From f82595217f63e9ee10beb37ba58e7d4e414fe527 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Jan 07 2020 20:06:16 +0000 Subject: rebuild against libsrtp2 --- diff --git a/ortp-libsrtp2.patch b/ortp-libsrtp2.patch new file mode 100644 index 0000000..065d18f --- /dev/null +++ b/ortp-libsrtp2.patch @@ -0,0 +1,434 @@ +diff -up ortp-0.23.0/configure.ac.srtp2 ortp-0.23.0/configure.ac +--- ortp-0.23.0/configure.ac.srtp2 2014-02-19 09:08:11.000000000 -0500 ++++ ortp-0.23.0/configure.ac 2020-01-07 14:23:12.924622441 -0500 +@@ -224,24 +224,24 @@ AC_ARG_WITH(srtp, + ) + if test "${srtp_prefix}" != "none" ; then + if test "${srtp_prefix}" != "/usr" || test "$mingw_found" = "yes" ; then +- SRTP_CFLAGS="-I${srtp_prefix}/include -I${srtp_prefix}/include/srtp" ++ SRTP_CFLAGS="-I${srtp_prefix}/include -I${srtp_prefix}/include/srtp2" + SRTP_LIBS="-L${srtp_prefix}/lib" + fi +- SRTP_LIBS="$SRTP_LIBS -lsrtp" ++ SRTP_LIBS="$SRTP_LIBS -lsrtp2" + + dnl check srtp headers + have_srtp=no + CPPFLAGS_save=$CPPFLAGS + CPPFLAGS="$CPPFLAGS $SRTP_CFLAGS" +- AC_CHECK_HEADER([srtp/srtp.h],have_srtp_headers=yes) ++ AC_CHECK_HEADER([srtp2/srtp.h],have_srtp_headers=yes) + CPPFLAGS=$CPPFLAGS_save + + dnl check for srtp lib + LDFLAGS_save=$LDFLAGS + LDFLAGS="$LDFLAGS $SRTP_LIBS" + LIBS_save=$LIBS +- AC_CHECK_LIB(srtp,srtp_init,have_srtp_lib=yes) +- AC_CHECK_LIB(srtp,srtp_shutdown,[AC_DEFINE([HAVE_SRTP_SHUTDOWN],1,[Defined when srtp_shutdown() exists.])]) ++ AC_CHECK_LIB(srtp2,srtp_init,have_srtp_lib=yes) ++ AC_CHECK_LIB(srtp2,srtp_shutdown,[AC_DEFINE([HAVE_SRTP_SHUTDOWN],1,[Defined when srtp_shutdown() exists.])]) + LDFLAGS=$LDFLAGS_save + LIBS=$LIBS_save + +@@ -251,7 +251,7 @@ if test "${srtp_prefix}" != "none" ; the + LDFLAGS_save=$LDFLAGS + LDFLAGS="$LDFLAGS $SRTP_LIBS" + LIBS_save=$LIBS +- AC_CHECK_LIB(srtp,sha1_update,[ ++ AC_CHECK_LIB(srtp2,sha1_update,[ + AC_MSG_ERROR([This libsrtp version exports symbols conflicting with polar ssl, resulting in a bad execution path. + Please use the one from git://git.linphone.org/srtp.git + You could also track resolution of defect on https://github.com/cisco/libsrtp/issues/28 +@@ -262,7 +262,7 @@ if test "${srtp_prefix}" != "none" ; the + fi + AC_DEFINE(HAVE_SRTP, 1, [Defined when srtp support is compiled]) + else +- AC_MSG_NOTICE([Could not find libsrtp headers or lib, cryto transport disabled.]) ++ AC_MSG_NOTICE([Could not find libsrtp2 headers or lib, crypto transport disabled.]) + SRTP_CFLAGS= + SRTP_LIBS= + fi +diff -up ortp-0.23.0/include/ortp/ortp_srtp.h.srtp2 ortp-0.23.0/include/ortp/ortp_srtp.h +--- ortp-0.23.0/include/ortp/ortp_srtp.h.srtp2 2014-01-22 12:02:48.000000000 -0500 ++++ ortp-0.23.0/include/ortp/ortp_srtp.h 2020-01-07 14:23:12.924622441 -0500 +@@ -25,12 +25,12 @@ + // Android and Windows phone don't use make install + #include + #else +-#include ++#include + #endif + #else + + typedef void* srtp_t; +-typedef int err_status_t; ++typedef int srtp_err_status_t; + typedef int srtp_policy_t; + + #endif +@@ -55,11 +55,11 @@ enum ortp_srtp_crypto_suite_t { + NO_CIPHER_SHA1_80 + }; + +-ORTP_PUBLIC err_status_t ortp_srtp_init(void); +-ORTP_PUBLIC err_status_t ortp_srtp_create(srtp_t *session, const srtp_policy_t *policy); +-ORTP_PUBLIC err_status_t ortp_srtp_dealloc(srtp_t session); +-ORTP_PUBLIC err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy); +-ORTP_PUBLIC err_status_t ortp_crypto_get_random(uint8_t *tmp, int size); ++ORTP_PUBLIC srtp_err_status_t