summaryrefslogtreecommitdiff
path: root/net-libs/libsrtp
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2015-08-08 13:49:04 -0700
committerRobin H. Johnson <robbat2@gentoo.org>2015-08-08 17:38:18 -0700
commit56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch)
tree3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-libs/libsrtp
downloadgentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.xz
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-libs/libsrtp')
-rw-r--r--net-libs/libsrtp/Manifest3
-rw-r--r--net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch11
-rw-r--r--net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch52
-rw-r--r--net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch55
-rw-r--r--net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch19
-rw-r--r--net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch13
-rw-r--r--net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff46
-rw-r--r--net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch19
-rw-r--r--net-libs/libsrtp/libsrtp-1.4.4-r1.ebuild76
-rw-r--r--net-libs/libsrtp/libsrtp-1.4.4-r2.ebuild75
-rw-r--r--net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild77
-rw-r--r--net-libs/libsrtp/libsrtp-1.4.4_p20121108.ebuild74
-rw-r--r--net-libs/libsrtp/libsrtp-1.5.2-r1.ebuild80
-rw-r--r--net-libs/libsrtp/libsrtp-1.5.2.ebuild76
-rw-r--r--net-libs/libsrtp/metadata.xml20
15 files changed, 696 insertions, 0 deletions
diff --git a/net-libs/libsrtp/Manifest b/net-libs/libsrtp/Manifest
new file mode 100644
index 00000000000..317420782dc
--- /dev/null
+++ b/net-libs/libsrtp/Manifest
@@ -0,0 +1,3 @@
+DIST libsrtp-1.5.2.tar.gz 1690272 SHA256 86e1efe353397c0751f6bdd709794143bd1b76494412860f16ff2b6d9c304eda SHA512 fb09252edaca6da5b579fae34d3b6382ee0cf61a706e38283158ef10c879b9a0f80cfd0c354852e771b4649288dd5cc41158a4e046e8073cf26a586dfd41b024 WHIRLPOOL 973f27db06b725ca641a5c13184083926dbe0fd99ab18604b1d2d40fa0ab5118e9b978d729502a32bc25d05d6264ee501ff94f72e6dafd46588092f678f0a4c5
+DIST srtp-1.4.4.tgz 502890 SHA256 d9c2cbb1c95172ed2dc963eff0d6ce1072326dc81cb1dd38414e9f0e430af314 SHA512 951bfec212f579daae4a5a7fc9eded163dd6790da2e3840629dbeac36d7d960f95a1f1b844505629c7815816515f0784bf9b6e1c47f2986416ec04ec9d4b7564 WHIRLPOOL 82b01ce07de0c7b82d5f99b2fda6c72653e2927c3838a15dd1bb7e36725846599f2a96675dcf5ddfd7dcab9210f554b30fcf9bcb3806a60aa732d56926a4c07f
+DIST srtp-1.4.4_p20121108.tar.gz 485875 SHA256 ebc0b7b27f5ab669a058c82f62b1c96298a961d54633d7041e776bca19a4f295 SHA512 a6bf2674babed512bd90fd11d63adecf4ddf357d26652f321651fcc42d932d3d9f8713ecab4bdcddb026106a2d5bfbac0a626938f70822f5b1ee05881bb823d9 WHIRLPOOL 27296c776d60688dfa3c655999b6a87828036f9a71cff7a9ea9d1f0c6c5afa787eb625fb4ec9254b0eda459769fc0ca41cf4c1eaa38053cd365243c101f444bd
diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch b/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch
new file mode 100644
index 00000000000..90a8f019fd4
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-1.4.4-invalid-index.patch
@@ -0,0 +1,11 @@
