[Pkg-voip-commits] r4385 - in srtp/trunk/debian: . patches
js at alioth.debian.org
js at alioth.debian.org
Sun Sep 2 22:41:05 UTC 2007
Author: js
Date: 2007-09-02 22:41:05 +0000 (Sun, 02 Sep 2007)
New Revision: 4385
Added:
srtp/trunk/debian/patches/0001_cvs20070616.patch
Modified:
srtp/trunk/debian/changelog
srtp/trunk/debian/control
srtp/trunk/debian/patches/series
srtp/trunk/debian/rules
Log:
* Add patch 0001 to bring in sync with upstream CVS as of 20070616.
+ This hopefully closes: bug#438792, #439976, thanks to Kilian
Krause.
* Set executable bit on patched-in test.
* Add patch 1002 to use explicit path in rtpw_test.sh script.
* Disable (but keep with source) patch 1001 fixed upstream it seems.
Modified: srtp/trunk/debian/changelog
===================================================================
--- srtp/trunk/debian/changelog 2007-09-02 21:15:00 UTC (rev 4384)
+++ srtp/trunk/debian/changelog 2007-09-02 22:41:05 UTC (rev 4385)
@@ -1,5 +1,11 @@
srtp (1.4.2.dfsg-5) UNRELEASED; urgency=low
+ * Add patch 0001 to bring in sync with upstream CVS as of 20070616.
+ + This hopefully closes: bug#438792, #439976, thanks to Kilian
+ Krause.
+ * Set executable bit on patched-in test.
+ * Add patch 1002 to use explicit path in rtpw_test.sh script.
+ * Disable (but keep with source) patch 1001 fixed upstream it seems.
* Fix XS-Vcs-Svn and XS-Vcs-Browser fields in debian/control.
* Update cdbs tweaks:
+ Various improvements to update-tarball.
@@ -7,7 +13,7 @@
auto-update debian/control:
DEB_BUILD_OPTIONS=cdbs-autoupdate fakeroot debian/rules pre-build
- -- Jonas Smedegaard <dr at jones.dk> Mon, 27 Aug 2007 13:21:17 +0200
+ -- Jonas Smedegaard <dr at jones.dk> Sun, 02 Sep 2007 23:41:12 +0200
srtp (1.4.2.dfsg-4) unstable; urgency=low
Modified: srtp/trunk/debian/control
===================================================================
--- srtp/trunk/debian/control 2007-09-02 21:15:00 UTC (rev 4384)
+++ srtp/trunk/debian/control 2007-09-02 22:41:05 UTC (rev 4385)
@@ -2,7 +2,7 @@
Priority: optional
Maintainer: Debian VoIP Team <pkg-voip-maintainers at lists.alioth.debian.org>
Uploaders: Jonas Smedegaard <dr at jones.dk>
-Build-Depends: autotools-dev, debhelper (>= 4.2.0), quilt, patchutils (>= 0.2.25), dh-buildinfo, cdbs (>= 0.4.39), doxygen, texlive-latex-recommended, texlive-fonts-recommended
+Build-Depends: autotools-dev, debhelper (>= 4.2.0), quilt, patchutils (>= 0.2.25), dh-buildinfo, cdbs (>= 0.4.39), doxygen, texlive-latex-recommended, texlive-fonts-recommended, procps, miscfiles
Standards-Version: 3.7.2
Section: libs
XS-Vcs-Svn: svn://svn.debian.org/pkg-voip/srtp/trunk
Added: srtp/trunk/debian/patches/0001_cvs20070616.patch
===================================================================
--- srtp/trunk/debian/patches/0001_cvs20070616.patch (rev 0)
+++ srtp/trunk/debian/patches/0001_cvs20070616.patch 2007-09-02 22:41:05 UTC (rev 4385)
@@ -0,0 +1,7015 @@
+diff -ruNp srtp/config.hw srtp.cvs/config.hw
+--- srtp/config.hw 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/config.hw 2007-05-27 19:35:25.000000000 +0200
+@@ -0,0 +1,196 @@
++/* crypto/include/config.h. Generated by configure. */
++/* config_in.h. Generated from configure.in by autoheader. */
++
++#ifdef (_MSC_VER >= 1400)
++# define HAVE_RAND_S 1
++#endif
++
++/* Define if building for a CISC machine (e.g. Intel). */
++#define CPU_CISC 1
++
++/* Define if building for a RISC machine (assume slow byte access). */
++/* #undef CPU_RISC */
++
++/* Path to random device */
++/* #define DEV_URANDOM "/dev/urandom" */
++
++/* Define to compile in dynamic debugging system. */
++#define ENABLE_DEBUGGING 1
++
++/* Report errors to this file. */
++/* #undef ERR_REPORTING_FILE */
++
++/* Define to use logging to stdout. */
++#define ERR_REPORTING_STDOUT 1
++
++/* Define this to use ISMAcryp code. */
++/* #undef GENERIC_AESICM */
++
++/* Define to 1 if you have the <arpa/inet.h> header file. */
++/* #undef HAVE_ARPA_INET_H */
++
++/* Define to 1 if you have the <byteswap.h> header file. */
++/* #undef HAVE_BYTESWAP_H */
++
++/* Define to 1 if you have the `inet_aton' function. */
++/* #undef HAVE_INET_ATON */
++
++/* Define to 1 if the system has the type `int16_t'. */
++#define HAVE_INT16_T 1
++
++/* Define to 1 if the system has the type `int32_t'. */
++#define HAVE_INT32_T 1
++
++/* Define to 1 if the system has the type `int8_t'. */
++#define HAVE_INT8_T 1
++
++/* Define to 1 if you have the <inttypes.h> header file. */
++/* #undef HAVE_INTTYPES_H */
++
++/* Define to 1 if you have the `socket' library (-lsocket). */
++/* #undef HAVE_LIBSOCKET */
++
++/* Define to 1 if you have the <machine/types.h> header file. */
++/* #undef HAVE_MACHINE_TYPES_H */
++
++/* Define to 1 if you have the <memory.h> header file. */
++#define HAVE_MEMORY_H 1
++
++/* Define to 1 if you have the <netinet/in.h> header file. */
++/* #undef HAVE_NETINET_IN_H */
++
++/* Define to 1 if you have the `socket' function. */
++/* #undef HAVE_SOCKET */
++
++/* Define to 1 if you have the <stdint.h> header file. */
++/* #undef HAVE_STDINT_H */
++
++/* Define to 1 if you have the <stdlib.h> header file. */
++#define HAVE_STDLIB_H 1
++
++/* Define to 1 if you have the <strings.h> header file. */
++#define HAVE_STRINGS_H 1
++
++/* Define to 1 if you have the <string.h> header file. */
++#define HAVE_STRING_H 1
++
++/* Define to 1 if you have the <syslog.h> header file. */
++/* #undef HAVE_SYSLOG_H */
++
++/* Define to 1 if you have the <sys/int_types.h> header file. */
++/* #undef HAVE_SYS_INT_TYPES_H */
++
++/* Define to 1 if you have the <sys/socket.h> header file. */
++/* #undef HAVE_SYS_SOCKET_H */
++
++/* Define to 1 if you have the <sys/stat.h> header file. */
++#define HAVE_SYS_STAT_H 1
++
++/* Define to 1 if you have the <sys/types.h> header file. */
++#define HAVE_SYS_TYPES_H 1
++
++/* Define to 1 if you have the <sys/uio.h> header file. */
++/* #undef HAVE_SYS_UIO_H */
++
++/* Define to 1 if the system has the type `uint16_t'. */
++#define HAVE_UINT16_T 1
++
++/* Define to 1 if the system has the type `uint32_t'. */
++#define HAVE_UINT32_T 1
++
++/* Define to 1 if the system has the type `uint64_t'. */
++#define HAVE_UINT64_T 1
++
++/* Define to 1 if the system has the type `uint8_t'. */
++#define HAVE_UINT8_T 1
++
++/* Define to 1 if you have the <unistd.h> header file. */
++/* #undef HAVE_UNISTD_H */
++
++/* Define to 1 if you have the `usleep' function. */
++/* #undef HAVE_USLEEP */
++
++/* Define to 1 if you have the <windows.h> header file. */
++#define HAVE_WINDOWS_H 1
++
++/* Define to 1 if you have the <winsock2.h> header file. */
++#define HAVE_WINSOCK2_H 1
++
++/* Define to use X86 inlined assembly code */
++/* #undef HAVE_X86 */
++
++/* Define to the address where bug reports for this package should be sent. */
++#define PACKAGE_BUGREPORT ""
++
++/* Define to the full name of this package. */
++#define PACKAGE_NAME ""
++
++/* Define to the full name and version of this package. */
++#define PACKAGE_STRING ""
++
++/* Define to the one symbol short name of this package. */
++#define PACKAGE_TARNAME ""
++
++/* Define to the version of this package. */
++#define PACKAGE_VERSION ""
++
++/* The size of a `unsigned long', as computed by sizeof. */
++#define SIZEOF_UNSIGNED_LONG 4
++
++/* The size of a `unsigned long long', as computed by sizeof. */
++#define SIZEOF_UNSIGNED_LONG_LONG 8
++
++/* Define to use GDOI. */
++/* #undef SRTP_GDOI */
++
++/* Define to compile for kernel contexts. */
++/* #undef SRTP_KERNEL */
++
++/* Define to compile for Linux kernel context. */
++/* #undef SRTP_KERNEL_LINUX */
++
++/* Define to 1 if you have the ANSI C header files. */
++#define STDC_HEADERS 1
++
++/* Write errors to this file */
++/* #undef USE_ERR_REPORTING_FILE */
++
++/* Define to use syslog logging. */
++/* #undef USE_SYSLOG */
++
++/* Define to 1 if your processor stores words with the most significant byte
++ first (like Motorola and SPARC, unlike Intel and VAX). */
++/* #undef WORDS_BIGENDIAN */
++
++/* Define to empty if `const' does not conform to ANSI C. */
++/* #undef const */
++
++/* Define 'inline' to nothing, since the MSVC compiler doesn't support it. */
++#define inline
++
++/* Define to `unsigned' if <sys/types.h> does not define. */
++/* #undef size_t */
++
++#if (_MSC_VER >= 1400) // VC8+
++#ifndef _CRT_SECURE_NO_DEPRECATE
++#define _CRT_SECURE_NO_DEPRECATE
++#endif
++#ifndef _CRT_NONSTDC_NO_DEPRECATE
++#define _CRT_NONSTDC_NO_DEPRECATE
++#endif
++#endif // VC8+
++
++#ifndef uint32_t
++typedef unsigned __int8 uint8_t;
++typedef unsigned __int16 uint16_t;
++typedef unsigned __int32 uint32_t;
++typedef unsigned __int64 uint64_t;
++typedef __int8 int8_t;
++typedef __int16 int16_t;
++typedef __int32 int32_t;
++typedef __int64 int64_t;
++#endif
++
++#ifdef _MSC_VER
++#pragma warning(disable:4311)
++#endif
+diff -ruNp srtp/config.h_win32vc7 srtp.cvs/config.h_win32vc7
+--- srtp/config.h_win32vc7 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/config.h_win32vc7 2007-05-27 19:35:25.000000000 +0200
+@@ -0,0 +1,174 @@
++/* Hacked config.h for Windows XP 32-bit & VC7 */
++
++#ifdef (_MSC_VER >= 1400)
++# define HAVE_RAND_S 1
++#endif
++
++/* Define if building for a CISC machine (e.g. Intel). */
++#define CPU_CISC 1
++
++/* Define if building for a RISC machine (assume slow byte access). */
++#undef CPU_RISC
++
++/* Path to random device */
++#undef DEV_URANDOM
++
++/* Define to compile in dynamic debugging system. */
++#undef ENABLE_DEBUGGING
++
++/* Report errors to this file. */
++#undef ERR_REPORTING_FILE
++
++/* Define to use logging to stdout. */
++#undef ERR_REPORTING_STDOUT
++
++/* Define this to use ISMAcryp code. */
++#undef GENERIC_AESICM
++
++/* Define to 1 if you have the <arpa/inet.h> header file. */
++#undef HAVE_ARPA_INET_H
++
++/* Define to 1 if you have the <byteswap.h> header file. */
++#undef HAVE_BYTESWAP_H
++
++/* Define to 1 if you have the `inet_aton' function. */
++#define HAVE_INET_ATON 1
++
++/* Define to 1 if the system has the type `int16_t'. */
++#undef HAVE_INT16_T
++
++/* Define to 1 if the system has the type `int32_t'. */
++#undef HAVE_INT32_T
++
++/* Define to 1 if the system has the type `int8_t'. */
++#undef HAVE_INT8_T
++
++/* Define to 1 if you have the <inttypes.h> header file. */
++#undef HAVE_INTTYPES_H
++
++/* Define to 1 if you have the `socket' library (-lsocket). */
++#undef HAVE_LIBSOCKET
++
++/* Define to 1 if you have the <machine/types.h> header file. */
++#undef HAVE_MACHINE_TYPES_H
++
++/* Define to 1 if you have the <memory.h> header file. */
++#define HAVE_MEMORY_H 1
++
++/* Define to 1 if you have the <netinet/in.h> header file. */
++#undef HAVE_NETINET_IN_H
++
++/* Define to 1 if you have the `socket' function. */
++#define HAVE_SOCKET 1
++
++/* Define to 1 if you have the <stdint.h> header file. */
++#undef HAVE_STDINT_H
++
++/* Define to 1 if you have the <stdlib.h> header file. */
++#define HAVE_STDLIB_H 1
++
++/* Define to 1 if you have the <strings.h> header file. */
++#define HAVE_STRINGS_H 1
++
++/* Define to 1 if you have the <string.h> header file. */
++#define HAVE_STRING_H 1
++
++/* Define to 1 if you have the <syslog.h> header file. */
++#undef HAVE_SYSLOG_H
++
++/* Define to 1 if you have the <sys/int_types.h> header file. */
++#undef HAVE_SYS_INT_TYPES_H
++
++/* Define to 1 if you have the <sys/socket.h> header file. */
++#undef HAVE_SYS_SOCKET_H
++
++/* Define to 1 if you have the <sys/stat.h> header file. */
++#undef HAVE_SYS_STAT_H
++
++/* Define to 1 if you have the <sys/types.h> header file. */
++#undef HAVE_SYS_TYPES_H
++
++/* Define to 1 if you have the <sys/uio.h> header file. */
++#undef HAVE_SYS_UIO_H
++
++/* Define to 1 if the system has the type `uint16_t'. */
++#undef HAVE_UINT16_T
++
++/* Define to 1 if the system has the type `uint32_t'. */
++#undef HAVE_UINT32_T
++
++/* Define to 1 if the system has the type `uint64_t'. */
++#undef HAVE_UINT64_T
++
++/* Define to 1 if the system has the type `uint8_t'. */
++#undef HAVE_UINT8_T
++
++/* Define to 1 if you have the <unistd.h> header file. */
++#define HAVE_UNISTD_H 1
++
++/* Define to 1 if you have the `usleep' function. */
++#define HAVE_USLEEP 1
++
++/* Define to 1 if you have the <windows.h> header file. */
++#define HAVE_WINDOWS_H 1
++
++/* Define to 1 if you have the <winsock2.h> header file. */
++#define HAVE_WINSOCK2_H 1
++
++/* Define to use X86 inlined assembly code */
++#undef HAVE_X86
++
++/* Define to the address where bug reports for this package should be sent. */
++#undef PACKAGE_BUGREPORT
++
++/* Define to the full name of this package. */
++#undef PACKAGE_NAME
++
++/* Define to the full name and version of this package. */
++#undef PACKAGE_STRING
++
++/* Define to the one symbol short name of this package. */
++#undef PACKAGE_TARNAME
++
++/* Define to the version of this package. */
++#undef PACKAGE_VERSION
++
++/* The size of a `unsigned long', as computed by sizeof. */
++#define SIZEOF_UNSIGNED_LONG 4
++
++/* The size of a `unsigned long long', as computed by sizeof. */
++#define SIZEOF_UNSIGNED_LONG_LONG 8
++
++/* Define to use GDOI. */
++#undef SRTP_GDOI
++
++/* Define to compile for kernel contexts. */
++#undef SRTP_KERNEL
++
++/* Define to compile for Linux kernel context. */
++#undef SRTP_KERNEL_LINUX
++
++/* Define to 1 if you have the ANSI C header files. */
++#undef STDC_HEADERS
++
++/* Write errors to this file */
++#undef USE_ERR_REPORTING_FILE
++
++/* Define to use syslog logging. */
++#undef USE_SYSLOG
++
++/* Define to 1 if your processor stores words with the most significant byte
++ first (like Motorola and SPARC, unlike Intel and VAX). */
++#undef WORDS_BIGENDIAN
++
++/* Define to empty if `const' does not conform to ANSI C. */
++//#undef const
++/* Define to `__inline__' or `__inline' if that's what the C compiler
++ calls it, or to nothing if 'inline' is not supported under any name. */
++//#ifndef __cplusplus
++//#undef inline
++//#endif
++#define inline __inline
++
++/* Define to `unsigned' if <sys/types.h> does not define. */
++//#undef size_t
+diff -ruNp srtp/configure srtp.cvs/configure
+--- srtp/configure 2006-05-07 20:51:38.000000000 +0200
++++ srtp.cvs/configure 2007-05-27 19:35:25.000000000 +0200
+@@ -309,7 +309,7 @@ ac_includes_default="\
+ # include <unistd.h>
+ #endif"
+
+-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS RANLIB ac_ct_RANLIB CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA RNG_OBJS CPP EGREP build build_cpu build_vendor build_os host host_cpu host_vendor host_os EXE GDOI_OBJS LIBOBJS LTLIBOBJS'
++ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS RANLIB ac_ct_RANLIB CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA build build_cpu build_vendor build_os host host_cpu host_vendor host_os EXE RNG_OBJS CPP EGREP GDOI_OBJS LIBOBJS LTLIBOBJS'
+ ac_subst_files=''
+
+ # Initialize some variables set by options.
+@@ -844,7 +844,6 @@ if test -n "$ac_init_help"; then
+ Optional Features:
+ --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
+ --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
+- --enable-pic build with PIC
+ --enable-kernel-linux build library to run in Linux kernel context
+ --disable-debug do not compile in dynamic debugging system
+ --enable-generic-aesicm compile in changes for ISMAcryp
+@@ -2420,11 +2419,333 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCR
+ test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+
+-# Check whether --enable-pic or --disable-pic was given.
+-if test "${enable_pic+set}" = set; then
+- enableval="$enable_pic"
+- CFLAGS="-fPIC $CFLAGS"
+-fi;
++
++echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
++echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
++if test "${ac_cv_c_bigendian+set}" = set; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++ # See if sys/param.h defines the BYTE_ORDER macro.
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++#include <sys/types.h>
++#include <sys/param.h>
++
++int
++main ()
++{
++#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
++ bogus endian macros
++#endif
++
++ ;
++ return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
++ (eval $ac_compile) 2>conftest.er1
++ ac_status=$?
++ grep -v '^ *+' conftest.er1 >conftest.err
++ rm -f conftest.er1
++ cat conftest.err >&5
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } &&
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; } &&
++ { ac_try='test -s conftest.$ac_objext'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; }; then
++ # It does; now see whether it defined to BIG_ENDIAN or not.
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++#include <sys/types.h>
++#include <sys/param.h>
++
++int
++main ()
++{
++#if BYTE_ORDER != BIG_ENDIAN
++ not big endian
++#endif
++
++ ;
++ return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
++ (eval $ac_compile) 2>conftest.er1
++ ac_status=$?
++ grep -v '^ *+' conftest.er1 >conftest.err
++ rm -f conftest.er1
++ cat conftest.err >&5
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } &&
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; } &&
++ { ac_try='test -s conftest.$ac_objext'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; }; then
++ ac_cv_c_bigendian=yes
++else
++ echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++ac_cv_c_bigendian=no
++fi
++rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
++else
++ echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++# It does not; compile a test program.
++if test "$cross_compiling" = yes; then
++ # try to guess the endianness by grepping values into an object file
++ ac_cv_c_bigendian=unknown
++ cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
++short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
++void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; }
++short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
++short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
++void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; }
++int
++main ()
++{
++ _ascii (); _ebcdic ();
++ ;
++ return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
++ (eval $ac_compile) 2>conftest.er1
++ ac_status=$?
++ grep -v '^ *+' conftest.er1 >conftest.err
++ rm -f conftest.er1
++ cat conftest.err >&5
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } &&
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; } &&
++ { ac_try='test -s conftest.$ac_objext'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; }; then
++ if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then
++ ac_cv_c_bigendian=yes
++fi
++if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
++ if test "$ac_cv_c_bigendian" = unknown; then
++ ac_cv_c_bigendian=no
++ else
++ # finding both strings is unlikely to happen, but who knows?
++ ac_cv_c_bigendian=unknown
++ fi
++fi
++else
++ echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++fi
++rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
++else
++ cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++int
++main ()
++{
++ /* Are we little or big endian? From Harbison&Steele. */
++ union
++ {
++ long l;
++ char c[sizeof (long)];
++ } u;
++ u.l = 1;
++ exit (u.c[sizeof (long) - 1] == 1);
++}
++_ACEOF
++rm -f conftest$ac_exeext
++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
++ (eval $ac_link) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); }; }; then
++ ac_cv_c_bigendian=no
++else
++ echo "$as_me: program exited with status $ac_status" >&5
++echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++( exit $ac_status )
++ac_cv_c_bigendian=yes
++fi
++rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
++fi
++fi
++rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
++fi
++echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
++echo "${ECHO_T}$ac_cv_c_bigendian" >&6
++case $ac_cv_c_bigendian in
++ yes)
++
++cat >>confdefs.h <<\_ACEOF
++#define WORDS_BIGENDIAN 1
++_ACEOF
++ ;;
++ no)
++ ;;
++ *)
++ { { echo "$as_me:$LINENO: error: unknown endianness
++presetting ac_cv_c_bigendian=no (or yes) will help" >&5
++echo "$as_me: error: unknown endianness
++presetting ac_cv_c_bigendian=no (or yes) will help" >&2;}
++ { (exit 1); exit 1; }; } ;;
++esac
++
++
++# Make sure we can run config.sub.
++$ac_config_sub sun4 >/dev/null 2>&1 ||
++ { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5
++echo "$as_me: error: cannot run $ac_config_sub" >&2;}
++ { (exit 1); exit 1; }; }
++
++echo "$as_me:$LINENO: checking build system type" >&5
++echo $ECHO_N "checking build system type... $ECHO_C" >&6
++if test "${ac_cv_build+set}" = set; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++ ac_cv_build_alias=$build_alias
++test -z "$ac_cv_build_alias" &&
++ ac_cv_build_alias=`$ac_config_guess`
++test -z "$ac_cv_build_alias" &&
++ { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5
++echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
++ { (exit 1); exit 1; }; }
++ac_cv_build=`$ac_config_sub $ac_cv_build_alias` ||
++ { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5
++echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;}
++ { (exit 1); exit 1; }; }
++
++fi
++echo "$as_me:$LINENO: result: $ac_cv_build" >&5
++echo "${ECHO_T}$ac_cv_build" >&6
++build=$ac_cv_build
++build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
++build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
++build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
++
++
++echo "$as_me:$LINENO: checking host system type" >&5
++echo $ECHO_N "checking host system type... $ECHO_C" >&6
++if test "${ac_cv_host+set}" = set; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++ ac_cv_host_alias=$host_alias
++test -z "$ac_cv_host_alias" &&
++ ac_cv_host_alias=$ac_cv_build_alias
++ac_cv_host=`$ac_config_sub $ac_cv_host_alias` ||
++ { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5
++echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;}
++ { (exit 1); exit 1; }; }
++
++fi
++echo "$as_me:$LINENO: result: $ac_cv_host" >&5
++echo "${ECHO_T}$ac_cv_host" >&6
++host=$ac_cv_host
++host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
++host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
++host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
++
++
++
++case $host_cpu in
++ i*86 )
++
++cat >>confdefs.h <<\_ACEOF
++#define CPU_CISC 1
++_ACEOF
++
++
++cat >>confdefs.h <<\_ACEOF
++#define HAVE_X86 1
++_ACEOF
++;;
++ * )
++ # CPU_RISC is only supported for big endian machines.
++ if test "$ac_cv_c_bigendian" = "yes"; then
++
++cat >>confdefs.h <<\_ACEOF
++#define CPU_RISC 1
++_ACEOF
++
++ else
++ cat >>confdefs.h <<\_ACEOF
++#define CPU_CISC 1
++_ACEOF
++
++ fi
++ ;;
++esac
++
++case $host_os in
++ *cygwin*|*mingw* )
++ EXE=.exe
++ HOST_IS_WINDOWS=yes
++ ;;
++ * )
++ EXE=""
++ ;;
++esac
++ # define executable suffix; this is needed for `make clean'
++
+
+ # Check whether --enable-kernel-linux or --disable-kernel-linux was given.
