From 08b7e4e534554cc4de09fa1fb081f88de6ab43d2 Mon Sep 17 00:00:00 2001 From: Vicente Olivert Riera Date: Wed, 20 Apr 2016 16:22:47 +0100 Subject: [PATCH] libsrtp: fix SHA1 functions conflicts with downstream packages Our current version of libsrtp is preventing linphone to build causing an error like this one: configure:12952: error: This libsrtp version exports symbols conflicting with other libraries. Please use the one from git://git.linphone.org/srtp.git Backporting an upstream patch to rename the SHA1 functions to avoid conflicts with downstream packages: https://github.com/cisco/libsrtp/commit/c270245a94ae9a007202754eb8f7ce9e48f97007 Fixes: http://autobuild.buildroot.net/results/773/7733ee4472834d26cf6bdd4ca557ac19f97290f8/ Signed-off-by: Vicente Olivert Riera Signed-off-by: Thomas Petazzoni --- ...tions-to-avoid-conflicts-with-downst.patch | 396 ++++++++++++++++++ 1 file changed, 396 insertions(+) create mode 100644 package/libsrtp/0001-Rename-SHA1-functions-to-avoid-conflicts-with-downst.patch diff --git a/package/libsrtp/0001-Rename-SHA1-functions-to-avoid-conflicts-with-downst.patch b/package/libsrtp/0001-Rename-SHA1-functions-to-avoid-conflicts-with-downst.patch new file mode 100644 index 0000000000..60a123eccd --- /dev/null +++ b/package/libsrtp/0001-Rename-SHA1-functions-to-avoid-conflicts-with-downst.patch @@ -0,0 +1,396 @@ +From f76eb65d008d0c8e06698e4a63a776e91b80155b Mon Sep 17 00:00:00 2001 +From: jfigus +Date: Tue, 4 Nov 2014 14:54:02 -0500 +Subject: [PATCH] Rename SHA1 functions to avoid conflicts with downstream + packages. + +Backported from upstream commit c270245a94ae9a007202754eb8f7ce9e48f97007 +and tweaked to apply on top of v1.5.4. + +Signed-off-by: Vicente Olivert Riera +--- + crypto/hash/hmac.c | 20 ++++++++++---------- + crypto/hash/hmac_ossl.c | 18 +++++++++--------- + crypto/hash/sha1.c | 32 ++++++++++++++++---------------- + crypto/include/hmac.h | 4 ++-- + crypto/include/sha1.h | 34 +++++++++++++++++----------------- + crypto/test/sha1_driver.c | 8 ++++---- + 6 files changed, 58 insertions(+), 58 deletions(-) + +diff --git a/crypto/hash/hmac.c b/crypto/hash/hmac.c +index ddb75ea..4bed61e 100644 +--- a/crypto/hash/hmac.c ++++ b/crypto/hash/hmac.c +@@ -141,11 +141,11 @@ hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len) { + debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64)); + + /* initialize sha1 context */ +- sha1_init(&state->init_ctx); ++ srtp_sha1_init(&state->init_ctx); + + /* hash ipad ^ key */ +- sha1_update(&state->init_ctx, ipad, 64); +- memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t)); ++ srtp_sha1_update(&state->init_ctx, ipad, 64); ++ memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t)); + + return err_status_ok; + } +@@ -153,7 +153,7 @@ hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len) { + err_status_t + hmac_start(hmac_ctx_t *state) { + +- memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t)); ++ memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t)); + + return err_status_ok; + } +@@ -165,7 +165,7 @@ hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets) { + octet_string_hex_string(message, msg_octets)); + + /* hash message into sha1 context */ +- sha1_update(&state->ctx, message, msg_octets); ++ srtp_sha1_update(&state->ctx, message, msg_octets); + + return err_status_ok; + } +@@ -183,7 +183,7 @@ hmac_compute(hmac_ctx_t *state, const void *message, + + /* hash message, copy output into H */ + hmac_update(state, (const uint8_t*)message, msg_octets); +- sha1_final(&state->ctx, H); ++ srtp_sha1_final(&state->ctx, H); + + /* + * note