[Pkg-voip-commits] [janus] 02/37: Add patches cherry-picked upstream to fix support libsrtp2. Build-depend on libsrtp2-dev (not recent libsrtp-dev).

Mon Mar 13 19:14:31 UTC 2017

This is an automated email from the git hooks/post-receive script.

js pushed a commit to branch master
in repository janus.

commit 012e98e9c44920415071a8eafdc76c6559737961
Author: Jonas Smedegaard <dr at jones.dk>
Date:   Mon Feb 6 13:45:17 2017 +0100

    Add patches cherry-picked upstream to fix support libsrtp2. Build-depend on libsrtp2-dev (not recent libsrtp-dev).
---
 debian/control                         |   2 +-
 debian/patches/020161215~871c362.patch | 257 +++++++++++++++++++++++++++++++++
 debian/patches/020161215~aa00c95.patch |  17 +++
 debian/patches/series                  |   2 +
 4 files changed, 277 insertions(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 4cecde9..3888f52 100644
--- a/debian/control
+++ b/debian/control
@@ -19,7 +19,7 @@ Build-Depends:
  libnice-dev,
  librabbitmq-dev,
  libsofia-sip-ua-dev,
- libsrtp-dev (>= 1.5),
+ libsrtp2-dev,
  libssl-dev,
  libwebsockets-dev (>> 1.3),
  pkg-config,
diff --git a/debian/patches/020161215~871c362.patch b/debian/patches/020161215~871c362.patch
new file mode 100644
index 0000000..b49d0a3
--- /dev/null
+++ b/debian/patches/020161215~871c362.patch
@@ -0,0 +1,257 @@
+Description: Add support for libsrtp2 to SIP plugin
+Origin: upstream, https://github.com/meetecho/janus-gateway/commit/871c362
+Author: Lorenzo Miniero <lminiero at gmail.com>
+Forwarded: yes
+Bug: https://github.com/meetecho/janus-gateway/issues/709
+Last-Update: 2017-02-05
+
+--- a/plugins/janus_sip.c
++++ b/plugins/janus_sip.c
+@@ -62,9 +62,6 @@
+ #include <sofia-sip/url.h>
+ #include <sofia-sip/tport_tag.h>
+ 
+-#include <srtp/srtp.h>
+-#include <srtp/crypto_kernel.h>
+-
+ #include "../debug.h"
+ #include "../apierror.h"
+ #include "../config.h"
+@@ -75,6 +72,35 @@
+ #include "../sdp-utils.h"
+ #include "../utils.h"
+ 
++#ifdef HAVE_SRTP_2
++#include <srtp2/srtp.h>
++#include <openssl/rand.h>
++#include <openssl/err.h>
++static int srtp_crypto_get_random(uint8_t *key, int len) {
++	/* libsrtp 2.0 doesn't have crypto_get_random, we use OpenSSL's RAND_* to replace it:
++	 * 		https://wiki.openssl.org/index.php/Random_Numbers */
++	int rc = RAND_bytes(key, len);
++	if(rc != 1) {
++		/* Error generating */
++		JANUS_LOG(LOG_ERR, "RAND_bytes failes: %s\n", ERR_reason_error_string(ERR_get_error()));
++		return -1;
++	}
++	return 0;
++}
++#else
++#include <srtp/srtp.h>
++#include <srtp/crypto_kernel.h>
++#define srtp_err_status_t err_status_t
++#define srtp_err_status_ok err_status_ok
++#define srtp_err_status_replay_fail err_status_replay_fail
++#define srtp_err_status_replay_old err_status_replay_old
++#define srtp_crypto_policy_set_rtp_default crypto_policy_set_rtp_default
++#define srtp_crypto_policy_set_rtcp_default crypto_policy_set_rtcp_default
++#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32 crypto_policy_set_aes_cm_128_hmac_sha1_32
++#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80 crypto_policy_set_aes_cm_128_hmac_sha1_80
++#define srtp_crypto_get_random crypto_get_random
++#endif
++
+ 
+ /* Plugin information */
+ #define JANUS_SIP_VERSION			6
+@@ -379,31 +405,31 @@
+ #define SRTP_MASTER_LENGTH (SRTP_MASTER_KEY_LENGTH + SRTP_MASTER_SALT_LENGTH)
+ static const char *janus_sip_srtp_error[] =
