49 lines
2.1 KiB
Diff
49 lines
2.1 KiB
Diff
diff -up srtp/srtp/srtp.c.CVE20132139 srtp/srtp/srtp.c
|
|
--- srtp/srtp/srtp.c.CVE20132139 2013-12-30 11:47:39.477223492 -0500
|
|
+++ srtp/srtp/srtp.c 2013-12-30 11:49:44.580162545 -0500
|
|
@@ -2045,22 +2045,21 @@ crypto_policy_set_from_profile_for_rtp(c
|
|
switch(profile) {
|
|
case srtp_profile_aes128_cm_sha1_80:
|
|
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_aes128_cm_sha1_32:
|
|
- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
|
|
+ /* We do not honor the 32-bit auth tag request since
|
|
+ * this is not compliant with RFC 3711 */
|
|
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_null_sha1_80:
|
|
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
|
|
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_aes256_cm_sha1_80:
|
|
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_aes256_cm_sha1_32:
|
|
- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
|
|
+ /* We do not honor the 32-bit auth tag request since
|
|
+ * this is not compliant with RFC 3711 */
|
|
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
break;
|
|
/* the following profiles are not (yet) supported */
|
|
@@ -2082,7 +2081,7 @@ crypto_policy_set_from_profile_for_rtcp(
|
|
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_aes128_cm_sha1_32:
|
|
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
|
|
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
|
|
break;
|
|
case srtp_profile_null_sha1_80:
|
|
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
|
|
@@ -2091,7 +2090,7 @@ crypto_policy_set_from_profile_for_rtcp(
|
|
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
break;
|
|
case srtp_profile_aes256_cm_sha1_32:
|
|
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
|
|
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
|
|
break;
|
|
/* the following profiles are not (yet) supported */
|
|
case srtp_profile_null_sha1_32:
|