multi-stream parameters.
@@ -450,7 +450,7 @@
      *
      * @see getMultiStrParams()
      */
-    DEPRECATED void setMultiStrParams(std::string parameters) { 
setMultiStrParams(parameters, NULL);}
+    DEPRECATED_ZRTP void setMultiStrParams(std::string parameters) { 
setMultiStrParams(parameters, NULL);}
 
     /**
      * Get Multi-stream parameters.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/clients/tivi/android/jni/Android.mk 
new/ZRTPCPP-4.6.6/clients/tivi/android/jni/Android.mk
--- old/ZRTPCPP-4.6.4/clients/tivi/android/jni/Android.mk       2016-11-10 
19:28:11.000000000 +0100
+++ new/ZRTPCPP-4.6.6/clients/tivi/android/jni/Android.mk       2017-06-02 
09:05:34.000000000 +0200
@@ -28,7 +28,10 @@
                     $(ROOT_SRC_PATH)/clients/tivi 
$(ROOT_SRC_PATH)/clients/tivi/android/jni/@sql_include@
 
 LOCAL_CFLAGS := -DSUPPORT_NON_NIST @sql_cipher_define@
-LOCAL_CFLAGS += @axo_support@
+
+# For this Android build we can set the visibility to hidden. Access to ZRTP 
is only inside
+# the shared lib that we build later for Silent Phone.
+LOCAL_CFLAGS += @axo_support@ -fvisibility=hidden -fvisibility-inlines-hidden
 
 LOCAL_SRC_FILES := buildinfo_$(TARGET_ARCH_ABI).c
 LOCAL_SRC_FILES += @sqlite_src@
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/zrtp/crypto/openssl/zrtpDH.cpp 
new/ZRTPCPP-4.6.6/zrtp/crypto/openssl/zrtpDH.cpp
--- old/ZRTPCPP-4.6.4/zrtp/crypto/openssl/zrtpDH.cpp    2016-11-10 
19:28:11.000000000 +0100
+++ new/ZRTPCPP-4.6.6/zrtp/crypto/openssl/zrtpDH.cpp    2017-06-02 
09:05:34.000000000 +0200
@@ -276,9 +276,12 @@
         return DH_compute_key(secret, tmpCtx->pub_key, tmpCtx);
     }
     if (pkType == EC25 || pkType == EC38) {
-        uint8_t buffer[100];
+        uint8_t buffer[200];
         int32_t ret;
         int32_t len = getPubKeySize();
+        if (len+1 > sizeof(buffer)) {
+            return -1;
+        }
 
         buffer[0] = POINT_CONVERSION_UNCOMPRESSED;
         memcpy(buffer+1, pubKeyBytes, len);
@@ -341,11 +344,11 @@
         return BN_bn2bin(static_cast<DH*>(ctx)->pub_key, buf + prepend);
     }
     if (pkType == EC25 || pkType == EC38) {
-        uint8_t buffer[100];
+        uint8_t buffer[200];
 
         int len = 
EC_POINT_point2oct(EC_KEY_get0_group(static_cast<EC_KEY*>(ctx)),
                                      
EC_KEY_get0_public_key(static_cast<EC_KEY*>(ctx)),
-                                     POINT_CONVERSION_UNCOMPRESSED, buffer, 
100, NULL);
+                                     POINT_CONVERSION_UNCOMPRESSED, buffer, 
200, NULL);
         memcpy(buf, buffer+1, len-1);
         return len-1;
     }
@@ -355,10 +358,13 @@
 int32_t ZrtpDH::checkPubKey(uint8_t *pubKeyBytes) const
 {
     if (pkType == EC25 || pkType == EC38) {
-        uint8_t buffer[100];
+        uint8_t buffer[200];
         int32_t ret;
         int32_t len = getPubKeySize();
 
+        if (len+1 > sizeof(buffer)) {
+            return 0;
+        }
         buffer[0] = POINT_CONVERSION_UNCOMPRESSED;
         memcpy(buffer+1, pubKeyBytes, len);
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/ZRTPCPP-4.6.4/zrtp/crypto/zrtpDH.cpp 
new/ZRTPCPP-4.6.6/zrtp/crypto/zrtpDH.cpp
--- old/ZRTPCPP-4.6.4/zrtp/crypto/zrtpDH.cpp    2016-11-10 19:28:11.000000000 
+0100
+++ new/ZRTPCPP-4.6.6/zrtp/crypto/zrtpDH.cpp    2017-06-02 09:05:34.000000000 
+0200
@@ -186,8 +186,8 @@
 
     uint8_t random[64];
 
-    ctx = static_cast<void*>(new dhCtx);
-    dhCtx* tmpCtx = static_cast<dhCtx*>(ctx);
+    dhCtx* tmpCtx = new dhCtx;
+    ctx = static_cast<void*>(tmpCtx);
 
     // Well - the algo type is only 4 char thus cast to int32 and compare
     if (*(int32_t*)type == *(int32_t*)dh2k) {
@@ -289,6 +289,8 @@
         ecFreeCurvesCurve(&tmpCtx->curve);
         break;
     }
+    delete tmpCtx;
+    ctx = nullptr;
 }
 
 int32_t ZrtpDH::computeSecretKey(uint8_t *pubKeyBytes, uint8_t *secret) {


Reply via email to