rpms
/
libsrtp
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8s
Branches Tags
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c9s
rpms:c8-beta
rpms:c8
rpms:imports/c9/libsrtp-2.3.0-8.el9
rpms:imports/c9-beta/libsrtp-2.3.0-8.el9
rpms:imports/c9/libsrtp-2.3.0-7.el9
rpms:imports/c9-beta/libsrtp-2.3.0-7.el9
rpms:imports/c8-beta/libsrtp-1.5.4-8.el8
rpms:imports/c8/libsrtp-1.5.4-8.el8
rpms:imports/c8s/libsrtp-1.5.4-8.el8
...
pull from: rpms:c9s
Branches Tags
rpms:c9
rpms:c9-beta
rpms:c9s
rpms:c8-beta
rpms:c8
rpms:c8s
rpms:imports/c9/libsrtp-2.3.0-8.el9
rpms:imports/c9-beta/libsrtp-2.3.0-8.el9
rpms:imports/c9/libsrtp-2.3.0-7.el9
rpms:imports/c9-beta/libsrtp-2.3.0-7.el9
rpms:imports/c8-beta/libsrtp-1.5.4-8.el8
rpms:imports/c8/libsrtp-1.5.4-8.el8
rpms:imports/c8s/libsrtp-1.5.4-8.el8

No commits in common. "c8s" and "c9s" have entirely different histories.
c8s ... c9s

18 changed files with 373 additions and 534 deletions
Show Stats Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1 +1,4 @@
SOURCES/v1.5.4.tar.gz
/srtp-1.4.4-20101004cvs.tar.bz2
/v1.5.0.tar.gz
/v1.5.4.tar.gz
/v2.3.0.tar.gz

2
.libsrtp.metadata
View File

@ -1 +1 @@
568030da728a03b1d39d3dc1a5c31c3228fa73d5 SOURCES/v1.5.4.tar.gz
263a45a82cb1acb1a6c7beef64def31949496a02 v2.3.0.tar.gz