that we don't need to debug_print() the input, since the +@@ -193,16 +193,16 @@ hmac_compute(hmac_ctx_t *state, const void *message, + octet_string_hex_string((uint8_t *)H, 20)); + + /* re-initialize hash context */ +- sha1_init(&state->ctx); ++ srtp_sha1_init(&state->ctx); + + /* hash opad ^ key */ +- sha1_update(&state->ctx, (uint8_t *)state->opad, 64); ++ srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64); + + /* hash the result of the inner hash */ +- sha1_update(&state->ctx, (uint8_t *)H, 20); ++ srtp_sha1_update(&state->ctx, (uint8_t *)H, 20); + + /* the result is returned in the array hash_value[] */ +- sha1_final(&state->ctx, hash_value); ++ srtp_sha1_final(&state->ctx, hash_value); + + /* copy hash_value to *result */ + for (i=0; i < tag_len; i++) +diff --git a/crypto/hash/hmac_ossl.c b/crypto/hash/hmac_ossl.c +index f62ce57..2ec8350 100644 +--- a/crypto/hash/hmac_ossl.c ++++ b/crypto/hash/hmac_ossl.c +@@ -163,11 +163,11 @@ hmac_init (hmac_ctx_t *state, const uint8_t *key, int key_len) + debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, sizeof(ipad))); + + /* initialize sha1 context */ +- sha1_init(&state->init_ctx); ++ srtp_sha1_init(&state->init_ctx); + state->init_ctx_initialized = 1; + + /* hash ipad ^ key */ +- sha1_update(&state->init_ctx, ipad, sizeof(ipad)); ++ srtp_sha1_update(&state->init_ctx, ipad, sizeof(ipad)); + return (hmac_start(state)); + } + +@@ -192,7 +192,7 @@ hmac_update (hmac_ctx_t *state, const uint8_t *message, int msg_octets) + octet_string_hex_string(message, msg_octets)); + + /* hash message into sha1 context */ +- sha1_update(&state->ctx, message, msg_octets); ++ srtp_sha1_update(&state->ctx, message, msg_octets); + + return err_status_ok; + } +@@ -211,8 +211,8 @@ hmac_compute (hmac_ctx_t *state, const void *message, + } + + /* hash message, copy output into H */ +- sha1_update(&state->ctx, message, msg_octets); +- sha1_final(&state->ctx, H); ++ srtp_sha1_update(&state->ctx, message, msg_octets); ++ srtp_sha1_final(&state->ctx, H); + + /* + * note that we don't need to debug_print() the input, since the +@@ -222,16 +222,16 @@ hmac_compute (hmac_ctx_t *state, const void *message, + octet_string_hex_string((uint8_t*)H, sizeof(H))); + + /* re-initialize hash context */ +- sha1_init(&state->ctx); ++ srtp_sha1_init(&state->ctx); + + /* hash opad ^ key */ +- sha1_update(&state->ctx, (uint8_t*)state->opad, sizeof(state->opad)); ++ srtp_sha1_update(&state->ctx, (uint8_t*)state->opad, sizeof(state->opad)); + + /* hash the result of the inner hash */ +- sha1_update(&state->ctx, (uint8_t*)H, sizeof(H)); ++ srtp_sha1_update(&state->ctx, (uint8_t*)H, sizeof(H)); + + /* the result is returned in the array hash_value[] */ +- sha1_final(&state->ctx, hash_value); ++ srtp_sha1_final(&state->ctx, hash_value); + + /* copy hash_value to *result */ + for (i = 0; i < tag_len; i++) { +diff --git a/crypto/hash/sha1.c b/crypto/hash/sha1.c +index c200437..29c2e62 100644 +--- a/crypto/hash/sha1.c ++++ b/crypto/hash/sha1.c +@@ -77,17 +77,17 @@ uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */ + uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */ + + void +-sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { +- sha1_ctx_t ctx; ++srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { ++ srtp_sha1_ctx_t ctx; + +- sha1_init(&ctx); +- sha1_update(&ctx, msg, octets_in_msg); +- sha1_final(&ctx, hash_value); ++ srtp_sha1_init(&ctx); ++ srtp_sha1_update(&ctx, msg, octets_in_msg); ++ srtp_sha1_final(&ctx, hash_value); + + } + + /* +- * sha1_core(M, H) computes the core compression function, where M is ++ * srtp_sha1_core(M, H) computes the core compression function, where M is + * the next part of the message (in network byte order) and H is the + * intermediate state { H0, H1, ...