+ if test "${enable_kernel_linux+set}" = set; then
+@@ -2450,7 +2771,7 @@ fi
+ echo "$as_me:$LINENO: result: $enable_kernel_linux" >&5
+ echo "${ECHO_T}$enable_kernel_linux" >&6
+
+-if test "$cross_compiling" != yes; then
++if test "$cross_compiling" != yes -a "$HOST_IS_WINDOWS" != yes; then
+ echo "$as_me:$LINENO: checking for /dev/urandom" >&5
+ echo $ECHO_N "checking for /dev/urandom... $ECHO_C" >&6
+ if test "${ac_cv_file__dev_urandom+set}" = set; then
+@@ -2520,7 +2841,6 @@ fi
+
+
+
+-
+ ac_ext=c
+ ac_cpp='$CPP $CPPFLAGS'
+ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+@@ -6595,209 +6915,36 @@ if test "x$ac_cv_func_socket" = "xno"; t
+
+ echo "$as_me:$LINENO: checking for socket in -lsocket" >&5
+ echo $ECHO_N "checking for socket in -lsocket... $ECHO_C" >&6
+-if test "${ac_cv_lib_socket_socket+set}" = set; then
+- echo $ECHO_N "(cached) $ECHO_C" >&6
+-else
+- ac_check_lib_save_LIBS=$LIBS
+-LIBS="-lsocket $LIBS"
+-cat >conftest.$ac_ext <<_ACEOF
+-/* confdefs.h. */
+-_ACEOF
+-cat confdefs.h >>conftest.$ac_ext
+-cat >>conftest.$ac_ext <<_ACEOF
+-/* end confdefs.h. */
+-
+-/* Override any gcc2 internal prototype to avoid an error. */
+-#ifdef __cplusplus
+-extern "C"
+-#endif
+-/* We use char because int might match the return type of a gcc2
+- builtin and then its argument prototype would still apply. */
+-char socket ();
+-int
+-main ()
+-{
+-socket ();
+- ;
+- return 0;
+-}
+-_ACEOF
+-rm -f conftest.$ac_objext conftest$ac_exeext
+-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+- (eval $ac_link) 2>conftest.er1
+- ac_status=$?
+- grep -v '^ *+' conftest.er1 >conftest.err
+- rm -f conftest.er1
+- cat conftest.err >&5
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag"
+- || test ! -s conftest.err'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; } &&
+- { ac_try='test -s conftest$ac_exeext'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; }; then
+- ac_cv_lib_socket_socket=yes
+-else
+- echo "$as_me: failed program was:" >&5
+-sed 's/^/| /' conftest.$ac_ext >&5
+-
+-ac_cv_lib_socket_socket=no
+-fi
+-rm -f conftest.err conftest.$ac_objext \
+- conftest$ac_exeext conftest.$ac_ext
+-LIBS=$ac_check_lib_save_LIBS
+-fi
+-echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5
+-echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6
+-if test $ac_cv_lib_socket_socket = yes; then
+- cat >>confdefs.h <<_ACEOF
+-#define HAVE_LIBSOCKET 1
+-_ACEOF
+-
+- LIBS="-lsocket $LIBS"
+-
+-fi
+-
+- echo "$as_me:$LINENO: checking for socket in -lwsock32" >&5
+-echo $ECHO_N "checking for socket in -lwsock32... $ECHO_C" >&6
+- SAVELIBS="$LIBS"
+- LIBS="$LIBS -lwsock32"
+- cat >conftest.$ac_ext <<_ACEOF
+-/* confdefs.h. */
+-_ACEOF
+-cat confdefs.h >>conftest.$ac_ext
+-cat >>conftest.$ac_ext <<_ACEOF
+-/* end confdefs.h. */
+-
+-#include <winsock2.h>
+-
+-int
+-main ()
+-{
+-
+-socket(0, 0, 0);
+-
+- ;
+- return 0;
+-}
+-_ACEOF
+-rm -f conftest.$ac_objext conftest$ac_exeext
+-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+- (eval $ac_link) 2>conftest.er1
+- ac_status=$?
+- grep -v '^ *+' conftest.er1 >conftest.err
+- rm -f conftest.er1
+- cat conftest.err >&5
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag"
+- || test ! -s conftest.err'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; } &&
+- { ac_try='test -s conftest$ac_exeext'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; }; then
+- ac_cv_func_socket=yes
+- echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6
+-else
+- echo "$as_me: failed program was:" >&5
+-sed 's/^/| /' conftest.$ac_ext >&5
+-
+-LIBS="$SAVELIBS"
+- echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6
+-fi
+-rm -f conftest.err conftest.$ac_objext \
+- conftest$ac_exeext conftest.$ac_ext
+-fi
+-
+-echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5
+-echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6
+-if test "${ac_cv_c_bigendian+set}" = set; then
+- echo $ECHO_N "(cached) $ECHO_C" >&6
+-else
+- # See if sys/param.h defines the BYTE_ORDER macro.
+-cat >conftest.$ac_ext <<_ACEOF
+-/* confdefs.h. */
+-_ACEOF
+-cat confdefs.h >>conftest.$ac_ext
+-cat >>conftest.$ac_ext <<_ACEOF
+-/* end confdefs.h. */
+-#include <sys/types.h>
+-#include <sys/param.h>
+-
+-int
+-main ()
+-{
+-#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
+- bogus endian macros
+-#endif
+-
+- ;
+- return 0;
+-}
+-_ACEOF
+-rm -f conftest.$ac_objext
+-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+- (eval $ac_compile) 2>conftest.er1
+- ac_status=$?
+- grep -v '^ *+' conftest.er1 >conftest.err
+- rm -f conftest.er1
+- cat conftest.err >&5
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag"
+- || test ! -s conftest.err'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; } &&
+- { ac_try='test -s conftest.$ac_objext'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; }; then
+- # It does; now see whether it defined to BIG_ENDIAN or not.
++if test "${ac_cv_lib_socket_socket+set}" = set; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++ ac_check_lib_save_LIBS=$LIBS
++LIBS="-lsocket $LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h. */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h. */
+-#include <sys/types.h>
+-#include <sys/param.h>
+
++/* Override any gcc2 internal prototype to avoid an error. */
++#ifdef __cplusplus
++extern "C"
++#endif
++/* We use char because int might match the return type of a gcc2
++ builtin and then its argument prototype would still apply. */
++char socket ();
+ int
+ main ()
+ {
+-#if BYTE_ORDER != BIG_ENDIAN
+- not big endian
+-#endif
+-
++socket ();
+ ;
+ return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+- (eval $ac_compile) 2>conftest.er1
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
++ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+@@ -6811,51 +6958,60 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+- { ac_try='test -s conftest.$ac_objext'
++ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+- ac_cv_c_bigendian=yes
++ ac_cv_lib_socket_socket=yes
+ else
+ echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+
+-ac_cv_c_bigendian=no
++ac_cv_lib_socket_socket=no
+ fi
+-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+-else
+- echo "$as_me: failed program was:" >&5
+-sed 's/^/| /' conftest.$ac_ext >&5
++rm -f conftest.err conftest.$ac_objext \
++ conftest$ac_exeext conftest.$ac_ext
++LIBS=$ac_check_lib_save_LIBS
++fi
++echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5
++echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6
++if test $ac_cv_lib_socket_socket = yes; then
++ cat >>confdefs.h <<_ACEOF
++#define HAVE_LIBSOCKET 1
++_ACEOF
+
+-# It does not; compile a test program.
+-if test "$cross_compiling" = yes; then
+- # try to guess the endianness by grepping values into an object file
+- ac_cv_c_bigendian=unknown
++ LIBS="-lsocket $LIBS"
++
++fi
++
++ echo "$as_me:$LINENO: checking for socket in -lwsock32" >&5
++echo $ECHO_N "checking for socket in -lwsock32... $ECHO_C" >&6
++ SAVELIBS="$LIBS"
++ LIBS="$LIBS -lwsock32"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h. */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h. */
+-short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
+-short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
+-void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; }
+-short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
+-short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
+-void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; }
++
++#include <winsock2.h>
++
+ int
+ main ()
+ {
+- _ascii (); _ebcdic ();
++
++socket(0, 0, 0);
++
+ ;
+ return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+- (eval $ac_compile) 2>conftest.er1
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
++ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+@@ -6869,185 +7025,26 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+- { ac_try='test -s conftest.$ac_objext'
++ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+- if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then
+- ac_cv_c_bigendian=yes
+-fi
+-if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
+- if test "$ac_cv_c_bigendian" = unknown; then
+- ac_cv_c_bigendian=no
+- else
+- # finding both strings is unlikely to happen, but who knows?
+- ac_cv_c_bigendian=unknown
+- fi
+-fi
++ ac_cv_func_socket=yes
++ echo "$as_me:$LINENO: result: yes" >&5
++echo "${ECHO_T}yes" >&6
+ else
+ echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+
++LIBS="$SAVELIBS"
++ echo "$as_me:$LINENO: result: no" >&5
++echo "${ECHO_T}no" >&6
+ fi
+-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+-else
+- cat >conftest.$ac_ext <<_ACEOF
+-/* confdefs.h. */
+-_ACEOF
+-cat confdefs.h >>conftest.$ac_ext
+-cat >>conftest.$ac_ext <<_ACEOF
+-/* end confdefs.h. */
+-int
+-main ()
+-{
+- /* Are we little or big endian? From Harbison&Steele. */
+- union
+- {
+- long l;
+- char c[sizeof (long)];
+- } u;
+- u.l = 1;
+- exit (u.c[sizeof (long) - 1] == 1);
+-}
+-_ACEOF
+-rm -f conftest$ac_exeext
+-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+- (eval $ac_link) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+- (eval $ac_try) 2>&5
+- ac_status=$?
+- echo "$as_me:$LINENO: \$? = $ac_status" >&5
+- (exit $ac_status); }; }; then
+- ac_cv_c_bigendian=no
+-else
+- echo "$as_me: program exited with status $ac_status" >&5
+-echo "$as_me: failed program was:" >&5
+-sed 's/^/| /' conftest.$ac_ext >&5
+-
+-( exit $ac_status )
+-ac_cv_c_bigendian=yes
+-fi
+-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+-fi
+-fi
+-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+-fi
+-echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5
+-echo "${ECHO_T}$ac_cv_c_bigendian" >&6
+-case $ac_cv_c_bigendian in
+- yes)
+-
+-cat >>confdefs.h <<\_ACEOF
+-#define WORDS_BIGENDIAN 1
+-_ACEOF
+- ;;
+- no)
+- ;;
+- *)
+- { { echo "$as_me:$LINENO: error: unknown endianness
+-presetting ac_cv_c_bigendian=no (or yes) will help" >&5
+-echo "$as_me: error: unknown endianness
+-presetting ac_cv_c_bigendian=no (or yes) will help" >&2;}
+- { (exit 1); exit 1; }; } ;;
+-esac
+-
+-
+-# Make sure we can run config.sub.
+-$ac_config_sub sun4 >/dev/null 2>&1 ||
+- { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5
+-echo "$as_me: error: cannot run $ac_config_sub" >&2;}
+- { (exit 1); exit 1; }; }
+-
+-echo "$as_me:$LINENO: checking build system type" >&5
+-echo $ECHO_N "checking build system type... $ECHO_C" >&6
+-if test "${ac_cv_build+set}" = set; then
+- echo $ECHO_N "(cached) $ECHO_C" >&6
+-else
+- ac_cv_build_alias=$build_alias
+-test -z "$ac_cv_build_alias" &&
+- ac_cv_build_alias=`$ac_config_guess`
+-test -z "$ac_cv_build_alias" &&
+- { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5
+-echo "$as_me: error: cannot guess build type; you must specify one" >&2;}
+- { (exit 1); exit 1; }; }
+-ac_cv_build=`$ac_config_sub $ac_cv_build_alias` ||
+- { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5
+-echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;}
+- { (exit 1); exit 1; }; }
+-
+-fi
+-echo "$as_me:$LINENO: result: $ac_cv_build" >&5
+-echo "${ECHO_T}$ac_cv_build" >&6
+-build=$ac_cv_build
+-build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+-build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+-build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+-
+-
+-echo "$as_me:$LINENO: checking host system type" >&5
+-echo $ECHO_N "checking host system type... $ECHO_C" >&6
+-if test "${ac_cv_host+set}" = set; then
+- echo $ECHO_N "(cached) $ECHO_C" >&6
+-else
+- ac_cv_host_alias=$host_alias
+-test -z "$ac_cv_host_alias" &&
+- ac_cv_host_alias=$ac_cv_build_alias
+-ac_cv_host=`$ac_config_sub $ac_cv_host_alias` ||
+- { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5
+-echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;}
+- { (exit 1); exit 1; }; }
+-
++rm -f conftest.err conftest.$ac_objext \
++ conftest$ac_exeext conftest.$ac_ext
+ fi
+-echo "$as_me:$LINENO: result: $ac_cv_host" >&5
+-echo "${ECHO_T}$ac_cv_host" >&6
+-host=$ac_cv_host
+-host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+-host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+-host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+-
+-
+-
+-case $host_cpu in
+- i*86 )
+-
+-cat >>confdefs.h <<\_ACEOF
+-#define CPU_CISC 1
+-_ACEOF
+-
+-
+-cat >>confdefs.h <<\_ACEOF
+-#define HAVE_X86 1
+-_ACEOF
+-;;
+- * )
+- # CPU_RISC is only supported for big endian machines.
+- if test "$ac_cv_c_bigendian" = "yes"; then
+-
+-cat >>confdefs.h <<\_ACEOF
+-#define CPU_RISC 1
+-_ACEOF
+-
+- else
+- cat >>confdefs.h <<\_ACEOF
+-#define CPU_CISC 1
+-_ACEOF
+-
+- fi
+- ;;
+-esac
+-
+-case $host_os in
+- *cygwin*|*mingw* )
+- EXE=.exe;;
+- * ) EXE="";;
+-esac
+-
+- # define executable suffix; this is needed for `make clean'
+
+ echo "$as_me:$LINENO: checking whether to compile in debugging" >&5
+ echo $ECHO_N "checking whether to compile in debugging... $ECHO_C" >&6
+@@ -7799,9 +7796,6 @@ s, at OBJEXT@,$OBJEXT,;t t
+ s, at INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t
+ s, at INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t
+ s, at INSTALL_DATA@,$INSTALL_DATA,;t t
+-s, at RNG_OBJS@,$RNG_OBJS,;t t
+-s, at CPP@,$CPP,;t t
+-s, at EGREP@,$EGREP,;t t
+ s, at build@,$build,;t t
+ s, at build_cpu@,$build_cpu,;t t
+ s, at build_vendor@,$build_vendor,;t t
+@@ -7811,6 +7805,9 @@ s, at host_cpu@,$host_cpu,;t t
+ s, at host_vendor@,$host_vendor,;t t
+ s, at host_os@,$host_os,;t t
+ s, at EXE@,$EXE,;t t
++s, at RNG_OBJS@,$RNG_OBJS,;t t
++s, at CPP@,$CPP,;t t
++s, at EGREP@,$EGREP,;t t
+ s, at GDOI_OBJS@,$GDOI_OBJS,;t t
+ s, at LIBOBJS@,$LIBOBJS,;t t
+ s, at LTLIBOBJS@,$LTLIBOBJS,;t t
+diff -ruNp srtp/configure.in srtp.cvs/configure.in
+--- srtp/configure.in 2006-05-07 20:51:06.000000000 +0200
++++ srtp.cvs/configure.in 2007-05-27 19:35:25.000000000 +0200
+@@ -12,7 +12,41 @@ AC_PROG_RANLIB
+ AC_PROG_CC
+ AC_PROG_INSTALL
+
+-AC_ARG_ENABLE(pic, [AS_HELP_STRING([--enable-pic],[build with PIC])],[CFLAGS="-fPIC $CFLAGS"])
++dnl Check the byte order
++AC_C_BIGENDIAN
++
++AC_CANONICAL_HOST
++
++dnl check host_cpu type, set defines appropriately
++case $host_cpu in
++ i*86 )
++ AC_DEFINE(CPU_CISC, 1,
++ [Define if building for a CISC machine (e.g. Intel).])
++ AC_DEFINE(HAVE_X86, 1,
++ [Define to use X86 inlined assembly code]);;
++ * )
++ # CPU_RISC is only supported for big endian machines.
++ if test "$ac_cv_c_bigendian" = "yes"; then
++ AC_DEFINE(CPU_RISC, 1,
++ [Define if building for a RISC machine (assume slow byte access).])
++ else
++ AC_DEFINE(CPU_CISC, 1)
++ fi
++ ;;
++esac
++
++dnl Check if we are on a Windows platform.
++case $host_os in
++ *cygwin*|*mingw* )
++ EXE=.exe
++ HOST_IS_WINDOWS=yes
++ ;;
++ * )
++ EXE=""
++ ;;
++esac
++AC_SUBST(EXE) # define executable suffix; this is needed for `make clean'
++
+
+ AC_ARG_ENABLE(kernel-linux,
+ [AS_HELP_STRING([--enable-kernel-linux],
+@@ -27,7 +61,7 @@ if test "$enable_kernel_linux" = "yes";
+ fi
+ AC_MSG_RESULT($enable_kernel_linux)
+
+-if test "$cross_compiling" != yes; then
++if test "$cross_compiling" != yes -a "$HOST_IS_WINDOWS" != yes; then
+ dnl Check for /dev/urandom
+ AC_CHECK_FILE(/dev/urandom, DEV_URANDOM=/dev/urandom,
+ [AC_CHECK_FILE(/dev/random, DEV_URANDOM=/dev/random)])
+@@ -96,38 +130,6 @@ socket(0, 0, 0);
+ AC_MSG_RESULT(no))
+ fi
+
+-dnl Check the byte order
+-AC_C_BIGENDIAN
+-
+-AC_CANONICAL_HOST
+-
+-dnl check host_cpu type, set defines appropriately
+-case $host_cpu in
+- i*86 )
+- AC_DEFINE(CPU_CISC, 1,
+- [Define if building for a CISC machine (e.g. Intel).])
+- AC_DEFINE(HAVE_X86, 1,
+- [Define to use X86 inlined assembly code]);;
+- * )
+- # CPU_RISC is only supported for big endian machines.
+- if test "$ac_cv_c_bigendian" = "yes"; then
+- AC_DEFINE(CPU_RISC, 1,
+- [Define if building for a RISC machine (assume slow byte access).])
+- else
+- AC_DEFINE(CPU_CISC, 1)
+- fi
+- ;;
+-esac
+-
+-dnl Check if we're on a Windows platform.
+-case $host_os in
+- *cygwin*|*mingw* )
+- EXE=.exe;;
+- * ) EXE="";;
+-esac
+-
+-AC_SUBST(EXE) # define executable suffix; this is needed for `make clean'
+-
+ AC_MSG_CHECKING(whether to compile in debugging)
+ AC_ARG_ENABLE(debug,
+ [AS_HELP_STRING([--disable-debug],
+diff -ruNp srtp/crypto/ae_xfm/xfm.c srtp.cvs/crypto/ae_xfm/xfm.c
+--- srtp/crypto/ae_xfm/xfm.c 2005-10-02 22:23:23.000000000 +0200
++++ srtp.cvs/crypto/ae_xfm/xfm.c 2006-07-22 00:53:01.000000000 +0200
+@@ -564,7 +564,7 @@ cryptoalg_find_by_id(int id) {
+ case 1:
+ return cryptoalg;
+ default:
+- return 0;
++ break;
+ }
+ return 0;
+ }
+diff -ruNp srtp/crypto/cipher/aes.c srtp.cvs/crypto/cipher/aes.c
+--- srtp/crypto/cipher/aes.c 2005-10-08 18:39:25.000000000 +0200
++++ srtp.cvs/crypto/cipher/aes.c 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -1358,7 +1358,7 @@ static uint32_t U4[256] = {
+
+ extern debug_module_t mod_aes_icm;
+
+-inline void
++void
+ aes_expand_encryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key) {
+ int i;
+@@ -1411,7 +1411,7 @@ aes_expand_encryption_key(const v128_t *
+ }
+ }
+
+-inline void
++void
+ aes_expand_decryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key) {
+ int i;
+diff -ruNp srtp/crypto/cipher/aes_cbc.c srtp.cvs/crypto/cipher/aes_cbc.c
+--- srtp/crypto/cipher/aes_cbc.c 2005-10-08 18:38:06.000000000 +0200
++++ srtp.cvs/crypto/cipher/aes_cbc.c 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -68,7 +68,7 @@ aes_cbc_alloc(cipher_t **c, int key_len)
+
+ /* allocate memory a cipher of type aes_icm */
+ tmp = (sizeof(aes_cbc_ctx_t) + sizeof(cipher_t));
+- pointer = crypto_alloc(tmp);
++ pointer = (uint8_t*)crypto_alloc(tmp);
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+@@ -135,7 +135,7 @@ err_status_t
+ aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv) {
+ int i;
+ /* v128_t *input = iv; */
+- uint8_t *input = iv;
++ uint8_t *input = (uint8_t*) iv;
+
+ /* set state and 'previous' block to iv */
+ for (i=0; i < 16; i++)
+diff -ruNp srtp/crypto/cipher/aes_icm.c srtp.cvs/crypto/cipher/aes_icm.c
+--- srtp/crypto/cipher/aes_icm.c 2006-03-16 18:11:29.000000000 +0100
++++ srtp.cvs/crypto/cipher/aes_icm.c 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -98,18 +98,20 @@ aes_icm_alloc_ismacryp(cipher_t **c, int
+ debug_print(mod_aes_icm,
+ "allocating cipher with key length %d", key_len);
+
+- // Ismacryp, for example, uses 16 byte key + 8 byte
+- // salt so this function is called with key_len = 24.
+- // The check for key_len = 30 does not apply. Our usage
+- // of aes functions with key_len = values other than 30
+- // has not broken anything. Don't know what would be the
+- // effect of skipping this check for srtp in general.
++ /*
++ * Ismacryp, for example, uses 16 byte key + 8 byte
++ * salt so this function is called with key_len = 24.
++ * The check for key_len = 30 does not apply. Our usage
++ * of aes functions with key_len = values other than 30
++ * has not broken anything. Don't know what would be the
++ * effect of skipping this check for srtp in general.
