From 95425c1e3aa688d0f57a7f5556fd49b291e8f68c35717ffe08370540e14e32da Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Mon, 12 Oct 2020 09:36:59 +0000 Subject: [PATCH] Accepting request 839996 from home:alois:branches:multimedia:libs - Update to version 1.4.2 New Features and Enhancements * Added support for C++11. Reworked timing and synchronization objects. Three sources of timing are now available (selected via a build option): + POSIX gettimeofday() - default build mode (affected by discontinuous jumps in the system time); + POSIX CLOCK_MONOTONIC. CMake build option: -DENABLE_MONOTONIC_CLOCK=ON. See --enable-monotonic-clock in BuildOptions.md; + C++11 std::chrono::steady_clock, std::thread, std::mutex, etc. CMake build option: -DENABLE_STDCXX_SYNC=ON. See --enable-stdcxx-sync in BuildOptions.md. * Added SRT Source Time API support. It allows setting a source timestamp on a packet that corresponds to a packet creation/reception time. See the Time Access section of the API docs. * Added an improved retransmission algorithm which reduces the retransmission overhead on a link. Set option SRTO_RETRANSMITALGO=1. * Added SRTO_BINDTODEVICE option to bind a socket to a specified NIC. SRTO_BINDTODEVICE option reflects the system option SO_BINDTODEVICE for an SRT socket. * Customizable rejection reason code. SRT library now lets the application provide a code with rejection reason (in a listener callback) if connection request has been rejected by the application. See Rejection Codes in the Access Control guide. * Added new rejection reason: on timeout. See SRT_REJ_TIMEOUT in API-functions.md. * Extended SRT statistics with pktSentUniqueTotal, pktRecvUniqueTotal. Statistics documentation now has a summary table for better navigation. * Added srt_getversion() API function. * Moved socket options documentation to a separate file APISocketOptions.md. It now has a summary table for better navigation. * Socket options SRTO_INPUTBW and SRTO_OHEADBW are now readable. * The logging functionality has been improved by means of defining new and more fine-grained Functional Areas (FA) to which log messages are assigned. This is done to prevent too many debug log messages from the library influencing performance with the debug logging turned on. Fixed Issues * Fixed bug: finding the listener's muxer only by port number was wrong. * Fixed wrong reject reason on async connect. * Fixed CSndLossList::insert with negative offset. * Fixed default binding for IPv6-target rendezvous. * Fixed HS TSBPD flags check. * Improved CRcvLossList protection from concurrent access. * Fixed error reporting on connect/accept. * Correctly handle IPv4 connections on IPv6 listener. * Fixed Moving Average for receiver and sender buffers. * Protecting RCV buffer access. * Fixed local storage depleted issue #486. * Fixed restrictions on pre-bind only options. * Avoid reporting packets rebuilt by FEC as lost. * Improved inserting a serial element into sender's loss list. * Fixed handling of stale loss report. * Fixed closing the crypto control. * Added CSync class as a high-level CV wrapper. * Renamed legacy UDT_EPOLL_* symbols. * Eliminated ref_t. Some more convention fixes. * Crypto: Reset the passphrase in memory on close for security reasons. Deprecated or Renamed * Removed deprecated socket options: SRTO_TWOWAYDATA, SRTO_TSBPDMAXLAG, SRTO_CC, SRTO_MAXMSG, SRTO_MSGTTL, SRTO_SNDPBKEYLEN, SRTO_RCVPBKEYLEN. * Removed deprecated option names: SRTO_SMOOTHER (use SRTO_CONGESTION), SRTO_STRICTENC (use SRTO_ENFORCEDENCRYPTION). version 1.4.1: Improvements * Improved periodic NAK report timing * Use monotonic clock in CTimer::sleepto() * Initial reorder tolerance set to maximum value (SRTO_LOSSMAXTTL) * Added pktReorderTolerance to stats * Use busy wait only to refine below 1 ms * Added SRTO_LOSSMAXTTL to srt_getopt() * Update SND loss list on lite ACK Fixes * Fixed catching exception from CUDTUnited::connect_complete() * Fixed missing vertical FEC/CTL packet * Fixed bandwidth measurement on non-monotonic or retransmitted packets * Fixed srt_getopt(...): optlen is not set in some cases. * Fixed EPoll update_usock * Fixed checkTimers interval (100ms -> 10 