+--- srtp/crypto/replay/rdb.c.orig 2012-03-20 14:52:32.890017830 +0100
++++ srtp/crypto/replay/rdb.c 2012-03-20 14:56:31.670017835 +0100
+@@ -115,7 +115,7 @@
+
+ /* shift the window forward by delta bits*/
+ v128_left_shift(&rdb->bitmask, delta);
+- v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-delta);
++ v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-1);
+ rdb->window_start += delta;
+
+ }
diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch b/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch
new file mode 100644
index 00000000000..43b8843603c
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch
@@ -0,0 +1,52 @@
+--- srtp/Makefile.in
++++ srtp/Makefile.in
+@@ -65,11 +65,11 @@
+
+
+ # implicit rules for object files and test apps
+
+ %.o: %.c
+- $(COMPILE) -c $< -o $@
++ $(COMPILE) -fPIC -c $< -o $@
+
+ %$(EXE): %.c
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
+
+
+@@ -103,10 +103,16 @@
+
+ libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
+ ar cr libsrtp.a $^
+ $(RANLIB) libsrtp.a
+
++libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
++ $(CC) $(LDFLAGS) -shared -Wl,-soname,libsrtp.so.1 -o libsrtp.so.1.0 $^
++
++libsrtp.dylib: $(srtpobj) $(cryptobj) $(gdoi)
++ $(CC) $(LDFLAGS) -dynamiclib -install_name $(libdir)/libsrtp.1.dylib -o libsrtp.1.0.dylib $^
++
+ # libcryptomath.a contains general-purpose routines that are used to
+ # generate tables and verify cryptoalgorithm implementations - this
+ # library is not meant to be included in production code
+
+ cryptomath = crypto/math/math.o crypto/math/gf2_8.o
+@@ -195,10 +198,20 @@
+ $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
+ $(INSTALL) -d $(DESTDIR)$(libdir)
+ cp include/*.h $(DESTDIR)$(includedir)/srtp
+ cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp
+ if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
++ if [ -f libsrtp.so.1.0 ]; then \
++ cp libsrtp.so.1.0 $(DESTDIR)$(libdir)/; \
++ ln -s libsrtp.so.1.0 $(DESTDIR)$(libdir)/libsrtp.so.1; \
++ ln -s libsrtp.so.1.0 $(DESTDIR)$(libdir)/libsrtp.so; \
++ fi
++ if [ -f libsrtp.1.0.dylib ]; then \
++ cp libsrtp.1.0.dylib $(DESTDIR)$(libdir)/; \
++ ln -s libsrtp.1.0.dylib $(DESTDIR)$(libdir)/libsrtp.1.dylib; \
++ ln -s libsrtp.1.0.dylib $(DESTDIR)$(libdir)/libsrtp.dylib; \
++ fi
+
+ uninstall:
+ rm -rf $(DESTDIR)$(includedir)/srtp
+ rm -rf $(DESTDIR)$(libdir)/libsrtp.a
diff --git a/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch b/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch
new file mode 100644
index 00000000000..4e70a0ddd34
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-1.4.4_p20121108-shared.patch
@@ -0,0 +1,55 @@
+Description: Hack build routines to compile shared library
+Author: loki_val and solar
+Origin: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/libsrtp/files/libsrtp-1.4.4-shared.patch
+Last-Update: 2010-03-19
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -15,7 +15,7 @@
+
+ .PHONY: all test build_table_apps
+
+-all: test
++all: libsrtp.so test
+
+ runtest: build_table_apps test
+ @echo "running libsrtp test applications..."