++ */
+ if (!forIsmacryp && key_len != 30)
+ return err_status_bad_param;
+
+ /* allocate memory a cipher of type aes_icm */
+ tmp = (sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
+- pointer = crypto_alloc(tmp);
++ pointer = (uint8_t*)crypto_alloc(tmp);
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+@@ -256,7 +258,7 @@ aes_icm_set_octet(aes_icm_ctx_t *c,
+
+ err_status_t
+ aes_icm_set_iv(aes_icm_ctx_t *c, void *iv) {
+- v128_t *nonce = iv;
++ v128_t *nonce = (v128_t *) iv;
+
+ debug_print(mod_aes_icm,
+ "setting iv: %s", v128_hex_string(nonce));
+@@ -329,7 +331,7 @@ aes_icm_encrypt_ismacryp(aes_icm_ctx_t *
+ unsigned char *buf, unsigned int *enc_len,
+ int forIsmacryp) {
+ unsigned int bytes_to_encr = *enc_len;
+- int i;
++ unsigned int i;
+ uint32_t *b;
+
+ /* check that there's enough segment left but not for ismacryp*/
+@@ -338,7 +340,7 @@ aes_icm_encrypt_ismacryp(aes_icm_ctx_t *
+
+ debug_print(mod_aes_icm, "block index: %d",
+ htons(c->counter.v16[7]));
+- if (bytes_to_encr <= c->bytes_in_buffer) {
++ if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) {
+
+ /* deal with odd case of small bytes_to_encr */
+ for (i = (sizeof(v128_t) - c->bytes_in_buffer);
+diff -ruNp srtp/crypto/cipher/cipher.c srtp.cvs/crypto/cipher/cipher.c
+--- srtp/crypto/cipher/cipher.c 2005-10-03 17:27:53.000000000 +0200
++++ srtp.cvs/crypto/cipher/cipher.c 2006-07-22 00:53:01.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -283,7 +283,7 @@ cipher_type_self_test(const cipher_type_
+ octet_string_hex_string(buffer, length));
+
+ /* copy plaintext into second buffer */
+- for (i=0; i < length; i++)
++ for (i=0; (unsigned int)i < length; i++)
+ buffer2[i] = buffer[i];
+
+ /* choose a key at random */
+@@ -383,7 +383,7 @@ cipher_bits_per_second(cipher_t *c, int
+ unsigned char *enc_buf;
+ unsigned int len = octets_in_buffer;
+
+- enc_buf = crypto_alloc(octets_in_buffer);
++ enc_buf = (unsigned char*) crypto_alloc(octets_in_buffer);
+ if (enc_buf == NULL)
+ return 0; /* indicate bad parameters by returning null */
+
+diff -ruNp srtp/crypto/cipher/null_cipher.c srtp.cvs/crypto/cipher/null_cipher.c
+--- srtp/crypto/cipher/null_cipher.c 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/cipher/null_cipher.c 2006-07-22 00:53:01.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -61,7 +61,7 @@ null_cipher_alloc(cipher_t **c, int key_
+ "allocating cipher with key length %d", key_len);
+
+ /* allocate memory a cipher of type null_cipher */
+- pointer = crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
++ pointer = (uint8_t*)crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+diff -ruNp srtp/crypto/hash/auth.c srtp.cvs/crypto/hash/auth.c
+--- srtp/crypto/hash/auth.c 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/hash/auth.c 2006-06-08 19:00:26.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/hash/hmac.c srtp.cvs/crypto/hash/hmac.c
+--- srtp/crypto/hash/hmac.c 2005-10-03 17:53:26.000000000 +0200
++++ srtp.cvs/crypto/hash/hmac.c 2006-07-22 00:53:01.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -57,7 +57,6 @@ err_status_t
+ hmac_alloc(auth_t **a, int key_len, int out_len) {
+ extern auth_type_t hmac;
+ uint8_t *pointer;
+- hmac_ctx_t *new_hmac_ctx;
+
+ debug_print(mod_hmac, "allocating auth func with key length %d", key_len);
+ debug_print(mod_hmac, " tag length %d", out_len);
+@@ -74,7 +73,7 @@ hmac_alloc(auth_t **a, int key_len, int
+ return err_status_bad_param;
+
+ /* allocate memory for auth and hmac_ctx_t structures */
+- pointer = crypto_alloc(sizeof(hmac_ctx_t) + sizeof(auth_t));
++ pointer = (uint8_t*)crypto_alloc(sizeof(hmac_ctx_t) + sizeof(auth_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+@@ -85,7 +84,6 @@ hmac_alloc(auth_t **a, int key_len, int
+ (*a)->out_len = out_len;
+ (*a)->key_len = key_len;
+ (*a)->prefix_len = 0;
+- new_hmac_ctx = (hmac_ctx_t *)((*a)->state);
+
+ /* increment global count of all hmac uses */
+ hmac.ref_count++;
+@@ -180,7 +178,7 @@ hmac_compute(hmac_ctx_t *state, const vo
+ return err_status_bad_param;
+
+ /* hash message, copy output into H */
+- hmac_update(state, message, msg_octets);
++ hmac_update(state, (const uint8_t*)message, msg_octets);
+ sha1_final(&state->ctx, H);
+
+ /*
+diff -ruNp srtp/crypto/hash/null_auth.c srtp.cvs/crypto/hash/null_auth.c
+--- srtp/crypto/hash/null_auth.c 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/hash/null_auth.c 2006-07-22 00:53:01.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -61,7 +61,7 @@ null_auth_alloc(auth_t **a, int key_len,
+ debug_print(mod_auth, " tag length %d", out_len);
+
+ /* allocate memory for auth and null_auth_ctx_t structures */
+- pointer = crypto_alloc(sizeof(null_auth_ctx_t) + sizeof(auth_t));
++ pointer = (uint8_t*)crypto_alloc(sizeof(null_auth_ctx_t) + sizeof(auth_t));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+diff -ruNp srtp/crypto/hash/sha1.c srtp.cvs/crypto/hash/sha1.c
+--- srtp/crypto/hash/sha1.c 2006-03-17 18:41:33.000000000 +0100
++++ srtp.cvs/crypto/hash/sha1.c 2007-05-27 19:35:25.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -114,7 +114,7 @@ sha1_core(const uint32_t M[16], uint32_t
+ H4 = hash_value[4];
+
+ /* copy/xor message into array */
+-
++
+ W[0] = be32_to_cpu(M[0]);
+ W[1] = be32_to_cpu(M[1]);
+ W[2] = be32_to_cpu(M[2]);
+@@ -184,7 +184,7 @@ sha1_core(const uint32_t M[16], uint32_t
+
+ void
+ sha1_init(sha1_ctx_t *ctx) {
+-
++
+ /* initialize state vector */
+ ctx->H[0] = 0x67452301;
+ ctx->H[1] = 0xefcdab89;
+@@ -210,7 +210,7 @@ sha1_update(sha1_ctx_t *ctx, const uint8
+
+ /* loop over 16-word blocks of M */
+ while (octets_in_msg > 0) {
+-
++
+ if (octets_in_msg + ctx->octets_in_buffer >= 64) {
+
+ /*
+@@ -260,7 +260,7 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
+ */
+ {
+ int tail = ctx->octets_in_buffer % 4;
+-
++
+ /* copy/xor message into array */
+ for (i=0; i < (ctx->octets_in_buffer+3)/4; i++)
+ W[i] = be32_to_cpu(ctx->M[i]);
+@@ -283,7 +283,7 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
+ W[i] = 0x80000000;
+ break;
+ }
+-
++
+ /* zeroize remaining words */
+ for (i++ ; i < 15; i++)
+ W[i] = 0x0;
+@@ -299,7 +299,8 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
+ else if (ctx->octets_in_buffer < 60)
+ W[15] = 0x0;
+
+- /* process the word array */ for (t=16; t < 80; t++) {
++ /* process the word array */
++ for (t=16; t < 80; t++) {
+ TEMP = W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16];
+ W[t] = S1(TEMP);
+ }
+diff -ruNp srtp/crypto/include/aes.h srtp.cvs/crypto/include/aes.h
+--- srtp/crypto/include/aes.h 2005-10-08 18:06:05.000000000 +0200
++++ srtp.cvs/crypto/include/aes.h 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -55,11 +55,11 @@
+
+ typedef v128_t aes_expanded_key_t[11];
+
+-inline void
++void
+ aes_expand_encryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key);
+
+-inline void
++void
+ aes_expand_decryption_key(const v128_t *key,
+ aes_expanded_key_t expanded_key);
+
+diff -ruNp srtp/crypto/include/alloc.h srtp.cvs/crypto/include/alloc.h
+--- srtp/crypto/include/alloc.h 2005-10-03 17:52:50.000000000 +0200
++++ srtp.cvs/crypto/include/alloc.h 2006-06-08 19:00:27.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/auth.h srtp.cvs/crypto/include/auth.h
+--- srtp/crypto/include/auth.h 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/include/auth.h 2006-06-08 19:00:27.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/cipher.h srtp.cvs/crypto/include/cipher.h
+--- srtp/crypto/include/cipher.h 2005-11-30 19:47:18.000000000 +0100
++++ srtp.cvs/crypto/include/cipher.h 2006-07-22 00:53:01.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -178,7 +178,7 @@ typedef struct cipher_t {
+ (((c)->type)->decrypt(((c)->state), (buf), (len)))
+
+ #define cipher_set_iv(c, n) \
+- ((c) ? (((c)->type)->set_iv(((c)->state), (n))) : \
++ ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \
+ err_status_no_such_op)
+
+ err_status_t
+diff -ruNp srtp/crypto/include/cryptoalg.h srtp.cvs/crypto/include/cryptoalg.h
+--- srtp/crypto/include/cryptoalg.h 2005-09-28 16:23:06.000000000 +0200
++++ srtp.cvs/crypto/include/cryptoalg.h 2006-06-08 19:00:27.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/crypto.h srtp.cvs/crypto/include/crypto.h
+--- srtp/crypto/include/crypto.h 2005-09-22 00:51:39.000000000 +0200
++++ srtp.cvs/crypto/include/crypto.h 2006-07-22 00:53:01.000000000 +0200
+@@ -10,7 +10,33 @@
+ #ifndef CRYPTO_H
+ #define CRYPTO_H
+
+-#include "crypto_kernel.h"
++/**
++ * @brief A cipher_type_id_t is an identifier for a particular cipher
++ * type.
++ *
++ * A cipher_type_id_t is an integer that represents a particular
++ * cipher type, e.g. the Advanced Encryption Standard (AES). A
++ * NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
++ * and can be selected to indicate that no encryption is to take
++ * place.
++ *
++ * @ingroup Ciphers
++ */
++typedef uint32_t cipher_type_id_t;
++
++/**
++ * @brief An auth_type_id_t is an identifier for a particular authentication
++ * function.
++ *
++ * An auth_type_id_t is an integer that represents a particular
++ * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
++ * avaliable; this authentication function performs no computation,
++ * and can be selected to indicate that no authentication is to take
++ * place.
++ *
++ * @ingroup Authentication
++ */
++typedef uint32_t auth_type_id_t;
+
+ #endif /* CRYPTO_H */
+
+diff -ruNp srtp/crypto/include/crypto_kernel.h srtp.cvs/crypto/include/crypto_kernel.h
+--- srtp/crypto/include/crypto_kernel.h 2005-09-29 14:48:41.000000000 +0200
++++ srtp.cvs/crypto/include/crypto_kernel.h 2006-07-22 00:53:01.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -55,7 +55,7 @@
+ #include "err.h"
+ #include "crypto_types.h"
+ #include "key.h"
+-
++#include "crypto.h"
+
+ /*
+ * crypto_kernel_state_t defines the possible states:
+@@ -69,36 +69,6 @@ typedef enum {
+ crypto_kernel_state_secure
+ } crypto_kernel_state_t;
+
+-
+-/**
+- * @brief A cipher_type_id_t is an identifier for a particular cipher
+- * type.
+- *
+- * A cipher_type_id_t is an integer that represents a particular
+- * cipher type, e.g. the Advanced Encryption Standard (AES). A
+- * NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
+- * and can be selected to indicate that no encryption is to take
+- * place.
+- *
+- * @ingroup Ciphers
+- */
+-typedef uint32_t cipher_type_id_t;
+-
+-/**
+- * @brief An auth_type_id_t is an identifier for a particular authentication
+- * function.
+- *
+- * An auth_type_id_t is an integer that represents a particular
+- * authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
+- * avaliable; this authentication function performs no computation,
+- * and can be selected to indicate that no authentication is to take
+- * place.
+- *
+- * @ingroup Authentication
+- */
+-typedef uint32_t auth_type_id_t;
+-
+-
+ /*
+ * linked list of cipher types
+ */
+diff -ruNp srtp/crypto/include/crypto_math.h srtp.cvs/crypto/include/crypto_math.h
+--- srtp/crypto/include/crypto_math.h 2006-05-07 20:26:29.000000000 +0200
++++ srtp.cvs/crypto/include/crypto_math.h 2006-06-08 19:00:27.000000000 +0200
+@@ -1,5 +1,5 @@
+ /*
+- * crypto_math.h
++ * math.h
+ *
+ * crypto math operations and data types
+ *
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -42,8 +42,8 @@
+ *
+ */
+
+-#ifndef CRYPTO_MATH_H
+-#define CRYPTO_MATH_H
++#ifndef MATH_H
++#define MATH_H
+
+ #include "datatypes.h"
+
+@@ -267,7 +267,7 @@ bitvector_print_hex(const bitvector_t *v
+ int
+ bitvector_set_from_hex(bitvector_t *v, char *string);
+
+-#endif /* CRYPTO_MATH_H */
++#endif /* MATH_H */
+
+
+
+diff -ruNp srtp/crypto/include/crypto_types.h srtp.cvs/crypto/include/crypto_types.h
+--- srtp/crypto/include/crypto_types.h 2006-05-07 20:10:04.000000000 +0200
++++ srtp.cvs/crypto/include/crypto_types.h 2006-06-08 19:00:27.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -113,12 +113,10 @@
+ #define SEAL 2
+
+ /**
+- * @brief AES-128 Cipher Block Chaining Mode (AES CBC)
++ * @brief AES-128 Integer Counter Mode (AES ICM)
+ *
+- * AES-128 CBC is the cipher block chaining mode of operation. Its
+- * use has not been defined for SRTP and this cipher @e should @e not
+- * be used with libSRTP.
+- *
++ * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
++ * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
+ */
+ #define AES_128_CBC 3
+
+@@ -167,10 +165,10 @@
+ /**
+ * @brief UST with TMMH Version 2
+ *
+- * UST_TMMHv2 implements the Truncated Multi-Modular Hash using UST.
+- * This function @e must be used in conjunction with a cipher other
++ * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
++ * UST. This function must be used in conjunction with a cipher other
+ * than the null cipher.
+- *
++ * with a cipher.
+ */
+ #define UST_TMMHv2 1
+
+diff -ruNp srtp/crypto/include/datatypes.h srtp.cvs/crypto/include/datatypes.h
+--- srtp/crypto/include/datatypes.h 2006-05-07 21:33:18.000000000 +0200
++++ srtp.cvs/crypto/include/datatypes.h 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -63,6 +63,7 @@
+ # endif
+ #endif
+
++
+ /* if DATATYPES_USE_MACROS is defined, then little functions are macros */
+ #define DATATYPES_USE_MACROS
+
+@@ -313,7 +314,7 @@ v128_right_shift(v128_t *x, int index);
+
+
+ #ifdef DATATYPES_USE_MACROS /* little functions are really macros */
+-
++
+ #define v128_set_to_zero(z) _v128_set_to_zero(z)
+ #define v128_copy(z, x) _v128_copy(z, x)
+ #define v128_xor(z, x, y) _v128_xor(z, x, y)
+@@ -392,7 +393,7 @@ octet_string_set_to_zero(uint8_t *s, int
+ # define be64_to_cpu(x) bswap_64((x))
+ #else
+
+-# ifdef HAVE_X86
++#if defined(__GNUC__) && defined(HAVE_X86)
+ /* Fall back. */
+ static inline uint32_t be32_to_cpu(uint32_t v) {
+ /* optimized for x86. */
+@@ -414,7 +415,7 @@ static inline uint64_t be64_to_cpu(uint6
+ v = make64(htonl(low32(v)),htonl(high32(v)));
+ # else
+ /* use the native 64-bit math */
+- v= (be32_to_cpu(v >> 32)) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32);
++ v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
+ # endif
+ return v;
+ }
+diff -ruNp srtp/crypto/include/err.h srtp.cvs/crypto/include/err.h
+--- srtp/crypto/include/err.h 2005-10-18 17:25:46.000000000 +0200
++++ srtp.cvs/crypto/include/err.h 2006-07-22 00:53:01.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -90,7 +90,7 @@ typedef enum {
+ err_status_parse_err = 21, /**< error pasring data */
+ err_status_encode_err = 22, /**< error encoding data */
+ err_status_semaphore_err = 23,/**< error while using semaphores */
+- err_status_pfkey_err = 24 ,/**< error while using pfkey */
++ err_status_pfkey_err = 24 /**< error while using pfkey */
+ } err_status_t;
+
+ /**
+diff -ruNp srtp/crypto/include/gf2_8.h srtp.cvs/crypto/include/gf2_8.h
+--- srtp/crypto/include/gf2_8.h 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/include/gf2_8.h 2006-06-08 19:00:27.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/hmac.h srtp.cvs/crypto/include/hmac.h
+--- srtp/crypto/include/hmac.h 2005-10-03 16:33:59.000000000 +0200
++++ srtp.cvs/crypto/include/hmac.h 2006-06-08 19:00:27.000000000 +0200
+@@ -9,7 +9,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/integers.h srtp.cvs/crypto/include/integers.h
+--- srtp/crypto/include/integers.h 2005-10-03 17:36:44.000000000 +0200
++++ srtp.cvs/crypto/include/integers.h 2006-07-22 00:53:01.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -113,7 +113,7 @@ extern uint32_t low32(uint64_t value);
+ addresses. This is required for processors that do not allow unaligned
+ loads. */
+ #ifdef ALIGNMENT_32BIT_REQUIRED
+-// Note that if it's in a variable, you can memcpy it
++/* Note that if it's in a variable, you can memcpy it */
+ #ifdef WORDS_BIGENDIAN
+ #define PUT_32(addr,value) \
+ { \
+diff -ruNp srtp/crypto/include/key.h srtp.cvs/crypto/include/key.h
+--- srtp/crypto/include/key.h 2005-09-22 00:51:39.000000000 +0200
++++ srtp.cvs/crypto/include/key.h 2006-06-08 20:51:27.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -57,7 +57,7 @@ typedef enum {
+ } key_event_t;
+
+ err_status_t
+-key_limit_set(key_limit_t key, xtd_seq_num_t s);
++key_limit_set(key_limit_t key, const xtd_seq_num_t s);
+
+ err_status_t
+ key_limit_clone(key_limit_t original, key_limit_t *new_key);
+diff -ruNp srtp/crypto/include/null_auth.h srtp.cvs/crypto/include/null_auth.h
+--- srtp/crypto/include/null_auth.h 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/include/null_auth.h 2006-06-08 19:00:27.000000000 +0200
+@@ -8,7 +8,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/null_cipher.h srtp.cvs/crypto/include/null_cipher.h
+--- srtp/crypto/include/null_cipher.h 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/include/null_cipher.h 2006-06-08 19:00:27.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/rand_source.h srtp.cvs/crypto/include/rand_source.h
+--- srtp/crypto/include/rand_source.h 2005-09-29 14:48:42.000000000 +0200
++++ srtp.cvs/crypto/include/rand_source.h 2006-06-08 19:00:27.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/rdbx.h srtp.cvs/crypto/include/rdbx.h
+--- srtp/crypto/include/rdbx.h 2005-09-22 00:51:40.000000000 +0200
++++ srtp.cvs/crypto/include/rdbx.h 2007-06-16 13:32:34.000000000 +0200
+@@ -100,6 +100,27 @@ rdbx_check(const rdbx_t *rdbx, int diffe
+ err_status_t
+ rdbx_add_index(rdbx_t *rdbx, int delta);
+
++
++/*
++ * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
++ * to have the rollover counter value roc. If that value is less than
++ * the current rollover counter value, then the function returns
++ * err_status_replay_old; otherwise, err_status_ok is returned.
++ *
++ */
++
++err_status_t
++rdbx_set_roc(rdbx_t *rdbx, uint32_t roc);
++
++/*
++ * rdbx_get_roc(rdbx) returns the value of the rollover counter for
++ * the rdbx_t pointed to by rdbx
++ *
++ */
++
++xtd_seq_num_t
++rdbx_get_packet_index(const rdbx_t *rdbx);
++
+ /*
+ * xtd_seq_num_t functions - these are *internal* functions of rdbx, and
+ * shouldn't be used to manipulate rdbx internal values. use the rdbx
+diff -ruNp srtp/crypto/include/sha1.h srtp.cvs/crypto/include/sha1.h
+--- srtp/crypto/include/sha1.h 2005-10-03 16:33:59.000000000 +0200
++++ srtp.cvs/crypto/include/sha1.h 2006-06-08 19:00:27.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/include/stat.h srtp.cvs/crypto/include/stat.h
+--- srtp/crypto/include/stat.h 2006-03-17 21:51:24.000000000 +0100
++++ srtp.cvs/crypto/include/stat.h 2006-06-08 19:00:27.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright(c) 2001-2005, Cisco Systems, Inc.
++ * Copyright(c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/kernel/alloc.c srtp.cvs/crypto/kernel/alloc.c
+--- srtp/crypto/kernel/alloc.c 2005-10-05 13:50:56.000000000 +0200
++++ srtp.cvs/crypto/kernel/alloc.c 2006-06-08 19:00:28.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/kernel/crypto_kernel.c srtp.cvs/crypto/kernel/crypto_kernel.c
+--- srtp/crypto/kernel/crypto_kernel.c 2006-03-17 21:51:24.000000000 +0100
++++ srtp.cvs/crypto/kernel/crypto_kernel.c 2006-07-22 00:53:02.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -299,7 +299,7 @@ crypto_kernel_shutdown() {
+
+ err_status_t
+ crypto_kernel_load_cipher_type(cipher_type_t *new_ct, cipher_type_id_t id) {
+- kernel_cipher_type_t *ctype, *new;
++ kernel_cipher_type_t *ctype, *new_ctype;
+ err_status_t status;
+
+ /* defensive coding */
+@@ -322,17 +322,17 @@ crypto_kernel_load_cipher_type(cipher_ty
+
+ /* put new_ct at the head of the list */
+ /* allocate memory */
+- new = (kernel_cipher_type_t *) crypto_alloc(sizeof(kernel_cipher_type_t));
+- if (new == NULL)
++ new_ctype = (kernel_cipher_type_t *) crypto_alloc(sizeof(kernel_cipher_type_t));
++ if (new_ctype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+- new->cipher_type = new_ct;
+- new->id = id;
+- new->next = crypto_kernel.cipher_type_list;
++ new_ctype->cipher_type = new_ct;
++ new_ctype->id = id;
++ new_ctype->next = crypto_kernel.cipher_type_list;
+
+ /* set head of list to new cipher type */
+- crypto_kernel.cipher_type_list = new;
++ crypto_kernel.cipher_type_list = new_ctype;
+
+ /* load debug module, if there is one present */
+ if (new_ct->debug != NULL)
+@@ -344,7 +344,7 @@ crypto_kernel_load_cipher_type(cipher_ty
+
+ err_status_t
+ crypto_kernel_load_auth_type(auth_type_t *new_at, auth_type_id_t id) {
+- kernel_auth_type_t *atype, *new;
++ kernel_auth_type_t *atype, *new_atype;
+ err_status_t status;
+
+ /* defensive coding */
+@@ -367,17 +367,17 @@ crypto_kernel_load_auth_type(auth_type_t
+
+ /* put new_at at the head of the list */
+ /* allocate memory */
+- new = (kernel_auth_type_t *)crypto_alloc(sizeof(kernel_auth_type_t));
+- if (new == NULL)
++ new_atype = (kernel_auth_type_t *)crypto_alloc(sizeof(kernel_auth_type_t));
++ if (new_atype == NULL)
+ return err_status_alloc_fail;
+
+ /* set fields */
+- new->auth_type = new_at;
+- new->id = id;
+- new->next = crypto_kernel.auth_type_list;
++ new_atype->auth_type = new_at;
++ new_atype->id = id;
++ new_atype->next = crypto_kernel.auth_type_list;
+
+ /* set head of list to new auth type */
+- crypto_kernel.auth_type_list = new;
++ crypto_kernel.auth_type_list = new_atype;
+
+ /* load debug module, if there is one present */
+ if (new_at->debug != NULL)
+diff -ruNp srtp/crypto/kernel/err.c srtp.cvs/crypto/kernel/err.c
+--- srtp/crypto/kernel/err.c 2005-10-18 17:26:31.000000000 +0200
++++ srtp.cvs/crypto/kernel/err.c 2006-06-08 19:00:28.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/kernel/key.c srtp.cvs/crypto/kernel/key.c
+--- srtp/crypto/kernel/key.c 2005-10-02 22:33:10.000000000 +0200
++++ srtp.cvs/crypto/kernel/key.c 2006-06-08 19:00:28.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/Makefile srtp.cvs/crypto/Makefile
+--- srtp/crypto/Makefile 2006-05-07 21:56:18.000000000 +0200
++++ srtp.cvs/crypto/Makefile 1970-01-01 01:00:00.000000000 +0100
+@@ -1,130 +0,0 @@
+-# Makefile for libcryptomodule.a
+-#
+-# David A. McGrew
+-# Cisco Systems, Inc.
+-
+-srcdir = .
+-top_srcdir = ..
+-top_builddir = ../
+-
+-
+-CC = gcc
+-INCDIR = -Iinclude -I$(srcdir)/include
+-DEFS = -DHAVE_CONFIG_H
+-CPPFLAGS=
+-CFLAGS = -Wall -O4 -fexpensive-optimizations -funroll-loops
+-LIBS =
+-LDFLAGS = -L.
+-COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
+-CRYPTOLIB = -lcryptomodule
+-
+-RANLIB = ranlib
+-
+-# EXE defines the suffix on executables - it's .exe for cygwin, and
+-# null on linux, bsd, and OS X and other OSes. we define this so that
+-# `make clean` will work on the cygwin platform
+-EXE =
+-# Random source.
+-RNG_OBJS = rand_source.o
+-
+-ifdef ARCH
+- DEFS += -D$(ARCH)=1
+-endif
+-
+-ifdef sysname
+- DEFS += -D$(sysname)=1
+-endif
+-
+-.PHONY: dummy all runtest clean superclean
+-
+-dummy : all runtest
+-
+-# test applications
+-
+-testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
+- test/stat_driver$(EXE) test/sha1_driver$(EXE) \
+- test/kernel_driver$(EXE) test/aes_calc$(EXE) test/rand_gen$(EXE) \
+- test/env$(EXE)
+-
+-# data values used to test the aes_calc application
+-
+-k=000102030405060708090a0b0c0d0e0f
+-p=00112233445566778899aabbccddeeff
+-c=69c4e0d86a7b0430d8cdb78070b4c55a
+-
+-runtest: libcryptomodule.a $(testapp)
+- test/env$(EXE) # print out information on the build environment
+- @echo "running libcryptomodule test applications..."
+- test `test/aes_calc $k $p` = $c
+- test/cipher_driver$(EXE) -v >/dev/null
+- test/datatypes_driver$(EXE) -v >/dev/null
+- test/stat_driver$(EXE) >/dev/null
+- test/sha1_driver$(EXE) -v >/dev/null
+- test/kernel_driver$(EXE) -v >/dev/null
+- test/rand_gen$(EXE) -n 256 >/dev/null
+- @echo "libcryptomodule test applications passed."