ortp_srtp_init(void); ++ORTP_PUBLIC srtp_err_status_t ortp_srtp_create(srtp_t *session, const srtp_policy_t *policy); ++ORTP_PUBLIC srtp_err_status_t ortp_srtp_dealloc(srtp_t session); ++ORTP_PUBLIC srtp_err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy); ++ORTP_PUBLIC srtp_err_status_t ortp_crypto_get_random(uint8_t *tmp, int size); + ORTP_PUBLIC bool_t ortp_srtp_supported(void); + + ORTP_PUBLIC int srtp_transport_new(srtp_t srtp, RtpTransport **rtpt, RtpTransport **rtcpt ); +@@ -68,6 +68,10 @@ ORTP_PUBLIC srtp_t ortp_srtp_create_conf + + ORTP_PUBLIC void ortp_srtp_shutdown(void); + ++#ifndef srtp_err_reporting_init ++srtp_err_status_t srtp_err_reporting_init(void); ++#endif ++ + #ifdef __cplusplus + } + #endif +diff -up ortp-0.23.0/src/ortp_srtp.c.srtp2 ortp-0.23.0/src/ortp_srtp.c +--- ortp-0.23.0/src/ortp_srtp.c.srtp2 2020-01-07 14:23:12.922622477 -0500 ++++ ortp-0.23.0/src/ortp_srtp.c 2020-01-07 14:24:22.136400294 -0500 +@@ -40,12 +40,12 @@ + static int srtp_sendto(RtpTransport *t, mblk_t *m, int flags, const struct sockaddr *to, socklen_t tolen){ + srtp_t srtp=(srtp_t)t->data; + int slen; +- err_status_t err; ++ srtp_err_status_t err; + /* enlarge the buffer for srtp to write its data */ + slen=msgdsize(m); + msgpullup(m,slen+SRTP_PAD_BYTES); + err=srtp_protect(srtp,m->b_rptr,&slen); +- if (err==err_status_ok){ ++ if (err==srtp_err_status_ok){ + return sendto(t->session->rtp.socket,(void*)m->b_rptr,slen,flags,to,tolen); + } + ortp_error("srtp_protect() failed (%d)", err); +@@ -58,7 +58,7 @@ static int srtp_recvfrom(RtpTransport *t + int slen; + err=rtp_session_rtp_recv_abstract(t->session->rtp.socket,m,flags,from,fromlen); + if (err>0){ +- err_status_t srtp_err; ++ srtp_err_status_t srtp_err; + /* keep NON-RTP data unencrypted */ + rtp_header_t *rtp; + if (err>=RTP_FIXED_HEADER_SIZE) +@@ -72,7 +72,7 @@ static int srtp_recvfrom(RtpTransport *t + + slen=err; + srtp_err = srtp_unprotect(srtp,m->b_wptr,&slen); +- if (srtp_err==err_status_ok) ++ if (srtp_err==srtp_err_status_ok) + return slen; + else { + ortp_error("srtp_unprotect() failed (%d)", srtp_err); +@@ -85,12 +85,12 @@ static int srtp_recvfrom(RtpTransport *t + static int srtcp_sendto(RtpTransport *t, mblk_t *m, int flags, const struct sockaddr *to, socklen_t tolen){ + srtp_t srtp=(srtp_t)t->data; + int slen; +- err_status_t srtp_err; ++ srtp_err_status_t srtp_err; + slen=msgdsize(m); + /* enlarge the buffer for srtp to write its data */ + msgpullup(m,slen+SRTP_PAD_BYTES); + srtp_err=srtp_protect_rtcp(srtp,m->b_rptr,&slen); +- if (srtp_err==err_status_ok){ ++ if (srtp_err==srtp_err_status_ok){ + return sendto(t->session->rtcp.socket,(void*)m->b_rptr,slen,flags,to,tolen); + } + ortp_error("srtp_protect_rtcp() failed (%d)", srtp_err); +@@ -103,7 +103,7 @@ static int srtcp_recvfrom(RtpTransport * + int slen; + err=rtp_session_rtp_recv_abstract(t->session->rtcp.socket,m,flags,from,fromlen); + if (err>0){ +- err_status_t srtp_err; ++ srtp_err_status_t srtp_err; + /* keep NON-RTP data unencrypted */ + rtcp_common_header_t *rtcp; + if (err>=RTCP_COMMON_HEADER_SIZE) +@@ -117,7 +117,7 @@ static int srtcp_recvfrom(RtpTransport * + + slen=err; + srtp_err=srtp_unprotect_rtcp(srtp,m->b_wptr,&slen); +- if (srtp_err==err_status_ok) ++ if (srtp_err==srtp_err_status_ok) + return slen; + else { + ortp_error("srtp_unprotect_rtcp() failed (%d)", srtp_err); +@@ -167,10 +167,10 @@ int srtp_transport_new(srtp_t srtp, RtpT + + static int srtp_init_done=0; + +-err_status_t