GitLab

Fix target name in install

See merge request !4

Generic pdb installation

See merge request !3

Correct installation path under Debian and derivatives

See merge request !1

Update changes preparing for 2.2.0 release

Compatibilty with LibreSSL

Set gcm IV directly with EVP_CipherInit_ex

Add extern to global variables

prevent potential double free

Fix unprotect when pktlen < (2*mki_size + tag_len)

The condition mki_start_location >= *mki_size in
srtp_get_session_keys() should use base_mki_start_location.
Now the condition is false for packets < 2*mki_size + tag_len.
But as of commit d4bd43c9 the correct condition is now checked
earlier so we simply remove the expression altogether.

If alloc of icm fails then set *c to NULL after freeing
so it will not be freed again. This is the same pattern
used when allocating other ciphers.

be consistant

be even more defensive

Prevents multiple definitions. Depending on linker
it was possible that there would be one definition per
compilation unit.

Setting the IV directly with EVP_CipherInit_ex will
save two calls to openssl and simplify the code.

There is a comment that the 3 calls are required but
I am not sure why, EVP_CTRL_GCM_SET_IV_FIXED will
just store the vector and EVP_CTRL_GCM_IV_GEN will use
it internally and then increment the last digits before
returning it in iv variable passed in.
EVP_CipherInit_ex will store the iv and use it internally.
Incrementing and retrieving the new IV is not required for
SRTP-GCM, a new IV is used for each packet.

Tested with openssl 1.0.1d & 1.0.2g

Memory access fixes

If the mki index is not valid then a NULL session
key should be returned not just defaulting to first.
This allows the protect functions to return
with error bad mki.

The srtp_get_protect_trailer_length needs to ensure
that the returned value is large enough for any of
the streams in the session.

When a session is initialized with multiple polices
it is possible to have different tag lengths for each
policy. This function provides no way to specify which
policy to use, so for now loop over all and find largest.

The current function now has limited use so suggest to make
two functions, one that takes ssrc or packet header so
correct stream can be used, second function that takes a
policy.

# Conflicts:
#	srtp/srtp.c

The session_keys array is not shared with the
template so if it was allocated just free it.

The template may not have been used for the deallocated
stream, therefore the size of the session_keys array
could be different.

Should maybe contain a pointer to template from stream
so it is explicitly known that it was used.

Fix memory access issue in srtp_get_session_keys()

logic in srtp_stream_free was not correct and could result
in memory access errors, srtp_stream_dealloc can safely be used
instead and is "more" correct.

Issue:
In srtp_get_session_keys(), when packet size (*pkt_octet_len) is
greater than auth tag length but smaller than (auth tag length + MKI
size), mki_start_location would take on incredible huge values,
leading to memory access issue when calling memcmp() on iOS platform.

Fix:
Add additional sanity check before calculating mki_start_location.

mki_index is a zero based index in the sesssion_keys
array which has a max length of num_master_keys.

Reported by Guido Vranken <guidovranken@gmail.com>

session_keys may not have been allocated yet.

reported by Guido Vranken <guidovranken@gmail.com>

Use explicit clang-format version on travis

When travis upgrade's clang it breaks current
formatting that was done with 3.9 . Better to explicitly
set the version to use.