} (in host byte order) + * +@@ -99,7 +99,7 @@ sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { + */ + + void +-sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { ++srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { + uint32_t H0; + uint32_t H1; + uint32_t H2; +@@ -186,7 +186,7 @@ sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { + } + + void +-sha1_init(sha1_ctx_t *ctx) { ++srtp_sha1_init(srtp_sha1_ctx_t *ctx) { + + /* initialize state vector */ + ctx->H[0] = 0x67452301; +@@ -204,7 +204,7 @@ sha1_init(sha1_ctx_t *ctx) { + } + + void +-sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { ++srtp_sha1_update(srtp_sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { + int i; + uint8_t *buf = (uint8_t *)ctx->M; + +@@ -227,13 +227,13 @@ sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { + + /* process a whole block */ + +- debug_print(mod_sha1, "(update) running sha1_core()", NULL); ++ debug_print(mod_sha1, "(update) running srtp_sha1_core()", NULL); + +- sha1_core(ctx->M, ctx->H); ++ srtp_sha1_core(ctx->M, ctx->H); + + } else { + +- debug_print(mod_sha1, "(update) not running sha1_core()", NULL); ++ debug_print(mod_sha1, "(update) not running srtp_sha1_core()", NULL); + + for (i=ctx->octets_in_buffer; + i < (ctx->octets_in_buffer + octets_in_msg); i++) +@@ -247,12 +247,12 @@ sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) { + } + + /* +- * sha1_final(ctx, output) computes the result for ctx and copies it ++ * srtp_sha1_final(ctx, output) computes the result for ctx and copies it + * into the twenty octets located at *output + */ + + void +-sha1_final(sha1_ctx_t *ctx, uint32_t *output) { ++srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output) { + uint32_t A, B, C, D, E, TEMP; + uint32_t W[80]; + int i, t; +@@ -339,11 +339,11 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *output) { + + } + +- debug_print(mod_sha1, "(final) running sha1_core()", NULL); ++ debug_print(mod_sha1, "(final) running srtp_sha1_core()", NULL); + + if (ctx->octets_in_buffer >= 56) { + +- debug_print(mod_sha1, "(final) running sha1_core() again", NULL); ++ debug_print(mod_sha1, "(final) running srtp_sha1_core() again", NULL); + + /* we need to do one final run of the compression algo */ + +diff --git a/crypto/include/hmac.h b/crypto/include/hmac.h +index 875f45c..9fc664e 100644 +--- a/crypto/include/hmac.h ++++ b/crypto/include/hmac.h +@@ -51,8 +51,8 @@ + + typedef struct { + uint8_t opad[64]; +- sha1_ctx_t ctx; +- sha1_ctx_t init_ctx; ++ srtp_sha1_ctx_t ctx; ++ srtp_sha1_ctx_t init_ctx; + #ifdef OPENSSL + int ctx_initialized; + int init_ctx_initialized; +diff --git a/crypto/include/sha1.h b/crypto/include/sha1.h +index f1744ce..e177af6 100644 +--- a/crypto/include/sha1.h ++++ b/crypto/include/sha1.h +@@ -56,15 +56,15 @@ + #include + #include + +-typedef EVP_MD_CTX sha1_ctx_t; ++typedef EVP_MD_CTX srtp_sha1_ctx_t; + + /* +- * sha1_init(&ctx) initializes the SHA1 context ctx ++ * srtp_sha1_init(&ctx) initializes the SHA1 context ctx + * +- * sha1_update(&ctx, msg, len) hashes the len octets starting at msg ++ * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg + * into the SHA1 context + * +- * sha1_final(&ctx, output) performs the final processing of the SHA1 ++ * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1 + * context and writes the result to the 20 octets at output + * + * Return values are ignored on the EVP functions since all three +@@ -72,18 +72,18 @@ typedef EVP_MD_CTX sha1_ctx_t; + * + */ + +-static inline void sha1_init (sha1_ctx_t *ctx) ++static inline void srtp_sha1_init (srtp_sha1_ctx_t *ctx) + { + EVP_MD_CTX_init(ctx); + EVP_DigestInit(ctx, EVP_sha1()); + } + +-static inline void sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) ++static inline void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) + { + EVP_DigestUpdate(ctx, M, octets_in_msg); + } + +-static inline void sha1_final (sha1_ctx_t *ctx, uint32_t *output) ++static inline void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) + { + unsigned int len = 0; + +@@ -97,7 +97,7 @@ typedef struct { + uint32_t M[16]; /* message buffer */ + int octets_in_buffer; /* octets of message in buffer */ + uint32_t num_bits_in_msg; /* total number of bits in message */ +-} sha1_ctx_t; ++} srtp_sha1_ctx_t; + + /* + * sha1(&ctx, msg, len, output) hashes the len octets starting at msg +@@ -110,33 +110,33 @@ void + sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]); + + /* +- * sha1_init(&ctx) initializes the SHA1 context ctx ++ * srtp_sha1_init(&ctx) initializes the SHA1 context ctx + * +- * sha1_update(&ctx, msg, len) hashes the len octets starting at msg ++ * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg + * into the SHA1 context + * +- * sha1_final(&ctx, output) performs the final processing of the SHA1 ++ * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1 + * context and writes the result to the 20 octets at output + * + */ + + void +-sha1_init(sha1_ctx_t *ctx); ++srtp_sha1_init(srtp_sha1_ctx_t *ctx); + + void +-sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); ++srtp_sha1_update(srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); + + void +-sha1_final(sha1_ctx_t *ctx, uint32_t output[5]); ++srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]); + + /* +- * The sha1_core function is INTERNAL to SHA-1, but it is declared ++ * The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared + * here because it is also used by the cipher SEAL 3.0 in its key + * setup algorithm. + */ + + /* +- * sha1_core(M, H) computes the core sha1 compression function, where M is ++ * srtp_sha1_core(M, H) computes the core sha1 compression function, where M is + * the next part of the message and H is the intermediate state {H0, + * H1, ...} + * +@@ -145,7 +145,7 @@ sha1_final(sha1_ctx_t *ctx, uint32_t output[5]); + */ + + void +-sha1_core(const uint32_t M[16], uint32_t hash_value[5]); ++srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]); + + #endif /* else OPENSSL */ + +diff --git a/crypto/test/sha1_driver.c b/crypto/test/sha1_driver.c +index 6adfad1..2e19479 100644 +--- a/crypto/test/sha1_driver.c ++++ b/crypto/test/sha1_driver.c +@@ -102,7 +102,7 @@ hash_test_case_add(hash_test_case_t **list_ptr, + + err_status_t + sha1_test_case_validate(const hash_test_case_t *test_case) { +- sha1_ctx_t ctx; ++ srtp_sha1_ctx_t ctx; + uint32_t hash_value[5]; + + if (test_case == NULL) +@@ -113,9 +113,9 @@ sha1_test_case_validate(const hash_test_case_t *test_case) { + if (test_case->data_len > MAX_HASH_DATA_LEN) + return err_status_bad_param; + +- sha1_init(&ctx); +- sha1_update(&ctx, test_case->data, test_case->data_len); +- sha1_final(&ctx, hash_value); ++ srtp_sha1_init(&ctx); ++ srtp_sha1_update(&ctx, test_case->data, test_case->data_len); ++ srtp_sha1_final(&ctx, hash_value); + if (0 == memcmp(test_case->hash, hash_value, 20)) { + #if VERBOSE + printf("PASSED: reference value: %s\n", +-- +2.7.3 + -- 2.30.2