cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update oRTP to 0.23.0. Includes some security fixes, and also incorporates

Browse Source 
all local patches we had. The only new patch will be needed until
security/srtp gets updated. Major library version bumped because some types
in API changed (int -> size_t).

Pointed out by portscout-based service hosted by jasperla@
This commit is contained in:
zhuk 2014-09-04 21:28:56 +00:00
parent c2b97d07be
commit a395f940f5
12 changed files with 30 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
net/ortp/Makefile
View File

@ -1,9 +1,8 @@
# $OpenBSD: Makefile,v 1.4 2013/12/19 10:13:45 zhuk Exp $
# $OpenBSD: Makefile,v 1.5 2014/09/04 21:28:56 zhuk Exp $
COMMENT = RTP (RFC3550) library
DISTNAME = ortp-0.22.0
REVISION = 2
DISTNAME = ortp-0.23.0
SHARED_LIBS = ortp 0.0
SHARED_LIBS = ortp 1.0
CATEGORIES = net multimedia
HOMEPAGE = http://www.linphone.org/eng/documentation/dev/ortp.html
@ -27,9 +26,14 @@ AUTOCONF_VERSION = 2.68
CONFIGURE_ARGS = ${CONFIGURE_SHARED} \
--disable-zrtp \
--enable-ssl-hmac \
--enable-tests \
--with-srtp=${LOCALBASE}
# the test being disabled is needed for PolarSSL only
CONFIGURE_ARGS += --enable-broken-srtp
# no support for AI_V4MAPPED yet
CONFIGURE_ENV = CFLAGS="${CFLAGS} -DAI_V4MAPPED=0"
post-install:
rm -Rf ${PREFIX}/share/doc/ortp
mv ${PREFIX}/share/doc/${DISTNAME} ${PREFIX}/share/doc/ortp

4
net/ortp/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (ortp-0.22.0.tar.gz) = bjfimzw1WbrB8q4Ml39s601M6NxxO2kd6ouuV72pLQs=
SIZE (ortp-0.22.0.tar.gz) = 538024
SHA256 (ortp-0.23.0.tar.gz) = kaWtoV9izl8Ivs7vTQrbZUaSEeLyCL2W5JOo35+E/Ns=
SIZE (ortp-0.23.0.tar.gz) = 540135

13
net/ortp/patches/patch-configure_ac
View File

@ -1,13 +0,0 @@
$OpenBSD: patch-configure_ac,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- configure.ac.orig Mon Nov 25 12:57:48 2013
+++ configure.ac Mon Nov 25 12:59:26 2013
@@ -160,6 +160,9 @@ build_scheduler=yes
dnl Check if we have seteuid system call
AC_CHECK_FUNCS(seteuid)
+dnl Check if we have arc4random family routines available
+AC_CHECK_FUNCS(arc4random)
+
dnl check if we can use the pthread_library
AC_CHECK_LIB(pthread, pthread_mutex_init, [pthread_enabled=yes], [pthread_enabled=no])

64
net/ortp/patches/patch-src_b64_c
View File

@ -1,64 +0,0 @@
$OpenBSD: patch-src_b64_c,v 1.1 2013/12/08 20:06:16 zhuk Exp $
Fix build (-Werror) on platforms where char is unsigned.
--- src/b64.c.orig Sun Dec 8 23:52:27 2013
+++ src/b64.c Mon Dec 9 00:03:52 2013
@@ -181,7 +181,7 @@ static size_t b64_encode_( unsigned char const *src
for(; NUM_PLAIN_DATA_BYTES <= srcSize; srcSize -= NUM_PLAIN_DATA_BYTES)
{
- char characters[NUM_ENCODED_DATA_BYTES];
+ unsigned char characters[NUM_ENCODED_DATA_BYTES];
/*
*
@@ -197,38 +197,38 @@ static size_t b64_encode_( unsigned char const *src
*/
/* characters[0] is the 6 left-most bits of src[0] */
- characters[0] = (char)((src[0] & 0xfc) >> 2);
+ characters[0] = ((src[0] & 0xfc) >> 2);
/* characters[0] is the right-most 2 bits of src[0] and the left-most 4 bits of src[1] */
- characters[1] = (char)(((src[0] & 0x03) << 4) + ((src[1] & 0xf0) >> 4));
+ characters[1] = (((src[0] & 0x03) << 4) + ((src[1] & 0xf0) >> 4));
/* characters[0] is the right-most 4 bits of src[1] and the 2 left-most bits of src[2] */
- characters[2] = (char)(((src[1] & 0x0f) << 2) + ((src[2] & 0xc0) >> 6));
+ characters[2] = (((src[1] & 0x0f) << 2) + ((src[2] & 0xc0) >> 6));
/* characters[3] is the right-most 6 bits of src[2] */
- characters[3] = (char)(src[2] & 0x3f);
+ characters[3] = (src[2] & 0x3f);
#ifndef __WATCOMC__
- assert(characters[0] >= 0 && characters[0] < 64);
- assert(characters[1] >= 0 && characters[1] < 64);
- assert(characters[2] >= 0 && characters[2] < 64);
- assert(characters[3] >= 0 && characters[3] < 64);
+ assert(characters[0] < 64);
+ assert(characters[1] < 64);
+ assert(characters[2] < 64);
+ assert(characters[3] < 64);
#endif /* __WATCOMC__ */
src += NUM_PLAIN_DATA_BYTES;
- *p++ = b64_chars[(unsigned char)characters[0]];
+ *p++ = b64_chars[characters[0]];
assert(NULL != strchr(b64_chars, *(p-1)));
++len;
assert(len != lineLen);
- *p++ = b64_chars[(unsigned char)characters[1]];
+ *p++ = b64_chars[characters[1]];
assert(NULL != strchr(b64_chars, *(p-1)));
++len;
assert(len != lineLen);
- *p++ = b64_chars[(unsigned char)characters[2]];
+ *p++ = b64_chars[characters[2]];
assert(NULL != strchr(b64_chars, *(p-1)));
++len;
assert(len != lineLen);
- *p++ = b64_chars[(unsigned char)characters[3]];
+ *p++ = b64_chars[characters[3]];
assert(NULL != strchr(b64_chars, *(p-1)));
if( ++len == lineLen &&