502
SOURCES/0001-Changes-for-OpenSSL-1.1.0-compatibility.patch
View File

@ -1,502 +0,0 @@
From b1858f6b5fa33b9ef9eeea1f6152185d54bba323 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Mon, 3 Sep 2018 13:19:44 +0200
Subject: [PATCH] Changes for OpenSSL 1.1.0 compatibility
---
crypto/cipher/aes_gcm_ossl.c | 36 +++++----
crypto/cipher/aes_icm_ossl.c | 18 +++--
crypto/hash/hmac_ossl.c | 135 ++++++++++++----------------------
crypto/include/aes_gcm_ossl.h | 2 +-
crypto/include/aes_icm_ossl.h | 2 +-
crypto/include/sha1.h | 14 ++--
6 files changed, 89 insertions(+), 118 deletions(-)
diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c
index dce2a33..943dbd5 100644
--- a/crypto/cipher/aes_gcm_ossl.c
+++ b/crypto/cipher/aes_gcm_ossl.c
@@ -116,6 +116,13 @@ err_status_t aes_gcm_openssl_alloc (cipher_t **c, int key_len, int tlen)
(*c)->state = allptr + sizeof(cipher_t);
gcm = (aes_gcm_ctx_t *)(*c)->state;
+ gcm->ctx = EVP_CIPHER_CTX_new();
+ if (gcm->ctx == NULL) {
+ crypto_free(*c);
+ *c = NULL;
+ return (err_status_alloc_fail);
+ }
+
/* increment ref_count */
switch (key_len) {
case AES_128_GCM_KEYSIZE_WSALT:
@@ -136,7 +143,6 @@ err_status_t aes_gcm_openssl_alloc (cipher_t **c, int key_len, int tlen)
/* set key size */
(*c)->key_len = key_len;
- EVP_CIPHER_CTX_init(&gcm->ctx);
return (err_status_ok);
}
@@ -151,7 +157,7 @@ err_status_t aes_gcm_openssl_dealloc (cipher_t *c)
ctx = (aes_gcm_ctx_t*)c->state;
if (ctx) {
- EVP_CIPHER_CTX_cleanup(&ctx->ctx);
+ EVP_CIPHER_CTX_free(ctx->ctx);
/* decrement ref_count for the appropriate engine */
switch (ctx->key_size) {
case AES_256_KEYSIZE:
@@ -197,7 +203,7 @@ err_status_t aes_gcm_openssl_context_init (aes_gcm_ctx_t *c, const uint8_t *key)
debug_print(mod_aes_gcm, "key: %s", v128_hex_string((v128_t*)&c->key));
- EVP_CIPHER_CTX_cleanup(&c->ctx);
+ EVP_CIPHER_CTX_cleanup(c->ctx);
return (err_status_ok);
}
@@ -231,19 +237,19 @@ err_status_t aes_gcm_openssl_set_iv (aes_gcm_ctx_t *c, void *iv,
break;
}
- if (!EVP_CipherInit_ex(&c->ctx, evp, NULL, (const unsigned char*)&c->key.v8,
+ if (!EVP_CipherInit_ex(c->ctx, evp, NULL, (const unsigned char*)&c->key.v8,
NULL, (c->dir == direction_encrypt ? 1 : 0))) {
return (err_status_init_fail);
}
/* set IV len and the IV value, the followiong 3 calls are required */
- if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
+ if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
return (err_status_init_fail);
}
- if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_IV_FIXED, -1, iv)) {
+ if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IV_FIXED, -1, iv)) {
return (err_status_init_fail);
}
- if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_IV_GEN, 0, iv)) {
+ if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_IV_GEN, 0, iv)) {
return (err_status_init_fail);
}
@@ -267,9 +273,9 @@ err_status_t aes_gcm_openssl_set_aad (aes_gcm_ctx_t *c, unsigned char *aad,
* Set dummy tag, OpenSSL requires the Tag to be set before
* processing AAD
*/
- EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, aad);
+ EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, aad);
- rv = EVP_Cipher(&c->ctx, NULL, aad, aad_len);
+ rv = EVP_Cipher(c->ctx, NULL, aad, aad_len);
if (rv != aad_len) {
return (err_status_algo_fail);
} else {
@@ -295,7 +301,7 @@ err_status_t aes_gcm_openssl_encrypt (aes_gcm_ctx_t *c, unsigned char *buf,
/*
* Encrypt the data
*/
- EVP_Cipher(&c->ctx, buf, buf, *enc_len);
+ EVP_Cipher(c->ctx, buf, buf, *enc_len);
return (err_status_ok);
}
@@ -317,12 +323,12 @@ err_status_t aes_gcm_openssl_get_tag (aes_gcm_ctx_t *c, unsigned char *buf,
/*
* Calculate the tag
*/
- EVP_Cipher(&c->ctx, NULL, NULL, 0);
+ EVP_Cipher(c->ctx, NULL, NULL, 0);
/*
* Retreive the tag
*/
- EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len, buf);
+ EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len, buf);
/*
* Increase encryption length by desired tag size
@@ -351,14 +357,14 @@ err_status_t aes_gcm_openssl_decrypt (aes_gcm_ctx_t *c, unsigned char *buf,
/*
* Set the tag before decrypting
*/
- EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
+ EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
buf + (*enc_len - c->tag_len));
- EVP_Cipher(&c->ctx, buf, buf, *enc_len - c->tag_len);
+ EVP_Cipher(c->ctx, buf, buf, *enc_len - c->tag_len);
/*
* Check the tag
*/
- if (EVP_Cipher(&c->ctx, NULL, NULL, 0)) {
+ if (EVP_Cipher(c->ctx, NULL, NULL, 0)) {
return (err_status_auth_fail);
}
diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index eb58539..1ddd39e 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c
@@ -143,6 +143,13 @@ err_status_t aes_icm_openssl_alloc (cipher_t **c, int key_len, int tlen)
(*c)->state = allptr + sizeof(cipher_t);