+-
+-# libcryptomodule.a (the crypto engine)
+-
+-ciphers = cipher/cipher.o cipher/null_cipher.o \
+- cipher/aes.o cipher/aes_icm.o \
+- cipher/aes_cbc.o
+-
+-hashes = hash/null_auth.o hash/sha1.o \
+- hash/hmac.o hash/auth.o
+-
+-math = math/datatypes.o math/stat.o
+-
+-rng = rng/$(RNG_OBJS) rng/rand_source.o rng/prng.o rng/ctr_prng.o
+-
+-err = kernel/err.o
+-
+-kernel = kernel/crypto_kernel.o kernel/alloc.o \
+- kernel/key.o $(rng) $(err)
+-
+-xfm = ae_xfm/xfm.o
+-
+-cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(xfm)
+-
+-# the rule for making object files and test apps
+-
+-%.o: %.c
+- $(COMPILE) -c $< -o $@
+-
+-%$(EXE): %.c libcryptomodule.a
+- $(COMPILE) $(LDFLAGS) $< -o $@ $(CRYPTOLIB) $(LIBS)
+-
+-ifndef AR
+- AR=ar
+-endif
+-
+-# and the crypto module library itself
+-
+-libcryptomodule.a: $(cryptobj)
+- $(AR) cr libcryptomodule.a $(cryptobj)
+- $(RANLIB) libcryptomodule.a
+-
+-all: libcryptomodule.a $(testapp)
+-
+-# housekeeping functions
+-
+-clean:
+- rm -f libcryptomodule.a
+- rm -f $(testapp) *.o */*.o
+- for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
+- rm -f `find . -name "*.[ch]~*~"`
+- rm -rf latex
+-
+-superclean: clean
+- rm -f *core TAGS ktrace.out
+-
+-
+-# the target 'package' builds a compressed tar archive of the source code
+-
+-distname = crypto-$(shell cat VERSION)
+-
+-package: superclean
+- cd ..; tar cvzf $(distname).tgz crypto/
+-
+-
+-# EOF
+diff -ruNp srtp/crypto/math/datatypes.c srtp.cvs/crypto/math/datatypes.c
+--- srtp/crypto/math/datatypes.c 2005-10-08 18:38:06.000000000 +0200
++++ srtp.cvs/crypto/math/datatypes.c 2006-07-22 00:53:02.000000000 +0200
+@@ -9,7 +9,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -106,7 +106,7 @@ nibble_to_hex_char(uint8_t nibble) {
+
+ char *
+ octet_string_hex_string(const void *s, int length) {
+- const uint8_t *str = s;
++ const uint8_t *str = (const uint8_t *)s;
+ int i;
+
+ /* double length, since one octet takes two hex characters */
+@@ -565,7 +565,7 @@ base64_char_to_sextet(uint8_t c) {
+ case '=':
+ return 64;
+ default:
+- return -1;
++ break;
+ }
+ return -1;
+ }
+diff -ruNp srtp/crypto/math/gf2_8.c srtp.cvs/crypto/math/gf2_8.c
+--- srtp/crypto/math/gf2_8.c 2005-09-23 21:34:12.000000000 +0200
++++ srtp.cvs/crypto/math/gf2_8.c 2006-06-08 19:00:28.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/math/math.c srtp.cvs/crypto/math/math.c
+--- srtp/crypto/math/math.c 2006-05-07 20:42:50.000000000 +0200
++++ srtp.cvs/crypto/math/math.c 2006-06-08 19:00:28.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -186,10 +186,13 @@ v32_dot_product(v32_t a, v32_t b) {
+ }
+
+ /*
+- * MAX_PRINT_STRING_LEN is defined in datatypes.h
++ * _bit_string returns a NULL-terminated character string suitable for
++ * printing
+ */
+
+-static char bit_string[MAX_PRINT_STRING_LEN];
++#define MAX_STRING_LENGTH 1024
++
++char bit_string[MAX_STRING_LENGTH];
+
+ char *
+ octet_bit_string(uint8_t x) {
+@@ -296,8 +299,8 @@ octet_string_hex_string(const void *str,
+ length *= 2;
+
+ /* truncate string if it would be too long */
+- if (length > MAX_PRINT_STRING_LEN)
+- length = MAX_PRINT_STRING_LEN-1;
++ if (length > MAX_STRING_LENGTH)
++ length = MAX_STRING_LENGTH-1;
+
+ for (i=0; i < length; i+=2) {
+ bit_string[i] = nibble_to_hex_char(*s >> 4);
+diff -ruNp srtp/crypto/math/stat.c srtp.cvs/crypto/math/stat.c
+--- srtp/crypto/math/stat.c 2006-03-17 21:51:25.000000000 +0100
++++ srtp.cvs/crypto/math/stat.c 2006-07-22 00:53:02.000000000 +0200
+@@ -83,7 +83,7 @@ stat_test_runs(uint8_t *data) {
+ uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
+ uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
+- int16_t state = 0;
++ int state = 0;
+ uint16_t mask;
+ int i;
+
+@@ -208,7 +208,7 @@ stat_test_rand_source(rand_source_func_t
+ uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
+ uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
+ uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
+- int16_t state = 0;
++ int state = 0;
+ uint16_t mask;
+
+ /* counters for monobit, poker, and runs tests are initialized above */
+@@ -352,7 +352,7 @@ stat_test_rand_source(rand_source_func_t
+
+ err_status_t
+ stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials) {
+- int i;
++ unsigned int i;
+ err_status_t err = err_status_algo_fail;
+
+ for (i=0; i < num_trials; i++) {
+diff -ruNp srtp/crypto/replay/rdb.c srtp.cvs/crypto/replay/rdb.c
+--- srtp/crypto/replay/rdb.c 2006-05-03 21:38:38.000000000 +0200
++++ srtp.cvs/crypto/replay/rdb.c 2006-06-08 19:00:28.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/replay/rdbx.c srtp.cvs/crypto/replay/rdbx.c
+--- srtp/crypto/replay/rdbx.c 2005-10-02 22:35:26.000000000 +0200
++++ srtp.cvs/crypto/replay/rdbx.c 2007-06-16 13:32:37.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -193,6 +193,44 @@ rdbx_init(rdbx_t *rdbx) {
+
+
+ /*
++ * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
++ * to have the rollover counter value roc. If that value is less than
++ * the current rollover counter value, then the function returns
++ * err_status_replay_old; otherwise, err_status_ok is returned.
++ *
++ */
++
++err_status_t
++rdbx_set_roc(rdbx_t *rdbx, uint32_t roc) {
++ v128_set_to_zero(&rdbx->bitmask);
++
++#ifdef NO_64BIT_MATH
++ #error not yet implemented
++#else
++
++ /* make sure that we're not moving backwards */
++ if (roc < (rdbx->index >> 16))
++ return err_status_replay_old;
++
++ rdbx->index &= 0xffff; /* retain lowest 16 bits */
++ rdbx->index |= ((uint64_t)roc) << 16; /* set ROC */
++#endif
++
++ return err_status_ok;
++}
++
++/*
++ * rdbx_get_packet_index(rdbx) returns the value of the packet index
++ * for the rdbx_t pointed to by rdbx
++ *
++ */
++
++xtd_seq_num_t
++rdbx_get_packet_index(const rdbx_t *rdbx) {
++ return rdbx->index;
++}
++
++/*
+ * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
+ * which is at rdbx->index + delta is in the rdb
+ */
+diff -ruNp srtp/crypto/replay/ut_sim.c srtp.cvs/crypto/replay/ut_sim.c
+--- srtp/crypto/replay/ut_sim.c 2005-10-02 22:36:02.000000000 +0200
++++ srtp.cvs/crypto/replay/ut_sim.c 2006-06-08 19:00:28.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/rng/ctr_prng.c srtp.cvs/crypto/rng/ctr_prng.c
+--- srtp/crypto/rng/ctr_prng.c 2006-05-07 20:44:30.000000000 +0200
++++ srtp.cvs/crypto/rng/ctr_prng.c 2006-07-22 00:53:02.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -47,7 +47,7 @@
+
+ /* single, global prng structure */
+
+-static ctr_prng_t ctr_prng;
++ctr_prng_t ctr_prng;
+
+ err_status_t
+ ctr_prng_init(rand_source_func_t random_source) {
+@@ -92,7 +92,7 @@ ctr_prng_get_octet_string(void *dest, ui
+ /*
+ * write prng output
+ */
+- status = aes_icm_output(&ctr_prng.state, dest, len);
++ status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len);
+ if (status)
+ return status;
+
+diff -ruNp srtp/crypto/rng/prng.c srtp.cvs/crypto/rng/prng.c
+--- srtp/crypto/rng/prng.c 2005-10-08 18:38:06.000000000 +0200
++++ srtp.cvs/crypto/rng/prng.c 2006-06-08 20:51:28.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -80,7 +80,7 @@ err_status_t
+ x917_prng_get_octet_string(uint8_t *dest, uint32_t len) {
+ uint32_t t;
+ v128_t buffer;
+- int i, tail_len;
++ uint32_t i, tail_len;
+ err_status_t status;
+
+ /*
+@@ -96,7 +96,7 @@ x917_prng_get_octet_string(uint8_t *dest
+ x917_prng.octet_count += len;
+
+ /* find out the time */
+- t = time(NULL);
++ t = (uint32_t)time(NULL);
+
+ /* loop until we have output enough data */
+ for (i=0; i < len/16; i++) {
+diff -ruNp srtp/crypto/rng/rand_source.c srtp.cvs/crypto/rng/rand_source.c
+--- srtp/crypto/rng/rand_source.c 2005-10-02 22:22:36.000000000 +0200
++++ srtp.cvs/crypto/rng/rand_source.c 2007-05-27 19:35:26.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -43,18 +43,36 @@
+ */
+
+ #include "config.h"
+-#include "rand_source.h"
+
+ #ifdef DEV_URANDOM
+ # include <fcntl.h> /* for open() */
+ # include <unistd.h> /* for close() */
++#elif defined(HAVE_RAND_S)
++# define _CRT_RAND_S
++# include <stdlib.h>
+ #else
+ # include <stdio.h>
+ #endif
+
+-/* global dev_rand_fdes is file descriptor for /dev/random */
++#include "rand_source.h"
++
++
++/*
++ * global dev_rand_fdes is file descriptor for /dev/random
++ *
++ * This variable is also used to indicate that the random source has
++ * been initialized. When this variable is set to the value of the
++ * #define RAND_SOURCE_NOT_READY, it indicates that the random source
++ * is not ready to be used. The value of the #define
++ * RAND_SOURCE_READY is for use whenever that variable is used as an
++ * indicator of the state of the random source, but not as a file
++ * descriptor.
++ */
++
++#define RAND_SOURCE_NOT_READY (-1)
++#define RAND_SOURCE_READY (17)
+
+-static int dev_random_fdes = -1;
++static int dev_random_fdes = RAND_SOURCE_NOT_READY;
+
+
+ err_status_t
+@@ -68,10 +86,12 @@ rand_source_init(void) {
+ dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
+ if (dev_random_fdes < 0)
+ return err_status_init_fail;
++#elif defined(HAVE_RAND_S)
++ dev_random_fdes = RAND_SOURCE_READY;
+ #else
+ /* no random source available; let the user know */
+ fprintf(stderr, "WARNING: no real random source present!\n");
+- dev_random_fdes = 17;
++ dev_random_fdes = RAND_SOURCE_READY;
+ #endif
+ return err_status_ok;
+ }
+@@ -87,10 +107,23 @@ rand_source_get_octet_string(void *dest,
+ #ifdef DEV_URANDOM
+ if (read(dev_random_fdes, dest, len) != len)
+ return err_status_fail;
++#elif defined(HAVE_RAND_S)
++ uint8_t *dst = (uint8_t *)dest;
++ while (len)
++ {
++ unsigned int val;
++ errno_t err = rand_s(&val);
++
++ if (err != 0)
++ return err_status_fail;
++
++ *dst++ = val & 0xff;
++ len--;
++ }
+ #else
+ /* Generic C-library (rand()) version */
+ /* This is a random source of last resort */
+- uint8_t *dst = dest;
++ uint8_t *dst = (uint8_t *)dest;
+ while (len)
+ {
+ int val = rand();
+@@ -103,7 +136,7 @@ rand_source_get_octet_string(void *dest,
+ #endif
+ return err_status_ok;
+ }
+-
++
+ err_status_t
+ rand_source_deinit(void) {
+ if (dev_random_fdes < 0)
+@@ -112,7 +145,7 @@ rand_source_deinit(void) {
+ #ifdef DEV_URANDOM
+ close(dev_random_fdes);
+ #endif
+- dev_random_fdes = -1;
++ dev_random_fdes = RAND_SOURCE_NOT_READY;
+
+ return err_status_ok;
+ }
+diff -ruNp srtp/crypto/test/auth_driver.c srtp.cvs/crypto/test/auth_driver.c
+--- srtp/crypto/test/auth_driver.c 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/test/auth_driver.c 2006-06-08 19:00:29.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/test/cipher_driver.c srtp.cvs/crypto/test/cipher_driver.c
+--- srtp/crypto/test/cipher_driver.c 2005-10-03 18:29:05.000000000 +0200
++++ srtp.cvs/crypto/test/cipher_driver.c 2006-06-08 19:00:29.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/test/datatypes_driver.c srtp.cvs/crypto/test/datatypes_driver.c
+--- srtp/crypto/test/datatypes_driver.c 2005-10-08 18:38:06.000000000 +0200
++++ srtp.cvs/crypto/test/datatypes_driver.c 2006-06-08 19:00:29.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/test/env.c srtp.cvs/crypto/test/env.c
+--- srtp/crypto/test/env.c 2005-10-02 22:40:01.000000000 +0200
++++ srtp.cvs/crypto/test/env.c 2006-06-08 19:00:29.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/test/kernel_driver.c srtp.cvs/crypto/test/kernel_driver.c
+--- srtp/crypto/test/kernel_driver.c 2005-10-02 22:40:29.000000000 +0200
++++ srtp.cvs/crypto/test/kernel_driver.c 2006-06-08 19:00:29.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/crypto/test/rand_gen.c srtp.cvs/crypto/test/rand_gen.c
+--- srtp/crypto/test/rand_gen.c 2005-09-29 14:36:43.000000000 +0200
++++ srtp.cvs/crypto/test/rand_gen.c 2006-06-08 19:00:29.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/doc/Doxyfile srtp.cvs/doc/Doxyfile
+--- srtp/doc/Doxyfile 2005-09-27 17:38:26.000000000 +0200
++++ srtp.cvs/doc/Doxyfile 2006-07-22 00:53:02.000000000 +0200
+@@ -346,7 +346,7 @@ WARN_LOGFILE =
+ # directories like "/usr/src/myproject". Separate the files or directories
+ # with spaces.
+
+-INPUT = intro.txt ../include/srtp.h ../crypto/include/crypto_types.h ../crypto/include/err.h ../crypto/include/crypto_kernel.h crypto_kernel.txt
++INPUT = intro.txt ../include/srtp.h ../crypto/include/crypto_types.h ../crypto/include/err.h ../crypto/include/crypto.h crypto_kernel.txt
+
+ # If the value of the INPUT tag contains directories, you can use the
+ # FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+diff -ruNp srtp/doc/header.template srtp.cvs/doc/header.template
+--- srtp/doc/header.template 2005-09-27 17:38:26.000000000 +0200
++++ srtp.cvs/doc/header.template 2006-06-08 20:44:32.000000000 +0200
+@@ -86,14 +86,17 @@ libSRTP LIBSRTPVERSION Overview and Refe
+
+ The original implementation and documentation of libSRTP was written
+ by David McGrew of Cisco Systems, Inc. in order to promote the use,
+-understanding, and interoperability of Secure RTP. Randell Jesup
+-contributed a working SRTCP implementation and other fixes. Alex
+-Vanzella and Will Clark contributed changes so that the AES ICM
+-implementation can be used for ISMA media encryption. Steve Underwood
+-contributed x86\_64 portability changes. We also give thanks to Brian
+-Weis, Mark Baugher, Jeff Chan, Bill Simon, Douglas Smith, Bill May,
+-Richard Preistley, Joe Tardo and others for contributions, comments,
+-and corrections.
++understanding, and interoperability of Secure RTP. Michael Jerris
++contributed support for building under MSVC. Andris Pavenis
++contributed many important fixes. Brian West contributed changes to
++enable dynamic linking. Yves Shumann reported documentation bugs.
++Randell Jesup contributed a working SRTCP implementation and other
++fixes. Alex Vanzella and Will Clark contributed changes so that the
++AES ICM implementation can be used for ISMA media encryption. Steve
++Underwood contributed x86\_64 portability changes. We also give
++thanks to Fredrik Thulin, Brian Weis, Mark Baugher, Jeff Chan, Bill
++Simon, Douglas Smith, Bill May, Richard Preistley, Joe Tardo and
++others for contributions, comments, and corrections.
+
+ This reference material in this documenation was generated using the
+ \texttt{doxygen} utility for automatic documentation of source code.
+Binære filer srtp/doc/libsrtp.pdf og srtp.cvs/doc/libsrtp.pdf er forskellige
+diff -ruNp srtp/doc/Makefile srtp.cvs/doc/Makefile
+--- srtp/doc/Makefile 2006-05-07 21:56:18.000000000 +0200
++++ srtp.cvs/doc/Makefile 1970-01-01 01:00:00.000000000 +0100
+@@ -1,44 +0,0 @@
+-# Makefile for libSRTP documentation
+-#
+-# David A. McGrew
+-# Cisco Systems, Inc.
+-#
+-# This makefile does not use the autoconf system; we don't really need
+-# it. We just run doxygen then latex. If you don't have either of
+-# these, then there is no way that you can make your own
+-# documentation. Of course, you can just go online at pick up the
+-# documentation from http://srtp.sourceforge.net.
+-
+-srcdir = .
+-top_srcdir = ..
+-top_builddir = ../
+-
+-
+-# Determine the version of the library
+-
+-version = $(shell cat $(top_srcdir)/VERSION)
+-
+-
+-.PHONY: libsrtpdoc cryptodoc clean
+-libsrtpdoc:
+- @if test ! -e Doxyfile; then \
+- echo "*** Sorry, can't build doc outside source dir"; exit 1; \
+- fi
+- sed 's/LIBSRTPVERSION/$(version)/' header.template > header.tex
+- doxygen
+- sed 's/\subsection/\section/' latex/index.tex > latex/index.tmp
+- mv latex/index.tmp latex/index.tex
+- cd latex; make
+- cp latex/refman.pdf libsrtp.pdf
+-
+-
+-cryptodoc: clean
+- doxygen crypto.dox
+- cd latex; make
+- cp latex/refman.pdf crypto.pdf
+-
+-clean:
+- rm -rf latex/ header.tex
+- for a in * ; do \
+- if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+- done;
+diff -ruNp srtp/include/ekt.h srtp.cvs/include/ekt.h
+--- srtp/include/ekt.h 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/include/ekt.h 2007-06-15 20:17:40.000000000 +0200
+@@ -0,0 +1,201 @@
++/*
++ * ekt.h
++ *
++ * interface to Encrypted Key Transport for SRTP
++ *
++ * David McGrew
++ * Cisco Systems, Inc.
++ */
++/*
++ *
++ * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++
++
++/*
++ * EKT implementation strategy
++ *
++ * use stream_template approach
++ *
++ * in srtp_unprotect, when a new stream appears, check if template has
++ * EKT defined, and if it does, then apply EKT processing
++ *
++ * question: will we want to allow key-sharing templates in addition
++ * to EKT templates? could define a new ssrc_type_t that's associated
++ * with an EKT, e.g. ssrc_any_ekt.
++ *
++ *
++ */
++
++#ifndef EKT_H
++#define EKT_H
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++#include "srtp_priv.h"
++
++#define EKT_CIPHER_DEFAULT 1
++#define EKT_CIPHER_AES_128_ECB 1
++#define EKT_CIPHER_AES_192_KEY_WRAP 2
++#define EKT_CIPHER_AES_256_KEY_WRAP 3
++
++typedef uint16_t ekt_spi_t;
++
++
++unsigned
++ekt_octets_after_base_tag(ekt_stream_t ekt);
++
++/*
++ * an srtp_policy_t structure can contain a pointer to an
++ * ekt_policy_t structure
++ *
++ * this structure holds all of the high level EKT information, and it
++ * is passed into libsrtp to indicate what policy should be in effect
++ */
++
++typedef struct ekt_policy_ctx_t {
++ ekt_spi_t spi; /* security parameter index */
++ uint8_t ekt_cipher_type;
++ uint8_t *ekt_key;
++ struct ekt_policy_ctx_t *next_ekt_policy;
++} ekt_policy_ctx_t;
++
++
++/*
++ * an ekt_data_t structure holds the data corresponding to an ekt key,
++ * spi, and so on
++ */
++
++typedef struct ekt_data_t {
++ ekt_spi_t spi;
++ uint8_t ekt_cipher_type;
++ aes_expanded_key_t ekt_enc_key;
++ aes_expanded_key_t ekt_dec_key;
++ struct ekt_data_t *next_ekt_data;
++} ekt_data_t;
++
++/*
++ * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
++ *
++ * an ekt_stream_ctx_t structure holds all of the EKT information for
++ * a specific SRTP stream
++ */
++
++typedef struct ekt_stream_ctx_t {
++ ekt_data_t *data;
++ uint16_t isn; /* initial sequence number */
++ uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN];
++} ekt_stream_ctx_t;
++
++
++
++err_status_t
++ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
++
++err_status_t
++ekt_stream_init(ekt_stream_t e,
++ ekt_spi_t spi,
++ void *ekt_key,
++ unsigned ekt_cipher_type);
++
++err_status_t
++ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
++
++
++
++err_status_t
++srtp_stream_init_from_ekt(srtp_stream_t stream,
++ const void *srtcp_hdr,
++ unsigned pkt_octet_len);
++
++
++void
++ekt_write_data(ekt_stream_t ekt,
++ void *base_tag,
++ unsigned base_tag_len,
++ int *packet_len,
++ xtd_seq_num_t pkt_index);
++
++/*
++ * We handle EKT by performing some additional steps before
++ * authentication (copying the auth tag into a temporary location,
++ * zeroizing the "base tag" field in the packet)
++ *
++ * With EKT, the tag_len parameter is actually the base tag
++ * length
++ */
++
++err_status_t
++ekt_tag_verification_preproces(uint8_t *pkt_tag,
++ uint8_t *pkt_tag_copy,
++ unsigned tag_len);
++
++err_status_t
++ekt_tag_verification_postproces(uint8_t *pkt_tag,
++ uint8_t *pkt_tag_copy,
++ unsigned tag_len);
++
++
++/*
++ * @brief EKT pre-processing for srtcp tag generation
++ *
++ * This function does the pre-processing of the SRTCP authentication
++ * tag format. When EKT is used, it consists of writing the Encrypted
++ * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
++ * fields. The Base Authentication Tag field is set to the all-zero
++ * value
++ *
++ * When EKT is not used, this function is a no-op.
++ *
++ */
++
++err_status_t
++srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
++ uint8_t *pkt_tag,
++ unsigned pkt_octet_len);
++
++/* it's not clear that a tag_generation_postprocess function is needed */
++
++err_status_t
++srtcp_auth_tag_generation_postprocess();
++
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* EKT_H */
+diff -ruNp srtp/include/getopt_s.h srtp.cvs/include/getopt_s.h
+--- srtp/include/getopt_s.h 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/include/getopt_s.h 2006-07-17 22:41:21.000000000 +0200
+@@ -0,0 +1,60 @@
++/*
++ * getopt.h
++ *
++ * interface to a minimal implementation of the getopt() function,
++ * written so that test applications that use that function can run on
++ * non-POSIX platforms
++ *
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++#ifndef GETOPT_S_H
++#define GETOPT_S_H
++
++/*
++ * getopt_s(), optarg_s, and optind_s are small, locally defined
++ * versions of the POSIX standard getopt() interface.
++ */
++
++int
++getopt_s(int argc, char * const argv[], const char *optstring);
++
++extern char *optarg_s; /* defined in getopt.c */
++
++extern int optind_s; /* defined in getopt.c */
++
++#endif /* GETOPT_S_H */
+diff -ruNp srtp/include/rtp.h srtp.cvs/include/rtp.h
+--- srtp/include/rtp.h 2005-10-02 22:16:47.000000000 +0200
++++ srtp.cvs/include/rtp.h 2006-07-22 00:53:03.000000000 +0200
+@@ -16,7 +16,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -54,72 +54,74 @@
+ #ifndef RTP_H
+ #define RTP_H
+
+-#include "srtp.h"
+-
+ #ifdef HAVE_NETINET_IN_H
+ # include <netinet/in.h>
+ #elif defined HAVE_WINSOCK2_H
+ # include <winsock2.h>
+ #endif
+
+-#define rtp_header_len 12
+-
+-typedef srtp_hdr_t rtp_hdr_t;
+-
+-#define RTP_MAX_BUF_LEN 16384
+-
+-typedef struct {
+- srtp_hdr_t header;
+- char body[RTP_MAX_BUF_LEN];
+-} rtp_msg_t;
+-
+-typedef struct {
+- rtp_msg_t message;
+- int socket;
+- srtp_ctx_t *srtp_ctx;
+- struct sockaddr_in addr; /* reciever's address */
+-} rtp_sender_t;
++#include "srtp.h"
+
+-typedef struct {
+- rtp_msg_t message;
+- int socket;
+- srtp_ctx_t *srtp_ctx;
+- struct sockaddr_in addr; /* receiver's address */
+-} rtp_receiver_t;
++typedef struct rtp_sender_ctx_t *rtp_sender_t;
+
++typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
+
+-ssize_t
+-rtp_sendto(rtp_sender_t *sender, const void* msg, int len);
++unsigned int
++rtp_sendto(rtp_sender_t sender, const void* msg, int len);
+
+-ssize_t
+-rtp_recvfrom(rtp_receiver_t *receiver, void *msg, int *len);
++unsigned int
++rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
+
+ int
+-rtp_receiver_init(rtp_receiver_t *rcvr, int socket,
+- struct sockaddr_in addr, uint32_t ssrc);
++rtp_receiver_init(rtp_receiver_t rcvr, int socket,
++ struct sockaddr_in addr, unsigned int ssrc);
+
+ int
+-rtp_sender_init(rtp_sender_t *sender, int socket,
+- struct sockaddr_in addr, uint32_t ssrc);
++rtp_sender_init(rtp_sender_t sender, int socket,
++ struct sockaddr_in addr, unsigned int ssrc);
+
+ /*
+ * srtp_sender_init(...) initializes an rtp_sender_t
+- *
+ */
+
+ int
+-srtp_sender_init(rtp_sender_t *rtp_ctx, /* structure to be init'ed */
++srtp_sender_init(rtp_sender_t rtp_ctx, /* structure to be init'ed */
+ struct sockaddr_in name, /* socket name */
+ sec_serv_t security_services, /* sec. servs. to be used */
+ unsigned char *input_key /* master key/salt in hex */
+ );
+
+ int
+-srtp_receiver_init(rtp_receiver_t *rtp_ctx, /* structure to be init'ed */
++srtp_receiver_init(rtp_receiver_t rtp_ctx, /* structure to be init'ed */
+ struct sockaddr_in name, /* socket name */
+ sec_serv_t security_services, /* sec. servs. to be used */
+ unsigned char *input_key /* master key/salt in hex */
+ );
+
+
++int
++rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
++
++int
++rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
++
++
++rtp_sender_t
++rtp_sender_alloc();
++
++rtp_receiver_t
++rtp_receiver_alloc();
++
++
++/*
++ * RTP_HEADER_LEN indicates the size of an RTP header
++ */
++#define RTP_HEADER_LEN 12
++
++/*
++ * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
++ */
++#define RTP_MAX_BUF_LEN 16384
++
++
+ #endif /* RTP_H */
+diff -ruNp srtp/include/rtp_priv.h srtp.cvs/include/rtp_priv.h
+--- srtp/include/rtp_priv.h 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/include/rtp_priv.h 2006-07-17 16:47:33.000000000 +0200
+@@ -0,0 +1,74 @@
++/*
++ * rtp_priv.h
++ *
++ * private, internal header file for RTP
++ *
++ * David A. McGrew
++ * Cisco Systems, Inc.