ms) * Fixed SRT Stats backward compatibility (CBytePerfMon fields order) * Fixed FEC crash when a large number of dropped packets occur * Fixed FEC crash (access item out of range) * Fixed FileCC crash. Prevented 0 pktsInFlight to be used in the calculation for loss percentage version 1.4.0: New Features and Enhancements * Updates to epoll API. Added edge-triggered epoll wait. * srt-live-transmit default chunk size set to 1456 * Added forward error correction (FEC) packet filter * Added Packet filter API * File congestion control improvements Fixed Issues * Free addrinfo if bind fails (potential memory leak) * Fixed SRTO_LOSSMAXTTL option on accepted socket * Fixed blocking srt_connect call (state update) * Fixed potential sender's sockets list overflow * Use MONOTONIC clock in Garbage Collector thread - Drop CVE-2019-15784.patch (fixed upstream) OBS-URL: https://build.opensuse.org/request/show/839996 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/srt?expand=0&rev=24 --- CVE-2019-15784.patch | 192 ------------------------------------------- srt-1.3.4.tar.gz | 3 - srt-1.4.2.tar.gz | 3 + srt.changes | 120 +++++++++++++++++++++++++++ srt.spec | 6 +- 5 files changed, 125 insertions(+), 199 deletions(-) delete mode 100644 CVE-2019-15784.patch delete mode 100644 srt-1.3.4.tar.gz create mode 100644 srt-1.4.2.tar.gz diff --git a/CVE-2019-15784.patch b/CVE-2019-15784.patch deleted file mode 100644 index 32908ce..0000000 --- a/CVE-2019-15784.patch +++ /dev/null @@ -1,192 +0,0 @@ -Index: srt-1.3.4/srtcore/queue.cpp -=================================================================== ---- srt-1.3.4.orig/srtcore/queue.cpp -+++ srt-1.3.4/srtcore/queue.cpp -@@ -256,7 +256,7 @@ void CUnitQueue::makeUnitGood(CUnit * un - - CSndUList::CSndUList(): - m_pHeap(NULL), -- m_iArrayLength(4096), -+ m_iArrayLength(512), - m_iLastEntry(-1), - m_ListLock(), - m_pWindowLock(NULL), -@@ -273,32 +273,6 @@ CSndUList::~CSndUList() - pthread_mutex_destroy(&m_ListLock); - } - --void CSndUList::insert(int64_t ts, const CUDT* u) --{ -- CGuard listguard(m_ListLock); -- -- // increase the heap array size if necessary -- if (m_iLastEntry == m_iArrayLength - 1) -- { -- CSNode** temp = NULL; -- -- try -- { -- temp = new CSNode*[m_iArrayLength * 2]; -- } -- catch(...) -- { -- return; -- } -- -- memcpy(temp, m_pHeap, sizeof(CSNode*) * m_iArrayLength); -- m_iArrayLength *= 2; -- delete [] m_pHeap; -- m_pHeap = temp; -- } -- -- insert_(ts, u); --} - - void CSndUList::update(const CUDT* u, EReschedule reschedule) - { -@@ -319,6 +293,8 @@ void CSndUList::update(const CUDT* u, ER - } - - remove_(u); -+ insert_norealloc_(1, u); -+ return; - } - - insert_(1, u); -@@ -366,7 +342,7 @@ int CSndUList::pop(sockaddr*& addr, CPac - - // insert a new entry, ts is the next processing time - if (ts > 0) -- insert_(ts, u); -+ insert_norealloc_(ts, u); - - return 1; - } -@@ -388,14 +364,47 @@ uint64_t CSndUList::getNextProcTime() - return m_pHeap[0]->m_llTimeStamp_tk; - } - -+ -+void CSndUList::realloc_() -+{ -+ CSNode** temp = NULL; -+ -+ try -+ { -+ temp = new CSNode *[2 * m_iArrayLength]; -+ } -+ catch (...) -+ { -+ throw CUDTException(MJ_SYSTEMRES, MN_MEMORY, 0); -+ } -+ -+ memcpy(temp, m_pHeap, sizeof(CSNode*) * m_iArrayLength); -+ m_iArrayLength *= 2; -+ delete[] m_pHeap; -+ m_pHeap = temp; -+} -+ -+ - void CSndUList::insert_(int64_t ts, const CUDT* u) - { -+ // increase the heap array size if necessary -+ if (m_iLastEntry == m_iArrayLength - 1) -+ realloc_(); -+ -+ insert_norealloc_(ts, u); -+} -+ -+ -+void CSndUList::insert_norealloc_(int64_t ts, const CUDT* u) -+{ - CSNode* n = u->m_pSNode; - - // do not insert repeated node - if (n->m_iHeapLoc >= 0) - return; - -+ SRT_ASSERT(m_iLastEntry < m_iArrayLength); -+ - m_iLastEntry ++; - m_pHeap[m_iLastEntry] = n; - n->m_llTimeStamp_tk = ts; -@@ -405,16 +414,12 @@ void CSndUList::insert_(int64_t ts, cons - while (p != 0) - { - p = (q - 1) >> 1; -- if (m_pHeap[p]->m_llTimeStamp_tk > m_pHeap[q]->m_llTimeStamp_tk) -- { -- CSNode* t = m_pHeap[p]; -- m_pHeap[p] = m_pHeap[q]; -- m_pHeap[q] = t; -- t->m_iHeapLoc = q; -- q = p; -- } -- else -- break; -+ if (m_pHeap[p]->m_llTimeStamp_tk <= m_pHeap[q]->m_llTimeStamp_tk) -+ break; -+ -+ swap(m_pHeap[p], m_pHeap[q]); -+ m_pHeap[q]->m_iHeapLoc = q; -+ q = p; - } - - n->m_iHeapLoc = q; -@@ -452,10 +457,8 @@ void CSndUList::remove_(const CUDT* u) - - if (m_pHeap[q]->m_llTimeStamp_tk > m_pHeap[p]->m_llTimeStamp_tk) - { -- CSNode* t = m_pHeap[p]; -- m_pHeap[p] = m_pHeap[q]; -- m_pHeap[p]->m_iHeapLoc = p; -- m_pHeap[q] = t; -+ swap(m_pHeap[p], m_pHeap[q]); -+ m_pHeap[p]->m_iHeapLoc = p; - m_pHeap[q]->m_iHeapLoc = q; - - q = p; -Index: srt-1.3.4/srtcore/queue.h -=================================================================== ---- srt-1.3.4.orig/srtcore/queue.h -+++ srt-1.3.4/srtcore/queue.h -@@ -166,12 +166,6 @@ public: - - static EReschedule rescheduleIf(bool cond) { return cond ? DO_RESCHEDULE : DONT_RESCHEDULE; } - -- /// Insert a new UDT instance into the list. -- /// @param [in] ts time stamp: next processing time -- /// @param [in] u pointer to the UDT instance -- -- void insert(int64_t ts, const CUDT* u); -- - /// Update the timestamp of the UDT instance on the list. - /// @param [in] u pointer to the UDT instance - /// @param [in] resechedule if the timestampe shoudl be rescheduled -@@ -196,7 +190,26 @@ public: - uint64_t getNextProcTime(); - - private: -+ -+ /// Doubles the size of the list. -+ /// -+ void realloc_(); -+ -+ /// Insert a new UDT instance into the list with realloc if required. -+ /// -+ /// @param [in] ts time stamp: next processing time -+ /// @param [in] u pointer to the UDT instance - void insert_(int64_t ts, const CUDT* u); -+ -+ /// Insert a new UDT instance into the list without realloc. -+ /// Should be called if there is a gauranteed space for the element. -+ /// -+ /// @param [in] ts time stamp: next processing time -+ /// @param [in] u pointer to the UDT instance -+ -+ void insert_norealloc_(int64_t ts, const CUDT* u); -+ -+ - void remove_(const CUDT* u); - - private: diff --git a/srt-1.3.4.tar.gz b/srt-1.3.4.tar.gz deleted file mode 100644 index 2dcaca9..0000000 --- a/srt-1.3.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d3ddf3ad89eb93a4dbf44046775eb63e04780cc536781490d65321d78d4b19de -size 874289 diff --git a/srt-1.4.2.tar.gz b/srt-1.4.2.tar.gz new file mode 100644 index 0000000..090b01b --- /dev/null +++ b/srt-1.4.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:28a308e72dcbb50eb2f61b50cc4c393c413300333788f3a8159643536684a0c4 +size 1538231 diff --git a/srt.changes b/srt.changes index 0473502..668e294 100644 --- a/srt.changes +++ b/srt.changes @@ -1,3 +1,123 @@ +------------------------------------------------------------------- +Wed Oct 7 09:01:37 UTC 2020 - Luigi Baldoni + +- Update to version 1.4.2 + New Features and Enhancements + * Added support for C++11. Reworked timing and + synchronization objects. Three sources of timing are now + available (selected via a build option): + + POSIX gettimeofday() - default build mode (affected by + discontinuous jumps in the system time); + + POSIX CLOCK_MONOTONIC. CMake build option: + -DENABLE_MONOTONIC_CLOCK=ON. See --enable-monotonic-clock + in BuildOptions.md; + + C++11 std::chrono::steady_clock, std::thread, + std::mutex, etc. CMake build option: + -DENABLE_STDCXX_SYNC=ON. See --enable-stdcxx-sync in + BuildOptions.md. + * Added SRT Source Time API support. It allows setting a + source timestamp on a packet that corresponds to a packet + creation/reception time. See the Time Access section of + the API docs. + * Added an improved retransmission algorithm which reduces + the retransmission overhead on a link. Set option + SRTO_RETRANSMITALGO=1. + * Added SRTO_BINDTODEVICE option to bind a socket to a + specified NIC. SRTO_BINDTODEVICE option reflects the + system option SO_BINDTODEVICE for an SRT socket. + * Customizable rejection reason code. SRT library now lets + the application provide a code with rejection reason (in a + listener callback) if connection request has been rejected + by the application. See Rejection Codes in the Access + Control guide. + * Added new rejection reason: on timeout. See + SRT_REJ_TIMEOUT in API-functions.md. + * Extended SRT statistics with pktSentUniqueTotal, + pktRecvUniqueTotal. Statistics documentation now has a + summary table for better navigation. + * Added