icm = (aes_icm_ctx_t*)(*c)->state;
+ icm->ctx = EVP_CIPHER_CTX_new();
+ if (icm->ctx == NULL) {
+ crypto_free(*c);
+ *c = NULL;
+ return err_status_alloc_fail;
+ }
+
/* increment ref_count */
switch (key_len) {
case AES_128_KEYSIZE_WSALT:
@@ -169,7 +176,6 @@ err_status_t aes_icm_openssl_alloc (cipher_t **c, int key_len, int tlen)
/* set key size */
(*c)->key_len = key_len;
- EVP_CIPHER_CTX_init(&icm->ctx);
return err_status_ok;
}
@@ -191,7 +197,7 @@ err_status_t aes_icm_openssl_dealloc (cipher_t *c)
*/
ctx = (aes_icm_ctx_t*)c->state;
if (ctx != NULL) {
- EVP_CIPHER_CTX_cleanup(&ctx->ctx);
+ EVP_CIPHER_CTX_free(ctx->ctx);
/* decrement ref_count for the appropriate engine */
switch (ctx->key_size) {
case AES_256_KEYSIZE:
@@ -271,7 +277,7 @@ err_status_t aes_icm_openssl_context_init (aes_icm_ctx_t *c, const uint8_t *key,
debug_print(mod_aes_icm, "key: %s", v128_hex_string((v128_t*)&c->key));
debug_print(mod_aes_icm, "offset: %s", v128_hex_string(&c->offset));
- EVP_CIPHER_CTX_cleanup(&c->ctx);
+ EVP_CIPHER_CTX_cleanup(c->ctx);
return err_status_ok;
}
@@ -312,7 +318,7 @@ err_status_t aes_icm_openssl_set_iv (aes_icm_ctx_t *c, void *iv, int dir)
break;
}
- if (!EVP_EncryptInit_ex(&c->ctx, evp,
+ if (!EVP_EncryptInit_ex(c->ctx, evp,
NULL, c->key.v8, c->counter.v8)) {
return err_status_fail;
} else {
@@ -334,12 +340,12 @@ err_status_t aes_icm_openssl_encrypt (aes_icm_ctx_t *c, unsigned char *buf, unsi
debug_print(mod_aes_icm, "rs0: %s", v128_hex_string(&c->counter));
- if (!EVP_EncryptUpdate(&c->ctx, buf, &len, buf, *enc_len)) {
+ if (!EVP_EncryptUpdate(c->ctx, buf, &len, buf, *enc_len)) {
return err_status_cipher_fail;
}
*enc_len = len;
- if (!EVP_EncryptFinal_ex(&c->ctx, buf, &len)) {
+ if (!EVP_EncryptFinal_ex(c->ctx, buf, &len)) {
return err_status_cipher_fail;
}
*enc_len += len;
diff --git a/crypto/hash/hmac_ossl.c b/crypto/hash/hmac_ossl.c
index f62ce57..3f6f97d 100644
--- a/crypto/hash/hmac_ossl.c
+++ b/crypto/hash/hmac_ossl.c
@@ -49,8 +49,10 @@
#include "hmac.h"
#include "alloc.h"
#include <openssl/evp.h>
+#include <openssl/hmac.h>
-#define HMAC_KEYLEN_MAX 20
+#define HMAC_KEYLEN_MAX 20
+#define SHA1_DIGEST_SIZE 20
/* the debug module for authentiation */
@@ -64,8 +66,6 @@ err_status_t
hmac_alloc (auth_t **a, int key_len, int out_len)
{
extern auth_type_t hmac;
- uint8_t *pointer;
- hmac_ctx_t *new_hmac_ctx;
debug_print(mod_hmac, "allocating auth func with key length %d", key_len);
debug_print(mod_hmac, " tag length %d", out_len);
@@ -79,25 +79,28 @@ hmac_alloc (auth_t **a, int key_len, int out_len)
}
/* check output length - should be less than 20 bytes */
- if (out_len > HMAC_KEYLEN_MAX) {
+ if (out_len > SHA1_DIGEST_SIZE) {
return err_status_bad_param;
}
/* allocate memory for auth and hmac_ctx_t structures */
- pointer = (uint8_t*)crypto_alloc(sizeof(hmac_ctx_t) + sizeof(auth_t));
- if (pointer == NULL) {
+ *a = crypto_alloc(sizeof(auth_t));
+ if (*a == NULL) {
+ return err_status_alloc_fail;
+ }
+
+ (*a)->state = HMAC_CTX_new();
+ if ((*a)->state == NULL) {
+ crypto_free(*a);
+ *a = NULL;
return err_status_alloc_fail;
}
/* set pointers */
- *a = (auth_t*)pointer;
(*a)->type = &hmac;
- (*a)->state = pointer + sizeof(auth_t);
(*a)->out_len = out_len;
(*a)->key_len = key_len;
(*a)->prefix_len = 0;
- new_hmac_ctx = (hmac_ctx_t*)((*a)->state);
- memset(new_hmac_ctx, 0, sizeof(hmac_ctx_t));
/* increment global count of all hmac uses */
hmac.ref_count++;
@@ -109,19 +112,14 @@ err_status_t
hmac_dealloc (auth_t *a)
{
extern auth_type_t hmac;
- hmac_ctx_t *hmac_ctx;
+ HMAC_CTX *hmac_ctx;
- hmac_ctx = (hmac_ctx_t*)a->state;
- if (hmac_ctx->ctx_initialized) {
- EVP_MD_CTX_cleanup(&hmac_ctx->ctx);
- }
- if (hmac_ctx->init_ctx_initialized) {
- EVP_MD_CTX_cleanup(&hmac_ctx->init_ctx);
- }
+ hmac_ctx = (HMAC_CTX*)a->state;
+
+ HMAC_CTX_free(hmac_ctx);
/* zeroize entire state*/
- octet_string_set_to_zero((uint8_t*)a,
- sizeof(hmac_ctx_t) + sizeof(auth_t));
+ octet_string_set_to_zero((uint8_t*)a, sizeof(auth_t));
/* free memory */
crypto_free(a);
@@ -133,109 +131,68 @@ hmac_dealloc (auth_t *a)
}
err_status_t
-hmac_init (hmac_ctx_t *state, const uint8_t *key, int key_len)
+hmac_start (hmac_ctx_t *statev)
{
- int i;
- uint8_t ipad[64];
-
- /*
- * check key length - note that we don't support keys larger
- * than 20 bytes yet
- */
- if (key_len > HMAC_KEYLEN_MAX) {
- return err_status_bad_param;
- }
-
- /*
- * set values of ipad and opad by exoring the key into the
- * appropriate constant values
- */
- for (i = 0; i < key_len; i++) {
- ipad[i] = key[i] ^ 0x36;
- state->opad[i] = key[i] ^ 0x5c;
- }
- /* set the rest of ipad, opad to constant values */
- for (; i < sizeof(ipad); i++) {
- ipad[i] = 0x36;
- ((uint8_t*)state->opad)[i] = 0x5c;
- }
-
- debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, sizeof(ipad)));
+ HMAC_CTX *state = (HMAC_CTX *)statev;
- /* initialize sha1 context */
- sha1_init(&state->init_ctx);
- state->init_ctx_initialized = 1;
+ if (HMAC_Init_ex(state, NULL, 0, NULL, NULL) == 0)
+ return err_status_auth_fail;
- /* hash ipad ^ key */
- sha1_update(&state->init_ctx, ipad, sizeof(ipad));
- return (hmac_start(state));
+ return err_status_ok;
}
err_status_t
-hmac_start (hmac_ctx_t *state)
+hmac_init (hmac_ctx_t *statev, const uint8_t *key, int key_len)
{
- if (state->ctx_initialized) {
- EVP_MD_CTX_cleanup(&state->ctx);
- }
- if (!EVP_MD_CTX_copy(&state->ctx, &state->init_ctx)) {
+ HMAC_CTX *state = (HMAC_CTX *)statev;
+
+ if (HMAC_Init_ex(state, key, key_len, EVP_sha1(), NULL) == 0)
return err_status_auth_fail;
- } else {
- state->ctx_initialized = 1;
- return err_status_ok;
- }
+
+ return err_status_ok;
}
err_status_t
-hmac_update (hmac_ctx_t *state, const uint8_t *message, int msg_octets)
+hmac_update (hmac_ctx_t *statev, const uint8_t *message, int msg_octets)
{
+ HMAC_CTX *state = (HMAC_CTX *)statev;
+
debug_print(mod_hmac, "input: %s",
octet_string_hex_string(message, msg_octets));
- /* hash message into sha1 context */
- sha1_update(&state->ctx, message, msg_octets);
+ if (HMAC_Update(state, message, msg_octets) == 0)
+ return err_status_auth_fail;
return err_status_ok;
}
err_status_t
-hmac_compute (hmac_ctx_t *state, const void *message,
+hmac_compute (hmac_ctx_t *statev, const void *message,
int msg_octets, int tag_len, uint8_t *result)
{
- uint32_t hash_value[5];
- uint32_t H[5];
+ HMAC_CTX *state = (HMAC_CTX *)statev;
+ uint8_t hash_value[SHA1_DIGEST_SIZE];
int i;
+ unsigned int len;
/* check tag length, return error if we can't provide the value expected */
- if (tag_len > HMAC_KEYLEN_MAX) {
+ if (tag_len > SHA1_DIGEST_SIZE) {
return err_status_bad_param;
}
/* hash message, copy output into H */
- sha1_update(&state->ctx, message, msg_octets);
- sha1_final(&state->ctx, H);
-
- /*
- * note that we don't need to debug_print() the input, since the
- * function hmac_update() already did that for us
- */
- debug_print(mod_hmac, "intermediate state: %s",
- octet_string_hex_string((uint8_t*)H, sizeof(H)));
-
- /* re-initialize hash context */
- sha1_init(&state->ctx);
-
- /* hash opad ^ key */
- sha1_update(&state->ctx, (uint8_t*)state->opad, sizeof(state->opad));
+ if (HMAC_Update(state, message, msg_octets) == 0)
+ return err_status_auth_fail;
- /* hash the result of the inner hash */
- sha1_update(&state->ctx, (uint8_t*)H, sizeof(H));
+ if (HMAC_Final(state, hash_value, &len) == 0)
+ return err_status_auth_fail;
- /* the result is returned in the array hash_value[] */
- sha1_final(&state->ctx, hash_value);
+ if (len < tag_len)
+ return err_status_auth_fail;
/* copy hash_value to *result */
for (i = 0; i < tag_len; i++) {
- result[i] = ((uint8_t*)hash_value)[i];
+ result[i] = hash_value[i];
}
debug_print(mod_hmac, "output: %s",
diff --git a/crypto/include/aes_gcm_ossl.h b/crypto/include/aes_gcm_ossl.h
index 8e7711d..4f49b51 100644
--- a/crypto/include/aes_gcm_ossl.h
+++ b/crypto/include/aes_gcm_ossl.h
@@ -55,7 +55,7 @@ typedef struct {
v256_t key;
int key_size;
int tag_len;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX* ctx;
cipher_direction_t dir;
} aes_gcm_ctx_t;
diff --git a/crypto/include/aes_icm_ossl.h b/crypto/include/aes_icm_ossl.h
index b4ec40a..af23320 100644
--- a/crypto/include/aes_icm_ossl.h
+++ b/crypto/include/aes_icm_ossl.h
@@ -72,7 +72,7 @@ typedef struct {
v128_t offset; /* initial offset value */
v256_t key;
int key_size;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX* ctx;
} aes_icm_ctx_t;
err_status_t aes_icm_openssl_set_iv(aes_icm_ctx_t *c, void *iv, int dir);
diff --git a/crypto/include/sha1.h b/crypto/include/sha1.h
index 2ce53e8..fb5bd95 100644
--- a/crypto/include/sha1.h
+++ b/crypto/include/sha1.h
@@ -56,8 +56,6 @@
#include <openssl/evp.h>
#include <stdint.h>
-typedef EVP_MD_CTX sha1_ctx_t;
-
/*
* sha1_init(&ctx) initializes the SHA1 context ctx
*
@@ -72,23 +70,27 @@ typedef EVP_MD_CTX sha1_ctx_t;
*
*/
+typedef EVP_MD_CTX* sha1_ctx_t;
+
static inline void sha1_init (sha1_ctx_t *ctx)
{
- EVP_MD_CTX_init(ctx);
- EVP_DigestInit(ctx, EVP_sha1());
+ *ctx = EVP_MD_CTX_new();
+ EVP_DigestInit(*ctx, EVP_sha1());
}
static inline void sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg)
{
- EVP_DigestUpdate(ctx, M, octets_in_msg);
+ EVP_DigestUpdate(*ctx, M, octets_in_msg);
}
static inline void sha1_final (sha1_ctx_t *ctx, uint32_t *output)
{
unsigned int len = 0;
- EVP_DigestFinal(ctx, (unsigned char*)output, &len);
+ EVP_DigestFinal(*ctx, (unsigned char*)output, &len);
+ EVP_MD_CTX_free(*ctx);
}
+
#else
#include "datatypes.h"
--
2.17.1