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++
++#ifndef RTP_PRIV_H
++#define RTP_PRIV_H
++
++#include "srtp_priv.h"
++#include "rtp.h"
++
++typedef srtp_hdr_t rtp_hdr_t;
++
++typedef struct {
++ srtp_hdr_t header;
++ char body[RTP_MAX_BUF_LEN];
++} rtp_msg_t;
++
++typedef struct rtp_sender_ctx_t {
++ rtp_msg_t message;
++ int socket;
++ srtp_ctx_t *srtp_ctx;
++ struct sockaddr_in addr; /* reciever's address */
++} rtp_sender_ctx_t;
++
++typedef struct rtp_receiver_ctx_t {
++ rtp_msg_t message;
++ int socket;
++ srtp_ctx_t *srtp_ctx;
++ struct sockaddr_in addr; /* receiver's address */
++} rtp_receiver_ctx_t;
++
++
++#endif /* RTP_PRIV_H */
+diff -ruNp srtp/include/srtp.h srtp.cvs/include/srtp.h
+--- srtp/include/srtp.h 2006-05-07 20:18:53.000000000 +0200
++++ srtp.cvs/include/srtp.h 2007-06-16 13:32:46.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -50,10 +50,11 @@
+ extern "C" {
+ #endif
+
+-#include "crypto_kernel.h"
+-#include "rdbx.h"
+-#include "rdb.h"
+-#include "integers.h"
++#ifdef _MSC_VER
++#pragma pack(4)
++#endif
++
++#include "crypto_kernel.h"
+
+ /**
+ * @defgroup SRTP Secure RTP
+@@ -167,10 +168,22 @@ typedef enum {
+
+ typedef struct {
+ ssrc_type_t type; /**< The type of this particular SSRC */
+- uint32_t value; /**< The value of this SSRC, if it is not a wildcard */
++ unsigned int value; /**< The value of this SSRC, if it is not a wildcard */
+ } ssrc_t;
+
+
++/**
++ * @brief points to an EKT policy
++ */
++typedef struct ekt_policy_ctx_t *ekt_policy_t;
++
++
++/**
++ * @brief points to EKT stream data
++ */
++typedef struct ekt_stream_ctx_t *ekt_stream_t;
++
++
+ /**
+ * @brief represents the policy for an SRTP session.
+ *
+@@ -206,8 +219,10 @@ typedef struct srtp_policy_t {
+ */
+ crypto_policy_t rtp; /**< SRTP crypto policy. */
+ crypto_policy_t rtcp; /**< SRTCP crypto policy. */
+- uint8_t *key; /**< Pointer to the SRTP master key for
++ unsigned char *key; /**< Pointer to the SRTP master key for
+ * this stream. */
++ ekt_policy_t ekt; /**< Pointer to the EKT policy structure
++ * for this stream (if any) */
+ struct srtp_policy_t *next; /**< Pointer to next stream policy. */
+ } srtp_policy_t;
+
+@@ -409,7 +424,7 @@ srtp_add_stream(srtp_t session,
+ */
+
+ err_status_t
+-srtp_remove_stream(srtp_t session, uint32_t ssrc);
++srtp_remove_stream(srtp_t session, unsigned int ssrc);
+
+ /**
+ * @brief crypto_policy_set_rtp_default() sets a crypto policy
+@@ -587,68 +602,112 @@ err_status_t
+ srtp_dealloc(srtp_t s);
+
+
+-
+-/**
+- * @}
++/*
++ * @brief identifies a particular SRTP profile
++ *
++ * An srtp_profile_t enumeration is used to identify a particular SRTP
++ * profile (that is, a set of algorithms and parameters). These
++ * profiles are defined in the DTLS-SRTP draft.
+ */
+
++typedef enum {
++ srtp_profile_reserved = 0,
++ srtp_profile_aes128_cm_sha1_80 = 1,
++ srtp_profile_aes128_cm_sha1_32 = 2,
++ srtp_profile_aes256_cm_sha1_80 = 3,
++ srtp_profile_aes256_cm_sha1_32 = 4,
++ srtp_profile_null_sha1_80 = 5,
++ srtp_profile_null_sha1_32 = 6,
++} srtp_profile_t;
+
+-/*
+- * the following declarations are libSRTP internal functions
+- */
+
+-/*
+- * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
+- * to ssrc, or NULL if no stream exists for that ssrc
++/**
++ * @brief crypto_policy_set_from_profile_for_rtp() sets a crypto policy
++ * structure to the appropriate value for RTP based on an srtp_profile_t
++ *
++ * @param p is a pointer to the policy structure to be set
++ *
++ * The function call crypto_policy_set_rtp_default(&policy, profile)
++ * sets the crypto_policy_t at location policy to the policy for RTP
++ * protection, as defined by the srtp_profile_t profile.
++ *
++ * This function is a convenience that helps to avoid dealing directly
++ * with the policy data structure. You are encouraged to initialize
++ * policy elements with this function call. Doing so may allow your
++ * code to be forward compatible with later versions of libSRTP that
++ * include more elements in the crypto_policy_t datatype.
++ *
++ * @return values
++ * - err_status_ok no problems were encountered
++ * - err_status_bad_param the profile is not supported
++ *
+ */
++err_status_t
++crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
++ srtp_profile_t profile);
+
+-srtp_stream_t
+-srtp_get_stream(srtp_t srtp, uint32_t ssrc);
+
+
+
+-/*
+- * libsrtp internal datatypes
++/**
++ * @brief crypto_policy_set_from_profile_for_rtcp() sets a crypto policy
++ * structure to the appropriate value for RTCP based on an srtp_profile_t
++ *
++ * @param p is a pointer to the policy structure to be set
++ *
++ * The function call crypto_policy_set_rtcp_default(&policy, profile)
++ * sets the crypto_policy_t at location policy to the policy for RTCP
++ * protection, as defined by the srtp_profile_t profile.
++ *
++ * This function is a convenience that helps to avoid dealing directly
++ * with the policy data structure. You are encouraged to initialize
++ * policy elements with this function call. Doing so may allow your
++ * code to be forward compatible with later versions of libSRTP that
++ * include more elements in the crypto_policy_t datatype.
++ *
++ * @return values
++ * - err_status_ok no problems were encountered
++ * - err_status_bad_param the profile is not supported
++ *
++ */
++err_status_t
++crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
++ srtp_profile_t profile);
++
++/**
++ * @brief returns the master key length for a given SRTP profile
+ */
++unsigned int
++srtp_profile_get_master_key_length(srtp_profile_t profile);
+
+-typedef enum direction_t {
+- dir_unknown = 0,
+- dir_srtp_sender = 1,
+- dir_srtp_receiver = 2
+-} direction_t;
+
+-/*
+- * an srtp_stream_t has its own SSRC, encryption key, authentication
+- * key, sequence number, and replay database
++/**
++ * @brief returns the master salt length for a given SRTP profile
++ */
++unsigned int
++srtp_profile_get_master_salt_length(srtp_profile_t profile);
++
++/**
++ * @brief appends the salt to the key
++ *
++ * The function call append_salt_to_key(k, klen, s, slen)
++ * copies the string s to the location at klen bytes following
++ * the location k.
++ *
++ * @warning There must be at least bytes_in_salt + bytes_in_key bytes
++ * available at the location pointed to by key.
+ *
+- * note that the keys might not actually be unique, in which case the
+- * cipher_t and auth_t pointers will point to the same structures
+ */
+
+-typedef struct srtp_stream_ctx_t {
+- uint32_t ssrc;
+- cipher_t *rtp_cipher;
+- auth_t *rtp_auth;
+- rdbx_t rtp_rdbx;
+- sec_serv_t rtp_services;
+- cipher_t *rtcp_cipher;
+- auth_t *rtcp_auth;
+- rdb_t rtcp_rdb;
+- sec_serv_t rtcp_services;
+- key_limit_ctx_t *limit;
+- direction_t direction;
+- struct srtp_stream_ctx_t *next; /* linked list of streams */
+-} srtp_stream_ctx_t;
++void
++append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
++ unsigned char *salt, unsigned int bytes_in_salt);
+
+
+-/*
+- * an srtp_ctx_t holds a stream list and a service description
+- */
+
+-typedef struct srtp_ctx_t {
+- srtp_stream_ctx_t *stream_list; /* linked list of streams */
+- srtp_stream_ctx_t *stream_template; /* act as template for other streams */
+-} srtp_ctx_t;
++/**
++ * @}
++ */
+
+
+
+@@ -857,129 +916,16 @@ srtp_install_event_handler(srtp_event_ha
+ /**
+ * @}
+ */
+-
+-/*
+- * srtp_handle_event(srtp, srtm, evnt) calls the event handling
+- * function, if there is one.
+- *
+- * This macro is not included in the documentation as it is
+- * an internal-only function.
+- */
+-
+-#define srtp_handle_event(srtp, strm, evnt) \
+- if(srtp_event_handler) { \
+- srtp_event_data_t data; \
+- data.session = srtp; \
+- data.stream = strm; \
+- data.event = evnt; \
+- srtp_event_handler(&data); \
+-}
+-
+-/*
+- * an srtp_hdr_t represents the srtp header
+- *
+- * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
+- *
+- * (note that this definition follows that of RFC 1889 Appendix A, but
+- * is not identical)
+- */
+-
+-#ifndef WORDS_BIGENDIAN
+-
+-typedef struct {
+- unsigned cc:4; /* CSRC count */
+- unsigned x:1; /* header extension flag */
+- unsigned p:1; /* padding flag */
+- unsigned version:2; /* protocol version */
+- unsigned pt:7; /* payload type */
+- unsigned m:1; /* marker bit */
+- uint16_t seq; /* sequence number */
+- uint32_t ts; /* timestamp */
+- uint32_t ssrc; /* synchronization source */
+-} srtp_hdr_t;
+-
+-#else /* BIG_ENDIAN */
+-
+-typedef struct {
+- unsigned version:2; /* protocol version */
+- unsigned p:1; /* padding flag */
+- unsigned x:1; /* header extension flag */
+- unsigned cc:4; /* CSRC count */
+- unsigned m:1; /* marker bit */
+- unsigned pt:7; /* payload type */
+- uint16_t seq; /* sequence number */
+- uint32_t ts; /* timestamp */
+- uint32_t ssrc; /* synchronization source */
+-} srtp_hdr_t;
+-
+-#endif
+-
+-typedef struct {
+- uint16_t profile_specific; /* profile-specific info */
+- uint16_t length; /* number of 32-bit words in extension */
+-} srtp_hdr_xtnd_t;
+-
+-
+-/*
+- * srtcp_hdr_t represents a secure rtcp header
+- *
+- * in this implementation, an srtcp header is assumed to be 32-bit
+- * alinged
+- */
+-
+-#ifndef WORDS_BIGENDIAN
+-
+-typedef struct {
+- unsigned char rc:5; /* reception report count */
+- unsigned char p:1; /* padding flag */
+- unsigned char version:2; /* protocol version */
+- unsigned char pt:8; /* payload type */
+- uint16_t len; /* length */
+- uint32_t ssrc; /* synchronization source */
+-} srtcp_hdr_t;
+-
+-typedef struct {
+- unsigned int index:31; /* srtcp packet index in network order! */
+- unsigned int e:1; /* encrypted? 1=yes */
+- /* optional mikey/etc go here */
+- /* and then the variable-length auth tag */
+-} srtcp_trailer_t;
+-
+-
+-#else /* BIG_ENDIAN */
+-
+-typedef struct {
+- unsigned char version:2; /* protocol version */
+- unsigned char p:1; /* padding flag */
+- unsigned char rc:5; /* reception report count */
+- unsigned char pt:8; /* payload type */
+- uint16_t len; /* length */
+- uint32_t ssrc; /* synchronization source */
+-} srtcp_hdr_t;
+-
+-typedef struct {
+- unsigned int version:2; /* protocol version */
+- unsigned int p:1; /* padding flag */
+- unsigned int count:5; /* varies by packet type */
+- unsigned int pt:8; /* payload type */
+- uint16_t length; /* len of uint32s of packet less header */
+-} rtcp_common_t;
+-
+-typedef struct {
+- unsigned int e:1; /* encrypted? 1=yes */
+- unsigned int index:31; /* srtcp packet index */
+- /* optional mikey/etc go here */
+- /* and then the variable-length auth tag */
+-} srtcp_trailer_t;
+-
+-#endif
+-
+ /* in host order, so outside the #if */
+ #define SRTCP_E_BIT 0x80000000
+ /* for byte-access */
+ #define SRTCP_E_BYTE_BIT 0x80
+ #define SRTCP_INDEX_MASK 0x7fffffff
+
++#ifdef _MSC_VER
++#pragma pack()
++#endif
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff -ruNp srtp/include/srtp_priv.h srtp.cvs/include/srtp_priv.h
+--- srtp/include/srtp_priv.h 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/include/srtp_priv.h 2007-06-16 13:32:46.000000000 +0200
+@@ -0,0 +1,255 @@
++/*
++ * srtp_priv.h
++ *
++ * private internal data structures and functions for libSRTP
++ *
++ * David A. McGrew
++ * Cisco Systems, Inc.
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++#ifndef SRTP_PRIV_H
++#define SRTP_PRIV_H
++
++#include "srtp.h"
++#include "rdbx.h"
++#include "rdb.h"
++#include "integers.h"
++
++/*
++ * an srtp_hdr_t represents the srtp header
++ *
++ * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
++ *
++ * (note that this definition follows that of RFC 1889 Appendix A, but
++ * is not identical)
++ */
++
++#ifndef WORDS_BIGENDIAN
++
++/*
++ * srtp_hdr_t represents an RTP or SRTP header. The bit-fields in
++ * this structure should be declared "unsigned int" instead of
++ * "unsigned char", but doing so causes the MS compiler to not
++ * fully pack the bit fields.
++ */
++
++typedef struct {
++ unsigned char cc:4; /* CSRC count */
++ unsigned char x:1; /* header extension flag */
++ unsigned char p:1; /* padding flag */
++ unsigned char version:2; /* protocol version */
++ unsigned char pt:7; /* payload type */
++ unsigned char m:1; /* marker bit */
++ uint16_t seq; /* sequence number */
++ uint32_t ts; /* timestamp */
++ uint32_t ssrc; /* synchronization source */
++} srtp_hdr_t;
++
++#else /* BIG_ENDIAN */
++
++typedef struct {
++ unsigned char version:2; /* protocol version */
++ unsigned char p:1; /* padding flag */
++ unsigned char x:1; /* header extension flag */
++ unsigned char cc:4; /* CSRC count */
++ unsigned char m:1; /* marker bit */
++ unsigned pt:7; /* payload type */
++ uint16_t seq; /* sequence number */
++ uint32_t ts; /* timestamp */
++ uint32_t ssrc; /* synchronization source */
++} srtp_hdr_t;
++
++#endif
++
++typedef struct {
++ uint16_t profile_specific; /* profile-specific info */
++ uint16_t length; /* number of 32-bit words in extension */
++} srtp_hdr_xtnd_t;
++
++
++/*
++ * srtcp_hdr_t represents a secure rtcp header
++ *
++ * in this implementation, an srtcp header is assumed to be 32-bit
++ * alinged
++ */
++
++#ifndef WORDS_BIGENDIAN
++
++typedef struct {
++ unsigned char rc:5; /* reception report count */
++ unsigned char p:1; /* padding flag */
++ unsigned char version:2; /* protocol version */
++ unsigned char pt:8; /* payload type */
++ uint16_t len; /* length */
++ uint32_t ssrc; /* synchronization source */
++} srtcp_hdr_t;
++
++typedef struct {
++ unsigned int index:31; /* srtcp packet index in network order! */
++ unsigned int e:1; /* encrypted? 1=yes */
++ /* optional mikey/etc go here */
++ /* and then the variable-length auth tag */
++} srtcp_trailer_t;
++
++
++#else /* BIG_ENDIAN */
++
++typedef struct {
++ unsigned char version:2; /* protocol version */
++ unsigned char p:1; /* padding flag */
++ unsigned char rc:5; /* reception report count */
++ unsigned char pt:8; /* payload type */
++ uint16_t len; /* length */
++ uint32_t ssrc; /* synchronization source */
++} srtcp_hdr_t;
++
++typedef struct {
++ unsigned int version:2; /* protocol version */
++ unsigned int p:1; /* padding flag */
++ unsigned int count:5; /* varies by packet type */
++ unsigned int pt:8; /* payload type */
++ uint16_t length; /* len of uint32s of packet less header */
++} rtcp_common_t;
++
++typedef struct {
++ unsigned int e:1; /* encrypted? 1=yes */
++ unsigned int index:31; /* srtcp packet index */
++ /* optional mikey/etc go here */
++ /* and then the variable-length auth tag */
++} srtcp_trailer_t;
++
++#endif
++
++
++/*
++ * the following declarations are libSRTP internal functions
++ */
++
++/*
++ * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
++ * to ssrc, or NULL if no stream exists for that ssrc
++ */
++
++srtp_stream_t
++srtp_get_stream(srtp_t srtp, uint32_t ssrc);
++
++
++/*
++ * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
++ * deriving all of the needed keys using the KDF and the key k.
++ */
++
++
++err_status_t
++srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
++
++/*
++ * srtp_stream_init(s, p) initializes the srtp_stream_t s to
++ * use the policy at the location p
++ */
++err_status_t
++srtp_stream_init(srtp_stream_t srtp,
++ const srtp_policy_t *p);
++
++
++/*
++ * libsrtp internal datatypes
++ */
++
++typedef enum direction_t {
++ dir_unknown = 0,
++ dir_srtp_sender = 1,
++ dir_srtp_receiver = 2
++} direction_t;
++
++/*
++ * an srtp_stream_t has its own SSRC, encryption key, authentication
++ * key, sequence number, and replay database
++ *
++ * note that the keys might not actually be unique, in which case the
++ * cipher_t and auth_t pointers will point to the same structures
++ */
++
++typedef struct srtp_stream_ctx_t {
++ uint32_t ssrc;
++ cipher_t *rtp_cipher;
++ auth_t *rtp_auth;
++ rdbx_t rtp_rdbx;
++ sec_serv_t rtp_services;
++ cipher_t *rtcp_cipher;
++ auth_t *rtcp_auth;
++ rdb_t rtcp_rdb;
++ sec_serv_t rtcp_services;
++ key_limit_ctx_t *limit;
++ direction_t direction;
++ ekt_stream_t ekt;
++ struct srtp_stream_ctx_t *next; /* linked list of streams */
++} srtp_stream_ctx_t;
++
++
++/*
++ * an srtp_ctx_t holds a stream list and a service description
++ */
++
++typedef struct srtp_ctx_t {
++ srtp_stream_ctx_t *stream_list; /* linked list of streams */
++ srtp_stream_ctx_t *stream_template; /* act as template for other streams */
++} srtp_ctx_t;
++
++
++
++/*
++ * srtp_handle_event(srtp, srtm, evnt) calls the event handling
++ * function, if there is one.
++ *
++ * This macro is not included in the documentation as it is
++ * an internal-only function.
++ */
++
++#define srtp_handle_event(srtp, strm, evnt) \
++ if(srtp_event_handler) { \
++ srtp_event_data_t data; \
++ data.session = srtp; \
++ data.stream = strm; \
++ data.event = evnt; \
++ srtp_event_handler(&data); \
++}
++
++
++#endif /* SRTP_PRIV_H */
+diff -ruNp srtp/include/ut_sim.h srtp.cvs/include/ut_sim.h
+--- srtp/include/ut_sim.h 2006-03-16 20:13:33.000000000 +0100
++++ srtp.cvs/include/ut_sim.h 2006-06-08 19:00:29.000000000 +0200
+@@ -10,7 +10,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/LICENSE srtp.cvs/LICENSE
+--- srtp/LICENSE 2005-09-23 21:34:11.000000000 +0200
++++ srtp.cvs/LICENSE 2006-07-22 00:53:01.000000000 +0200
+@@ -1,6 +1,6 @@
+ /*
+ *
+- * Copyright (c) 2001-2005 Cisco Systems, Inc.
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/Makefile.in srtp.cvs/Makefile.in
+--- srtp/Makefile.in 2006-03-17 22:00:46.000000000 +0100
++++ srtp.cvs/Makefile.in 2007-06-16 13:32:24.000000000 +0200
+@@ -25,6 +25,8 @@ runtest: build_table_apps test
+ test/srtp_driver$(EXE) -v >/dev/null
+ test/roc_driver$(EXE) -v >/dev/null
+ test/replay_driver$(EXE) -v >/dev/null
++ test/dtls_srtp_driver$(EXE) >/dev/null
++ cd test; ./rtpw_test.sh >/dev/null
+ @echo "libsrtp test applications passed."
+ $(MAKE) -C crypto runtest
+
+@@ -97,7 +99,7 @@ cryptobj = $(ciphers) $(hashes) $(math)
+
+ # libsrtp.a (implements srtp processing)
+
+-srtpobj = srtp/srtp.o
++srtpobj = srtp/srtp.o srtp/ekt.o
+
+ libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
+ ar cr libsrtp.a $^
+@@ -122,11 +124,21 @@ crypto_testapp = crypto/test/aes_calc$(E
+ crypto/test/stat_driver$(EXE)
+
+ testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
+- test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE)
++ test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
++ test/dtls_srtp_driver$(EXE)
+
+ $(testapp): libsrtp.a
+
+-test/rtpw$(EXE): test/rtpw.c test/rtp.c
++test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
++ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
++
++test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
++ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
++
++test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
++ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
++
++test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
+ $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+
+ test: $(testapp)
+@@ -191,7 +203,7 @@ uninstall:
+ rm -rf $(DESTDIR)$(libdir)/libsrtp.a
+
+ clean:
+- rm -rf $(cryptobj) $(srtpobj) $(cryptomath) $(table_apps) TAGS \
++ rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
+ libcryptomath.a libsrtp.a core *.core test/core
+ for a in * */* */*/*; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+diff -ruNp srtp/README srtp.cvs/README
+--- srtp/README 2005-10-02 14:04:37.000000000 +0200
++++ srtp.cvs/README 2007-05-17 12:05:49.000000000 +0200
+@@ -1,4 +1,4 @@
+-Secure RTP (SRTP) and UST Reference Implementations
++Secure RTP (SRTP) Reference Implementation
+ David A. McGrew
+ Cisco Systems, Inc.
+ mcgrew at cisco.com
+@@ -9,7 +9,9 @@ Transport Protocol (SRTP), the Universal
+ a supporting cryptographic kernel. These mechanisms are documented in
+ the Internet Drafts in the doc/ subdirectory. The SRTP API is
+ documented in include/srtp.h, and the library is in libsrtp.a (after
+-compilation).
++compilation). An overview and reference manual is available in
++doc/libsrtp.pdf. The PDF documentation is more up to date than this
++file.
+
+
+ Installation:
+diff -ruNp srtp/srtp/ekt.c srtp.cvs/srtp/ekt.c
+--- srtp/srtp/ekt.c 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/srtp/ekt.c 2007-06-15 20:36:09.000000000 +0200
+@@ -0,0 +1,272 @@
++/*
++ * ekt.c
++ *
++ * Encrypted Key Transport for SRTP
++ *
++ * David McGrew
++ * Cisco Systems, Inc.
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++
++#include "err.h"
++#include "srtp_priv.h"
++#include "ekt.h"
++
++extern debug_module_t mod_srtp;
++
++/*
++ * The EKT Authentication Tag format.
++ *
++ * 0 1 2 3
++ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
++ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
++ * : Base Authentication Tag :
++ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
++ * : Encrypted Master Key :
++ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
++ * | Rollover Counter |
++ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
++ * | Initial Sequence Number | Security Parameter Index |
++ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
++ *
++ */
++
++#define EKT_OCTETS_AFTER_BASE_TAG 24
++#define EKT_OCTETS_AFTER_EMK 8
++#define EKT_OCTETS_AFTER_ROC 4
++#define EKT_SPI_LEN 2
++
++unsigned
++ekt_octets_after_base_tag(ekt_stream_t ekt) {
++ /*
++ * if the pointer ekt is NULL, then EKT is not in effect, so we
++ * indicate this by returning zero
++ */
++ if (!ekt)
++ return 0;
++
++ switch(ekt->data->ekt_cipher_type) {
++ case EKT_CIPHER_AES_128_ECB:
++ return 16 + EKT_OCTETS_AFTER_EMK;
++ break;
++ default:
++ break;
++ }
++ return 0;
++}
++
++inline ekt_spi_t
++srtcp_packet_get_ekt_spi(const void *packet_start, unsigned pkt_octet_len) {
++ void *spi_location;
++
++ spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN);
++
++ return *((ekt_spi_t *)spi_location);
++}
++
++inline uint32_t
++srtcp_packet_get_ekt_roc(const void *packet_start, unsigned pkt_octet_len) {
++ void *roc_location;
++
++ roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC);
++
++ return *((uint32_t *)roc_location);
++}
++
++inline void *
++srtcp_packet_get_emk_location(const void *packet_start,
++ unsigned pkt_octet_len) {
++ void *location;
++
++ location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG);
++
++ return location;
++}
++
++
++err_status_t
++ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy) {
++
++ /*
++ * if the policy pointer is NULL, then EKT is not in use
++ * so we just set the EKT stream data pointer to NULL
++ */
++ if (!policy) {
++ *stream_data = NULL;
++ return err_status_ok;
++ }
++
++ return err_status_ok;
++}
++
++err_status_t
++ekt_stream_init_from_policy(ekt_stream_t stream_data, ekt_policy_t policy) {
++ if (!stream_data)
++ return err_status_ok;
++
++ return err_status_ok;
++}
++
++
++void
++aes_decrypt_with_raw_key(void *ciphertext, const void *key) {
++ aes_expanded_key_t expanded_key;
++
++ aes_expand_decryption_key(key, expanded_key);
++ aes_decrypt(ciphertext, expanded_key);
++}
++
++/*
++ * The function srtp_stream_init_from_ekt() initializes a stream using
++ * the EKT data from an SRTCP trailer.