+ {
+-	"err_status_ok",
+-	"err_status_fail",
+-	"err_status_bad_param",
+-	"err_status_alloc_fail",
+-	"err_status_dealloc_fail",
+-	"err_status_init_fail",
+-	"err_status_terminus",
+-	"err_status_auth_fail",
+-	"err_status_cipher_fail",
+-	"err_status_replay_fail",
+-	"err_status_replay_old",
+-	"err_status_algo_fail",
+-	"err_status_no_such_op",
+-	"err_status_no_ctx",
+-	"err_status_cant_check",
+-	"err_status_key_expired",
+-	"err_status_socket_err",
+-	"err_status_signal_err",
+-	"err_status_nonce_bad",
+-	"err_status_read_fail",
+-	"err_status_write_fail",
+-	"err_status_parse_err",
+-	"err_status_encode_err",
+-	"err_status_semaphore_err",
+-	"err_status_pfkey_err",
++	"srtp_err_status_ok",
++	"srtp_err_status_fail",
++	"srtp_err_status_bad_param",
++	"srtp_err_status_alloc_fail",
++	"srtp_err_status_dealloc_fail",
++	"srtp_err_status_init_fail",
++	"srtp_err_status_terminus",
++	"srtp_err_status_auth_fail",
++	"srtp_err_status_cipher_fail",
++	"srtp_err_status_replay_fail",
++	"srtp_err_status_replay_old",
++	"srtp_err_status_algo_fail",
++	"srtp_err_status_no_such_op",
++	"srtp_err_status_no_ctx",
++	"srtp_err_status_cant_check",
++	"srtp_err_status_key_expired",
++	"srtp_err_status_socket_err",
++	"srtp_err_status_signal_err",
++	"srtp_err_status_nonce_bad",
++	"srtp_err_status_read_fail",
++	"srtp_err_status_write_fail",
++	"srtp_err_status_parse_err",
++	"srtp_err_status_encode_err",
++	"srtp_err_status_semaphore_err",
++	"srtp_err_status_pfkey_err",
+ };
+ static const gchar *janus_sip_get_srtp_error(int error) {
+ 	if(error < 0 || error > 24)
+@@ -415,17 +441,17 @@
+ 		return -1;
+ 	/* Generate key/salt */
+ 	uint8_t *key = g_malloc0(SRTP_MASTER_LENGTH);
+-	crypto_get_random(key, SRTP_MASTER_LENGTH);
++	srtp_crypto_get_random(key, SRTP_MASTER_LENGTH);
+ 	/* Set SRTP policies */
+ 	srtp_policy_t *policy = video ? &session->media.video_local_policy : &session->media.audio_local_policy;
+-	crypto_policy_set_rtp_default(&(policy->rtp));
+-	crypto_policy_set_rtcp_default(&(policy->rtcp));
++	srtp_crypto_policy_set_rtp_default(&(policy->rtp));
++	srtp_crypto_policy_set_rtcp_default(&(policy->rtcp));
+ 	policy->ssrc.type = ssrc_any_inbound;
+ 	policy->key = key;
+ 	policy->next = NULL;
+ 	/* Create SRTP context */
+-	err_status_t res = srtp_create(video ? &session->media.video_srtp_out : &session->media.audio_srtp_out, policy);
+-	if(res != err_status_ok) {
++	srtp_err_status_t res = srtp_create(video ? &session->media.video_srtp_out : &session->media.audio_srtp_out, policy);
++	if(res != srtp_err_status_ok) {
+ 		/* Something went wrong... */
+ 		JANUS_LOG(LOG_ERR, "Oops, error creating outbound SRTP session: %d (%s)\n", res, janus_sip_get_srtp_error(res));
+ 		g_free(key);
+@@ -452,21 +478,21 @@
+ 	}
+ 	/* Set SRTP policies */
+ 	srtp_policy_t *policy = video ? &session->media.video_remote_policy : &session->media.audio_remote_policy;
+-	crypto_policy_set_rtp_default(&(policy->rtp));
+-	crypto_policy_set_rtcp_default(&(policy->rtcp));
++	srtp_crypto_policy_set_rtp_default(&(policy->rtp));
++	srtp_crypto_policy_set_rtcp_default(&(policy->rtcp));
+ 	if(suite == 32) {
+-		crypto_policy_set_aes_cm_128_hmac_sha1_32(&(policy->rtp));
+-		crypto_policy_set_aes_cm_128_hmac_sha1_32(&(policy->rtcp));
++		srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&(policy->rtp));