0
SOURCES/config.h → config.h
View File

6
gating.yaml Normal file
View File

@ -0,0 +1,6 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}

48
libsrtp-1.4.4-CVE20132139.patch Normal file
View File

@ -0,0 +1,48 @@
diff -up srtp/srtp/srtp.c.CVE20132139 srtp/srtp/srtp.c
--- srtp/srtp/srtp.c.CVE20132139 2013-12-30 11:47:39.477223492 -0500
+++ srtp/srtp/srtp.c 2013-12-30 11:49:44.580162545 -0500
@@ -2045,22 +2045,21 @@ crypto_policy_set_from_profile_for_rtp(c
switch(profile) {
case srtp_profile_aes128_cm_sha1_80:
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ /* We do not honor the 32-bit auth tag request since
+ * this is not compliant with RFC 3711 */
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_null_sha1_80:
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_80:
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_32:
- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+ /* We do not honor the 32-bit auth tag request since
+ * this is not compliant with RFC 3711 */
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
/* the following profiles are not (yet) supported */
@@ -2082,7 +2081,7 @@ crypto_policy_set_from_profile_for_rtcp(
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
break;
case srtp_profile_null_sha1_80:
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
@@ -2091,7 +2090,7 @@ crypto_policy_set_from_profile_for_rtcp(
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_32:
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
break;
/* the following profiles are not (yet) supported */
case srtp_profile_null_sha1_32:

75
libsrtp-1.4.4-shared.patch Normal file
View File

@ -0,0 +1,75 @@
diff -up srtp/Makefile.in.shared srtp/Makefile.in
--- srtp/Makefile.in.shared 2010-05-21 13:45:35.000000000 -0400
+++ srtp/Makefile.in 2010-10-04 15:53:29.132116130 -0400
@@ -8,7 +8,7 @@
# runtest runs test applications
# test builds test applications
# libcrypt.a static library implementing crypto engine
-# libsrtp.a static library implementing srtp
+# libsrtp.so shared library implementing srtp
# clean removes objects, libs, and executables
# distribution cleans and builds a .tgz
# tags builds etags file from all .c and .h files
@@ -97,13 +97,13 @@ kernel = crypto/kernel/crypto_kernel.o
cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-# libsrtp.a (implements srtp processing)
+# libsrtp (implements srtp processing)
srtpobj = srtp/srtp.o srtp/ekt.o
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
+libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
+ $(COMPILE) -shared -pthread -lm -Wl,--no-undefined -Wl,-soname,$@.0 -z noexecstack -o $@.0.0.0 $^
+ ln -s $@.0.0.0 $@
# libcryptomath.a contains general-purpose routines that are used to
# generate tables and verify cryptoalgorithm implementations - this
@@ -127,19 +127,19 @@ testapp = $(crypto_testapp) test/srtp_dr
test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
test/dtls_srtp_driver$(EXE)
-$(testapp): libsrtp.a
+$(testapp): libsrtp.so
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rtpw.c test/rtp.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rdbx_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/dtls_srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test: $(testapp)
@echo "Build done. Please run '$(MAKE) runtest' to run self tests."
@@ -197,16 +197,16 @@ install:
cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.so.0.0.0 ]; then cp libsrtp.so.0.0.0 $(DESTDIR)$(libdir)/; fi
uninstall:
rm -f $(DESTDIR)$(includedir)/srtp/*.h
- rm -f $(DESTDIR)$(libdir)/libsrtp.a
+ rm -f $(DESTDIR)$(libdir)/libsrtp.so*
-rmdir $(DESTDIR)$(includedir)/srtp
clean:
rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
- libcryptomath.a libsrtp.a core *.core test/core
+ libcryptomath.a libsrtp.so* core *.core test/core
for a in * */* */*/*; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;