++ */
++
++err_status_t
++srtp_stream_init_from_ekt(srtp_stream_t stream,
++ const void *srtcp_hdr,
++ unsigned pkt_octet_len) {
++ err_status_t err;
++ uint8_t *master_key;
++ srtp_policy_t srtp_policy;
++ unsigned master_key_len;
++ uint32_t roc;
++
++ /*
++ * NOTE: at present, we only support a single ekt_policy at a time.
++ */
++ if (stream->ekt->data->spi !=
++ srtcp_packet_get_ekt_spi(srtcp_hdr, pkt_octet_len))
++ return err_status_no_ctx;
++
++ if (stream->ekt->data->ekt_cipher_type != EKT_CIPHER_AES_128_ECB)
++ return err_status_bad_param;
++ master_key_len = 16;
++
++ /* decrypt the Encrypted Master Key field */
++ master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len);
++ aes_decrypt_with_raw_key(master_key, stream->ekt->data->ekt_dec_key);
++
++ /* set the SRTP ROC */
++ roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len);
++ err = rdbx_set_roc(&stream->rtp_rdbx, roc);
++ if (err) return err;
++
++ err = srtp_stream_init(stream, &srtp_policy);
++ if (err) return err;
++
++ return err_status_ok;
++}
++
++void
++ekt_write_data(ekt_stream_t ekt,
++ void *base_tag,
++ unsigned base_tag_len,
++ int *packet_len,
++ xtd_seq_num_t pkt_index) {
++ uint32_t roc;
++ uint16_t isn;
++ unsigned emk_len;
++ void *packet;
++
++ /* if the pointer ekt is NULL, then EKT is not in effect */
++ if (!ekt) {
++ debug_print(mod_srtp, "EKT not in use", NULL);
++ return;
++ }
++
++ /* write zeros into the location of the base tag */
++ octet_string_set_to_zero(base_tag, base_tag_len);
++ packet = base_tag + base_tag_len;
++
++ /* copy encrypted master key into packet */
++ emk_len = ekt_octets_after_base_tag(ekt);
++ memcpy(packet, ekt->encrypted_master_key, emk_len);
++ debug_print(mod_srtp, "writing EKT EMK: %s,",
++ octet_string_hex_string(packet, emk_len));
++ packet += emk_len;
++
++ /* copy ROC into packet */
++ roc = pkt_index >> 16;
++ *((uint32_t *)packet) = be32_to_cpu(roc);
++ debug_print(mod_srtp, "writing EKT ROC: %s,",
++ octet_string_hex_string(packet, sizeof(roc)));
++ packet += sizeof(roc);
++
++ /* copy ISN into packet */
++ isn = pkt_index;
++ *((uint16_t *)packet) = htons(isn);
++ debug_print(mod_srtp, "writing EKT ISN: %s,",
++ octet_string_hex_string(packet, sizeof(isn)));
++ packet += sizeof(isn);
++
++ /* copy SPI into packet */
++ *((uint16_t *)packet) = htons(ekt->data->spi);
++ debug_print(mod_srtp, "writing EKT SPI: %s,",
++ octet_string_hex_string(packet, sizeof(ekt->data->spi)));
++
++ /* increase packet length appropriately */
++ *packet_len += EKT_OCTETS_AFTER_EMK + emk_len;
++}
++
++
++/*
++ * The function call srtcp_ekt_trailer(ekt, auth_len, auth_tag )
++ *
++ * If the pointer ekt is NULL, then the other inputs are unaffected.
++ *
++ * auth_tag is a pointer to the pointer to the location of the
++ * authentication tag in the packet. If EKT is in effect, then the
++ * auth_tag pointer is set to the location
++ */
++
++void
++srtcp_ekt_trailer(ekt_stream_t ekt,
++ unsigned *auth_len,
++ void **auth_tag,
++ void *tag_copy) {
++
++ /*
++ * if there is no EKT policy, then the other inputs are unaffected
++ */
++ if (!ekt)
++ return;
++
++ /* copy auth_tag into temporary location */
++
++}
++
+diff -ruNp srtp/srtp/srtp.c srtp.cvs/srtp/srtp.c
+--- srtp/srtp/srtp.c 2006-05-03 21:38:38.000000000 +0200
++++ srtp.cvs/srtp/srtp.c 2007-06-16 13:32:48.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -44,6 +44,7 @@
+
+
+ #include "srtp.h"
++#include "ekt.h" /* for SRTP Encrypted Key Transport */
+ #include "aes_icm.h" /* aes_icm is used in the KDF */
+ #include "alloc.h" /* for crypto_alloc() */
+
+@@ -114,7 +115,7 @@ srtp_stream_alloc(srtp_stream_ctx_t **st
+ }
+
+ /* allocate key limit structure */
+- str->limit = crypto_alloc(sizeof(key_limit_ctx_t));
++ str->limit = (key_limit_ctx_t*) crypto_alloc(sizeof(key_limit_ctx_t));
+ if (str->limit == NULL) {
+ auth_dealloc(str->rtp_auth);
+ cipher_dealloc(str->rtp_cipher);
+@@ -151,6 +152,18 @@ srtp_stream_alloc(srtp_stream_ctx_t **st
+ return stat;
+ }
+
++ /* allocate ekt data associated with stream */
++ stat = ekt_alloc(&str->ekt, p->ekt);
++ if (stat) {
++ auth_dealloc(str->rtcp_auth);
++ cipher_dealloc(str->rtcp_cipher);
++ auth_dealloc(str->rtp_auth);
++ cipher_dealloc(str->rtp_cipher);
++ crypto_free(str->limit);
++ crypto_free(str);
++ return stat;
++ }
++
+ return err_status_ok;
+ }
+
+@@ -217,6 +230,8 @@ srtp_stream_dealloc(srtp_t session, srtp
+ if (status)
+ return status;
+ }
++
++ /* DAM - need to deallocate EKT here */
+
+ /* deallocate srtp stream context */
+ crypto_free(stream);
+@@ -271,6 +286,9 @@ srtp_stream_clone(const srtp_stream_ctx_
+ str->rtp_services = stream_template->rtp_services;
+ str->rtcp_services = stream_template->rtcp_services;
+
++ /* set pointer to EKT data associated with stream */
++ str->ekt = stream_template->ekt;
++
+ /* defensive coding */
+ str->next = NULL;
+
+@@ -354,14 +372,120 @@ srtp_kdf_clear(srtp_kdf_t *kdf) {
+ #define MAX_SRTP_KEY_LEN 256
+
+
++err_status_t
++srtp_stream_init_keys(srtp_stream_ctx_t *srtp, const void *key) {
++ err_status_t stat;
++ srtp_kdf_t kdf;
++ uint8_t tmp_key[MAX_SRTP_KEY_LEN];
++
++ /* initialize KDF state */
++ srtp_kdf_init(&kdf, (const uint8_t *)key);
++
++ /* generate encryption key */
++ srtp_kdf_generate(&kdf, label_rtp_encryption,
++ tmp_key, cipher_get_key_length(srtp->rtp_cipher));
++ /*
++ * if the cipher in the srtp context is aes_icm, then we need
++ * to generate the salt value
++ */
++ if (srtp->rtp_cipher->type == &aes_icm) {
++ /* FIX!!! this is really the cipher key length; rest is salt */
++ int base_key_len = 16;
++ int salt_len = cipher_get_key_length(srtp->rtp_cipher) - base_key_len;
++
++ debug_print(mod_srtp, "found aes_icm, generating salt", NULL);
++
++ /* generate encryption salt, put after encryption key */
++ srtp_kdf_generate(&kdf, label_rtp_salt,
++ tmp_key + base_key_len, salt_len);
++ }
++ debug_print(mod_srtp, "cipher key: %s",
++ octet_string_hex_string(tmp_key,
++ cipher_get_key_length(srtp->rtp_cipher)));
++
++ /* initialize cipher */
++ stat = cipher_init(srtp->rtp_cipher, tmp_key, direction_any);
++ if (stat) {
++ /* zeroize temp buffer */
++ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
++ return err_status_init_fail;
++ }
++
++ /* generate authentication key */
++ srtp_kdf_generate(&kdf, label_rtp_msg_auth,
++ tmp_key, auth_get_key_length(srtp->rtp_auth));
++ debug_print(mod_srtp, "auth key: %s",
++ octet_string_hex_string(tmp_key,
++ auth_get_key_length(srtp->rtp_auth)));
++
++ /* initialize auth function */
++ stat = auth_init(srtp->rtp_auth, tmp_key);
++ if (stat) {
++ /* zeroize temp buffer */
++ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
++ return err_status_init_fail;
++ }
++
++ /*
++ * ...now initialize SRTCP keys
++ */
++
++ /* generate encryption key */
++ srtp_kdf_generate(&kdf, label_rtcp_encryption,
++ tmp_key, cipher_get_key_length(srtp->rtcp_cipher));
++ /*
++ * if the cipher in the srtp context is aes_icm, then we need
++ * to generate the salt value
++ */
++ if (srtp->rtcp_cipher->type == &aes_icm) {
++ /* FIX!!! this is really the cipher key length; rest is salt */
++ int base_key_len = 16;
++ int salt_len = cipher_get_key_length(srtp->rtcp_cipher) - base_key_len;
++
++ debug_print(mod_srtp, "found aes_icm, generating rtcp salt", NULL);
++
++ /* generate encryption salt, put after encryption key */
++ srtp_kdf_generate(&kdf, label_rtcp_salt,
++ tmp_key + base_key_len, salt_len);
++ }
++ debug_print(mod_srtp, "rtcp cipher key: %s",
++ octet_string_hex_string(tmp_key,
++ cipher_get_key_length(srtp->rtcp_cipher)));
++
++ /* initialize cipher */
++ stat = cipher_init(srtp->rtcp_cipher, tmp_key, direction_any);
++ if (stat) {
++ /* zeroize temp buffer */
++ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
++ return err_status_init_fail;
++ }
++
++ /* generate authentication key */
++ srtp_kdf_generate(&kdf, label_rtcp_msg_auth,
++ tmp_key, auth_get_key_length(srtp->rtcp_auth));
++ debug_print(mod_srtp, "rtcp auth key: %s",
++ octet_string_hex_string(tmp_key,
++ auth_get_key_length(srtp->rtcp_auth)));
++
++ /* initialize auth function */
++ stat = auth_init(srtp->rtcp_auth, tmp_key);
++ if (stat) {
++ /* zeroize temp buffer */
++ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
++ return err_status_init_fail;
++ }
++
++ /* clear memory then return */
++ srtp_kdf_clear(&kdf);
++ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
++
++ return err_status_ok;
++}
+
+ err_status_t
+ srtp_stream_init(srtp_stream_ctx_t *srtp,
+ const srtp_policy_t *p) {
+- err_status_t stat;
+- srtp_kdf_t kdf;
+- uint8_t tmp_key[MAX_SRTP_KEY_LEN];
+- uint8_t *key = p->key;
++ err_status_t err;
+
+ debug_print(mod_srtp, "initializing stream (SSRC: 0x%08x)",
+ p->ssrc.value);
+@@ -394,111 +518,22 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+ */
+ srtp->direction = dir_unknown;
+
+- /* initialize KDF state */
+- srtp_kdf_init(&kdf, key);
+-
+- /* generate encryption key */
+- srtp_kdf_generate(&kdf, label_rtp_encryption,
+- tmp_key, cipher_get_key_length(srtp->rtp_cipher));
+- /*
+- * if the cipher in the srtp context is aes_icm, then we need
+- * to generate the salt value
+- */
+- if (srtp->rtp_cipher->type == &aes_icm) {
+- /* FIX!!! this is really the cipher key length; rest is salt */
+- int base_key_len = 16;
+- int salt_len = cipher_get_key_length(srtp->rtp_cipher) - base_key_len;
+-
+- debug_print(mod_srtp, "found aes_icm, generating salt", NULL);
+-
+- /* generate encryption salt, put after encryption key */
+- srtp_kdf_generate(&kdf, label_rtp_salt,
+- tmp_key + base_key_len, salt_len);
+- }
+- debug_print(mod_srtp, "cipher key: %s",
+- octet_string_hex_string(tmp_key,
+- cipher_get_key_length(srtp->rtp_cipher)));
+-
+- /* initialize cipher */
+- stat = cipher_init(srtp->rtp_cipher, tmp_key, direction_any);
+- if (stat) {
+- /* zeroize temp buffer */
+- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+- return err_status_init_fail;
+- }
+-
+- /* generate authentication key */
+- srtp_kdf_generate(&kdf, label_rtp_msg_auth,
+- tmp_key, auth_get_key_length(srtp->rtp_auth));
+- debug_print(mod_srtp, "auth key: %s",
+- octet_string_hex_string(tmp_key,
+- auth_get_key_length(srtp->rtp_auth)));
+-
+- /* initialize auth function */
+- stat = auth_init(srtp->rtp_auth, tmp_key);
+- if (stat) {
+- /* zeroize temp buffer */
+- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+- return err_status_init_fail;
+- }
+-
+- /*
+- * ...now initialize RTCP-specific structures
+- */
+-
+- /* initialize replay database */
++ /* initialize SRTCP replay database */
+ rdb_init(&srtp->rtcp_rdb);
+
+ /* DAM - no RTCP key limit at present */
+
+- /* generate encryption key */
+- srtp_kdf_generate(&kdf, label_rtcp_encryption,
+- tmp_key, cipher_get_key_length(srtp->rtcp_cipher));
++ /* initialize keys */
++ err = srtp_stream_init_keys(srtp, p->key);
++ if (err) return err;
++
+ /*
+- * if the cipher in the srtp context is aes_icm, then we need
+- * to generate the salt value
++ * if EKT is in use, then initialize the EKT data associated with
++ * the stream
+ */
+- if (srtp->rtcp_cipher->type == &aes_icm) {
+- /* FIX!!! this is really the cipher key length; rest is salt */
+- int base_key_len = 16;
+- int salt_len = cipher_get_key_length(srtp->rtcp_cipher) - base_key_len;
+-
+- debug_print(mod_srtp, "found aes_icm, generating rtcp salt", NULL);
+-
+- /* generate encryption salt, put after encryption key */
+- srtp_kdf_generate(&kdf, label_rtcp_salt,
+- tmp_key + base_key_len, salt_len);
+- }
+- debug_print(mod_srtp, "rtcp cipher key: %s",
+- octet_string_hex_string(tmp_key,
+- cipher_get_key_length(srtp->rtcp_cipher)));
+-
+- /* initialize cipher */
+- stat = cipher_init(srtp->rtcp_cipher, tmp_key, direction_any);
+- if (stat) {
+- /* zeroize temp buffer */
+- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+- return err_status_init_fail;
+- }
++ err = ekt_stream_init_from_policy(srtp->ekt, p->ekt);
++ if (err) return err;
+
+- /* generate authentication key */
+- srtp_kdf_generate(&kdf, label_rtcp_msg_auth,
+- tmp_key, auth_get_key_length(srtp->rtcp_auth));
+- debug_print(mod_srtp, "rtcp auth key: %s",
+- octet_string_hex_string(tmp_key,
+- auth_get_key_length(srtp->rtcp_auth)));
+-
+- /* initialize auth function */
+- stat = auth_init(srtp->rtcp_auth, tmp_key);
+- if (stat) {
+- /* zeroize temp buffer */
+- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+- return err_status_init_fail;
+- }
+-
+- /* clear memory then return */
+- srtp_kdf_clear(&kdf);
+- octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN);
+ return err_status_ok;
+ }
+
+@@ -560,7 +595,7 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+
+ err_status_t
+ srtp_protect(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len) {
+- srtp_hdr_t *hdr = rtp_hdr;
++ srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
+@@ -662,7 +697,8 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+ srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
+ enc_start += (ntohs(xtn_hdr->length) + 1);
+ }
+- enc_octet_len = *pkt_octet_len - ((enc_start - (uint32_t *)hdr) << 2);
++ enc_octet_len = (unsigned int)(*pkt_octet_len
++ - ((enc_start - (uint32_t *)hdr) << 2));
+ } else {
+ enc_start = NULL;
+ }
+@@ -799,10 +835,10 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
+
+ err_status_t
+ srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
+- srtp_hdr_t *hdr = srtp_hdr;
++ srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+- uint32_t enc_octet_len = 0;/* number of octets in encrypted portion */
++ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
+ int delta; /* delta of local pkt idx and that in hdr */
+@@ -843,7 +879,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+ delta = low32(est);
+ #else
+ est = (xtd_seq_num_t) ntohs(hdr->seq);
+- delta = est;
++ delta = (int)est;
+ #endif
+ } else {
+
+@@ -888,7 +924,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+ #else
+ iv.v64[1] = be64_to_cpu(est << 16);
+ #endif
+- status = aes_icm_set_iv(stream->rtp_cipher->state, &iv);
++ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtp_cipher->state, &iv);
+ } else {
+
+ /* no particular format - set the iv to the pakcet index */
+@@ -927,8 +963,8 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
+ srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
+ enc_start += (ntohs(xtn_hdr->length) + 1);
+ }
+- enc_octet_len = *pkt_octet_len - tag_len
+- - ((enc_start - (uint32_t *)hdr) << 2);
++ enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len
++ - ((enc_start - (uint32_t *)hdr) << 2));
+ } else {
+ enc_start = NULL;
+ }
+@@ -1407,11 +1443,11 @@ crypto_policy_set_null_cipher_hmac_sha1_
+
+ err_status_t
+ srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) {
+- srtcp_hdr_t *hdr = rtcp_hdr;
++ srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ uint32_t *trailer; /* pointer to start of trailer */
+- uint32_t enc_octet_len = 0;/* number of octets in encrypted portion */
++ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ err_status_t status;
+ int tag_len;
+@@ -1498,6 +1534,10 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp
+ auth_start = (uint32_t *)hdr;
+ auth_tag = (uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t);
+
++ /* perform EKT processing if needed */
++ ekt_write_data(stream->ekt, auth_tag, tag_len, pkt_octet_len,
++ rdbx_get_packet_index(&stream->rtp_rdbx));
++
+ /*
+ * check sequence number for overruns, and copy it into the packet
+ * if its value isn't too big
+@@ -1519,7 +1559,7 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp
+ iv.v32[1] = hdr->ssrc; /* still in network order! */
+ iv.v32[2] = htonl(seq_num >> 16);
+ iv.v32[3] = htonl(seq_num << 16);
+- status = aes_icm_set_iv(stream->rtcp_cipher->state, &iv);
++ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
+
+ } else {
+ v128_t iv;
+@@ -1586,14 +1626,16 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp
+
+ err_status_t
+ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
+- srtcp_hdr_t *hdr = srtcp_hdr;
++ srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr;
+ uint32_t *enc_start; /* pointer to start of encrypted portion */
+ uint32_t *auth_start; /* pointer to start of auth. portion */
+ uint32_t *trailer; /* pointer to start of trailer */
+- uint32_t enc_octet_len = 0;/* number of octets in encrypted portion */
++ unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
+ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
+ uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
++ uint8_t tag_copy[SRTP_MAX_TAG_LEN];
+ err_status_t status;
++ unsigned auth_len;
+ int tag_len;
+ srtp_stream_ctx_t *stream;
+ int prefix_len;
+@@ -1611,6 +1653,23 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+ if (stream == NULL) {
+ if (ctx->stream_template != NULL) {
+ stream = ctx->stream_template;
++
++ /*
++ * check to see if stream_template has an EKT data structure, in
++ * which case we initialize the template using the EKT policy
++ * referenced by that data (which consists of decrypting the
++ * master key from the EKT field)
++ *
++ * this function initializes a *provisional* stream, and this
++ * stream should not be accepted until and unless the packet
++ * passes its authentication check
++ */
++ if (stream->ekt != NULL) {
++ status = srtp_stream_init_from_ekt(stream, srtcp_hdr, *pkt_octet_len);
++ if (status)
++ return status;
++ }
++
+ debug_print(mod_srtp, "srtcp using provisional stream (SSRC: 0x%08x)",
+ hdr->ssrc);
+ } else {
+@@ -1650,7 +1709,23 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+ * (note that srtcp *always* uses authentication, unlike srtp)
+ */
+ auth_start = (uint32_t *)hdr;
+- auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len;
++ auth_len = *pkt_octet_len - tag_len;
++ auth_tag = (uint8_t *)hdr + auth_len;
++
++ /*
++ * if EKT is in use, then we make a copy of the tag from the packet,
++ * and then zeroize the location of the base tag
++ *
++ * we first re-position the auth_tag pointer so that it points to
++ * the base tag
++ */
++ if (stream->ekt) {
++ auth_tag -= ekt_octets_after_base_tag(stream->ekt);
++ memcpy(tag_copy, auth_tag, tag_len);
++ octet_string_set_to_zero(auth_tag, tag_len);
++ auth_tag = tag_copy;
++ auth_len += tag_len;
++ }
+
+ /*
+ * check the sequence number for replays
+@@ -1672,7 +1747,7 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+ iv.v32[1] = hdr->ssrc; /* still in network order! */
+ iv.v32[2] = htonl(seq_num >> 16);
+ iv.v32[3] = htonl(seq_num << 16);
+- status = aes_icm_set_iv(stream->rtcp_cipher->state, &iv);
++ status = aes_icm_set_iv((aes_icm_ctx_t*)stream->rtcp_cipher->state, &iv);
+
+ } else {
+ v128_t iv;
+@@ -1693,8 +1768,7 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+
+ /* run auth func over packet, put result into tmp_tag */
+ status = auth_compute(stream->rtcp_auth, (uint8_t *)auth_start,
+- *pkt_octet_len - tag_len,
+- tmp_tag);
++ auth_len, tmp_tag);
+ debug_print(mod_srtp, "srtcp computed tag: %s",
+ octet_string_hex_string(tmp_tag, tag_len));
+ if (status)
+@@ -1727,9 +1801,15 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+ return err_status_cipher_fail;
+ }
+
+- /* decrease the packet length by the length of the auth tag and seq_num*/
++ /* decrease the packet length by the length of the auth tag and seq_num */
+ *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t));
+
++ /*
++ * if EKT is in effect, subtract the EKT data out of the packet
++ * length
++ */
++ *pkt_octet_len -= ekt_octets_after_base_tag(stream->ekt);
++
+ /*
+ * verify that stream is for received traffic - this check will
+ * detect SSRC collisions, since a stream that appears in both
+@@ -1781,3 +1861,116 @@ srtp_unprotect_rtcp(srtp_t ctx, void *sr
+
+ return err_status_ok;
+ }
++
++
++
++/*
++ * dtls keying for srtp
++ */
++
++err_status_t
++crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
++ srtp_profile_t profile) {
++
++ /* set SRTP policy from the SRTP profile in the key set */
++ switch(profile) {
++ case srtp_profile_aes128_cm_sha1_80:
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ break;
++ case srtp_profile_aes128_cm_sha1_32:
++ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ break;
++ case srtp_profile_null_sha1_80:
++ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
++ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
++ break;
++ /* the following profiles are not (yet) supported */
++ case srtp_profile_null_sha1_32:
++ case srtp_profile_aes256_cm_sha1_80:
++ case srtp_profile_aes256_cm_sha1_32:
++ default:
++ return err_status_bad_param;
++ }
++
++ return err_status_ok;
++}
++
++err_status_t
++crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
++ srtp_profile_t profile) {
++
++ /* set SRTP policy from the SRTP profile in the key set */
++ switch(profile) {
++ case srtp_profile_aes128_cm_sha1_80:
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ break;
++ case srtp_profile_aes128_cm_sha1_32:
++ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ break;
++ case srtp_profile_null_sha1_80:
++ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
++ break;
++ /* the following profiles are not (yet) supported */
++ case srtp_profile_null_sha1_32:
++ case srtp_profile_aes256_cm_sha1_80:
++ case srtp_profile_aes256_cm_sha1_32:
++ default:
++ return err_status_bad_param;
++ }
++
++ return err_status_ok;
++}
++
++void
++append_salt_to_key(uint8_t *key, unsigned int bytes_in_key,
++ uint8_t *salt, unsigned int bytes_in_salt) {
++
++ memcpy(key + bytes_in_key, salt, bytes_in_salt);
++
++}
++
++unsigned int
++srtp_profile_get_master_key_length(srtp_profile_t profile) {
++
++ switch(profile) {
++ case srtp_profile_aes128_cm_sha1_80:
++ return 16;
++ break;
++ case srtp_profile_aes128_cm_sha1_32:
++ return 16;
++ break;
++ case srtp_profile_null_sha1_80:
++ return 16;
++ break;
++ /* the following profiles are not (yet) supported */
++ case srtp_profile_null_sha1_32:
++ case srtp_profile_aes256_cm_sha1_80:
++ case srtp_profile_aes256_cm_sha1_32:
++ default:
++ return 0; /* indicate error by returning a zero */
++ }
++}
++
++unsigned int
++srtp_profile_get_master_salt_length(srtp_profile_t profile) {
++
++ switch(profile) {
++ case srtp_profile_aes128_cm_sha1_80:
++ return 14;
++ break;
++ case srtp_profile_aes128_cm_sha1_32:
++ return 14;
++ break;
