Hello community, here is the log from the commit of package libsrtp for openSUSE:Factory checked in at 2017-08-12 19:36:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsrtp (Old) and /work/SRC/openSUSE:Factory/.libsrtp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsrtp" Sat Aug 12 19:36:25 2017 rev:10 rq:514661 version:1.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libsrtp/libsrtp.changes 2016-11-25 12:27:56.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libsrtp.new/libsrtp.changes 2017-08-12 19:36:31.802137559 +0200 @@ -1,0 +2,13 @@ +Tue Aug 1 12:28:27 UTC 2017 - [email protected] + +- Update to new upstream release 1.6.0 + * Fix incorrect result of rdb_increment on overflow + * Cipher type cleanup for AES. + When libSRTP is compiled with OpenSSL and the AES 256 ICM + cipher is used with RTCP, an incorrect initialization vector + is formed. This change will break backwards compatibility + with older versions (1.5, 2.0) of libSRTP when using the AES + 256 ICM cipher with OpenSSL for RTCP. + * Sequence number incorrectly masked for AES GCM IV. + +------------------------------------------------------------------- Old: ---- libsrtp-1.5.4.tar.gz New: ---- libsrtp-1.6.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsrtp.spec ++++++ --- /var/tmp/diff_new_pack.gyqTHR/_old 2017-08-12 19:36:32.969973782 +0200 +++ /var/tmp/diff_new_pack.gyqTHR/_new 2017-08-12 19:36:32.973973222 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsrtp # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define soname 1 Name: libsrtp -Version: 1.5.4 +Version: 1.6.0 Release: 0 Summary: Secure Real-Time Transport Protocol (SRTP) library License: BSD-3-Clause ++++++ libsrtp-1.5.4.tar.gz -> libsrtp-1.6.0.tar.gz ++++++ ++++ 2340 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libsrtp-1.5.4/CHANGES new/libsrtp-1.6.0/CHANGES --- old/libsrtp-1.5.4/CHANGES 2016-02-02 20:56:49.000000000 +0100 +++ new/libsrtp-1.6.0/CHANGES 2017-08-01 13:57:38.000000000 +0200 @@ -1,5 +1,21 @@ Changelog +1.6.0 + + PR #293 Fix incorrect result of rdb_increment on overflow + + PR #290 - Cipher type cleanup for AES + When libSRTP is compiled with OpenSSL and the AES 256 ICM cipher is used + with RTCP an incorrect initialization vector is formed. + This change will break backwards compatibility with older versions (1.5, + 2.0) of libSRTP when using the AES 256 ICM cipher with OpenSSL for RTCP. + + PR #281 - Sequence number incorrectly masked for AES GCM IV + The initialization vector for AES GCM encryption was incorrectly formed on + little endian machines. + This change will break backwards compatibility with older versions (1.5, + 2.0) of libSRTP when using the AES GCM cipher for RTCP. + 1.5.4 Use BE byte ordering of RTCP trailer. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libsrtp-1.5.4/VERSION new/libsrtp-1.6.0/VERSION --- old/libsrtp-1.5.4/VERSION 2016-02-02 20:56:49.000000000 +0100 +++ new/libsrtp-1.6.0/VERSION 2017-08-01 13:57:38.000000000 +0200 @@ -1 +1 @@ -1.5.4 +1.6.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libsrtp-1.5.4/configure.in new/libsrtp-1.6.0/configure.in --- old/libsrtp-1.5.4/configure.in 2016-02-02 20:56:49.000000000 +0100 +++ new/libsrtp-1.6.0/configure.in 2017-08-01 13:57:38.000000000 +0200 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([libsrtp], [1.5.4], [https://github.com/cisco/libsrtp/issues]) +AC_INIT([libsrtp], [1.6.0], [https://github.com/cisco/libsrtp/issues]) dnl Must come before AC_PROG_CC if test -z "$CFLAGS"; then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libsrtp-1.5.4/crypto/replay/rdb.c new/libsrtp-1.6.0/crypto/replay/rdb.c --- old/libsrtp-1.5.4/crypto/replay/rdb.c 2016-02-02 