+@@ -67,7 +67,7 @@
+ # implicit rules for object files and test apps
+
+ %.o: %.c
+- $(COMPILE) -c $< -o $@
++ $(COMPILE) -fPIC -c $< -o $@
+
+ %$(EXE): %.c
+ $(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
+@@ -105,6 +105,9 @@
+ ar cr libsrtp.a $^
+ $(RANLIB) libsrtp.a
+
++libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
++ $(CC) $(LDFLAGS) -shared -Wl,-soname,libsrtp.so.0 -o libsrtp.so.0.0 $^
++
+ # libcryptomath.a contains general-purpose routines that are used to
+ # generate tables and verify cryptoalgorithm implementations - this
+ # library is not meant to be included in production code
+@@ -198,6 +201,11 @@
+ cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
+ if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
+ if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
++ if [ -f libsrtp.so.0.0 ]; then \
++ cp libsrtp.so.0.0 $(DESTDIR)$(libdir)/; \
++ ln -s libsrtp.so.0.0 $(DESTDIR)$(libdir)/libsrtp.so.0; \
++ ln -s libsrtp.so.0.0 $(DESTDIR)$(libdir)/libsrtp.so; \
++ fi
+
+ uninstall:
+ rm -f $(DESTDIR)$(includedir)/srtp/*.h
+@@ -206,7 +214,7 @@
+
+ clean:
+ rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
+- libcryptomath.a libsrtp.a core *.core test/core
++ libcryptomath.a libsrtp.a libsrtp.so.0.0 core *.core test/core
+ for a in * */* */*/*; do \
+ if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
+ done;
diff --git a/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch b/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch
new file mode 100644
index 00000000000..2c71faf48ba
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-1.5.2-bindir.patch
@@ -0,0 +1,19 @@
+diff --git a/Makefile.in b/Makefile.in
+index 1a40de2..02f090c 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -252,13 +252,13 @@ libsrtpdoc:
+ install:
+ $(INSTALL) -d $(DESTDIR)$(includedir)/srtp
+ $(INSTALL) -d $(DESTDIR)$(libdir)
+- $(INSTALL) -d $(DESTDIR)$(bindir)
+ cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
+ cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
+ if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
+ if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.dll.a ]; then cp libsrtp.dll.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.$(SHAREDLIBSUFFIX) ]; then \
++ $(INSTALL) -d $(DESTDIR)$(SHAREDLIB_DIR); \
+ cp libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \
+ ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBSUFFIXNOVER); \
+ fi
diff --git a/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch b/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch
new file mode 100644
index 00000000000..f3f1f0e5c1a
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-1.5.2-fix-make-install.patch
@@ -0,0 +1,13 @@
+diff --git a/Makefile.in b/Makefile.in
+index 002d25d..1a40de2 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -260,7 +260,7 @@ install:
+ if [ -f libsrtp.dll.a ]; then cp libsrtp.dll.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.$(SHAREDLIBSUFFIX) ]; then \
+ cp libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \
+- cp libsrtp.$(SHAREDLIBSUFFIXNOVER) $(DESTDIR)$(SHAREDLIB_DIR)/; \
++ ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBSUFFIXNOVER); \
+ fi
+ if [ "$(pkgconfig_DATA)" != "" ]; then \
+ $(INSTALL) -d $(DESTDIR)$(pkgconfigdir); \
diff --git a/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff
new file mode 100644
index 00000000000..dcafe177638
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff
@@ -0,0 +1,46 @@
+diff --git a/srtp/srtp.c b/srtp/srtp.c
+index 839c1ee..7fd19e6 100644
+--- a/srtp/srtp.c
++++ b/srtp/srtp.c
+@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_80:
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
+@@ -2100,6 +2095,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+@@ -2109,6 +2106,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
diff --git a/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch b/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch
new file mode 100644
index 00000000000..2457e4d9616
--- /dev/null
+++ b/net-libs/libsrtp/files/libsrtp-pcap-automagic-r0.patch
@@ -0,0 +1,19 @@
+--- configure.in.orig 2015-03-25 15:37:31.953386365 +0000
++++ configure.in 2015-03-25 15:39:49.192183689 +0000
+@@ -182,6 +182,8 @@
+ AC_SUBST(HMAC_OBJS)
+
+ dnl Checking for PCAP
++AC_ARG_ENABLE([pcap], AS_HELP_STRING([--disable-pcap], [Build without `pcap' library (-lpcap)]))
++AS_IF([test "x$enable_pcap" != "xno"], [
+ AC_CHECK_LIB([pcap],[pcap_create],
+ [PCAP=1
+ LIBS="-lpcap $LIBS"
+@@ -189,6 +191,7 @@
+ AC_DEFINE(HAVE_PCAP, 1, [Define to 1 if you have the `pcap' library (-lpcap)])
+ AC_SUBST(HAVE_PCAP)
+ ])
++])
+
+ AC_MSG_CHECKING(whether to use syslog for error reporting)
+ AC_ARG_ENABLE(syslog,
diff --git a/net-libs/libsrtp/libsrtp-1.4.4-r1.ebuild b/net-libs/libsrtp/libsrtp-1.4.4-r1.ebuild