++		srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&(policy->rtcp));
+ 	} else if(suite == 80) {
+-		crypto_policy_set_aes_cm_128_hmac_sha1_80(&(policy->rtp));
+-		crypto_policy_set_aes_cm_128_hmac_sha1_80(&(policy->rtcp));
++		srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&(policy->rtp));
++		srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&(policy->rtcp));
+ 	}
+ 	policy->ssrc.type = ssrc_any_inbound;
+ 	policy->key = decoded;
+ 	policy->next = NULL;
+ 	/* Create SRTP context */
+-	err_status_t res = srtp_create(video ? &session->media.video_srtp_in : &session->media.audio_srtp_in, policy);
+-	if(res != err_status_ok) {
++	srtp_err_status_t res = srtp_create(video ? &session->media.video_srtp_in : &session->media.audio_srtp_in, policy);
++	if(res != srtp_err_status_ok) {
+ 		/* Something went wrong... */
+ 		JANUS_LOG(LOG_ERR, "Oops, error creating inbound SRTP session: %d (%s)\n", res, janus_sip_get_srtp_error(res));
+ 		g_free(decoded);
+@@ -772,6 +798,11 @@
+ 	janus_config_destroy(config);
+ 	config = NULL;
+ 
++#ifdef HAVE_SRTP_2
++	/* Init randomizer (for randum numbers in SRTP) */
++	RAND_poll();
++#endif
++
+ 	/* Setup sofia */
+ 	su_init();
+ 
+@@ -1080,7 +1111,7 @@
+ 					memcpy(&sbuf, buf, len);
+ 					int protected = len;
+ 					int res = srtp_protect(session->media.video_srtp_out, &sbuf, &protected);
+-					if(res != err_status_ok) {
++					if(res != srtp_err_status_ok) {
+ 						rtp_header *header = (rtp_header *)&sbuf;
+ 						guint32 timestamp = ntohl(header->timestamp);
+ 						guint16 seq = ntohs(header->seq_number);
+@@ -1114,7 +1145,7 @@
+ 					memcpy(&sbuf, buf, len);
+ 					int protected = len;
+ 					int res = srtp_protect(session->media.audio_srtp_out, &sbuf, &protected);
+-					if(res != err_status_ok) {
++					if(res != srtp_err_status_ok) {
+ 						rtp_header *header = (rtp_header *)&sbuf;
+ 						guint32 timestamp = ntohl(header->timestamp);
+ 						guint16 seq = ntohs(header->seq_number);
+@@ -1157,7 +1188,7 @@
+ 					memcpy(&sbuf, buf, len);
+ 					int protected = len;
+ 					int res = srtp_protect_rtcp(session->media.video_srtp_out, &sbuf, &protected);
+-					if(res != err_status_ok) {
++					if(res != srtp_err_status_ok) {
+ 						JANUS_LOG(LOG_ERR, "[SIP-%s] Video SRTCP protect error... %s (len=%d-->%d)...\n",
+ 							session->account.username, janus_sip_get_srtp_error(res), len, protected);
+ 					} else {
+@@ -1181,7 +1212,7 @@
+ 					memcpy(&sbuf, buf, len);
+ 					int protected = len;
+ 					int res = srtp_protect_rtcp(session->media.audio_srtp_out, &sbuf, &protected);
+-					if(res != err_status_ok) {
++					if(res != srtp_err_status_ok) {
+ 						JANUS_LOG(LOG_ERR, "[SIP-%s] Audio SRTCP protect error... %s (len=%d-->%d)...\n",
+ 							session->account.username, janus_sip_get_srtp_error(res), len, protected);
+ 					} else {
+@@ -3103,8 +3134,8 @@
+ 					/* Is this SRTP? */
+ 					if(session->media.has_srtp_remote) {
+ 						int buflen = bytes;
+-						err_status_t res = srtp_unprotect(session->media.audio_srtp_in, buffer, &buflen);
+-						if(res != err_status_ok && res != err_status_replay_fail && res != err_status_replay_old) {
++						srtp_err_status_t res = srtp_unprotect(session->media.audio_srtp_in, buffer, &buflen);
++						if(res != srtp_err_status_ok && res != srtp_err_status_replay_fail && res != srtp_err_status_replay_old) {
+ 							guint32 timestamp = ntohl(header->timestamp);