77
libsrtp-1.5.0-shared.patch Normal file
View File

@ -0,0 +1,77 @@
diff -up libsrtp-1.5.0/Makefile.in.shared libsrtp-1.5.0/Makefile.in
--- libsrtp-1.5.0/Makefile.in.shared 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/Makefile.in 2014-11-14 10:14:01.604954699 -0500
@@ -113,17 +113,13 @@ kernel = crypto/kernel/crypto_kernel.o
cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-# libsrtp.a (implements srtp processing)
+# libsrtp (implements srtp processing)
srtpobj = srtp/srtp.o srtp/ekt.o
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
-
-libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
- $(CC) -shared -Wl,-soname,libsrtp.so \
- -o libsrtp.so $^ $(LDFLAGS)
+libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
+ $(COMPILE) -shared -pthread -lm -Wl,--no-undefined -Wl,-soname,$@.1 -z noexecstack -o $@.1.0.0 $^
+ ln -s $@.1.0.0 $@
# libcryptomath.a contains general-purpose routines that are used to
# generate tables and verify cryptoalgorithm implementations - this
@@ -150,19 +146,19 @@ testapp = $(crypto_testapp) test/srtp_dr
test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
test/dtls_srtp_driver$(EXE)
-$(testapp): libsrtp.a
+$(testapp): libsrtp.so
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rtpw.c test/rtp.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rdbx_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/dtls_srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test: $(testapp)
@echo "Build done. Please run '$(MAKE) runtest' to run self tests."
@@ -220,7 +216,7 @@ install:
cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.so.0.0.0 ]; then cp libsrtp.so.0.0.0 $(DESTDIR)$(libdir)/; fi
if [ -f libsrtp.so ]; then cp libsrtp.so $(DESTDIR)$(libdir)/; fi
if [ "$(pkgconfig_DATA)" != "" ]; then \
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir); \
@@ -229,7 +225,7 @@ install:
uninstall:
rm -f $(DESTDIR)$(includedir)/srtp/*.h
- rm -f $(DESTDIR)$(libdir)/libsrtp.a
+ rm -f $(DESTDIR)$(libdir)/libsrtp.so*
rm -f $(DESTDIR)$(libdir)/libsrtp.so
-rmdir $(DESTDIR)$(includedir)/srtp
if [ "$(pkgconfig_DATA)" != "" ]; then \
@@ -238,7 +234,7 @@ uninstall:
clean:
rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
- libcryptomath.a libsrtp.a libsrtp.so core *.core test/core
+ libcryptomath.a libsrtp.so* core *.core test/core
for a in * */* */*/*; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;

0
SOURCES/libsrtp-1.5.4-shared-fix.patch → libsrtp-1.5.4-shared-fix.patch
View File

24
libsrtp-2.3.0-nss-3.63-fix.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up libsrtp-2.3.0/crypto/include/aes_gcm.h.nssfix libsrtp-2.3.0/crypto/include/aes_gcm.h
--- libsrtp-2.3.0/crypto/include/aes_gcm.h.nssfix 2021-04-15 13:47:08.667150587 -0400
+++ libsrtp-2.3.0/crypto/include/aes_gcm.h 2021-04-15 13:47:26.991294515 -0400
@@ -66,6 +66,8 @@ typedef struct {
#ifdef NSS
+#define NSS_PKCS11_2_0_COMPAT 1
+
#include <nss.h>
#include <pk11pub.h>
diff -up libsrtp-2.3.0/crypto/include/aes_icm_ext.h.nssfix libsrtp-2.3.0/crypto/include/aes_icm_ext.h
--- libsrtp-2.3.0/crypto/include/aes_icm_ext.h.nssfix 2021-04-15 13:47:36.617370124 -0400
+++ libsrtp-2.3.0/crypto/include/aes_icm_ext.h 2021-04-15 13:59:50.074073286 -0400
@@ -65,6 +65,8 @@ typedef struct {
#ifdef NSS
+#define NSS_PKCS11_2_0_COMPAT 1
+
#include <nss.h>
#include <pk11pub.h>