new file mode 100644
index 00000000000..a1a0db620c5
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.4.4-r1.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+inherit eutils multilib
+
+MY_PN="srtp"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="http://srtp.sourceforge.net/srtp.html"
+SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="alpha amd64 ~hppa ia64 ppc ppc64 -sparc x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc syslog"
+
+S=${WORKDIR}/${MY_PN}
+
+src_prepare() {
+ # generate a shared lib
+ epatch "${FILESDIR}"/${P}-shared.patch
+}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ # target all is building test
+ emake ${PN}.a ${PN}$(get_libname) || die "emake failed"
+}
+
+src_test() {
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c \
+ || die "fixing getopt errors failed"
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh \
+ || die "patching test/rtpw_test.sh failed"
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c \
+ || die "patching test/rtpw.c failed"
+
+ emake test || die "building test failed"
+ emake -j1 runtest || die "tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ dodoc CHANGES README TODO || die "dodoc failed"
+
+ if use doc; then
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ dodoc doc/*.txt doc/${PN}.pdf || die "dodoc failed"
+ fi
+}
diff --git a/net-libs/libsrtp/libsrtp-1.4.4-r2.ebuild b/net-libs/libsrtp/libsrtp-1.4.4-r2.ebuild
new file mode 100644
index 00000000000..2d0d4b7c17b
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.4.4-r2.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit base multilib
+
+MY_PN="srtp"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="http://srtp.sourceforge.net/srtp.html"
+SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc static-libs syslog"
+PATCHES=( "${FILESDIR}/${P}-shared.patch"
+ "${FILESDIR}/${P}-invalid-index.patch" )
+
+S=${WORKDIR}/${MY_PN}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ if use static-libs; then
+ emake ${PN}.a || die "Failed to build static library"
+ fi
+ emake ${PN}$(get_libname) || die "Failed to build dynamic library"
+}
+
+src_test() {
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c \
+ || die "fixing getopt errors failed"
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh \
+ || die "patching test/rtpw_test.sh failed"
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c \
+ || die "patching test/rtpw.c failed"
+
+ emake test || die "building test failed"
+ emake -j1 runtest || die "tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ dodoc CHANGES README TODO || die "dodoc failed"
+
+ if use doc; then
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ dodoc doc/*.txt doc/${PN}.pdf || die "dodoc failed"
+ fi
+}
diff --git a/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild b/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild
new file mode 100644
index 00000000000..992fe0cff79
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild
@@ -0,0 +1,77 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit base multilib
+
+MY_PN="srtp"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="http://srtp.sourceforge.net/srtp.html"
+SRC_URI="http://dev.gentoo.org/~phajdan.jr/${MY_P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm ~hppa ia64 ppc ppc64 -sparc x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc static-libs syslog"
+PATCHES=(
+ "${FILESDIR}/${P}-shared.patch"
+ "${FILESDIR}/${PN}-CVE-2013-2139.diff"
+ )
+
+S=${WORKDIR}/${MY_PN}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ if use static-libs; then
+ emake ${PN}.a || die "Failed to build static library"
+ fi
+ emake ${PN}$(get_libname) || die "Failed to build dynamic library"
+}
+
+src_test() {
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c \
+ || die "fixing getopt errors failed"
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh \
+ || die "patching test/rtpw_test.sh failed"
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c \
+ || die "patching test/rtpw.c failed"
+
+ emake test || die "building test failed"
+ emake -j1 runtest || die "tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ dodoc CHANGES README TODO || die "dodoc failed"
+
+ if use doc; then
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ dodoc doc/*.txt doc/${PN}.pdf || die "dodoc failed"
+ fi
+}
diff --git a/net-libs/libsrtp/libsrtp-1.4.4_p20121108.ebuild b/net-libs/libsrtp/libsrtp-1.4.4_p20121108.ebuild
new file mode 100644
index 00000000000..a8d1fd56b63
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.4.4_p20121108.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="4"
+
+inherit base multilib
+
+MY_PN="srtp"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="http://srtp.sourceforge.net/srtp.html"