srt_getversion() API function. + * Moved socket options documentation to a separate file + APISocketOptions.md. It now has a summary table for better + navigation. + * Socket options SRTO_INPUTBW and SRTO_OHEADBW are now + readable. + * The logging functionality has been improved by means of + defining new and more fine-grained Functional Areas (FA) + to which log messages are assigned. This is done to prevent + too many debug log messages from the library influencing + performance with the debug logging turned on. + Fixed Issues + * Fixed bug: finding the listener's muxer only by port + number was wrong. + * Fixed wrong reject reason on async connect. + * Fixed CSndLossList::insert with negative offset. + * Fixed default binding for IPv6-target rendezvous. + * Fixed HS TSBPD flags check. + * Improved CRcvLossList protection from concurrent access. + * Fixed error reporting on connect/accept. + * Correctly handle IPv4 connections on IPv6 listener. + * Fixed Moving Average for receiver and sender buffers. + * Protecting RCV buffer access. + * Fixed local storage depleted issue #486. + * Fixed restrictions on pre-bind only options. + * Avoid reporting packets rebuilt by FEC as lost. + * Improved inserting a serial element into sender's loss + list. + * Fixed handling of stale loss report. + * Fixed closing the crypto control. + * Added CSync class as a high-level CV wrapper. + * Renamed legacy UDT_EPOLL_* symbols. + * Eliminated ref_t. Some more convention fixes. + * Crypto: Reset the passphrase in memory on close for + security reasons. + Deprecated or Renamed + * Removed deprecated socket options: SRTO_TWOWAYDATA, + SRTO_TSBPDMAXLAG, SRTO_CC, SRTO_MAXMSG, SRTO_MSGTTL, + SRTO_SNDPBKEYLEN, SRTO_RCVPBKEYLEN. + * Removed deprecated option names: SRTO_SMOOTHER (use + SRTO_CONGESTION), SRTO_STRICTENC (use + SRTO_ENFORCEDENCRYPTION). + version 1.4.1: + Improvements + * Improved periodic NAK report timing + * Use monotonic clock in CTimer::sleepto() + * Initial reorder tolerance set to maximum value + (SRTO_LOSSMAXTTL) + * Added pktReorderTolerance to stats + * Use busy wait only to refine below 1 ms + * Added SRTO_LOSSMAXTTL to srt_getopt() + * Update SND loss list on lite ACK + Fixes + * Fixed catching exception from + CUDTUnited::connect_complete() + * Fixed missing vertical FEC/CTL packet + * Fixed bandwidth measurement on non-monotonic or + retransmitted packets + * Fixed srt_getopt(...): optlen is not set in some cases. + * Fixed EPoll update_usock + * Fixed checkTimers interval (100ms -> 10 ms) + * Fixed SRT Stats backward compatibility (CBytePerfMon + fields order) + * Fixed FEC crash when a large number of dropped packets + occur + * Fixed FEC crash (access item out of range) + * Fixed FileCC crash. Prevented 0 pktsInFlight to be used in + the calculation for loss percentage + version 1.4.0: + New Features and Enhancements + * Updates to epoll API. Added edge-triggered epoll wait. + * srt-live-transmit default chunk size set to 1456 + * Added forward error correction (FEC) packet filter + * Added Packet filter API + * File congestion control improvements + Fixed Issues + * Free addrinfo if bind fails (potential memory leak) + * Fixed SRTO_LOSSMAXTTL option on accepted socket + * Fixed blocking srt_connect call (state update) + * Fixed potential sender's sockets list overflow + * Use MONOTONIC clock in Garbage Collector thread +- Drop CVE-2019-15784.patch (fixed upstream) + ------------------------------------------------------------------- Fri Dec 13 15:23:23 UTC 2019 - Dominique Leuenberger diff --git a/srt.spec b/srt.spec index c719632..83bb8c3 100644 --- a/srt.spec +++ b/srt.spec @@ -1,7 +1,7 @@ # # spec file for package srt # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define sover 1 Name: srt -Version: 1.3.4 +Version: 1.4.2 Release: 0 Summary: Secure Reliable Transport (SRT) License: MPL-2.0 @@ -27,8 +27,6 @@ Group: Development/Libraries/C and C++ URL: https://www.srtalliance.org Source0: https://github.com/Haivision/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source99: baselibs.conf -Patch0: CVE-2019-15784.patch - BuildRequires: cmake BuildRequires: fdupes BuildRequires: gcc-c++