ortp_srtp_init(void) ++srtp_err_status_t ortp_srtp_init(void) + { + +- err_status_t st=0; ++ srtp_err_status_t st=0; + ortp_message("srtp init"); + if (!srtp_init_done) { + st=srtp_init(); +@@ -178,7 +178,7 @@ err_status_t ortp_srtp_init(void) + srtp_init_done++; + }else{ + ortp_fatal("Couldn't initialize SRTP library."); +- err_reporting_init("oRTP"); ++ srtp_err_reporting_init(); + } + }else srtp_init_done++; + return st; +@@ -193,19 +193,19 @@ void ortp_srtp_shutdown(void){ + } + } + +-err_status_t ortp_srtp_create(srtp_t *session, const srtp_policy_t *policy) ++srtp_err_status_t ortp_srtp_create(srtp_t *session, const srtp_policy_t *policy) + { + int i; + i = srtp_create(session, policy); + return i; + } + +-err_status_t ortp_srtp_dealloc(srtp_t session) ++srtp_err_status_t ortp_srtp_dealloc(srtp_t session) + { + return srtp_dealloc(session); + } + +-err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy) ++srtp_err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy) + { + return srtp_add_stream(session, policy); + } +@@ -214,32 +214,32 @@ bool_t ortp_srtp_supported(void){ + return TRUE; + } + +-static bool_t ortp_init_srtp_policy(srtp_t srtp, srtp_policy_t* policy, enum ortp_srtp_crypto_suite_t suite, ssrc_t ssrc, const char* b64_key) ++static bool_t ortp_init_srtp_policy(srtp_t srtp, srtp_policy_t* policy, enum ortp_srtp_crypto_suite_t suite, srtp_ssrc_t ssrc, const char* b64_key) + { + uint8_t* key; + int key_size; +- err_status_t err; ++ srtp_err_status_t err; + unsigned b64_key_length = strlen(b64_key); + + switch (suite) { + case AES_128_SHA1_32: +- crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy->rtp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy->rtp); + // srtp doc says: not adapted to rtcp... +- crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy->rtcp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy->rtcp); + break; + case AES_128_NO_AUTH: +- crypto_policy_set_aes_cm_128_null_auth(&policy->rtp); ++ srtp_crypto_policy_set_aes_cm_128_null_auth(&policy->rtp); + // srtp doc says: not adapted to rtcp... +- crypto_policy_set_aes_cm_128_null_auth(&policy->rtcp); ++ srtp_crypto_policy_set_aes_cm_128_null_auth(&policy->rtcp); + break; + case NO_CIPHER_SHA1_80: +- crypto_policy_set_null_cipher_hmac_sha1_80(&policy->rtp); +- crypto_policy_set_null_cipher_hmac_sha1_80(&policy->rtcp); ++ srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy->rtp); ++ srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy->rtcp); + break; + case AES_128_SHA1_80: /*default mode*/ + default: +- crypto_policy_set_rtp_default(&policy->rtp); +- crypto_policy_set_rtcp_default(&policy->rtcp); ++ srtp_crypto_policy_set_rtp_default(&policy->rtp); ++ srtp_crypto_policy_set_rtcp_default(&policy->rtcp); + } + key_size = b64_decode(b64_key, b64_key_length, 0, 0); + if (key_size != policy->rtp.cipher_key_len) { +@@ -260,7 +260,7 @@ static bool_t ortp_init_srtp_policy(srtp + policy->next = NULL; + + err = ortp_srtp_add_stream(srtp, policy); +- if (err != err_status_ok) { ++ if (err != srtp_err_status_ok) { + ortp_error("Failed to add stream to srtp session (%d)", err); + ortp_free(key); + return FALSE; +@@ -270,30 +270,30 @@ static bool_t ortp_init_srtp_policy(srtp + return TRUE; + } + +-err_status_t ortp_crypto_get_random(uint8_t *tmp, int size) ++srtp_err_status_t ortp_crypto_get_random(uint8_t *tmp, int size) + { + static int fd=-1; + if (fd==-1) fd=open("/dev/urandom",O_RDONLY); + if (fd!