pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/comms/asterisk Update to Asterisk 11.23.1: this is a ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/9e18cbdbf22e
branches: trunk
changeset: 353034:9e18cbdbf22e
user: jnemeth <jnemeth%pkgsrc.org@localhost>
date: Fri Sep 23 19:16:29 2016 +0000
description:
Update to Asterisk 11.23.1: this is a security fix release to fix
AST-2016-007. Note that on Oct. 25th, this branch of Asterisk will
switch to security fixes, and one year later it will read end-of-life.
pkgsrc changes:
- don't use gethostbyname_r on NetBSD
- eliminate conflict with new hmac(1) function on NetBSd
----- AST-2016-007
The overlap dialing feature in chan_sip allows chan_sip to report
to a device that the number that has been dialed is incomplete and
more digits are required. If this functionality is used with a
device that has performed username/password authentication RTP
resources are leaked. This occurs because the code fails to release
the old RTP resources before allocating new ones in this scenario.
If all resources are used then RTP port exhaustion will occur and
no RTP sessions are able to be set up.
diffstat:
comms/asterisk/Makefile | 12 +-
comms/asterisk/distinfo | 23 +-
comms/asterisk/patches/patch-configure | 31 +----
comms/asterisk/patches/patch-configure.ac | 11 +-
comms/asterisk/patches/patch-include_asterisk_sha1.h | 131 +++++++++++++++++++
5 files changed, 154 insertions(+), 54 deletions(-)
diffs (280 lines):
diff -r 0acb5ed7c2ab -r 9e18cbdbf22e comms/asterisk/Makefile
--- a/comms/asterisk/Makefile Fri Sep 23 17:55:03 2016 +0000
+++ b/comms/asterisk/Makefile Fri Sep 23 19:16:29 2016 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.140 2016/08/03 10:22:34 adam Exp $
+# $NetBSD: Makefile,v 1.141 2016/09/23 19:16:29 jnemeth Exp $
#
# NOTE: when updating this package, there are two places that sound
# tarballs need to be checked; look win ${WRKSRC}/sounds/Makefile
# to find out the current sound file versions
-DISTNAME= asterisk-11.23.0
-PKGREVISION= 1
+DISTNAME= asterisk-11.23.1
CATEGORIES= comms net audio
MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \
http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ \
@@ -165,6 +164,13 @@
SUBST_FILES.pktinfo= include/asterisk/autoconfig.h
SUBST_SED.pktinfo= -e "s|^\#define HAVE_PKTINFO 1|\#undef HAVE_PKTINFO|"
+# XXX gross hack, gethostbyname_r on NETBSD is for internal use only
+SUBST_CLASSES.NetBSD+= gethostbyname_r
+SUBST_STAGE.gethostbyname_r= post-configure
+SUBST_FILES.gethostbyname_r= include/asterisk/autoconfig.h
+SUBST_SED.gethostbyname_r= -e "s|^\#define HAVE_GETHOSTBYNAME_R_5 1|\#undef HAVE_GETHOSTBYNAME_R_5|"
+SUBST_SED.gethostbyname_r+= -e "s|^\#define HAVE_GETHOSTBYNAME_R_6 1|\#undef HAVE_GETHOSTBYNAME_R_6|"
+
RCD_SCRIPTS= asterisk
OWN_DIRS_PERMS+= ${ASTDBDIR} ${ASTERISK_USER} ${ASTERISK_GROUP} 0755
OWN_DIRS_PERMS+= ${ASTSPOOLDIR} ${ASTERISK_USER} ${ASTERISK_GROUP} 0755
diff -r 0acb5ed7c2ab -r 9e18cbdbf22e comms/asterisk/distinfo
--- a/comms/asterisk/distinfo Fri Sep 23 17:55:03 2016 +0000
+++ b/comms/asterisk/distinfo Fri Sep 23 19:16:29 2016 +0000
@@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.79 2016/07/23 08:27:44 jnemeth Exp $
+$NetBSD: distinfo,v 1.80 2016/09/23 19:16:29 jnemeth Exp $