36
libsrtp-2.3.0-shared-fix.patch Normal file
View File

@ -0,0 +1,36 @@
diff -up libsrtp-2.3.0/Makefile.in.sharedfix libsrtp-2.3.0/Makefile.in
--- libsrtp-2.3.0/Makefile.in.sharedfix 2020-01-07 09:48:36.004217062 -0500
+++ libsrtp-2.3.0/Makefile.in 2020-01-07 09:53:08.117725096 -0500
@@ -106,12 +106,14 @@ bindir = @bindir@
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libsrtp2.pc
-SHAREDLIBVERSION = 1
+SHAREDLIBMINIVER = 1
+SHAREDLIBVERSION = $(SHAREDLIBMINIVER).0.0
ifneq (,$(or $(findstring linux,@host@), $(findstring gnu,@host@)))
SHAREDLIB_DIR = $(libdir)
-SHAREDLIB_LDFLAGS = -shared -Wl,-soname,$@
SHAREDLIBSUFFIXNOVER = so
+SHAREDLIBMINISUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBMINIVER)
SHAREDLIBSUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBVERSION)
+SHAREDLIB_LDFLAGS = -shared -Wl,-soname,libsrtp2.$(SHAREDLIBMINISUFFIX)
else ifneq (,$(or $(findstring cygwin,@host@), $(findstring mingw,@host@)))
SHAREDLIB_DIR = $(bindir)
SHAREDLIB_LDFLAGS = -shared -Wl,--out-implib,libsrtp2.dll.a
@@ -166,6 +168,7 @@ libsrtp2.$(SHAREDLIBSUFFIX): $(srtpobj)
$(CC) -shared -o $@ $(SHAREDLIB_LDFLAGS) \
$^ $(LDFLAGS) $(LIBS)
if [ -n "$(SHAREDLIBVERSION)" ]; then \
+ ln -sfn $@ libsrtp2.$(SHAREDLIBMINISUFFIX); \
ln -sfn $@ libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
fi
@@ -288,6 +291,7 @@ install:
cp libsrtp2.$(SHAREDLIBSUFFIXNOVER) $(DESTDIR)$(SHAREDLIB_DIR)/; \
if [ -n "$(SHAREDLIBVERSION)" ]; then \
ln -sfn libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
+ ln -sfn libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp2.$(SHAREDLIBMINISUFFIX); \
fi; \
fi
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir)

13
libsrtp-2.3.0-shared-test-fix.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up libsrtp-2.3.0/Makefile.in.test-shared libsrtp-2.3.0/Makefile.in
--- libsrtp-2.3.0/Makefile.in.test-shared 2020-10-12 16:00:39.065842309 -0400
+++ libsrtp-2.3.0/Makefile.in 2020-10-12 16:01:11.244097667 -0400
@@ -196,7 +196,7 @@ ifeq (1, $(HAVE_PCAP))
testapp += test/rtp_decoder$(EXE)
endif
-$(testapp): libsrtp2.a
+$(testapp): libsrtp2.$(SHAREDLIBSUFFIX)
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/util.c test/getopt_s.c \
crypto/math/datatypes.c
diff -up libsrtp-2.3.0/Makefile.test-shared libsrtp-2.3.0/Makefile

12
libsrtp-2.3.0-test-util.patch Normal file
View File

@ -0,0 +1,12 @@
diff -r -u libsrtp-2.3.0.orig/test/util.c libsrtp-2.3.0/test/util.c
--- libsrtp-2.3.0.orig/test/util.c 2019-12-23 10:58:25.000000000 +0100
+++ libsrtp-2.3.0/test/util.c 2020-10-09 11:56:31.455502870 +0200
@@ -49,7 +49,7 @@
#include <stdint.h>
/* include space for null terminator */
-char bit_string[MAX_PRINT_STRING_LEN + 1];
+static char bit_string[MAX_PRINT_STRING_LEN + 1];
static inline int hex_char_to_nibble(uint8_t c)
{

