Commit graph

15 commits

Author SHA1 Message Date
wiz
2fac8e46d0 libexosip: fix libosip dependency 2022-04-17 05:25:35 +00:00
schwarz
2e124c9766 updated net/libexosip to 5.3.0: some minor changes (cf. ChangeLog) 2022-04-15 12:43:32 +00:00
nia
ab845b2028 net: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts...):

net/radsecproxy/distinfo

The following distfiles could not be fetched (fetched conditionally?):

./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
2021-10-26 11:05:20 +00:00
nia
5c85662953 net: Remove SHA1 hashes for distfiles 2021-10-07 14:41:10 +00:00
schwarz
3c8d26a718 updated net/libexosip to 5.2.0
some minor changes and bug fixes (cf. ChangeLog)
2020-12-06 23:40:21 +00:00
nia
bf602c3dad libexosip: Update to 5.1.0
eXosip2 (5.1.0) - 2020-01-16
	* new API:
	Generate random string: (low entropy, only hexa)
	int eXosip_hexa_generate_random(char *val, int val_size);
	Generate random string: (high entropy when compiled with openssl)
	int eXosip_byte_generate_random(char *val, int val_size)

	* provide more entropy with eXosip_byte_generate_random (with openssl when available).
	* fix TLS security issue reported by Alexander Traud regarding hostname validation when using NAPTR/SRV.
	* add support for epoll (detected by configured) // becomes the default on linux platforms with autotools
	* fix bug #56839: The cnonce should not be static -this is identified as replay attack by some services-.
	* fix tcp and tls connection failure detection (accelerate error detection and recovery)
	* fix: fixed a crash with DTLS

eXosip2 (5.1.0) - 2019-03-27
	* minor API update:
	  API parameter change: eXosip_call_build_ack/eXosip_call_send_ack API to use tid instead of did as parameter.

	* new API: add an API to insert one extra header in BYE:
	  int eXosip_call_terminate_with_header(struct eXosip_t *excontext, int cid, int did, const char *header_name, const char *header_value);
	  void eXosip_dnsutils_release(struct osip_naptr *naptr_record); required after usage of eXosip_dnsutils_naptr.

	* new OPTION:
	EXOSIP_OPT_SET_SESSIONTIMERS_FORCE option to force session timer to be used when remote side does not support it.

	* structure change:
	new param in eXosip_tls_credentials_t for pinning: "public_key_pinned". A file with the expected public key of server.
	If you use eXosip_tls_ctx_t/eXosip_tls_credentials_t/EXOSIP_OPT_SET_TLS_CERTIFICATES_INFO, you need to recompile.

