forked from Mirrors/freeswitch
224 lines
7.9 KiB
Plaintext
224 lines
7.9 KiB
Plaintext
Changelog
|
|
|
|
1.3.20
|
|
|
|
Lots of changes. Thanks to Jeff Chan for catching a memory leak and
|
|
helping track down the endian issues with the SSRCs.
|
|
|
|
1.3.8
|
|
|
|
This is an interim release. Several little-endian bugs were identified
|
|
and fixed; this means that we can use intel/linux for development again.
|
|
|
|
Cleaned up sha1 and hmac code significantly, got rid of some excess
|
|
functions and properly documented the fuctions in the .h files.
|
|
|
|
Eliminated some vestigial files.
|
|
|
|
There is a SIGBUS error in the AES encrypt function on sparc
|
|
(observed on both solaris and openbsd) with gcc 2.95. Was unable to
|
|
find bad pointer anywhere, so I'm wondering if it isn't a compiler
|
|
problem (there's a known problem whose profile it fits). It doesn't
|
|
appear on any other platform, even in the cipher_driver stress
|
|
tests.
|
|
|
|
Planned changes
|
|
|
|
Change interface to nonces (xtd_seq_num_t) so that it uses
|
|
network byte ordering, and is consistent with other arguments.
|
|
|
|
|
|
1.3.6
|
|
|
|
Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
|
|
/dev/urandom; the latter is non-blocking on all known platforms (which
|
|
corrects some programs that seem to hang) and is actually present on
|
|
Open BSD (unlike /dev/random, which only works in the presence of
|
|
hardware supported random number generation).
|
|
|
|
Added machine/types.h case in include/integers.h.
|
|
|
|
1.3.5
|
|
|
|
Removing srtp_t::template and stream_clone().
|
|
|
|
Adding a new policy structure, which will reflect a complete SRTP
|
|
policy (including SRTCP).
|
|
|
|
This version is *incomplete* and will undergo more changes. It is
|
|
provided only as a basis for discussion.
|
|
|
|
1.3.4
|
|
|
|
Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
|
|
|
|
Changed srtp_get_trailer_length() to act on streams rather than
|
|
sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
|
|
usually be used rather than that function.
|
|
|
|
Removed 'salt' from cipher input.
|
|
|
|
Changed rdbx to use err.h error codes.
|
|
|
|
Changed malloc() and free() to xalloc() and xfree; these functions
|
|
are defined in crypto/kernel/alloc.c and declared in
|
|
include/alloc.h.
|
|
|
|
Added 'output' functions to cipher, in addition to 'encrypt'
|
|
functions. It is no longer necessary to zeroize a buffer before
|
|
encrypting in order to get keystream.
|
|
|
|
Changed octet_string_hex_string() so that "times two" isn't needed
|
|
in its input.
|
|
|
|
Added crypto_kernel_init() prior to command-line parsing, so that
|
|
kernel can be passed command-line arguments, such as "-d
|
|
debug_module". This was done to for the applications
|
|
test/srtp-driver, test/kernel-driver, and test/ust-driver.
|
|
|
|
Improved srtp_init_aes_128_prf - wrote key derivation function
|
|
(srtp_kdf_t).
|
|
|
|
Add the tag_len as an argument to the auth_compute() function, but
|
|
not the corresponding macro. This change allows the tag length for
|
|
a given auth func to be set to different values at initialization
|
|
time. Previously, the structure auth_t contained the
|
|
output_length, but that value was inaccessible from hmac_compute()
|
|
and other functions.
|
|
|
|
Re-named files from a-b.c to a_b.c. in order to help portability.
|
|
|
|
Re-named rijndael to aes (or aes_128 as appropriate).
|
|
|
|
|
|
1.2.1
|
|
|
|
Changes so that 1.2.0 compiles on cygwin-win2k.
|
|
|
|
Added better error reporting system. If syslog is present on the
|
|
OS, then it is used.
|
|
|
|
|
|
1.2.0 Many improvements and additions, and a fex fixes
|
|
|
|
Fixed endian issues in RTP header construction in the function
|
|
rtp_sendto() in srtp/rtp.c.
|
|
|
|
Implemented RIJNDAEL decryption operation, adding the functions
|
|
rijndael_decrypt() and rijndael_expand_decryption_key(). Also
|
|
re-named rijndael_expand_key() to rijndael_expand_encryption_key()
|
|
for consistency.
|
|
|
|
Implemented random number source using /dev/random, in the files
|
|
crypto/rng/rand_source.c and include/rand_source.h.