-SHA1 (asterisk-11.23.0/asterisk-11.23.0.tar.gz) = 2bdcf8fd08a94c03372eb165ba0e64717657d01e
-RMD160 (asterisk-11.23.0/asterisk-11.23.0.tar.gz) = d416b0d14f339d032e504e4b490351ad8a0df228
-SHA512 (asterisk-11.23.0/asterisk-11.23.0.tar.gz) = 1510eadf67531408df9b25e0fe546a78dcb6cbfecda37390037598bba2627de4810b5288314d425518e23b2007ff785c5e4c952f784a6cd6ba2ff04389894112
-Size (asterisk-11.23.0/asterisk-11.23.0.tar.gz) = 35110947 bytes
-SHA1 (asterisk-11.23.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 831ae6442e23cbef1e7d1c84798778ad0b0524d1
-RMD160 (asterisk-11.23.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = d52df795201c53fc4cd7d99ed41516e312f6f0f3
-SHA512 (asterisk-11.23.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = c7d3c3fd2c854e6776801312d34bf69bbed78a443c16121637f508c5275f18b1d415cbb6e4f6f8c5aa3769cbbfa1a11485b9972053777f3ac39256c2c81729f1
-Size (asterisk-11.23.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 4256538 bytes
+SHA1 (asterisk-11.23.1/asterisk-11.23.1.tar.gz) = cae7aa5a7e1515928a255f5bd3715f67c13285d3
+RMD160 (asterisk-11.23.1/asterisk-11.23.1.tar.gz) = e789fc326db6771e3a865516241dbc47ecb73fd7
+SHA512 (asterisk-11.23.1/asterisk-11.23.1.tar.gz) = 6d067ea86a7c050b19e29d6ea25aefd23c3f32bb7d334f4e3c74bcaedaf21e4faeeab71b4fd260fc39f3e12f645c3bf89737f4c2d16f988cc66f93d4e47f80a7
+Size (asterisk-11.23.1/asterisk-11.23.1.tar.gz) = 35098451 bytes
+SHA1 (asterisk-11.23.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 831ae6442e23cbef1e7d1c84798778ad0b0524d1
+RMD160 (asterisk-11.23.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = d52df795201c53fc4cd7d99ed41516e312f6f0f3
+SHA512 (asterisk-11.23.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = c7d3c3fd2c854e6776801312d34bf69bbed78a443c16121637f508c5275f18b1d415cbb6e4f6f8c5aa3769cbbfa1a11485b9972053777f3ac39256c2c81729f1
+Size (asterisk-11.23.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 4256538 bytes
SHA1 (patch-Makefile) = 5fd774779d3c8d85936beca8a3407dd3011af2dc
SHA1 (patch-addons_chan__ooh323.c) = 57f61a2edf0f9f022e03837230ee572ec9cf47b4
SHA1 (patch-apps_app__confbridge.c) = c815905994355a19c32e8e3e2eb5dc9f1679eb29
@@ -29,14 +29,15 @@
SHA1 (patch-channels_chan__sip.c) = abde08da0038ae87401f682df9140ba0fb6e4557
SHA1 (patch-channels_sip_sdp__crypto.c) = decb6cfe0d6893db912a9087b2155c225db5e1e8
SHA1 (patch-codecs_codec__dahdi.c) = f412e1f60cb49076b8cabcd747c0f0168f1fa9e7
-SHA1 (patch-configure) = 21958865e2edac21723472fcd74c9fffc338c938
-SHA1 (patch-configure.ac) = 0d74aeb75f6ef59256e6228cd20b231039e98afc
+SHA1 (patch-configure) = 7138e0c99c17f01298787e504fa1594b5bdb8572
+SHA1 (patch-configure.ac) = 4acdf055e402c810a7e40af9ab8d6afafee60764
SHA1 (patch-contrib_scripts_vmail.cgi) = 650b9bbf3e322d1ad351932cfe6f747baa8f35e4
SHA1 (patch-funcs_func__env.c) = 30ec2c804ea69c4825fe0a888f9e982c7418c528
SHA1 (patch-funcs_func__strings.c) = 4c1db693d845691492b77bbf489764d362de2087
SHA1 (patch-include_asterisk_autoconfig.h.in) = 09a8f8d5398612fdadba25f221b16c19429f81e2
SHA1 (patch-include_asterisk_endian.h) = 41c1a9a9e02fe394bc9261f5559e931b1378ea28
SHA1 (patch-include_asterisk_lock.h) = cb1404e56de4708836091c224df439158119764c
+SHA1 (patch-include_asterisk_sha1.h) = ff5a0cdf3423cfa1b95e0215924a88db0d95331f
SHA1 (patch-include_asterisk_strings.h) = fc5987a98429ca470f7e9bdcf170d49b0c1f3407
SHA1 (patch-include_asterisk_utils.h) = 07e70fe0adf39cd9a7f94c735b9a3fa72ae3df89
SHA1 (patch-main_Makefile) = 5f9238a528d2b96777e17a4ac6d3e7876dfffb98
diff -r 0acb5ed7c2ab -r 9e18cbdbf22e comms/asterisk/patches/patch-configure
--- a/comms/asterisk/patches/patch-configure Fri Sep 23 17:55:03 2016 +0000
+++ b/comms/asterisk/patches/patch-configure Fri Sep 23 19:16:29 2016 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-configure,v 1.5 2015/10/27 08:49:01 jnemeth Exp $
+$NetBSD: patch-configure,v 1.6 2016/09/23 19:16:29 jnemeth Exp $
--- configure.orig 2015-10-09 22:23:39.000000000 +0000
+++ configure
@@ -20,35 +20,6 @@
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-@@ -14645,7 +14645,7 @@ rm -f core conftest.err conftest.$ac_obj
- LDFLAGS=${old_LDFLAGS}
- rm -f conftest.dynamics
-
--ac_fn_c_check_header_mongrel "$LINENO" "sys/poll.h" "ac_cv_header_sys_poll_h" "$ac_includes_default"
-+ac_fn_c_check_header_mongrel "$LINENO" "poll.h" "ac_cv_header_sys_poll_h" "$ac_includes_default"
- if test "x$ac_cv_header_sys_poll_h" = xyes; then :
- HAS_POLL=1
-
-@@ -16459,16 +16459,16 @@ if $(${CC} -march=native -S -o /dev/null
- if test "${CONFIG_CFLAGS}" = ""; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
- $as_echo "yes" >&6; }
-- AST_NATIVE_ARCH=1
-+ AST_NATIVE_ARCH=0
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: user CFLAGS present" >&5
- $as_echo "user CFLAGS present" >&6; }
-- AST_NATIVE_ARCH=
-+ AST_NATIVE_ARCH=0
- fi
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
- $as_echo "no" >&6; }
-- AST_NATIVE_ARCH=
-+ AST_NATIVE_ARCH=0
- fi
-
-
@@ -16968,6 +16968,148 @@ fi
diff -r 0acb5ed7c2ab -r 9e18cbdbf22e comms/asterisk/patches/patch-configure.ac
--- a/comms/asterisk/patches/patch-configure.ac Fri Sep 23 17:55:03 2016 +0000
+++ b/comms/asterisk/patches/patch-configure.ac Fri Sep 23 19:16:29 2016 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-configure.ac,v 1.3 2015/10/27 08:49:01 jnemeth Exp $
+$NetBSD: patch-configure.ac,v 1.4 2016/09/23 19:16:29 jnemeth Exp $
--- configure.ac.orig 2015-10-09 22:23:39.000000000 +0000
+++ configure.ac
@@ -32,15 +32,6 @@
)
AC_ARG_ENABLE([internal-poll],
-@@ -1049,7 +1049,7 @@ if $(${CC} -march=native -S -o /dev/null
- fi
- else
- AC_MSG_RESULT(no)
-- AST_NATIVE_ARCH=
-+ AST_NATIVE_ARCH=0
- fi
- AC_SUBST(AST_NATIVE_ARCH)
-
@@ -1162,6 +1162,9 @@ AST_C_DEFINE_CHECK([IP_MTU_DISCOVER], [I
AC_CHECK_HEADER([libkern/OSAtomic.h],
[AC_DEFINE_UNQUOTED([HAVE_OSX_ATOMICS], 1, [Define to 1 if OSX atomic operations are supported.])])
diff -r 0acb5ed7c2ab -r 9e18cbdbf22e comms/asterisk/patches/patch-include_asterisk_sha1.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/comms/asterisk/patches/patch-include_asterisk_sha1.h Fri Sep 23 19:16:29 2016 +0000
@@ -0,0 +1,131 @@
+$NetBSD: patch-include_asterisk_sha1.h,v 1.1 2016/09/23 19:16:29 jnemeth Exp $
+
+--- include/asterisk/sha1.h.orig 2016-09-08 16:28:35.000000000 +0000
++++ include/asterisk/sha1.h
+@@ -191,49 +191,6 @@ typedef struct SHA256Context SHA224Conte
+ typedef struct SHA512Context SHA384Context;
+
+ /*
+- * This structure holds context information for all SHA
+- * hashing operations.