++ case srtp_profile_null_sha1_80:
++ return 14;
++ break;
++ /* the following profiles are not (yet) supported */
++ case srtp_profile_null_sha1_32:
++ case srtp_profile_aes256_cm_sha1_80:
++ case srtp_profile_aes256_cm_sha1_32:
++ default:
++ return 0; /* indicate error by returning a zero */
++ }
++}
+diff -ruNp srtp/srtp7.sln srtp.cvs/srtp7.sln
+--- srtp/srtp7.sln 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/srtp7.sln 2006-07-13 00:22:08.000000000 +0200
+@@ -0,0 +1,21 @@
++Microsoft Visual Studio Solution File, Format Version 8.00
++Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libSRTP", "srtp7.vcproj", "{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
++ ProjectSection(ProjectDependencies) = postProject
++ EndProjectSection
++EndProject
++Global
++ GlobalSection(SolutionConfiguration) = preSolution
++ Debug = Debug
++ Release = Release
++ EndGlobalSection
++ GlobalSection(ProjectConfiguration) = postSolution
++ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.ActiveCfg = Debug|Win32
++ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Debug.Build.0 = Debug|Win32
++ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.ActiveCfg = Release|Win32
++ {7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}.Release.Build.0 = Release|Win32
++ EndGlobalSection
++ GlobalSection(ExtensibilityGlobals) = postSolution
++ EndGlobalSection
++ GlobalSection(ExtensibilityAddIns) = postSolution
++ EndGlobalSection
++EndGlobal
+diff -ruNp srtp/srtp7.vcproj srtp.cvs/srtp7.vcproj
+--- srtp/srtp7.vcproj 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/srtp7.vcproj 2006-07-13 00:22:08.000000000 +0200
+@@ -0,0 +1,298 @@
++<?xml version="1.0" encoding="Windows-1252"?>
++<VisualStudioProject
++ ProjectType="Visual C++"
++ Version="7.10"
++ Name="libSRTP"
++ ProjectGUID="{7E1E1308-F82E-4DD3-B25C-CD12756A1DD9}"
++ Keyword="Win32Proj">
++ <Platforms>
++ <Platform
++ Name="Win32"/>
++ </Platforms>
++ <Configurations>
++ <Configuration
++ Name="Debug|Win32"
++ OutputDirectory="Debug"
++ IntermediateDirectory="Debug"
++ ConfigurationType="1"
++ CharacterSet="2">
++ <Tool
++ Name="VCCLCompilerTool"
++ Optimization="0"
++ InlineFunctionExpansion="0"
++ AdditionalIncludeDirectories="C:\dev\foo\srtp;"$(SolutionDir)";.\include;.\crypto\include;"..\..\OpenSSL\openssl-0.9.7i\inc32";"C:Library\OpenSSL\openssl-0.9.8\inc32""
++ PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;DEBUG"
++ ExceptionHandling="FALSE"
++ BasicRuntimeChecks="0"
++ RuntimeLibrary="1"
++ UsePrecompiledHeader="0"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="TRUE"
++ DebugInformationFormat="4"
++ CompileAs="1"/>
++ <Tool
++ Name="VCCustomBuildTool"/>
++ <Tool
++ Name="VCLinkerTool"
++ AdditionalDependencies="Ws2_32.lib libeay32.lib ssleay32.lib"
++ AdditionalLibraryDirectories=""Library\OpenSSL\openssl-0.9.8\libs""
++ GenerateDebugInformation="TRUE"/>
++ <Tool
++ Name="VCMIDLTool"/>
++ <Tool
++ Name="VCPostBuildEventTool"/>
++ <Tool
++ Name="VCPreBuildEventTool"/>
++ <Tool
++ Name="VCPreLinkEventTool"/>
++ <Tool
++ Name="VCResourceCompilerTool"/>
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"/>
++ <Tool
++ Name="VCXMLDataGeneratorTool"/>
++ <Tool
++ Name="VCWebDeploymentTool"/>
++ <Tool
++ Name="VCManagedWrapperGeneratorTool"/>
++ <Tool
++ Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
++ </Configuration>
++ <Configuration
++ Name="Release|Win32"
++ OutputDirectory="Release"
++ IntermediateDirectory="Release"
++ ConfigurationType="4"
++ CharacterSet="2">
++ <Tool
++ Name="VCCLCompilerTool"
++ AdditionalIncludeDirectories="".\include";".\crypto\include";"..\..\OpenSSL\openssl-0.9.7i\inc32""
++ PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
++ BasicRuntimeChecks="0"
++ RuntimeLibrary="0"
++ UsePrecompiledHeader="0"
++ ObjectFile="$(IntDir)/"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="TRUE"
++ DebugInformationFormat="3"/>
++ <Tool
++ Name="VCCustomBuildTool"/>
++ <Tool
++ Name="VCLibrarianTool"/>
++ <Tool
++ Name="VCMIDLTool"/>
++ <Tool
++ Name="VCPostBuildEventTool"/>
++ <Tool
++ Name="VCPreBuildEventTool"/>
++ <Tool
++ Name="VCPreLinkEventTool"/>
++ <Tool
++ Name="VCResourceCompilerTool"/>
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"/>
++ <Tool
++ Name="VCXMLDataGeneratorTool"/>
++ <Tool
++ Name="VCManagedWrapperGeneratorTool"/>
++ <Tool
++ Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
++ </Configuration>
++ </Configurations>
++ <References>
++ </References>
++ <Files>
++ <Filter
++ Name="Source Files"
++ Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
++ UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
++ <File
++ RelativePath=".\test\getopt.c">
++ </File>
++ <File
++ RelativePath=".\srtp\srtp.c">
++ </File>
++ <File
++ RelativePath=".\test\srtp_driver.c">
++ </File>
++ <Filter
++ Name="Kernel">
++ <File
++ RelativePath=".\crypto\kernel\alloc.c">
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\crypto_kernel.c">
++ </File>
++ <File
++ RelativePath=".\crypto\rng\ctr_prng.c">
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\err.c">
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\key.c">
++ </File>
++ <File
++ RelativePath=".\crypto\rng\prng.c">
++ </File>
++ <File
++ RelativePath=".\crypto\rng\rand_source.c">
++ </File>
++ </Filter>
++ <Filter
++ Name="Ciphers">
++ <File
++ RelativePath=".\crypto\cipher\aes.c">
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\aes_cbc.c">
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\aes_icm.c">
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\cipher.c">
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\null_cipher.c">
++ </File>
++ </Filter>
++ <Filter
++ Name="Hashes">
++ <File
++ RelativePath=".\crypto\hash\auth.c">
++ </File>
++ <File
++ RelativePath=".\crypto\hash\hmac.c">
++ </File>
++ <File
++ RelativePath=".\crypto\hash\null_auth.c">
++ </File>
++ <File
++ RelativePath=".\crypto\hash\sha1.c">
++ </File>
++ </Filter>
++ <Filter
++ Name="Replay">
++ <File
++ RelativePath=".\crypto\replay\rdb.c">
++ </File>
++ <File
++ RelativePath=".\crypto\replay\rdbx.c">
++ </File>
++ <File
++ RelativePath=".\crypto\replay\ut_sim.c">
++ </File>
++ </Filter>
++ <Filter
++ Name="Math">
++ <File
++ RelativePath=".\crypto\math\datatypes.c">
++ </File>
++ <File
++ RelativePath=".\crypto\math\stat.c">
++ </File>
++ </Filter>
++ </Filter>
++ <Filter
++ Name="Header Files"
++ Filter="h;hpp;hxx;hm;inl;inc;xsd"
++ UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
++ <File
++ RelativePath=".\crypto\include\aes.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\aes_cbc.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\aes_icm.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\alloc.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\auth.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\cipher.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\config.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_kernel.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_math.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_types.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\cryptoalg.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\datatypes.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\err.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\gf2_8.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\hmac.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\integers.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\kernel_compat.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\key.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\null_auth.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\null_cipher.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\prng.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\rand_source.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\rdb.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\rdbx.h">
++ </File>
++ <File
++ RelativePath=".\include\rtp.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\sha1.h">
++ </File>
++ <File
++ RelativePath=".\include\srtp.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\stat.h">
++ </File>
++ <File
++ RelativePath=".\include\ut_sim.h">
++ </File>
++ <File
++ RelativePath=".\crypto\include\xfm.h">
++ </File>
++ </Filter>
++ </Files>
++ <Globals>
++ </Globals>
++</VisualStudioProject>
+diff -ruNp srtp/srtp.def srtp.cvs/srtp.def
+--- srtp/srtp.def 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/srtp.def 2006-05-22 22:46:21.000000000 +0200
+@@ -0,0 +1,92 @@
++EXPORTS
++srtp_init
++srtp_protect
++srtp_unprotect
++srtp_create
++srtp_add_stream
++srtp_remove_stream
++crypto_policy_set_rtp_default
++crypto_policy_set_rtcp_default
++crypto_policy_set_aes_cm_128_hmac_sha1_32
++crypto_policy_set_aes_cm_128_null_auth
++crypto_policy_set_null_cipher_hmac_sha1_80
++srtp_dealloc
++srtp_get_stream
++srtp_protect_rtcp
++srtp_unprotect_rtcp
++srtp_install_event_handler
++crypto_kernel_init
++crypto_kernel_shutdown
++crypto_kernel_status
++crypto_kernel_list_debug_modules
++crypto_kernel_load_cipher_type
++crypto_kernel_load_auth_type
++crypto_kernel_load_debug_module
++crypto_kernel_alloc_cipher
++crypto_kernel_alloc_auth
++crypto_kernel_set_debug_module
++crypto_get_random
++rand_source_init
++rand_source_get_octet_string
++rand_source_deinit
++x917_prng_init
++x917_prng_get_octet_string
++ctr_prng_init
++ctr_prng_get_octet_string
++cipher_output
++cipher_get_key_length
++cipher_type_self_test
++cipher_bits_per_second
++auth_get_key_length
++auth_get_tag_length
++auth_get_prefix_length
++auth_type_self_test
++auth_type_get_ref_count
++stat_test_monobit
++stat_test_poker
++stat_test_runs
++stat_test_rand_source
++stat_test_rand_source_with_repetition
++err_reporting_init
++err_report
++key_limit_set
++key_limit_clone
++key_limit_check
++key_limit_update
++rdbx_init
++rdbx_estimate_index
++rdbx_check
++rdbx_add_index
++index_init
++index_advance
++index_guess
++octet_get_weight
++octet_string_hex_string
++v128_bit_string
++v128_hex_string
++nibble_to_hex_char
++hex_string_to_octet_string
++v128_copy_octet_string
++v128_left_shift
++v128_right_shift
++octet_string_is_eq
++octet_string_set_to_zero
++rdb_init
++rdb_check
++rdb_add_index
++rdb_increment
++rdb_get_value
++aes_expand_encryption_key
++aes_expand_decryption_key
++aes_encrypt
++aes_decrypt
++aes_icm_context_init
++aes_icm_set_iv
++aes_icm_encrypt
++aes_icm_output
++aes_icm_dealloc
++aes_icm_encrypt_ismacryp
++aes_icm_alloc_ismacryp
++crypto_alloc
++crypto_free
++\ No newline at end of file
+\ Intet linjeskift ved filafslutning
+diff -ruNp srtp/srtp.vcproj srtp.cvs/srtp.vcproj
+--- srtp/srtp.vcproj 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/srtp.vcproj 2006-05-22 22:46:21.000000000 +0200
+@@ -0,0 +1,588 @@
++<?xml version="1.0" encoding="Windows-1252"?>
++<VisualStudioProject
++ ProjectType="Visual C++"
++ Version="8.00"
++ Name="srtp"
++ ProjectGUID="{EEF031CB-FED8-451E-A471-91EC8D4F6750}"
++ RootNamespace="srtp"
++ Keyword="Win32Proj"
++ >
++ <Platforms>
++ <Platform
++ Name="Win32"
++ />
++ </Platforms>
++ <ToolFiles>
++ </ToolFiles>
++ <Configurations>
++ <Configuration
++ Name="Debug|Win32"
++ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
++ IntermediateDirectory="$(ConfigurationName)"
++ ConfigurationType="4"
++ CharacterSet="1"
++ >
++ <Tool
++ Name="VCPreBuildEventTool"
++ Description="Creating config.h from config.hw"
++ CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
++ />
++ <Tool
++ Name="VCCustomBuildTool"
++ Description=""
++ CommandLine=""
++ Outputs=""
++ />
++ <Tool
++ Name="VCXMLDataGeneratorTool"
++ />
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"
++ />
++ <Tool
++ Name="VCMIDLTool"
++ />
++ <Tool
++ Name="VCCLCompilerTool"
++ Optimization="0"
++ AdditionalIncludeDirectories="crypto/include;include"
++ PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
++ MinimalRebuild="true"
++ BasicRuntimeChecks="3"
++ RuntimeLibrary="3"
++ StructMemberAlignment="0"
++ UsePrecompiledHeader="0"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="true"
++ DebugInformationFormat="4"
++ />
++ <Tool
++ Name="VCManagedResourceCompilerTool"
++ />
++ <Tool
++ Name="VCResourceCompilerTool"
++ />
++ <Tool
++ Name="VCPreLinkEventTool"
++ />
++ <Tool
++ Name="VCLibrarianTool"
++ />
++ <Tool
++ Name="VCALinkTool"
++ />
++ <Tool
++ Name="VCXDCMakeTool"
++ />
++ <Tool
++ Name="VCBscMakeTool"
++ />
++ <Tool
++ Name="VCFxCopTool"
++ />
++ <Tool
++ Name="VCPostBuildEventTool"
++ />
++ </Configuration>
++ <Configuration
++ Name="Release|Win32"
++ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
++ IntermediateDirectory="$(ConfigurationName)"
++ ConfigurationType="4"
++ CharacterSet="1"
++ WholeProgramOptimization="1"
++ >
++ <Tool
++ Name="VCPreBuildEventTool"
++ Description="Creating config.h from config.hw"
++ CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
++ />
++ <Tool
++ Name="VCCustomBuildTool"
++ Description=""
++ CommandLine=""
++ Outputs=""
++ />
++ <Tool
++ Name="VCXMLDataGeneratorTool"
++ />
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"
++ />
++ <Tool
++ Name="VCMIDLTool"
++ />
++ <Tool
++ Name="VCCLCompilerTool"
++ AdditionalIncludeDirectories="crypto/include;include"
++ PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
++ RuntimeLibrary="2"
++ StructMemberAlignment="0"
++ UsePrecompiledHeader="0"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="true"
++ DebugInformationFormat="3"
++ />
++ <Tool
++ Name="VCManagedResourceCompilerTool"
++ />
++ <Tool
++ Name="VCResourceCompilerTool"
++ />
++ <Tool
++ Name="VCPreLinkEventTool"
++ />
++ <Tool
++ Name="VCLibrarianTool"
++ />
++ <Tool
++ Name="VCALinkTool"
++ />
++ <Tool
++ Name="VCXDCMakeTool"
++ />
++ <Tool
++ Name="VCBscMakeTool"
++ />
++ <Tool
++ Name="VCFxCopTool"
++ />
++ <Tool
++ Name="VCPostBuildEventTool"
++ />
++ </Configuration>
++ <Configuration
++ Name="Debug Dll|Win32"
++ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
++ IntermediateDirectory="$(ConfigurationName)"
++ ConfigurationType="2"
++ CharacterSet="1"
++ >
++ <Tool
++ Name="VCPreBuildEventTool"
++ Description="Creating config.h from config.hw"
++ CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
++ />
++ <Tool
++ Name="VCCustomBuildTool"
++ Description=""
++ CommandLine=""
++ Outputs=""
++ />
++ <Tool
++ Name="VCXMLDataGeneratorTool"
++ />
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"
++ />
++ <Tool
++ Name="VCMIDLTool"
++ />
++ <Tool
++ Name="VCCLCompilerTool"
++ Optimization="0"
++ EnableIntrinsicFunctions="true"
++ AdditionalIncludeDirectories="crypto/include;include"
++ PreprocessorDefinitions="WIN32;_DEBUG;_LIB;HAVE_CONFIG_H"
++ MinimalRebuild="true"
++ BasicRuntimeChecks="3"
++ RuntimeLibrary="3"
++ StructMemberAlignment="0"
++ UsePrecompiledHeader="0"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="true"
++ DebugInformationFormat="4"
++ />
++ <Tool
++ Name="VCManagedResourceCompilerTool"
++ />
++ <Tool
++ Name="VCResourceCompilerTool"
++ />
++ <Tool
++ Name="VCPreLinkEventTool"
++ />
++ <Tool
++ Name="VCLinkerTool"
++ AdditionalDependencies="Ws2_32.lib"
++ ModuleDefinitionFile="srtp.def"
++ OptimizeReferences="1"
++ EnableCOMDATFolding="1"
++ OptimizeForWindows98="1"
++ LinkTimeCodeGeneration="0"
++ />
++ <Tool
++ Name="VCALinkTool"
++ />
++ <Tool
++ Name="VCManifestTool"
++ />
++ <Tool
++ Name="VCXDCMakeTool"
++ />
++ <Tool
++ Name="VCBscMakeTool"
++ />
++ <Tool
++ Name="VCFxCopTool"
++ />
++ <Tool
++ Name="VCAppVerifierTool"
++ />
++ <Tool
++ Name="VCWebDeploymentTool"
++ />
++ <Tool
++ Name="VCPostBuildEventTool"
++ />
++ </Configuration>
++ <Configuration
++ Name="Release Dll|Win32"
++ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
++ IntermediateDirectory="$(ConfigurationName)"
++ ConfigurationType="2"
++ CharacterSet="1"
++ WholeProgramOptimization="1"
++ >
++ <Tool
++ Name="VCPreBuildEventTool"
++ Description="Creating config.h from config.hw"
++ CommandLine="copy /Y "$(InputDir)config.hw" "$(InputDir)crypto\include\config.h" > NUL"
++ />
++ <Tool
++ Name="VCCustomBuildTool"
++ Description=""
++ CommandLine=""
++ Outputs=""
++ />
++ <Tool
++ Name="VCXMLDataGeneratorTool"
++ />
++ <Tool
++ Name="VCWebServiceProxyGeneratorTool"
++ />
++ <Tool
++ Name="VCMIDLTool"
++ />
++ <Tool
++ Name="VCCLCompilerTool"
++ AdditionalIncludeDirectories="crypto/include;include"
++ PreprocessorDefinitions="WIN32;NDEBUG;_LIB;HAVE_CONFIG_H"
++ RuntimeLibrary="2"
++ StructMemberAlignment="0"
++ UsePrecompiledHeader="0"
++ WarningLevel="3"
++ Detect64BitPortabilityProblems="true"
++ DebugInformationFormat="3"
++ />
++ <Tool
++ Name="VCManagedResourceCompilerTool"
++ />
++ <Tool
++ Name="VCResourceCompilerTool"
++ />
++ <Tool
++ Name="VCPreLinkEventTool"
++ />
++ <Tool
++ Name="VCLinkerTool"
++ AdditionalDependencies="Ws2_32.lib"
++ ModuleDefinitionFile="srtp.def"
++ />
++ <Tool
++ Name="VCALinkTool"
++ />
++ <Tool
++ Name="VCManifestTool"
++ />
++ <Tool
++ Name="VCXDCMakeTool"
++ />
++ <Tool
++ Name="VCBscMakeTool"
++ />
++ <Tool
++ Name="VCFxCopTool"
++ />
++ <Tool
++ Name="VCAppVerifierTool"
++ />
++ <Tool
++ Name="VCWebDeploymentTool"
++ />
++ <Tool
++ Name="VCPostBuildEventTool"
++ />
++ </Configuration>
++ </Configurations>
++ <References>
++ </References>
++ <Files>
++ <Filter
++ Name="Source Files"
++ Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
++ UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
++ >
++ <File
++ RelativePath=".\srtp\srtp.c"
++ >
++ </File>
++ <Filter
++ Name="Kernel"
++ >
++ <File
++ RelativePath=".\crypto\kernel\alloc.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\crypto_kernel.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\rng\ctr_prng.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\err.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\kernel\key.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\rng\prng.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\rng\rand_source.c"
++ >
++ </File>
++ </Filter>
++ <Filter
++ Name="Ciphers"
++ >
++ <File
++ RelativePath=".\crypto\cipher\aes.c"
++ >
++ <FileConfiguration
++ Name="Debug Dll|Win32"
++ >
++ <Tool
++ Name="VCCLCompilerTool"
++ InlineFunctionExpansion="0"
++ EnableIntrinsicFunctions="false"
++ EnableFunctionLevelLinking="false"
++ />
++ </FileConfiguration>
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\aes_cbc.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\aes_icm.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\cipher.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\cipher\null_cipher.c"
++ >
++ </File>
++ </Filter>
++ <Filter
++ Name="Hashes"
++ >
++ <File
++ RelativePath=".\crypto\hash\auth.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\hash\hmac.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\hash\null_auth.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\hash\sha1.c"
++ >
++ </File>
++ </Filter>
++ <Filter
++ Name="Replay"
++ >
++ <File
++ RelativePath=".\crypto\replay\rdb.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\replay\rdbx.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\replay\ut_sim.c"
++ >
++ </File>
++ </Filter>
++ <Filter
++ Name="Math"
++ >
++ <File
++ RelativePath=".\crypto\math\datatypes.c"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\math\stat.c"
++ >
++ </File>
++ </Filter>
++ </Filter>
++ <Filter
++ Name="Header Files"
++ Filter="h;hpp;hxx;hm;inl;inc;xsd"
++ UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
++ >
++ <File
++ RelativePath=".\crypto\include\aes.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\aes_cbc.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\aes_icm.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\alloc.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\auth.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\cipher.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\config.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_kernel.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_math.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\crypto_types.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\cryptoalg.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\datatypes.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\err.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\gf2_8.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\hmac.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\integers.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\kernel_compat.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\key.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\null_auth.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\null_cipher.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\prng.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\rand_source.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\rdb.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\rdbx.h"
++ >
++ </File>
++ <File
++ RelativePath=".\include\rtp.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\sha1.h"
++ >
++ </File>
++ <File
++ RelativePath=".\include\srtp.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\stat.h"
++ >
++ </File>
++ <File
++ RelativePath=".\include\ut_sim.h"
++ >
++ </File>
++ <File
++ RelativePath=".\crypto\include\xfm.h"
++ >
++ </File>
++ </Filter>
++ <Filter
++ Name="Resource Files"
++ Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
++ UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
++ >
++ </Filter>
++ <File
++ RelativePath=".\srtp.def"
++ >
++ </File>
++ </Files>
++ <Globals>
++ </Globals>
++</VisualStudioProject>
+diff -ruNp srtp/tables/aes_tables.c srtp.cvs/tables/aes_tables.c
+--- srtp/tables/aes_tables.c 2005-10-08 18:38:06.000000000 +0200
++++ srtp.cvs/tables/aes_tables.c 2006-06-08 19:00:29.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright(c) 2001-2005 Cisco Systems, Inc.
++ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/test/dtls_srtp_driver.c srtp.cvs/test/dtls_srtp_driver.c
+--- srtp/test/dtls_srtp_driver.c 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/test/dtls_srtp_driver.c 2006-07-17 22:41:22.000000000 +0200
+@@ -0,0 +1,245 @@
++/*
++ * dtls_srtp_driver.c
++ *
++ * test driver for DTLS-SRTP functions
++ *
++ * David McGrew
++ * Cisco Systems, Inc.