=-1) { +- if (read(fd,tmp,size)==size) return err_status_ok; ++ if (read(fd,tmp,size)==size) return srtp_err_status_ok; + } + return -1; + } + + srtp_t ortp_srtp_create_configure_session(enum ortp_srtp_crypto_suite_t suite, uint32_t ssrc, const char* snd_key, const char* rcv_key) + { +- err_status_t err; ++ srtp_err_status_t err; + srtp_t session; + + err = ortp_srtp_create(&session, NULL); +- if (err != err_status_ok) { ++ if (err != srtp_err_status_ok) { + ortp_error("Failed to create srtp session (%d)", err); + return NULL; + } + + // incoming stream + { +- ssrc_t incoming_ssrc; ++ srtp_ssrc_t incoming_ssrc; + srtp_policy_t policy; + + memset(&policy, 0, sizeof(srtp_policy_t)); +@@ -306,7 +306,7 @@ srtp_t ortp_srtp_create_configure_sessio + } + // outgoing stream + { +- ssrc_t outgoing_ssrc; ++ srtp_ssrc_t outgoing_ssrc; + srtp_policy_t policy; + + memset(&policy, 0, sizeof(srtp_policy_t)); +@@ -326,11 +326,11 @@ srtp_t ortp_srtp_create_configure_sessio + + #else + +-err_status_t ortp_srtp_init(void) { ++srtp_err_status_t ortp_srtp_init(void) { + return -1; + } + +-err_status_t ortp_crypto_get_random(uint8_t *tmp, int size) ++srtp_err_status_t ortp_crypto_get_random(uint8_t *tmp, int size) + { + return -1; + } +@@ -344,17 +344,17 @@ bool_t ortp_srtp_supported(void){ + return FALSE; + } + +-err_status_t ortp_srtp_create(srtp_t *i, const srtp_policy_t *policy) ++srtp_err_status_t ortp_srtp_create(srtp_t *i, const srtp_policy_t *policy) + { + return -1; + } + +-err_status_t ortp_srtp_dealloc(srtp_t session) ++srtp_err_status_t ortp_srtp_dealloc(srtp_t session) + { + return -1; + } + +-err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy) ++srtp_err_status_t ortp_srtp_add_stream(srtp_t session, const srtp_policy_t *policy) + { + return -1; + } +diff -up ortp-0.23.0/src/zrtp.c.srtp2 ortp-0.23.0/src/zrtp.c +--- ortp-0.23.0/src/zrtp.c.srtp2 2014-01-06 02:41:52.000000000 -0500 ++++ ortp-0.23.0/src/zrtp.c 2020-01-07 14:23:12.925622424 -0500 +@@ -497,8 +497,8 @@ static uint8_t *key_with_salt(C_SrtpSecr + */ + static int32_t ozrtp_srtpSecretsReady (ZrtpContext* ctx, C_SrtpSecret_t* secrets, int32_t part ) { + srtp_policy_t policy; +- err_status_t srtpCreateStatus; +- err_status_t addStreamStatus; ++ srtp_err_status_t srtpCreateStatus; ++ srtp_err_status_t addStreamStatus; + OrtpZrtpContext *userData = user_data(ctx); + + ortp_message("ZRTP secrets for %s are ready; auth tag len is %i", +@@ -514,16 +514,16 @@ static int32_t ozrtp_srtpSecretsReady (Z + } + + /* +- * Don't use crypto_policy_set_from_profile_for_rtp(), it is totally buggy. ++ * Don't use srtp_crypto_policy_set_from_profile_for_rtp(), it is totally buggy. + */ + memset(&policy,0,sizeof(policy)); + + if (secrets->srtpAuthTagLen == 32){ +- crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); +- crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtcp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtcp); + }else if (secrets->srtpAuthTagLen == 80){ +- crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp); +- crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp); ++ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); + }else{ + ortp_fatal("unsupported auth tag len"); + } +@@ -544,12 +544,12 @@ static int32_t ozrtp_srtpSecretsReady (Z + + ortp_free(policy.key); + +- if (srtpCreateStatus != err_status_ok) { ++ if (srtpCreateStatus != srtp_err_status_ok) { + ortp_error("ZRTP Error %u during creation of SRTP context for %s", + srtpCreateStatus, (part == ForSender) ? "sender" : "receiver"); + return 0; + } +- if (addStreamStatus != err_status_ok) { ++ if (addStreamStatus != srtp_err_status_ok) { + ortp_error("ZRTP Error %u during addition of SRTP stream for %s", + addStreamStatus, (part == ForSender) ? "sender" : "receiver"); + return 0; +@@ -702,7 +702,7 @@ static inline uint32_t get_rtcp_ssrc(uin + } + static int ozrtp_generic_sendto(stream_type stream, RtpTransport *t, mblk_t *m, int flags, const struct sockaddr *to, socklen_t tolen){ + int slen; +- err_status_t err; ++ srtp_err_status_t err; + ortp_socket_t socket; + + ZrtpContext *zrtpContext = (ZrtpContext*) t->data; +@@ -730,7 +730,7 @@ static int ozrtp_generic_sendto(stream_t + } else { + err=srtp_protect_rtcp(userData->srtpSend,m->b_rptr,&slen); + } +- if (err==err_status_ok){ ++ if (err==srtp_err_status_ok){ + return sendto(socket,(void*)m->b_rptr,slen,flags,to,tolen); + } else { + ortp_error("srtp_protect() failed with status %d", err); +@@ -772,8 +772,8 @@ static int ozrtp_rtp_recvfrom(RtpTranspo + if (rtpVersion == 2) { + if (userData->srtpRecv != NULL && zrtp_inState(zrtpContext, SecureState)) { + // probably srtp packet, unprotect +- err_status_t err = srtp_unprotect(userData->srtpRecv,m->b_wptr,&rlen); +- if (err != err_status_ok) { ++ srtp_err_status_t err = srtp_unprotect(userData->srtpRecv,m->b_wptr,&rlen); ++ if (err != srtp_err_status_ok) { + ortp_warning("srtp_unprotect failed; packet may be plain RTP"); + } + } +@@ -841,8 +841,8 @@ static int ozrtp_rtcp_recvfrom(RtpTransp + uint8_t *rtcp = m->b_wptr; + int version = ((rtcp_common_header_t *)rtcp)->version; + if (version == 2 && userData->srtpRecv != NULL && zrtp_inState(zrtpContext, SecureState)) { +- err_status_t err = srtp_unprotect_rtcp(userData->srtpRecv,m->b_wptr,&rlen); +- if (err != err_status_ok) { ++ srtp_err_status_t err = srtp_unprotect_rtcp(userData->srtpRecv,m->b_wptr,&rlen); ++ if (err != srtp_err_status_ok) { + ortp_error("srtp_unprotect failed %d ; packet discarded (may be plain RTCP)", err); + return 0; + } diff --git a/ortp.spec b/ortp.spec index 92d4946..cd6fb39 100644 --- a/ortp.spec +++ b/ortp.spec @@ -1,6 +1,6 @@ Name: ortp Version: 0.23.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A C library implementing the RTP protocol (RFC3550) Epoch: 2 @@ -10,11 +10,13 @@ URL: http://www.linphone.org/eng/documentation/dev/ortp.html # we are reverting to it so linphone-3.6.1 runs until we can get # recent linphone built. Source: https://gitlab.linphone.org/BC/public/%{name}/-/archive/%{version}/%{name}-%{version}.tar.gz -Patch1: ortp-libsrtp-1.5-fix.patch +#Patch1: ortp-libsrtp-1.5-fix.patch #Patch2: ortp-logging-warning.patch # ortp-0.23.0 was calling crypto_get_random, which was a private API # and has been removed. This patch reads /dev/urandom instead. Patch3: ortp-random.patch +# Support libsrtp2 +Patch4: ortp-libsrtp2.patch BuildRequires: doxygen BuildRequires: graphviz @@ -43,6 +45,7 @@ Libraries and headers required to develop software with ortp. #patch1 -p1 -b .srtp-15 #patch2 -p1 -b .warn %patch3 -p1 -b .rand +%patch4 -p1 -b .srtp2 autoreconf -i -f @@ -76,6 +79,9 @@ rm -r %{buildroot}%{_datadir}/doc/%{name}-%{version} %{_libdir}/pkgconfig/ortp.pc %changelog +* Tue Jan 7 2020 Tom Callaway - 2:0.23.0-2 +- rebuild against new libsrtp + * Mon Nov 25 2019 Stuart Gathman - 2:0.23.0-1 - Revert to 0.23.0 because 0.24.2 is incompatible even though it has - the same ABI version.