Fix SRTP compile issues for windows
authorMatt Caswell <matt@openssl.org>
Wed, 15 Oct 2014 00:23:07 +0000 (01:23 +0100)
committerGeoff Thorpe <geoff@openssl.org>
Wed, 15 Oct 2014 12:56:16 +0000 (08:56 -0400)
Related to CVE-2014-3513

This fix was developed by the OpenSSL Team

Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
util/mkdef.pl
util/ssleay.num

ssl/srtp.h
util/mk1mf.pl
util/mkdef.pl
util/ssleay.num

index ae364d0ff9e9d795705944d7614c8dc775dfd7aa..dfdab0ed828530400cc9db60e612b8310015569a 100644 (file)
@@ -130,12 +130,16 @@ extern "C" {
 #define SRTP_NULL_SHA1_80      0x0005
 #define SRTP_NULL_SHA1_32      0x0006
 
+#ifndef OPENSSL_NO_SRTP
+
 int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
 int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
 
 STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
 SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
 
+#endif
+
 #ifdef  __cplusplus
 }
 #endif
index 2495e6006a850917468d296fcc8675dfde045373..45d58ef26e9fa6c9afe1ee26d436a7d4e9035d95 100755 (executable)
@@ -1459,6 +1459,7 @@ sub read_options
                "dll" => \$shlib,
                "shared" => 0,
                "no-sctp" => 0,
+               "no-srtp" => 0,
                "no-gmp" => 0,
                "no-rfc3779" => 0,
                "no-montasm" => 0,
index 1b0181149d9fdd07de6d1851e830a42282fbb491..0f42504f97ef2af90198a412b7d85b678bef4eff 100755 (executable)
@@ -117,7 +117,9 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                         # Hide SSL internals
                         "SSL_INTERN",
                         # SCTP
-                        "SCTP",
+                        "SCTP",
+                        # SRTP
+                        "SRTP",
                         # SSL TRACE
                         "SSL_TRACE",
                         # Unit testing
@@ -140,8 +142,8 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
 my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
 my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
 my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_ssl2; my $no_ec2m; my $no_nextprotoneg;
-my $no_srp; my $no_nistp_gcc; my $no_sctp; my $no_ssl_trace;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; 
+my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
 my $no_unit_test;
 
 my $fips;
@@ -242,6 +244,7 @@ foreach (@ARGV, split(/ /, $options))
        elsif (/^no-jpake$/)    { $no_jpake=1; }
        elsif (/^no-srp$/)      { $no_srp=1; }
        elsif (/^no-sctp$/)     { $no_sctp=1; }
+       elsif (/^no-srtp$/)     { $no_srtp=1; }
        elsif (/^no-unit-test$/){ $no_unit_test=1; }
        }
 
@@ -1212,6 +1215,7 @@ sub is_valid
                        if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
                        if ($keyword eq "SRP" && $no_srp) { return 0; }
                        if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+                       if ($keyword eq "SRTP" && $no_srtp) { return 0; }
                        if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
                        if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
 
index 09bfca536cab6b6d00617db61af90ea8db2b3735..affe14a790844671cc2aa04213c2b1f105a6a186 100755 (executable)
@@ -310,14 +310,14 @@ TLSv1_2_method                          350       EXIST::FUNCTION:
 SSL_SESSION_get_id_len                  351    NOEXIST::FUNCTION:
 kssl_ctx_get0_client_princ              352    EXIST::FUNCTION:KRB5
 SSL_export_keying_material              353    EXIST::FUNCTION:TLSEXT
-SSL_set_tlsext_use_srtp                 354    EXIST::FUNCTION:
+SSL_set_tlsext_use_srtp                 354    EXIST::FUNCTION:SRTP
 SSL_CTX_set_next_protos_advertised_cb   355    EXIST:!VMS:FUNCTION:NEXTPROTONEG
 SSL_CTX_set_next_protos_adv_cb          355    EXIST:VMS:FUNCTION:NEXTPROTONEG
 SSL_get0_next_proto_negotiated          356    EXIST::FUNCTION:NEXTPROTONEG
-SSL_get_selected_srtp_profile           357    EXIST::FUNCTION:
-SSL_CTX_set_tlsext_use_srtp             358    EXIST::FUNCTION:
+SSL_get_selected_srtp_profile           357    EXIST::FUNCTION:SRTP
+SSL_CTX_set_tlsext_use_srtp             358    EXIST::FUNCTION:SRTP
 SSL_select_next_proto                   359    EXIST::FUNCTION:TLSEXT
-SSL_get_srtp_profiles                   360    EXIST::FUNCTION:
+SSL_get_srtp_profiles                   360    EXIST::FUNCTION:SRTP
 SSL_CTX_set_next_proto_select_cb        361    EXIST:!VMS:FUNCTION:NEXTPROTONEG
 SSL_CTX_set_next_proto_sel_cb           361    EXIST:VMS:FUNCTION:NEXTPROTONEG
 SSL_SESSION_get_compress_id             362    EXIST::FUNCTION: