OLD | NEW |
| (Empty) |
1 Changelog | |
2 | |
3 1.5.2 | |
4 | |
5 Autoconf checks for libz and libdl for buildroot support. | |
6 | |
7 Pull request 96 - Include config.h to get inline on Windows. | |
8 | |
9 Pull request 93 - Don't include AES-192 when compiling against BoringSSL. | |
10 | |
11 1.5.1 | |
12 | |
13 Pull request 95 - Additional header check from Chromium | |
14 | |
15 Pull request 94 - Add missing copyright headers. | |
16 | |
17 Pull request 90 - Fix out-of-source tree builds. | |
18 | |
19 Pull request 89 - Introduce little endian RISC support | |
20 | |
21 Pull request 86 - Add support for cross-compiling the shared library for Windo
ws and OS X | |
22 | |
23 Pull request 85 - Add -f <pcap filter> option to rtp_decoder | |
24 | |
25 Pull request 84 - Avoid problems due to unsafe macros | |
26 | |
27 Pull request 82 - Align the AES ICM nonce | |
28 | |
29 Pull request 80 - Take advantage of base64 conversion in testapps | |
30 | |
31 Pull request 75 - Cleanup: miscellaneous cleanup of initial OpenSSL AES suppor
t | |
32 | |
33 Pull request 74 - Allow testing with pcap file or capture - Issue #45 | |
34 | |
35 Other trivial fixes are included as well. Please see github for details. | |
36 | |
37 1.5.0 | |
38 | |
39 Add support for using OpenSSL crypto using the --enable-openssl | |
40 option. | |
41 | |
42 Add support for AES-GCM crypto suites. | |
43 | |
44 Add support for pkg_config. | |
45 | |
46 Add user data API to allow user to associate additional data with a | |
47 SRTP context. | |
48 | |
49 This release also includes a variety of bug fixes, which can be | |
50 viewed at: https://github.com/cisco/libsrtp/commits/master | |
51 | |
52 Note: The change log was not maintained between versions 1.3.20 and | |
53 1.4.5. | |
54 | |
55 1.3.20 | |
56 | |
57 Lots of changes. Thanks to Jeff Chan for catching a memory leak and | |
58 helping track down the endian issues with the SSRCs. | |
59 | |
60 1.3.8 | |
61 | |
62 This is an interim release. Several little-endian bugs were identified | |
63 and fixed; this means that we can use intel/linux for development again. | |
64 | |
65 Cleaned up sha1 and hmac code significantly, got rid of some excess | |
66 functions and properly documented the fuctions in the .h files. | |
67 | |
68 Eliminated some vestigial files. | |
69 | |
70 There is a SIGBUS error in the AES encrypt function on sparc | |
71 (observed on both solaris and openbsd) with gcc 2.95. Was unable to | |
72 find bad pointer anywhere, so I'm wondering if it isn't a compiler | |
73 problem (there's a known problem whose profile it fits). It doesn't | |
74 appear on any other platform, even in the cipher_driver stress | |
75 tests. | |
76 | |
77 Planned changes | |
78 | |
79 Change interface to nonces (xtd_seq_num_t) so that it uses | |
80 network byte ordering, and is consistent with other arguments. | |
81 | |
82 | |
83 1.3.6 | |
84 | |
85 Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to | |
86 /dev/urandom; the latter is non-blocking on all known platforms (which | |
87 corrects some programs that seem to hang) and is actually present on | |
88 Open BSD (unlike /dev/random, which only works in the presence of | |
89 hardware supported random number generation). | |
90 | |
91 Added machine/types.h case in include/integers.h. | |
92 | |
93 1.3.5 | |
94 | |
95 Removing srtp_t::template and stream_clone(). | |
96 | |
97 Adding a new policy structure, which will reflect a complete SRTP | |
98 policy (including SRTCP). | |
99 | |
100 This version is *incomplete* and will undergo more changes. It is | |
101 provided only as a basis for discussion. | |
102 | |
103 1.3.4 | |
104 | |
105 Removed tmmh.c and tmmh.h, which implemented version one of TMMH. | |
106 | |
107 Changed srtp_get_trailer_length() to act on streams rather than | |
108 sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should | |
109 usually be used rather than that function. | |
110 | |
111 Removed 'salt' from cipher input. | |
112 | |
113 Changed rdbx to use err.h error codes. | |
114 | |
115 Changed malloc() and free() to xalloc() and xfree; these functions | |
116 are defined in crypto/kernel/alloc.c and declared in | |
117 include/alloc.h. | |
118 | |
119 Added 'output' functions to cipher, in addition to 'encrypt' | |
120 functions. It is no longer necessary to zeroize a buffer before | |
121 encrypting in order to get keystream. | |
122 | |
123 Changed octet_string_hex_string() so that "times two" isn't needed | |
124 in its input. | |
125 | |
126 Added crypto_kernel_init() prior to command-line parsing, so that | |
127 kernel can be passed command-line arguments, such as "-d | |
128 debug_module". This was done to for the applications | |
129 test/srtp-driver, test/kernel-driver, and test/ust-driver. | |
130 | |
131 Improved srtp_init_aes_128_prf - wrote key derivation function | |
132 (srtp_kdf_t). | |
133 | |
134 Add the tag_len as an argument to the auth_compute() function, but | |
135 not the corresponding macro. This change allows the tag length for | |
136 a given auth func to be set to different values at initialization | |
137 time. Previously, the structure auth_t contained the | |
138 output_length, but that value was inaccessible from hmac_compute() | |
139 and other functions. | |
140 | |
141 Re-named files from a-b.c to a_b.c. in order to help portability. | |
142 | |
143 Re-named rijndael to aes (or aes_128 as appropriate). | |
144 | |
145 | |
146 1.2.1 | |
147 | |
148 Changes so that 1.2.0 compiles on cygwin-win2k. | |