+ 							guint16 seq = ntohs(header->seq_number);
+ 							JANUS_LOG(LOG_ERR, "[SIP-%s] Audio SRTP unprotect error: %s (len=%d-->%d, ts=%"SCNu32", seq=%"SCNu16")\n",
+@@ -3153,8 +3184,8 @@
+ 					/* Is this SRTCP? */
+ 					if(session->media.has_srtp_remote) {
+ 						int buflen = bytes;
+-						err_status_t res = srtp_unprotect_rtcp(session->media.audio_srtp_in, buffer, &buflen);
+-						if(res != err_status_ok && res != err_status_replay_fail && res != err_status_replay_old) {
++						srtp_err_status_t res = srtp_unprotect_rtcp(session->media.audio_srtp_in, buffer, &buflen);
++						if(res != srtp_err_status_ok && res != srtp_err_status_replay_fail && res != srtp_err_status_replay_old) {
+ 							JANUS_LOG(LOG_ERR, "[SIP-%s] Audio SRTCP unprotect error: %s (len=%d-->%d)\n",
+ 								session->account.username, janus_sip_get_srtp_error(res), bytes, buflen);
+ 							continue;
+@@ -3180,8 +3211,8 @@
+ 					/* Is this SRTP? */
+ 					if(session->media.has_srtp_remote) {
+ 						int buflen = bytes;
+-						err_status_t res = srtp_unprotect(session->media.video_srtp_in, buffer, &buflen);
+-						if(res != err_status_ok && res != err_status_replay_fail && res != err_status_replay_old) {
++						srtp_err_status_t res = srtp_unprotect(session->media.video_srtp_in, buffer, &buflen);
++						if(res != srtp_err_status_ok && res != srtp_err_status_replay_fail && res != srtp_err_status_replay_old) {
+ 							guint32 timestamp = ntohl(header->timestamp);
+ 							guint16 seq = ntohs(header->seq_number);
+ 							JANUS_LOG(LOG_ERR, "[SIP-%s] Video SRTP unprotect error: %s (len=%d-->%d, ts=%"SCNu32", seq=%"SCNu16")\n",
+@@ -3229,8 +3260,8 @@
+ 					/* Is this SRTCP? */
+ 					if(session->media.has_srtp_remote) {
+ 						int buflen = bytes;
+-						err_status_t res = srtp_unprotect_rtcp(session->media.video_srtp_in, buffer, &buflen);
+-						if(res != err_status_ok && res != err_status_replay_fail && res != err_status_replay_old) {
++						srtp_err_status_t res = srtp_unprotect_rtcp(session->media.video_srtp_in, buffer, &buflen);
++						if(res != srtp_err_status_ok && res != srtp_err_status_replay_fail && res != srtp_err_status_replay_old) {
+ 							JANUS_LOG(LOG_ERR, "[SIP-%s] Video SRTP unprotect error: %s (len=%d-->%d)\n",
+ 								session->account.username, janus_sip_get_srtp_error(res), bytes, buflen);
+ 							continue;
diff --git a/debian/patches/020161215~aa00c95.patch b/debian/patches/020161215~aa00c95.patch
new file mode 100644
index 0000000..d1c2945
--- /dev/null
+++ b/debian/patches/020161215~aa00c95.patch
@@ -0,0 +1,17 @@
+Description: Add support for libsrtp2 to SIP plugin
+Origin: upstream, https://github.com/meetecho/janus-gateway/commit/aa00c95
+Author: Lorenzo Miniero <lminiero at gmail.com>
+Forwarded: yes
+Bug: https://github.com/meetecho/janus-gateway/issues/709
+Last-Update: 2017-02-05
+
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -126,7 +126,6 @@
+ 	$(BORINGSSL_LIBS) \
+ 	$(JANUS_LIBS) \
+ 	$(JANUS_MANUAL_LIBS) \
+-	-lsrtp \
+ 	$(NULL)
+ 
+ BUILT_SOURCES = cmdline.c cmdline.h
diff --git a/debian/patches/series b/debian/patches/series
index cf725dd..f038226 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,5 @@
+020161215~871c362.patch
+020161215~aa00c95.patch
 0001-disable-demos.patch
 0002-fix-typo.patch
 0003-manpages.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/janus.git