18
net/ortp/patches/patch-src_netsim_c
View File

@ -1,18 +0,0 @@
$OpenBSD: patch-src_netsim_c,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- src/netsim.c.orig Mon Nov 25 13:16:42 2013
+++ src/netsim.c Mon Nov 25 13:19:26 2013
@@ -110,7 +110,13 @@ static mblk_t *simulate_bandwidth_limit(RtpSession *se
}
static mblk_t *simulate_loss_rate(RtpSession *session, mblk_t *input, int rate){
- if((rand() % 101) >= rate) {
+ int rrate;
+#ifdef HAVE_ARC4RANDOM
+ rrate = arc4random_uniform(101);
+#else
+ rrate = rand() % 101;
+#endif
+ if(rrate >= rate) {
return input;
}
freemsg(input);

15
net/ortp/patches/patch-src_ortp_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-src_ortp_c,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- src/ortp.c.orig Mon Nov 25 12:54:51 2013
+++ src/ortp.c Mon Nov 25 12:55:19 2013
@@ -49,9 +49,11 @@ RtpScheduler *__ortp_scheduler;
extern void av_profile_init(RtpProfile *profile);
static void init_random_number_generator(){
+#ifndef HAVE_ARC4RANDOM
struct timeval t;
gettimeofday(&t,NULL);
srandom(t.tv_usec+t.tv_sec);
+#endif
}

14
net/ortp/patches/patch-src_ortp_srtp_c Normal file
View File

@ -0,0 +1,14 @@
$OpenBSD: patch-src_ortp_srtp_c,v 1.1 2014/09/04 21:28:56 zhuk Exp $
This disables ability to re-send events. If such functionality is
really needed, the security/libsrtp should be updated (from Git,
probably: https://github.com/cisco/libsrtp/).
--- src/ortp_srtp.c.orig Fri Sep 5 01:06:00 2014
+++ src/ortp_srtp.c Fri Sep 5 01:06:10 2014
@@ -306,7 +306,6 @@ srtp_t ortp_srtp_create_configure_session(enum ortp_sr
memset(&policy, 0, sizeof(srtp_policy_t));
- policy.allow_repeat_tx=1; /*this is necessary to allow telephone-event to be sent 3 times for end of dtmf packet.*/
outgoing_ssrc.type = ssrc_specific;
outgoing_ssrc.value = ssrc;

15
net/ortp/patches/patch-src_rtpsession_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-src_rtpsession_c,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- src/rtpsession.c.orig Mon Nov 25 13:15:47 2013
+++ src/rtpsession.c Mon Nov 25 13:16:26 2013
@@ -98,7 +98,11 @@ extern void rtp_parse(RtpSession *session, mblk_t *mp,
static uint32_t uint32_t_random(){
+#ifdef HAVE_ARC4RANDOM
+ return arc4random();
+#else
return random();
+#endif
}