	* fix processing response out of transaction. (avoid incorrect logs and extra work)
	* fix https://savannah.nongnu.org/bugs/?54628 where ACK was only retransmitted for initial outgoing INVITE.
	  fix: retransmit ACK for both initial INVITE and re-INVITE.
	  fix: retransmit ACK for 2xx from forking (with a BYE) even if call does not exist.
	  ACK for "old transaction" within the established dialog won't be retransmitted because the parameter only hold the latest ACK.
	* fix bug report: https://savannah.nongnu.org/bugs/index.php?54624
	  another patch to fix more issue related to cseq & PRACK.
	  The newer code better handle forking use-case with PRACK.
	  The newer code better handle several 1xx from same user.
	* fix bug report: https://savannah.nongnu.org/bugs/index.php?54624 cseq wasn't increasing after a PRACK.
	* improve portability code, detection of headers, windows compilation detection, sockaddr_storage was not correctly defined.
	* fix udp layer: set ipbuf before using it.
	* fix: allow socket descriptor to be 0 (posix requirement).
	* fix: compile with any openssl version.
	* allow compilation with OPENSSL_NO_DH, OPENSSL_NO_RSA, OPENSSL_NO_ECDH and/or OPENSSL_NO_DEPRECATED.
	* remove old windows specific RSA obsolete code.
	* add in eXtl_tls.c some explanations on usage of TLS with eXosip2. READ THEM.
	* improve reliability for naptr/srv lookup (but still a short time).
	* fix/improve _eXosip_mark_registration_expired: it was working correctly only if registration had previously failed.
	* fix: attach call/dialog to CANCEL transaction (so EXOSIP_CALL_MESSAGE_ANSWERED will be received instead of EXOSIP_MESSAGE_ANSWERED).
	* windows: fix DnsQuery to use UTF8 even if compiled without UNICODE (not applicable if you use c-ares).
	* windows: add ENUM capability and improve NAPTR/SRV record (not applicable if you use c-ares).
	* windows: you should use c-ares AND you should compile with UNICODE. (much better).
	* add ability to define a dnsserver when doing NAPTR and SRV record (c-ares only).
	* format of domain string for "eXosip_dnsutils_naptr" is "domain.com!+AUS|IP_DNSSERVER".
	* fix for on android, DNS are not available any more (restricted access) (c-ares only).
	* add support ENUM and regex for res_query API (not applicable if you use c-ares).
	* sync with newer osip: use newer osip_naptr & osip_srv_record structures to hold ENUM sip result and
	  improvements to retreive (and release) it via eXosip_dnsutils_naptr and eXosip_dnsutils_release APIs.
	* TLS improvments: simplify client and server config, add ECDH cipher suite if missing,
	  password for private key is optional, add support for public key pinning.
	* improve to report EXOSIP_CALL_NOANSWER upon transport error for INVITE for faster detection.
	* fix possible memory leak for X509 server certificate.
	* fix crash if dialog has been already closed between 200ok and a received BYE.
	* improve windows pipe replacement (use a free allocated port automatically).
	* fix to optimize detection of TCP or TLS establishement, fix to optimize sending REGISTER after establishement.
	* patch for call transfer to keep dialog after BYE, in order to be able to handle incoming/outgoing NOTIFY within calls after BYE.
	* handle incoming UPDATE from alternative dialogs in early dialog mode.
	* fix to reject any NOTIFY without established dialog coming later than 64 seconds after initial SUBSCRIBE.
	* After a NAPTR query, some DNS server returns SUCCESS without NAPTR answers. In such use-case, fallback to manual SRV records.
	* add SOCK_CLOEXEC option to sockets // add missing SO_KEEPALIVE options on TLS socket.
	* EXOSIP_OPT_ENABLE_IPV6 now support 0(ipv4 only), 1(ipv6 only) and 2(ipv4 OR ipv6).
	  With option 2, choice is made based on DNS and the stack can fallback between IPv4 and IPv6.
	* fix possible memory leak when using wrong tid for eXosip_insubscription_send_answer.
	* fix possible memory leak upon allocation error.
	* fix leak upon syntax error in parameters provided for PUBLISH.
	* fix leak upon syntax error in parameters provided for REGISTER.
	* increase size of proto_ifs for IPv6 local address.
	* RFC 2617 erratum: Errata ID: 1649 (minor issue).
	* _exosip_isipv4addr: fix checking IPv4 address (minor issue).
	* other minor updates.

eXosip2 (5.0.0)
	* major API update: add a new parameter to eXosip_call_build_prack in order to create the PRACK
	for this specific response and not for the latest.
	* major API update: removal of eX_refer.h API. REFER are now handled with subscriptions APIs.
	eXosip_refer_build_request removed
	eXosip_refer_send_request removed
	* major API update: subscription now handle both SUBSCRIBE and REFER with the same APIs:
	eXosip_subscription_build_initial_refer ADDED
	eXosip_subscribe_build_initial_request renamed eXosip_subscription_build_initial_subscribe
	eXosip_subscribe_send_initial_request renamed eXosip_subscription_send_initial_request
	eXosip_subscribe_build_refresh_request renamed eXosip_subscription_build_refresh_request
	eXosip_subscribe_send_refresh_request renamed eXosip_subscription_send_refresh_request
	eXosip_subscribe_remove renamed eXosip_subscription_remove
	EXOSIP_IN_SUBSCRIPTION_* and EXOSIP_SUBSCRIPTION_* events may now relate to REFER subscription.
	* major API change: eXosip_automatic_refresh is obsolete and has been removed.
	only use eXosip_automatic_action instead
	* API update:
	eXosip_options_send_request returns a positive transaction id (tid) on success.
	eXosip_publish returns a positive transaction id (tid) on success.
	note: eXosip_message_send_request was already returing the transaction id (tid) on success.
	* new API options:
	EXOSIP_OPT_REMOVE_PREROUTESET: to keep Route Set
	EXOSIP_OPT_SET_SIP_INSTANCE: define +sip.instance parameter in Contact headers
	EXOSIP_OPT_ENABLE_USE_EPHEMERAL_PORT: option to use/not use ephemeral port in Contact.
	EXOSIP_OPT_ENABLE_REUSE_TCP_PORT: option to reuse port.
	EXOSIP_OPT_AUTO_MASQUERADE_CONTACT: option to enable automatic masquerading for Contact headers.
	EXOSIP_OPT_UDP_LEARN_PORT: obsolete and will be removed in the future.
	EXOSIP_OPT_SET_DEFAULT_CONTACT_DISPLAYNAME: define a display name to be added in Contact headers
	* new API options: (high load traffic use-case: DO NOT USE FOR COMMON USAGE)
	EXOSIP_OPT_SET_MAX_MESSAGE_TO_READ: set the number of message to read at once for each network processing.
	EXOSIP_OPT_SET_MAX_READ_TIMEOUT: set the period in nano seconds during we read for sip message.
	EXOSIP_OPT_GET_STATISTICS: retreive numerous statistics.
	* rewrite/update autotools and ./configure options
	  --enable-pthread=[autodetect|force]
	    autodetect POSIX threads or force -DHAVE_PTHREAD [default=autodetect]
	  --enable-semaphore=[autodetect|semaphore|sysv]
	    select your prefered semaphore [default=autodetect].