20:56:49.000000000 +0100 +++ new/libsrtp-1.6.0/crypto/replay/rdb.c 2017-08-01 13:57:38.000000000 +0200 @@ -130,8 +130,9 @@ err_status_t rdb_increment(rdb_t *rdb) { - if (rdb->window_start++ > 0x7fffffff) + if (rdb->window_start >= 0x7fffffff) return err_status_key_expired; + ++rdb->window_start; return err_status_ok; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libsrtp-1.5.4/srtp/srtp.c new/libsrtp-1.6.0/srtp/srtp.c --- old/libsrtp-1.5.4/srtp/srtp.c 2016-02-02 20:56:49.000000000 +0100 +++ new/libsrtp-1.6.0/srtp/srtp.c 2017-08-01 13:57:38.000000000 +0200 @@ -331,7 +331,7 @@ err_status_t status; srtp_stream_ctx_t *str; - debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ssrc); + debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ntohl(ssrc)); /* allocate srtp stream and set str_ptr */ str = (srtp_stream_ctx_t *) crypto_alloc(sizeof(srtp_stream_ctx_t)); @@ -1491,7 +1491,7 @@ if (ctx->stream_template != NULL) { stream = ctx->stream_template; debug_print(mod_srtp, "using provisional stream (SSRC: 0x%08x)", - hdr->ssrc); + ntohl(hdr->ssrc)); /* * set estimated packet index to sequence number from header, @@ -2251,9 +2251,13 @@ * seq_num - The SEQ value to use for the IV calculation. * *hdr - The RTP header, used to get the SSRC value * + * Returns: err_status_ok if no error or srtp_err_status_bad_param + * if seq_num is invalid + * */ -static void srtp_calc_aead_iv_srtcp(srtp_stream_ctx_t *stream, v128_t *iv, - uint32_t seq_num, srtcp_hdr_t *hdr) +static err_status_t +srtp_calc_aead_iv_srtcp(srtp_stream_ctx_t *stream, v128_t *iv, + uint32_t seq_num, srtcp_hdr_t *hdr) { v128_t in; v128_t salt; @@ -2264,7 +2268,13 @@ in.v16[0] = 0; memcpy(&in.v16[1], &hdr->ssrc, 4); /* still in network order! */ in.v16[3] = 0; - in.v32[2] = 0x7FFFFFFF & htonl(seq_num); /* bit 32 is suppose to be zero */ + /* The SRTCP index (seq_num) spans bits 0 through 30 inclusive. + * The most significant bit should be zero. + */ + if (seq_num & 0x80000000UL) { + return err_status_bad_param; + } + in.v32[2] = htonl(seq_num); debug_print(mod_srtp, "Pre-salted RTCP IV = %s\n", v128_hex_string(&in)); @@ -2278,6 +2288,8 @@ * Finally, apply the SALT to the input */ v128_xor(iv, &in, &salt); + + return err_status_ok; } /* @@ -2347,7 +2359,10 @@ /* * Calculating the IV and pass it down to the cipher */ - srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); + status = srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); + if (status) { + return err_status_cipher_fail; + } status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_encrypt); if (status) { return err_status_cipher_fail; @@ -2497,7 +2512,10 @@ /* * Calculate and set the IV */ - srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); + status = srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); + if (status) { + return err_status_cipher_fail; + } status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_decrypt); if (status) { return err_status_cipher_fail; @@ -2738,7 +2756,8 @@ /* * if we're using rindael counter mode, set nonce and seq */ - if (stream->rtcp_cipher->type->id == AES_ICM) { + if (stream->rtcp_cipher->type->id == AES_ICM || + stream->rtcp_cipher->type->id == AES_256_ICM) { v128_t iv; iv.v32[0] = 0; @@ -2866,7 +2885,7 @@ } debug_print(mod_srtp, "srtcp using provisional stream (SSRC: 0x%08x)", - hdr->ssrc); + ntohl(hdr->ssrc)); } else { /* no template stream, so we return an error */ return err_status_no_ctx; @@ -2959,7 +2978,8 @@ /* * if we're using aes counter mode, set nonce and seq */ - if (stream->rtcp_cipher->type->id == AES_ICM) { + if (stream->rtcp_cipher->type->id == AES_ICM || + stream->rtcp_cipher->type->id == AES_256_ICM) { v128_t iv; iv.v32[0] = 0;