29
net/ortp/patches/patch-src_rtpsession_inet_c
View File

@ -1,29 +0,0 @@
$OpenBSD: patch-src_rtpsession_inet_c,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- src/rtpsession_inet.c.orig Mon Nov 25 13:09:20 2013
+++ src/rtpsession_inet.c Mon Nov 25 13:14:50 2013
@@ -23,7 +23,7 @@
#if defined(WIN32) || defined(_WIN32_WCE)
#include "ortp-config-win32.h"
#elif HAVE_CONFIG_H
-#include "ortp-config.h" /*needed for HAVE_SYS_UIO_H */
+#include "ortp-config.h" /*needed for HAVE_SYS_UIO_H and HAVE_ARC4RANDOM */
#endif
#include "ortp/ortp.h"
#include "utils.h"
@@ -272,11 +272,16 @@ static ortp_socket_t create_and_bind_random(const char
for (retry=0;retry<100;retry++)
{
int localport;
+#ifdef HAVE_ARC4RANDOM
+ localport = 5000 + (int)arc4random_uniform(0x10000 - 5000);
+ localport &= 0xfffe;
+#else
do
{
localport = (rand () + 5000) & 0xfffe;
}
while ((localport < 5000) || (localport > 0xffff));
+#endif
/*do not set REUSEADDR in case of random allocation */
sock = create_and_bind(localip, localport, sock_family,FALSE);
if (sock!=-1) {

39
net/ortp/patches/patch-src_stun_c
View File

@ -1,39 +0,0 @@
$OpenBSD: patch-src_stun_c,v 1.1 2013/11/25 17:12:43 zhuk Exp $
--- src/stun.c.orig Mon Nov 25 12:44:52 2013
+++ src/stun.c Mon Nov 25 12:57:12 2013
@@ -1159,6 +1159,9 @@ stunEncodeMessage( const StunMessage *msg,
int
stunRand(void)
{
+#if defined(HAVE_ARC4RANDOM)
+ return (int)arc4random();
+#else
/* return 32 bits of random stuff */
/* assert( sizeof(int) == 4 ); */
static bool_t init=FALSE;
@@ -1251,6 +1254,7 @@ stunRand(void)
#else
return random();
#endif
+#endif /* HAVE_ARC4RANDOM */
}
@@ -1260,10 +1264,15 @@ randomPort()
{
int min=0x4000;
int max=0x7FFF;
-
- int ret = stunRand();
+ int ret;
+
+#ifdef HAVE_ARC4RANDOM
+ ret = min + (int)arc4random_uniform(max - min);
+#else
+ ret = stunRand();
ret = ret|min;
ret = ret&max;
+#endif
return ret;
}

15
net/ortp/patches/patch-src_zrtp_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-src_zrtp_c,v 1.2 2013/12/19 10:13:45 zhuk Exp $
--- src/zrtp.c.orig Mon Nov 25 13:20:20 2013
+++ src/zrtp.c Mon Nov 25 13:25:41 2013
@@ -771,7 +771,11 @@ static OrtpZrtpContext* createUserData(ZrtpContext *co
userData->zrtpContext=context;
userData->timerWillTriggerAt=0;
userData->last_recv_zrtp_seq_number=0;
+#ifdef HAVE_ARC4RANDOM
+ userData->last_sent_zrtp_seq_number=arc4random_uniform(0xffff) + 1;
+#else
userData->last_sent_zrtp_seq_number=rand()+1; // INT_MAX+1 (signed)
+#endif
userData->srtpRecv=NULL;
userData->srtpSend=NULL;

11
net/ortp/pkg/PLIST
View File

@ -1,4 +1,4 @@
@comment $OpenBSD: PLIST,v 1.1.1.1 2013/11/11 09:23:09 zhuk Exp $
@comment $OpenBSD: PLIST,v 1.2 2014/09/04 21:28:56 zhuk Exp $
include/ortp/
include/ortp/b64.h
include/ortp/event.h
@ -21,7 +21,6 @@ include/ortp/zrtp.h
lib/libortp.a
lib/libortp.la
@lib lib/libortp.so.${LIBortp_VERSION}
lib/pkgconfig/
lib/pkgconfig/ortp.pc
share/doc/ortp/
share/doc/ortp/html/
@ -32,10 +31,10 @@ share/doc/ortp/html/bc_s.png
share/doc/ortp/html/bdwn.png
share/doc/ortp/html/classes.html
share/doc/ortp/html/closed.png
share/doc/ortp/html/dir_16eeb95da744a96f9e15e860953064bf.html
share/doc/ortp/html/dir_576279b7f6e932dc8f6458419aebfb0c.html
share/doc/ortp/html/dir_61fd887450a8709f7e423cc16e9905b0.html
share/doc/ortp/html/dir_b2e05bd817db116bd6a53e476ec497c6.html
share/doc/ortp/html/dir_1a4b54bfab6e4cdf47fbfffc8df9db91.html
share/doc/ortp/html/dir_38de505ae827f27e0beaf6f2bb7592fd.html
share/doc/ortp/html/dir_54c07869e09dd228c7196b102b00a635.html
share/doc/ortp/html/dir_630edbb1b139ecc51a553253b3fc5870.html
share/doc/ortp/html/doxygen.css
share/doc/ortp/html/doxygen.png
share/doc/ortp/html/dynsections.js