+- */
+-typedef struct USHAContext {
+- int whichSha; /* which SHA is being used */
+- union {
+- SHA1Context sha1Context;
+- SHA224Context sha224Context; SHA256Context sha256Context;
+- SHA384Context sha384Context; SHA512Context sha512Context;
+- } ctx;
+-} USHAContext;
+-
+-/*
+- * This structure will hold context information for the HMAC
+- * keyed-hashing operation.
+- */
+-typedef struct HMACContext {
+- int whichSha; /* which SHA is being used */
+- int hashSize; /* hash size of SHA being used */
+- int blockSize; /* block size of SHA being used */
+- USHAContext shaContext; /* SHA context */
+- unsigned char k_opad[USHA_Max_Message_Block_Size];
+- /* outer padding - key XORd with opad */
+- int Computed; /* Is the MAC computed? */
+- int Corrupted; /* Cumulative corruption code */
+-
+-} HMACContext;
+-
+-/*
+- * This structure will hold context information for the HKDF
+- * extract-and-expand Key Derivation Functions.
+- */
+-typedef struct HKDFContext {
+- int whichSha; /* which SHA is being used */
+- HMACContext hmacContext;
+- int hashSize; /* hash size of SHA being used */
+- unsigned char prk[USHAMaxHashSize];
+- /* pseudo-random key - output of hkdfInput */
+- int Computed; /* Is the key material computed? */
+- int Corrupted; /* Cumulative corruption code */
+-} HKDFContext;
+-
+-/*
+ * Function Prototypes
+ */
+
+@@ -281,76 +238,6 @@ extern int SHA512FinalBits(SHA512Context
+ extern int SHA512Result(SHA512Context *,
+ uint8_t Message_Digest[SHA512HashSize]);
+
+-/* Unified SHA functions, chosen by whichSha */
+-extern int USHAReset(USHAContext *context, SHAversion whichSha);
+-extern int USHAInput(USHAContext *context,
+- const uint8_t *bytes, unsigned int bytecount);
+-extern int USHAFinalBits(USHAContext *context,
+- uint8_t bits, unsigned int bit_count);
+-extern int USHAResult(USHAContext *context,
+- uint8_t Message_Digest[USHAMaxHashSize]);
+-extern int USHABlockSize(enum SHAversion whichSha);
+-extern int USHAHashSize(enum SHAversion whichSha);
+-extern int USHAHashSizeBits(enum SHAversion whichSha);
+-extern const char *USHAHashName(enum SHAversion whichSha);
+-
+-/*
+- * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
+- * for all SHAs.
+- * This interface allows a fixed-length text input to be used.
+- */
+-extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
+- const unsigned char *text, /* pointer to data stream */
+- int text_len, /* length of data stream */
+- const unsigned char *key, /* pointer to authentication key */
+- int key_len, /* length of authentication key */
+- uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */
+-
+-/*
+- * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
+- * for all SHAs.
+- * This interface allows any length of text input to be used.
+- */
+-extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
+- const unsigned char *key, int key_len);
+-extern int hmacInput(HMACContext *context, const unsigned char *text,
+- int text_len);
+-extern int hmacFinalBits(HMACContext *context, uint8_t bits,
+- unsigned int bit_count);
+-extern int hmacResult(HMACContext *context,
+- uint8_t digest[USHAMaxHashSize]);
+-
+-/*
+- * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
+- * RFC 5869, for all SHAs.
+- */
+-extern int hkdf(SHAversion whichSha, const unsigned char *salt,
+- int salt_len, const unsigned char *ikm, int ikm_len,
+- const unsigned char *info, int info_len,
+- uint8_t okm[ ], int okm_len);
+-extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
+- int salt_len, const unsigned char *ikm,
+- int ikm_len, uint8_t prk[USHAMaxHashSize]);
+-extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
+- int prk_len, const unsigned char *info,
+- int info_len, uint8_t okm[ ], int okm_len);
+-
+-/*
+- * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
+- * RFC 5869, for all SHAs.
+- * This interface allows any length of text input to be used.
+- */
+-extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
+- const unsigned char *salt, int salt_len);
+-extern int hkdfInput(HKDFContext *context, const unsigned char *ikm,
+- int ikm_len);
+-extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
+- unsigned int ikm_bit_count);
+-extern int hkdfResult(HKDFContext *context,
+- uint8_t prk[USHAMaxHashSize],
+- const unsigned char *info, int info_len,
+- uint8_t okm[USHAMaxHashSize], int okm_len);
+-
+ /************************ sha-private.h ************************/
+ /***************** See RFC 6234 for details. *******************/
+ /*
Home |
Main Index |
Thread Index |
Old Index