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++#include <stdio.h> /* for printf() */
++#include "getopt_s.h" /* for local getopt() */
++#include "srtp_priv.h"
++
++err_status_t
++test_dtls_srtp();
++
++srtp_hdr_t *
++srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc);
++
++void
++usage(char *prog_name) {
++ printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
++ " -d <mod> turn on debugging module <mod>\n"
++ " -l list debugging modules\n", prog_name);
++ exit(1);
++}
++
++int
++main(int argc, char *argv[]) {
++ unsigned do_list_mods = 0;
++ char q;
++ err_status_t err;
++
++ printf("dtls_srtp_driver\n");
++
++ /* initialize srtp library */
++ err = srtp_init();
++ if (err) {
++ printf("error: srtp init failed with error code %d\n", err);
++ exit(1);
++ }
++
++ /* process input arguments */
++ while (1) {
++ q = getopt_s(argc, argv, "ld:");
++ if (q == -1)
++ break;
++ switch (q) {
++ case 'l':
++ do_list_mods = 1;
++ break;
++ case 'd':
++ err = crypto_kernel_set_debug_module(optarg_s, 1);
++ if (err) {
++ printf("error: set debug module (%s) failed\n", optarg_s);
++ exit(1);
++ }
++ break;
++ default:
++ usage(argv[0]);
++ }
++ }
++
++ if (do_list_mods) {
++ err = crypto_kernel_list_debug_modules();
++ if (err) {
++ printf("error: list of debug modules failed\n");
++ exit(1);
++ }
++ }
++
++ printf("testing dtls_srtp...");
++ err = test_dtls_srtp();
++ if (err) {
++ printf("\nerror (code %d)\n", err);
++ exit(1);
++ }
++ printf("passed\n");
++
++ return 0;
++}
++
++
++err_status_t
++test_dtls_srtp() {
++ srtp_hdr_t *test_packet;
++ int test_packet_len = 80;
++ srtp_t s;
++ srtp_policy_t policy;
++ uint8_t key[SRTP_MAX_KEY_LEN];
++ uint8_t salt[SRTP_MAX_KEY_LEN];
++ unsigned int key_len, salt_len;
++ srtp_profile_t profile;
++ err_status_t err;
++
++ /* create a 'null' SRTP session */
++ err = srtp_create(&s, NULL);
++ if (err)
++ return err;
++
++ /*
++ * verify that packet-processing functions behave properly - we
++ * expect that these functions will return err_status_no_ctx
++ */
++ test_packet = srtp_create_test_packet(80, 0xa5a5a5a5);
++ if (test_packet == NULL)
++ return err_status_alloc_fail;
++ err = srtp_protect(s, test_packet, &test_packet_len);
++ if (err != err_status_no_ctx) {
++ printf("wrong return value from srtp_protect() (got code %d)\n",
++ err);
++ return err_status_fail;
++ }
++ err = srtp_unprotect(s, test_packet, &test_packet_len);
++ if (err != err_status_no_ctx) {
++ printf("wrong return value from srtp_unprotect() (got code %d)\n",
++ err);
++ return err_status_fail;
++ }
++ err = srtp_protect_rtcp(s, test_packet, &test_packet_len);
++ if (err != err_status_no_ctx) {
++ printf("wrong return value from srtp_protect_rtcp() (got code %d)\n",
++ err);
++ return err_status_fail;
++ }
++ err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len);
++ if (err != err_status_no_ctx) {
++ printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n",
++ err);
++ return err_status_fail;
++ }
++
++
++ /*
++ * set keys to known values for testing
++ */
++ profile = srtp_profile_aes128_cm_sha1_80;
++ key_len = srtp_profile_get_master_key_length(profile);
++ salt_len = srtp_profile_get_master_salt_length(profile);
++ memset(key, 0xff, key_len);
++ memset(salt, 0xee, salt_len);
++ append_salt_to_key(key, key_len, salt, salt_len);
++ policy.key = key;
++
++ /* initialize SRTP policy from profile */
++ err = crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile);
++ if (err) return err;
++ err = crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
++ if (err) return err;
++ policy.ssrc.type = ssrc_any_inbound;
++ policy.next = NULL;
++
++ err = srtp_add_stream(s, &policy);
++ if (err)
++ return err;
++
++ return err_status_ok;
++}
++
++
++
++/*
++ * srtp_create_test_packet(len, ssrc) returns a pointer to a
++ * (malloced) example RTP packet whose data field has the length given
++ * by pkt_octet_len and the SSRC value ssrc. The total length of the
++ * packet is twelve octets longer, since the header is at the
++ * beginning. There is room at the end of the packet for a trailer,
++ * and the four octets following the packet are filled with 0xff
++ * values to enable testing for overwrites.
++ *
++ * note that the location of the test packet can (and should) be
++ * deallocated with the free() call once it is no longer needed.
++ */
++
++srtp_hdr_t *
++srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) {
++ int i;
++ uint8_t *buffer;
++ srtp_hdr_t *hdr;
++ int bytes_in_hdr = 12;
++
++ /* allocate memory for test packet */
++ hdr = malloc(pkt_octet_len + bytes_in_hdr
++ + SRTP_MAX_TRAILER_LEN + 4);
++ if (!hdr)
++ return NULL;
++
++ hdr->version = 2; /* RTP version two */
++ hdr->p = 0; /* no padding needed */
++ hdr->x = 0; /* no header extension */
++ hdr->cc = 0; /* no CSRCs */
++ hdr->m = 0; /* marker bit */
++ hdr->pt = 0xf; /* payload type */
++ hdr->seq = htons(0x1234); /* sequence number */
++ hdr->ts = htonl(0xdecafbad); /* timestamp */
++ hdr->ssrc = htonl(ssrc); /* synch. source */
++
++ buffer = (uint8_t *)hdr;
++ buffer += bytes_in_hdr;
++
++ /* set RTP data to 0xab */
++ for (i=0; i < pkt_octet_len; i++)
++ *buffer++ = 0xab;
++
++ /* set post-data value to 0xffff to enable overrun checking */
++ for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
++ *buffer++ = 0xff;
++
++ return hdr;
++}
+diff -ruNp srtp/test/getopt_s.c srtp.cvs/test/getopt_s.c
+--- srtp/test/getopt_s.c 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/test/getopt_s.c 2006-07-17 22:41:22.000000000 +0200
+@@ -0,0 +1,112 @@
++/*
++ * getopt.c
++ *
++ * a minimal implementation of the getopt() function, written so that
++ * test applications that use that function can run on non-POSIX
++ * platforms
++ *
++ */
++/*
++ *
++ * Copyright (c) 2001-2006 Cisco Systems, Inc.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * Redistributions in binary form must reproduce the above
++ * copyright notice, this list of conditions and the following
++ * disclaimer in the documentation and/or other materials provided
++ * with the distribution.
++ *
++ * Neither the name of the Cisco Systems, Inc. nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
++ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
++ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++#include <stdlib.h> /* for NULL */
++
++int optind_s = 0;
++
++char *optarg_s;
++
++#define GETOPT_FOUND_WITHOUT_ARGUMENT 2
++#define GETOPT_FOUND_WITH_ARGUMENT 1
++#define GETOPT_NOT_FOUND 0
++
++static int
++getopt_check_character(char c, const char *string) {
++ unsigned int max_string_len = 128;
++
++ while (*string != 0) {
++ if (max_string_len == 0) {
++ return '?';
++ }
++ if (*string++ == c) {
++ if (*string == ':') {
++ return GETOPT_FOUND_WITH_ARGUMENT;
++ } else {
++ return GETOPT_FOUND_WITHOUT_ARGUMENT;
++ }
++ }
++ }
++ return GETOPT_NOT_FOUND;
++}
++
++int
++getopt_s(int argc,
++ char * const argv[],
++ const char *optstring) {
++
++
++ while (optind_s + 1 < argc) {
++ char *string;
++
++ /* move 'string' on to next argument */
++ optind_s++;
++ string = argv[optind_s];
++
++ if (string == NULL)
++ return '?'; /* NULL argument string */
++
++ if (string[0] != '-')
++ return -1; /* found an unexpected character */
++
++ switch(getopt_check_character(string[1], optstring)) {
++ case GETOPT_FOUND_WITH_ARGUMENT:
++ if (optind_s + 1 < argc) {
++ optind_s++;
++ optarg_s = argv[optind_s];
++ return string[1];
++ } else {
++ return '?'; /* argument missing */
++ }
++ case GETOPT_FOUND_WITHOUT_ARGUMENT:
++ return string[1];
++ case GETOPT_NOT_FOUND:
++ default:
++ return '?'; /* didn't find expected character */
++ break;
++ }
++ }
++
++ return -1;
++}
+diff -ruNp srtp/test/rdbx_driver.c srtp.cvs/test/rdbx_driver.c
+--- srtp/test/rdbx_driver.c 2005-10-02 22:46:24.000000000 +0200
++++ srtp.cvs/test/rdbx_driver.c 2006-07-22 00:53:04.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -43,8 +43,8 @@
+ *
+ */
+
+-#include <stdio.h> /* for printf() */
+-#include <unistd.h> /* for getopt() */
++#include <stdio.h> /* for printf() */
++#include "getopt_s.h" /* for local getopt() */
+
+ #include "rdbx.h"
+
+@@ -76,7 +76,7 @@ main (int argc, char *argv[]) {
+
+ /* process input arguments */
+ while (1) {
+- q = getopt(argc, argv, "tv");
++ q = getopt_s(argc, argv, "tv");
+ if (q == -1)
+ break;
+ switch (q) {
+diff -ruNp srtp/test/replay_driver.c srtp.cvs/test/replay_driver.c
+--- srtp/test/replay_driver.c 2006-05-03 21:38:38.000000000 +0200
++++ srtp.cvs/test/replay_driver.c 2006-06-08 19:00:30.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/test/roc_driver.c srtp.cvs/test/roc_driver.c
+--- srtp/test/roc_driver.c 2005-09-29 14:48:42.000000000 +0200
++++ srtp.cvs/test/roc_driver.c 2006-06-08 19:00:30.000000000 +0200
+@@ -9,7 +9,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff -ruNp srtp/test/rtp.c srtp.cvs/test/rtp.c
+--- srtp/test/rtp.c 2005-10-06 16:28:00.000000000 +0200
++++ srtp.cvs/test/rtp.c 2006-07-22 00:53:04.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+
+
+-#include "rtp.h"
++#include "rtp_priv.h"
+
+ #include <stdio.h>
+ #include <string.h>
+@@ -21,11 +21,11 @@
+ #define PRINT_DEBUG 0 /* set to 1 to print out debugging data */
+ #define VERBOSE_DEBUG 0 /* set to 1 to print out more data */
+
+-ssize_t
+-rtp_sendto(rtp_sender_t *sender, const void* msg, int len) {
++unsigned int
++rtp_sendto(rtp_sender_t sender, const void* msg, int len) {
+ int octets_sent;
+ err_status_t stat;
+- int pkt_len = len + rtp_header_len;
++ int pkt_len = len + RTP_HEADER_LEN;
+
+ /* marshal data */
+ strncpy(sender->message.body, msg, len);
+@@ -61,8 +61,8 @@ rtp_sendto(rtp_sender_t *sender, const v
+ return octets_sent;
+ }
+
+-ssize_t
+-rtp_recvfrom(rtp_receiver_t *receiver, void *msg, int *len) {
++unsigned int
++rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len) {
+ int octets_recvd;
+ err_status_t stat;
+
+@@ -99,10 +99,10 @@ rtp_recvfrom(rtp_receiver_t *receiver, v
+ }
+
+ int
+-rtp_sender_init(rtp_sender_t *sender,
++rtp_sender_init(rtp_sender_t sender,
+ int socket,
+ struct sockaddr_in addr,
+- uint32_t ssrc) {
++ unsigned int ssrc) {
+
+ /* set header values */
+ sender->message.header.ssrc = htonl(ssrc);
+@@ -123,10 +123,10 @@ rtp_sender_init(rtp_sender_t *sender,
+ }
+
+ int
+-rtp_receiver_init(rtp_receiver_t *rcvr,
++rtp_receiver_init(rtp_receiver_t rcvr,
+ int socket,
+ struct sockaddr_in addr,
+- uint32_t ssrc) {
++ unsigned int ssrc) {
+
+ /* set header values */
+ rcvr->message.header.ssrc = htonl(ssrc);
+@@ -146,5 +146,22 @@ rtp_receiver_init(rtp_receiver_t *rcvr,
+ return 0;
+ }
+
++int
++rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) {
++ return srtp_create(&sender->srtp_ctx, policy);
++}
+
++int
++rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) {
++ return srtp_create(&sender->srtp_ctx, policy);
++}
+
++rtp_sender_t
++rtp_sender_alloc() {
++ return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t));
++}
++
++rtp_receiver_t
++rtp_receiver_alloc() {
++ return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t));
++}
+diff -ruNp srtp/test/rtpw.c srtp.cvs/test/rtpw.c
+--- srtp/test/rtpw.c 2006-01-12 18:56:02.000000000 +0100
++++ srtp.cvs/test/rtpw.c 2006-07-22 00:53:04.000000000 +0200
+@@ -16,7 +16,7 @@
+
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -52,11 +52,13 @@
+
+
+ #include "datatypes.h"
++#include "getopt_s.h" /* for local getopt() */
+
+ #include <stdio.h> /* for printf, fprintf */
+ #include <stdlib.h> /* for atoi() */
+ #include <errno.h>
+ #include <unistd.h> /* for close() */
++
+ #include <string.h> /* for strncpy() */
+ #include <time.h> /* for usleep() */
+ #ifdef HAVE_SYS_SOCKET_H
+@@ -165,13 +167,13 @@ main (int argc, char *argv[]) {
+
+ /* check args */
+ while (1) {
+- c = getopt(argc, argv, "k:rsaeld:");
++ c = getopt_s(argc, argv, "k:rsaeld:");
+ if (c == -1) {
+ break;
+ }
+ switch (c) {
+ case 'k':
+- input_key = optarg;
++ input_key = optarg_s;
+ break;
+ case 'e':
+ sec_servs |= sec_serv_conf;
+@@ -186,9 +188,9 @@ main (int argc, char *argv[]) {
+ prog_type = sender;
+ break;
+ case 'd':
+- status = crypto_kernel_set_debug_module(optarg, 1);
++ status = crypto_kernel_set_debug_module(optarg_s, 1);
+ if (status) {
+- printf("error: set debug module (%s) failed\n", optarg);
++ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+@@ -222,16 +224,16 @@ main (int argc, char *argv[]) {
+ usage(argv[0]);
+ }
+
+- if (argc != optind + 2) {
++ if (argc != optind_s + 2) {
+ /* wrong number of arguments */
+ usage(argv[0]);
+ }
+
+ /* get address from arg */
+- address = argv[optind++];
++ address = argv[optind_s++];
+
+ /* get port from arg */
+- port = atoi(argv[optind++]);
++ port = atoi(argv[optind_s++]);
+
+ /* set address */
+ #ifdef HAVE_INET_ATON
+@@ -399,8 +401,13 @@ main (int argc, char *argv[]) {
+ #endif /* BEW */
+
+ /* initialize sender's rtp and srtp contexts */
+- rtp_sender_init(&snd, sock, name, ssrc);
+- status = srtp_create(&snd.srtp_ctx, &policy);
++ snd = rtp_sender_alloc();
++ if (snd == NULL) {
++ fprintf(stderr, "error: malloc() failed\n");
++ exit(1);
++ }
++ rtp_sender_init(snd, sock, name, ssrc);
++ status = rtp_sender_init_srtp(snd, &policy);
+ if (status) {
+ fprintf(stderr,
+ "error: srtp_create() failed with code %d\n",
+@@ -425,7 +432,7 @@ main (int argc, char *argv[]) {
+ if (len > MAX_WORD_LEN)
+ printf("error: word %s too large to send\n", word);
+ else {
+- rtp_sendto(&snd, word, len);
++ rtp_sendto(snd, word, len);
+ printf("sending word: %s", word);
+ }
+ usleep(USEC_RATE);
+@@ -444,8 +451,13 @@ main (int argc, char *argv[]) {
+ exit(1);
+ }
+
+- rtp_receiver_init(&rcvr, sock, name, ssrc);
+- status = srtp_create(&rcvr.srtp_ctx, &policy);
++ rcvr = rtp_receiver_alloc();
++ if (rcvr == NULL) {
++ fprintf(stderr, "error: malloc() failed\n");
++ exit(1);
++ }
++ rtp_receiver_init(rcvr, sock, name, ssrc);
++ status = rtp_receiver_init_srtp(rcvr, &policy);
+ if (status) {
+ fprintf(stderr,
+ "error: srtp_create() failed with code %d\n",
+@@ -456,7 +468,7 @@ main (int argc, char *argv[]) {
+ /* get next word and loop */
+ while (1) {
+ len = MAX_WORD_LEN;
+- if (rtp_recvfrom(&rcvr, word, &len) > -1)
++ if (rtp_recvfrom(rcvr, word, &len) > -1)
+ printf("\tword: %s", word);
+ }
+
+diff -ruNp srtp/test/rtpw_test.sh srtp.cvs/test/rtpw_test.sh
+--- srtp/test/rtpw_test.sh 1970-01-01 01:00:00.000000000 +0100
++++ srtp.cvs/test/rtpw_test.sh 2006-06-13 17:17:57.000000000 +0200
+@@ -0,0 +1,77 @@
++#!/bin/sh
++#
++# usage: rtpw_test <rtpw_commands>
++#
++# tests the rtpw sender and receiver functions
++
++RTPW=rtpw
++DEST_PORT=9999
++DURATION=3
++
++key=2b2edc5034f61a72345ca5986d7bfd0189aa6dc2ecab32fd9af74df6dfc6
++
++ARGS="-k $key -ae"
++
++# First, we run "killall" to get rid of all existing rtpw processes.
++# This step also enables this script to clean up after itself; if this
++# script is interrupted after the rtpw processes are started but before
++# they are killed, those processes will linger. Re-running the script
++# will get rid of them.
++
++killall rtpw 2&>/dev/null
++
++if test -x $RTPW; then
++
++echo $0 ": starting rtpw receiver process... "
++
++$RTPW $* $ARGS -r 0.0.0.0 $DEST_PORT &
++
++receiver_pid=$!
++
++echo $0 ": receiver PID = $receiver_pid"
++
++sleep 1
++
++# verify that the background job is running
++ps | grep -q $receiver_pid
++retval=$?
++echo $retval
++if [ $retval != 0 ]; then
++ echo $0 ": error"
++ exit 254
++fi
++
++echo $0 ": starting rtpw sender process..."
++
++$RTPW $* $ARGS -s 127.0.0.1 $DEST_PORT &
++
++sender_pid=$!
++
++echo $0 ": sender PID = $sender_pid"
++
++# verify that the background job is running
++ps | grep -q $sender_pid
++retval=$?
++echo $retval
++if [ $retval != 0 ]; then
++ echo $0 ": error"
++ exit 255
++fi
++
++sleep $DURATION
++
++kill $receiver_pid
++kill $sender_pid
++
++echo $0 ": done (test passed)"
++
++else
++
++echo "error: can't find executable" $RTPW
++exit 1
++
++fi
++
++# EOF
++
++
+diff -ruNp srtp/test/srtp_driver.c srtp.cvs/test/srtp_driver.c
+--- srtp/test/srtp_driver.c 2006-05-03 21:38:38.000000000 +0200
++++ srtp.cvs/test/srtp_driver.c 2007-06-16 13:32:50.000000000 +0200
+@@ -8,7 +8,7 @@
+ */
+ /*
+ *
+- * Copyright (c) 2001-2005, Cisco Systems, Inc.
++ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -47,9 +47,9 @@
+ #include <time.h> /* for clock() */
+ #include <stdlib.h> /* for malloc(), free() */
+ #include <stdio.h> /* for print(), fflush() */
+-#include <unistd.h> /* for getopt() */
++#include "getopt_s.h" /* for local getopt() */
+
+-#include "srtp.h"
++#include "srtp_priv.h"
+
+ #ifdef HAVE_NETINET_IN_H
+ # include <netinet/in.h>
+@@ -151,7 +151,9 @@ main (int argc, char *argv[]) {
+ * structure srtp_hdr_t correctly
+ */
+ if (sizeof(srtp_hdr_t) != 12) {
+- printf("error: srtp_hdr_t has incorrect size\n");
++ printf("error: srtp_hdr_t has incorrect size"
++ "(size is %ld bytes, expected 12)\n",
++ sizeof(srtp_hdr_t));
+ exit(1);
+ }
+
+@@ -172,7 +174,7 @@ main (int argc, char *argv[]) {
+
+ /* process input arguments */
+ while (1) {
+- q = getopt(argc, argv, "trcvld:");
++ q = getopt_s(argc, argv, "trcvld:");
+ if (q == -1)
+ break;
+ switch (q) {
+@@ -192,9 +194,9 @@ main (int argc, char *argv[]) {
+ do_list_mods = 1;
+ break;
+ case 'd':
+- status = crypto_kernel_set_debug_module(optarg, 1);
++ status = crypto_kernel_set_debug_module(optarg_s, 1);
+ if (status) {
+- printf("error: set debug module (%s) failed\n", optarg);
++ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+@@ -343,6 +345,12 @@ main (int argc, char *argv[]) {
+ printf("G.729\t\t%d\t\t\t%e\n", 20,
+ (double) mips * (20 * 8) /
+ srtp_bits_per_second(20, &policy) / .02 );
++ printf("Wideband\t%d\t\t\t%e\n", 320,
++ (double) mips * (320 * 8) /
++ srtp_bits_per_second(320, &policy) / .01 );
++ printf("Wideband\t%d\t\t\t%e\n", 640,
++ (double) mips * (640 * 8) /
++ srtp_bits_per_second(640, &policy) / .02 );
+ }
+
+ return 0;
+@@ -371,7 +379,7 @@ srtp_create_test_packet(int pkt_octet_le
+ int bytes_in_hdr = 12;
+
+ /* allocate memory for test packet */
+- hdr = malloc(pkt_octet_len + bytes_in_hdr
++ hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr
+ + SRTP_MAX_TRAILER_LEN + 4);
+ if (!hdr)
+ return NULL;
+@@ -669,7 +677,7 @@ srtp_test(const srtp_policy_t *policy) {
+ * we always copy the policy into the rcvr_policy, since otherwise
+ * the compiler would fret about the constness of the policy
+ */
+- rcvr_policy = malloc(sizeof(srtp_policy_t));
++ rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (rcvr_policy == NULL)
+ return err_status_alloc_fail;
+ memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
+@@ -868,7 +876,7 @@ srtcp_test(const srtp_policy_t *policy)
+ * we always copy the policy into the rcvr_policy, since otherwise
+ * the compiler would fret about the constness of the policy
+ */
+- rcvr_policy = malloc(sizeof(srtp_policy_t));
++ rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (rcvr_policy == NULL)
+ return err_status_alloc_fail;
+ memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
+@@ -1226,7 +1234,7 @@ srtp_create_big_policy(srtp_policy_t **l
+ */
+ tmp = NULL;
+ while (policy_array[i] != NULL) {
+- p = malloc(sizeof(srtp_policy_t));
++ p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t));
+ if (p == NULL)
+ return err_status_bad_param;
+ memcpy(p, policy_array[i], sizeof(srtp_policy_t));
+@@ -1319,6 +1327,7 @@ const srtp_policy_t default_policy = {
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1341,6 +1350,7 @@ const srtp_policy_t aes_tmmh_policy = {
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1363,6 +1373,7 @@ const srtp_policy_t tmmh_only_policy = {
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1385,6 +1396,7 @@ const srtp_policy_t aes_only_policy = {
+ sec_serv_conf /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1407,6 +1419,7 @@ const srtp_policy_t hmac_only_policy = {
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1429,6 +1442,44 @@ const srtp_policy_t null_policy = {
+ sec_serv_none /* security services flag */
+ },
+ test_key,
++ NULL, /* indicates that EKT is not in use */
++ NULL
++};
++
++uint8_t ekt_test_key[16] = {
++ 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca,
++ 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b
++};
++
++#include "ekt.h"
++
++ekt_policy_ctx_t ekt_test_policy = {
++ 0xa5a5, /* SPI */
++ EKT_CIPHER_AES_128_ECB,
++ ekt_test_key,
++ NULL
++};
++
++const srtp_policy_t hmac_only_with_ekt_policy = {
++ { ssrc_any_outbound, 0 }, /* SSRC */
++ {
++ NULL_CIPHER, /* cipher type */
++ 0, /* cipher key length in octets */
++ HMAC_SHA1, /* authentication func type */
++ 20, /* auth key length in octets */
++ 4, /* auth tag length in octets */
++ sec_serv_auth /* security services flag */
++ },
++ {
++ NULL_CIPHER, /* cipher type */
++ 0, /* cipher key length in octets */
++ HMAC_SHA1, /* authentication func type */
++ 20, /* auth key length in octets */
++ 4, /* auth tag length in octets */
++ sec_serv_auth /* security services flag */
++ },
++ test_key,
++ &ekt_test_policy, /* indicates that EKT is not in use */
+ NULL
+ };
+
+@@ -1457,6 +1508,7 @@ policy_array[] = {
+ #endif
+ &default_policy,
+ &null_policy,
++ &hmac_only_with_ekt_policy,
+ NULL
+ };
+
+diff -ruNp srtp/update.sh srtp.cvs/update.sh
+--- srtp/update.sh 2005-09-22 00:51:38.000000000 +0200
++++ srtp.cvs/update.sh 2006-06-08 19:00:25.000000000 +0200
+@@ -6,7 +6,7 @@
+
+ a=`find . -name "*.[ch]"`
+ for x in $a; do
+- sed 's/(c) 2001-2004/(c) 2001-2005/' $x > $x.tmp;
++ sed 's/(c) 2001-2005/(c) 2001-2006/' $x > $x.tmp;
+ mv $x.tmp $x;
+ done
+
+diff -ruNp srtp/VERSION srtp.cvs/VERSION
+--- srtp/VERSION 2005-09-23 21:34:11.000000000 +0200
++++ srtp.cvs/VERSION 2007-05-17 12:05:49.000000000 +0200
+@@ -1 +1 @@
+-1.4.2
++1.4.4
Modified: srtp/trunk/debian/patches/series
===================================================================
--- srtp/trunk/debian/patches/series 2007-09-02 21:15:00 UTC (rev 4384)
+++ srtp/trunk/debian/patches/series 2007-09-02 22:41:05 UTC (rev 4385)
@@ -1 +1,3 @@
-1001_negative_valued_char_must_be_signed.patch
+0001_cvs20070616.patch
+#1001_negative_valued_char_must_be_signed.patch
+1002_add_explicit_path_in_test_script.patch
Modified: srtp/trunk/debian/rules
===================================================================
--- srtp/trunk/debian/rules 2007-09-02 21:15:00 UTC (rev 4384)
+++ srtp/trunk/debian/rules 2007-09-02 22:41:05 UTC (rev 4385)
@@ -41,8 +41,15 @@
clean::
rm -f doc/*.pdf
+# Make executable a shell script applied by patch 0001.
+post-patches::
+ chmod +x test/rtpw_test.sh
+
# Needed by upstream build
CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), doxygen, texlive-latex-recommended, texlive-fonts-recommended
+# Needed by upstream build tests
+CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), procps, miscfiles
+
# Fix double cdbs build-dependencies
CDBS_BUILD_DEPENDS := $(shell echo '$(CDBS_BUILD_DEPENDS)' | sed -e '/\bcdbs (>= 0.4.39)/ s/ *,* *\bcdbs (>= \(0.4.23-1.1\|0.4.27-1\)) *,* */, /g' -e 's/^ *, *//' -e 's/ *, *$$//')
More information about the Pkg-voip-commits
mailing list