	* fix selection of Contact header for 3xx (default to a tel/sip/sips one with any transport)
	* keep to call context enough time to handle redirection.
	* fix race condition for processing SRV results (not likely to happen)
	* fix bug when reading sip message longuer than 8000 over UDP and TLS.
	* improve eXosip_add_authentication_info to avoid duplicate credentials
	* if a SUBSCRIBE is rejected, the context will be released automatically
	* add failover after a DNS failure.
	* fallback to SRV even if we receive a NOTFOUND reply for NAPTR.
	* fix route set with strict router.
	* rename usage of -DHAVE_CARES_H into -DHAVE_ARES_H real name of header.
	* remove warnings mainly related to socket API (getnameinfo/bind/accept/recv/connect/sendto)
	* rewrite all loop using iterator to improve performance (useful for high load traffic)
	* rewrite Via and Contact management: both will now contains the IP of the real network interface
	  instead of the default one.
	* improve NAPTR failover, more reliable // add failover for 503 answer
	* improve interval to force REGISTER refresh upon network error and failover.
	* improve TCP socket management
	* add a callback to simplify/optimize/accelerate usage of wakelocks in android application using exosip2.
	* improve TLS, add TLSv1.1, TLSv1.2, disable weak cipher (FREAK) and enable ECDHE cipher.
	* add support for SNI tls extension (openssl 1.0.2)
	* add try/except on windows to catch possible missing qwave (windows server)
	* implement a timeout (32 seconds) for establishing a TCP and TLS connection.
	* if a connection is failing, report the failure asap.
	* fix memory leak in eXosip_call_get_referto
	* remove extra connect on socket for TCP and TLS (not allowed for tcp stream)
	* fix to correctly discard INVITE retransmission with same branch received after original INVITE was replied
	* add WSACleanup for each WSAStartup call (windows)
	* do not include contact in BYE and CANCEL
	* fix to use sips when appropriate (in Contact)
	* fix to avoid handling negative content-length
	* do not start naptr for incoming transactions.
	* fix bug when rseq is empty but exist
	* add support for QOS on windows.
	* improve connection handling/failure detection, keep alive options, in TLS, TCP, UDP.
	* update static IDs (cid/did/rid/pid) to use range from 0 to INT_MAX to avoid possible collision
	* other minor updates.
2020-03-06 13:01:47 +00:00
rillig
b686dd9180 all: migrate several HOMEPAGEs to https
pkglint --only "https instead of http" -r -F

With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.

This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
2020-01-18 23:30:43 +00:00
jperkin
26c1bffc9f *: Recursive revision bump for openssl 1.1.1. 2020-01-18 21:48:19 +00:00
jperkin
17661ff9a5 Bump PKGREVISION for security/openssl ABI bump. 2016-03-05 11:27:40 +00:00
agc
203292f73e Add SHA512 digests for distfiles for net category
Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 00:34:51 +00:00
wiz
30c75c80eb Make variable name match PKGNAME.
Caused weird failure in wip/linphone:
make[1]: don't know how to make show-var. Stop
2015-07-10 09:55:15 +00:00
schwarz
31f9b12b2b updated devel/libosip and net/libexosip to 4.1.0 each. 2014-07-12 16:48:26 +00:00
tron
73d05e2276 Recursive PKGREVISION bump for OpenSSL API version bump. 2014-02-12 23:17:32 +00:00
wiz
fafb97103a Fix typos. 2013-07-16 07:25:02 +00:00
rodent
f73648c72a Import libeXosip2-4.0.0 as net/libexosip.
libeXosip is a library that hides the complexity of using the SIP protocol
for mutlimedia session establishement.
2013-07-16 02:12:26 +00:00