149 | |
150 Added better error reporting system. If syslog is present on the | |
151 OS, then it is used. | |
152 | |
153 | |
154 1.2.0 Many improvements and additions, and a fex fixes | |
155 | |
156 Fixed endian issues in RTP header construction in the function | |
157 rtp_sendto() in srtp/rtp.c. | |
158 | |
159 Implemented RIJNDAEL decryption operation, adding the functions | |
160 rijndael_decrypt() and rijndael_expand_decryption_key(). Also | |
161 re-named rijndael_expand_key() to rijndael_expand_encryption_key() | |
162 for consistency. | |
163 | |
164 Implemented random number source using /dev/random, in the files | |
165 crypto/rng/rand_source.c and include/rand_source.h. | |
166 | |
167 Added index check to SEAL cipher (only values less than 2^32 are | |
168 allowed) | |
169 | |
170 Added test case for null_auth authentication function. | |
171 | |
172 Added a timing test which tests the effect of CPU cache thrash on | |
173 cipher throughput. The test is done by the function | |
174 cipher_test_throughput_array(); the function | |
175 cipher_array_alloc_init() creates an array of ciphers for use in | |
176 this test. This test can be accessed by using the -a flag to | |
177 the application cipher-driver in the test subdirectory. | |
178 | |
179 Added argument processing to ust-driver.c, and added that app to | |
180 the 'runtest' target in Makefile.in. | |
181 | |
182 A minor auth_t API change: last argument of auth_init() eliminated. | |
183 | |
184 | |
185 1.0.6 A small but important fix | |
186 | |
187 Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero() | |
188 after buffer allocation. | |
189 | |
190 Eliminated references to no-longer-existing variables in debugging | |
191 code in srtp/srtp.c. This fixes the compilation failure that | |
192 occured when using PRINT_DEBUG in that file. | |
193 | |
194 Corrected spelling of Richard Priestley's name in credits. Sorry | |
195 Richard! | |
196 | |
197 | |
198 1.0.5 Many little fixes | |
199 | |
200 Fixed octet_string_set_to_zero(), which was writing one | |
201 more zero octet than it should. This bug caused srtp_protect() | |
202 and srtp_unprotect() to overwrite the byte that followed the | |
203 srtp packet. | |
204 | |
205 Changed sizeof(uint32_t) to srtp_get_trailer_length() in | |
206 srtp-driver.c. This is just defensive coding. | |
207 | |
208 Added NULL check to malloc in srtp_alloc(). | |
209 | |
210 | |
211 1.0.4 Many minor fixes and two big ones (thanks for the bug reports!) | |
212 | |
213 Removed 'ssrc' from the srtp_init_aes_128_prf() function argument | |
214 list. This is so that applications which do not a priori know the | |
215 ssrc which they will be receiving can still use libsrtp. Now the | |
216 SSRC value is gleaned from the rtp header and exored into the | |
217 counter mode offset in the srtp_protect() and srtp_unprotect() | |
218 functions, if that cipher is used. This change cascaed through | |
219 many other functions, including srtp_init_from_hex(), | |
220 srtp_sender_init() and srtp_receiver_init() in rtp.c, and also | |
221 changing the CLI to test/rtpw. In the future, another function | |
222 call will be added to the library that enables multiple ssrc/key | |
223 pairs to be installed into the same srtp session, so that libsrtp | |
224 works with multiple srtp senders. For now, this functionality is | |
225 lacking. | |
226 | |
227 Removed the GDOI interface to the rtpw demo program. This will be | |
228 added again at a later date, after the SRTP and GDOI distributions | |
229 stabilize. For now, I've left in the GDOI #defines and autoconf | |
230 definitions so that they'll be in place when needed. | |
231 | |
232 Updated tmmhv2_compute() so that it didn't assume any particular | |
233 alginment of the output tag. | |
234 | |
235 Changed bit field variables in srtp.h to unsigned char from | |
236 unsigned int in order to avoid a potential endianness issue. | |
237 | |
238 Fixed rdbx_estimate_index() to handle all input cases. This solves | |
239 the now notorious "abaft" bug in the rtpw demo app on linux/intel, | |
240 in which spurious replay protection failures happen after that word | |
241 is received. | |
242 | |
243 Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed | |
244 from rijndael_icm_set_segment(). | |
245 | |
246 Added error checking and handling to srtp_sender_init() and | |
247 srtp_receiver_init(). | |
248 | |
249 Changed srtp_alloc() so that it does what you'd expect: allocate an | |
250 srtp_ctx_t structure. This hides the library internals. | |
251 | |
252 | |
253 1.0.1 Many minor fixes | |
254 | |
255 Added cipher_driver_buffer_test(...) to test/cipher-driver.c. This | |
256 function checks that the byte-buffering functions used by a cipher | |
257 are correct. | |
258 | |
259 Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and | |
260 changed index_t to xtd_seq_num_t (see include/rdbx.h). | |
261 | |
262 Fixed SEAL3.0 output byte buffering, added byte-buffering test to | |
263 cipher/cipher-driver.c. | |
264 | |
265 Fixed roc-driver so that the non-sequential insertion test | |
266 automatically recovers from bad estimates. This was required to | |
267 prevent spurious failures. | |
268 | |
269 Made rdbx_estimate_index(...) function smarter, so that initial RTP | |
270 sequence numbers greater than 32,768 don't cause it to estimate the | |
271 rollover counter of 0xffffffff. | |
272 | |
273 | |
274 1.0.0 Initial release | |
275 | |
OLD | NEW |