0
SOURCES/libsrtp-fix-name-collision-on-MIPS.patch → libsrtp-fix-name-collision-on-MIPS.patch
View File

0
SOURCES/libsrtp-sha1-name-fix.patch → libsrtp-sha1-name-fix.patch
View File

0
SOURCES/libsrtp-srtp_aes_encrypt.patch → libsrtp-srtp_aes_encrypt.patch
View File

106
SPECS/libsrtp.spec → libsrtp.spec
View File

@ -1,23 +1,23 @@
%global shortname srtp
Name: libsrtp
Version: 1.5.4
Version: 2.3.0
Release: 8%{?dist}
Summary: An implementation of the Secure Real-time Transport Protocol (SRTP)
Group: System Environment/Libraries
License: BSD
URL: https://github.com/cisco/libsrtp
Source0: https://github.com/cisco/libsrtp/archive/v%{version}.tar.gz
# Universal config.h
Source2: config.h
BuildRequires: gcc, nss-devel, libpcap-devel
BuildRequires: make
# Fix shared lib so ldconfig doesn't complain
Patch0: libsrtp-1.5.4-shared-fix.patch
Patch1: libsrtp-srtp_aes_encrypt.patch
Patch2: libsrtp-sha1-name-fix.patch
Patch3: libsrtp-fix-name-collision-on-MIPS.patch
Patch4: 0001-Changes-for-OpenSSL-1.1.0-compatibility.patch
BuildRequires: openssl-devel >= 1.1.0
Patch0: libsrtp-2.3.0-shared-fix.patch
# Fix namespace issue in test/util.c
Patch1: libsrtp-2.3.0-test-util.patch
# Link test binaries against shared lib
Patch2: libsrtp-2.3.0-shared-test-fix.patch
# Fix issue with NSS 3.63 incompatibility
# credit to George Joseph
Patch3: libsrtp-2.3.0-nss-3.63-fix.patch
%description
This package provides an implementation of the Secure Real-time
@ -26,7 +26,6 @@ a supporting cryptographic kernel.
%package devel
Summary: Development files for %{name}
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig
@ -34,13 +33,19 @@ Requires: pkgconfig
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%package tools
Summary: Tools for testing and decoding SRTP
Requires: %{name}%{?_isa} = %{version}-%{release}
%description tools
Tools for testing and decoding SRTP
%prep
%setup -q -n %{name}-%{version}
%patch0 -p1 -b .sharedfix
%patch1 -p1 -b .srtp_aes_encrypt
%patch2 -p1 -b .sha1-name-fix
%patch3 -p1 -b .mips-name-fix
%patch4 -p1 -b .4
%patch1 -p1 -b .utilfix
%patch2 -p1 -b .test-shared-fix
%patch3 -p1 -b .nssfix
%if 0%{?rhel} > 0
%ifarch ppc64
@ -50,35 +55,76 @@ sed -i 's/-z noexecstack//' Makefile.in
%build
export CFLAGS="%{optflags} -fPIC"
%configure --enable-openssl
make %{?_smp_mflags} shared_library
%configure --enable-nss
make %{?_smp_mflags} shared_library test
%install
make install DESTDIR=%{buildroot}
find %{buildroot} -name '*.la' -exec rm -f {} ';'
find %{buildroot} -name '*.a' -exec rm -f {} ';'
# Handle multilib issues with config.h
mv %{buildroot}%{_includedir}/%{shortname}/config.h %{buildroot}%{_includedir}/%{shortname}/config-%{__isa_bits}.h
cp -a %{SOURCE2} %{buildroot}%{_includedir}/%{shortname}/config.h
install -D -p -m 0755 test/dtls_srtp_driver %{buildroot}%{_bindir}/dtls_srtp_driver
install -D -p -m 0755 test/rdbx_driver %{buildroot}%{_bindir}/rdbx_driver
install -D -p -m 0755 test/replay_driver %{buildroot}%{_bindir}/replay_driver
install -D -p -m 0755 test/roc_driver %{buildroot}%{_bindir}/roc_driver
install -D -p -m 0755 test/rtp_decoder %{buildroot}%{_bindir}/rtp_decoder
install -D -p -m 0755 test/rtpw %{buildroot}%{_bindir}/rtpw
install -D -p -m 0755 test/srtp_driver %{buildroot}%{_bindir}/srtp_driver
install -D -p -m 0755 test/test_srtp %{buildroot}%{_bindir}/test_srtp
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%ldconfig_scriptlets
%files
%license LICENSE
%doc CHANGES README TODO VERSION doc/*.txt doc/*.pdf
%doc CHANGES README.md
%{_libdir}/*.so.*
%files devel
%{_includedir}/%{shortname}/
%{_libdir}/pkgconfig/libsrtp.pc
%{_includedir}/%{shortname}2/
%{_libdir}/pkgconfig/libsrtp2.pc
%{_libdir}/*.so
%files tools
%{_bindir}/*
%changelog
* Mon Sep 03 2018 Wim Taymans <wtaymans@redhat.com> - 1.5.4-8
- Port to openssl 1.1.0
- Build against openssl
- Resolves: rhbz#1618747
* Thu Jul 06 2023 Wim Taymans <wtaymans@redhat.com> - 2.3.0-8
- fix NSS incompatibility, thanks to George Joseph
Resolves: rhbz#2211526
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.0-7
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.0-6
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Oct 12 2020 Tom Callaway <spot@fedoraproject.org> - 2.3.0-4
- add -tools subpackage (thanks to Gerd v. Egidy)
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Jan 7 2020 Tom Callaway <spot@fedoraproject.org> - 2.3.0-1
- update to 2.3.0
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jul 23 2018 Tom Callaway <spot@fedoraproject.org> - 1.5.4-9
- add BuildRequires: gcc
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (v2.3.0.tar.gz) = 34b1a01cb9a75aed175be09aadd2827224203b9801becc3fbc5214667cce79c3b87b0f59e4315583863ab5a2cc4fc81d56ab604a5e4c984518b8a8a2a7b77461