|
|
|
|
Added index check to SEAL cipher (only values less than 2^32 are
|
|
allowed)
|
|
|
|
Added test case for null_auth authentication function.
|
|
|
|
Added a timing test which tests the effect of CPU cache thrash on
|
|
cipher throughput. The test is done by the function
|
|
cipher_test_throughput_array(); the function
|
|
cipher_array_alloc_init() creates an array of ciphers for use in
|
|
this test. This test can be accessed by using the -a flag to
|
|
the application cipher-driver in the test subdirectory.
|
|
|
|
Added argument processing to ust-driver.c, and added that app to
|
|
the 'runtest' target in Makefile.in.
|
|
|
|
A minor auth_t API change: last argument of auth_init() eliminated.
|
|
|
|
|
|
1.0.6 A small but important fix
|
|
|
|
Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
|
|
after buffer allocation.
|
|
|
|
Eliminated references to no-longer-existing variables in debugging
|
|
code in srtp/srtp.c. This fixes the compilation failure that
|
|
occured when using PRINT_DEBUG in that file.
|
|
|
|
Corrected spelling of Richard Priestley's name in credits. Sorry
|
|
Richard!
|
|
|
|
|
|
1.0.5 Many little fixes
|
|
|
|
Fixed octet_string_set_to_zero(), which was writing one
|
|
more zero octet than it should. This bug caused srtp_protect()
|
|
and srtp_unprotect() to overwrite the byte that followed the
|
|
srtp packet.
|
|
|
|
Changed sizeof(uint32_t) to srtp_get_trailer_length() in
|
|
srtp-driver.c. This is just defensive coding.
|
|
|
|
Added NULL check to malloc in srtp_alloc().
|
|
|
|
|
|
1.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
|
|
|
|
Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
|
|
list. This is so that applications which do not a priori know the
|
|
ssrc which they will be receiving can still use libsrtp. Now the
|
|
SSRC value is gleaned from the rtp header and exored into the
|
|
counter mode offset in the srtp_protect() and srtp_unprotect()
|
|
functions, if that cipher is used. This change cascaed through
|
|
many other functions, including srtp_init_from_hex(),
|
|
srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
|
|
changing the CLI to test/rtpw. In the future, another function
|
|
call will be added to the library that enables multiple ssrc/key
|
|
pairs to be installed into the same srtp session, so that libsrtp
|
|
works with multiple srtp senders. For now, this functionality is
|
|
lacking.
|
|
|
|
Removed the GDOI interface to the rtpw demo program. This will be
|
|
added again at a later date, after the SRTP and GDOI distributions
|
|
stabilize. For now, I've left in the GDOI #defines and autoconf
|
|
definitions so that they'll be in place when needed.
|
|
|
|
Updated tmmhv2_compute() so that it didn't assume any particular
|
|
alginment of the output tag.
|
|
|
|
Changed bit field variables in srtp.h to unsigned char from
|
|
unsigned int in order to avoid a potential endianness issue.
|
|
|
|
Fixed rdbx_estimate_index() to handle all input cases. This solves
|
|
the now notorious "abaft" bug in the rtpw demo app on linux/intel,
|
|
in which spurious replay protection failures happen after that word
|
|
is received.
|
|
|
|
Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
|
|
from rijndael_icm_set_segment().
|
|
|
|
Added error checking and handling to srtp_sender_init() and
|
|
srtp_receiver_init().
|
|
|
|
Changed srtp_alloc() so that it does what you'd expect: allocate an
|
|
srtp_ctx_t structure. This hides the library internals.
|
|
|
|
|
|
1.0.1 Many minor fixes
|
|
|
|
Added cipher_driver_buffer_test(...) to test/cipher-driver.c. This
|
|
function checks that the byte-buffering functions used by a cipher
|
|
are correct.
|
|
|
|
Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
|
|
changed index_t to xtd_seq_num_t (see include/rdbx.h).
|
|
|
|
Fixed SEAL3.0 output byte buffering, added byte-buffering test to
|
|
cipher/cipher-driver.c.
|
|
|
|
Fixed roc-driver so that the non-sequential insertion test
|
|
automatically recovers from bad estimates. This was required to
|
|
prevent spurious failures.
|
|
|
|
Made rdbx_estimate_index(...) function smarter, so that initial RTP
|
|
sequence numbers greater than 32,768 don't cause it to estimate the
|
|
rollover counter of 0xffffffff.
|
|
|
|
|
|
1.0.0 Initial release
|
|
|