+SRC_URI="http://dev.gentoo.org/~phajdan.jr/${MY_P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm ~hppa ia64 ppc ppc64 -sparc x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc static-libs syslog"
+PATCHES=( "${FILESDIR}/${P}-shared.patch" )
+
+S=${WORKDIR}/${MY_PN}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ if use static-libs; then
+ emake ${PN}.a || die "Failed to build static library"
+ fi
+ emake ${PN}$(get_libname) || die "Failed to build dynamic library"
+}
+
+src_test() {
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c \
+ || die "fixing getopt errors failed"
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh \
+ || die "patching test/rtpw_test.sh failed"
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c \
+ || die "patching test/rtpw.c failed"
+
+ emake test || die "building test failed"
+ emake -j1 runtest || die "tests failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ dodoc CHANGES README TODO || die "dodoc failed"
+
+ if use doc; then
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ dodoc doc/*.txt doc/${PN}.pdf || die "dodoc failed"
+ fi
+}
diff --git a/net-libs/libsrtp/libsrtp-1.5.2-r1.ebuild b/net-libs/libsrtp/libsrtp-1.5.2-r1.ebuild
new file mode 100644
index 00000000000..ff18b97953d
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.5.2-r1.ebuild
@@ -0,0 +1,80 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit autotools eutils
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="https://github.com/cisco/libsrtp"
+SRC_URI="https://github.com/cisco/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0/1"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc openssl static-libs syslog test"
+
+DEPEND="openssl? ( dev-libs/openssl:0 )"
+RDEPEND="${DEPEND}"
+
+DOCS=( CHANGES README TODO )
+
+src_prepare() {
+ epatch "${FILESDIR}/${PN}-pcap-automagic-r0.patch"
+ epatch "${FILESDIR}/${P}-fix-make-install.patch"
+ epatch "${FILESDIR}/${P}-bindir.patch"
+
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c || die
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh || die
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die
+
+ eautoreconf
+}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ # pcap: seems to be test-only
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ --disable-pcap \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable openssl) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ use static-libs && emake ${PN}.a
+ emake shared_library
+ use test && emake test
+}
+
+src_test() {
+ LD_LIBRARY_PATH="${S}" emake -j1 runtest
+
+ # Makefile.in has '$(testapp): libsrtp.a'
+ if use !static-libs; then
+ rm libsrtp.a || die
+ fi
+}
+
+src_install() {
+ default
+
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ use doc && dodoc doc/*.txt doc/${PN}.pdf
+}
diff --git a/net-libs/libsrtp/libsrtp-1.5.2.ebuild b/net-libs/libsrtp/libsrtp-1.5.2.ebuild
new file mode 100644
index 00000000000..9b896e397b3
--- /dev/null
+++ b/net-libs/libsrtp/libsrtp-1.5.2.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit autotools base multilib
+
+DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)"
+HOMEPAGE="https://github.com/cisco/libsrtp"
+SRC_URI="https://github.com/cisco/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="aesicm console debug doc openssl static-libs syslog"
+
+DEPEND="openssl? ( dev-libs/openssl:0 )"
+RDEPEND="${DEPEND}"
+
+src_prepare() {
+ epatch "${FILESDIR}/${PN}-pcap-automagic-r0.patch"
+ eautoreconf || die
+}
+
+src_configure() {
+ # stdout: default error output for messages in debug
+ # kernel-linux: breaks the build
+ # gdoi: disabled by upstream and breaks the build
+ # pcap: seems to be test-only
+ econf \
+ --enable-stdout \
+ --disable-kernel-linux \
+ --disable-gdoi \
+ --disable-pcap \
+ $(use_enable aesicm generic-aesicm) \
+ $(use_enable console) \
+ $(use_enable debug) \
+ $(use_enable openssl) \
+ $(use_enable syslog)
+}
+
+src_compile() {
+ if use static-libs; then
+ emake ${PN}.a || die
+ fi
+ emake shared_library || die
+}
+
+src_test() {
+ # getopt returns an int, not a char
+ sed -i -e "s/char q/int q/" \
+ test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c || die
+
+ # test/rtpw_test.sh is assuming . is in $PATH
+ sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh || die
+
+ # test/rtpw.c is using /usr/share/dict/words assuming it exists
+ # using test/rtpw.c guaratees the file exists in any case
+ sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die
+
+ emake test || die
+ emake -j1 runtest || die
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die
+
+ dodoc CHANGES README TODO || die
+
+ if use doc; then
+ # libsrtp.pdf can also be generated with doxygen
+ # but it would be a waste of time as an up-to-date version is built
+ dodoc doc/*.txt doc/${PN}.pdf || die
+ fi
+}
diff --git a/net-libs/libsrtp/metadata.xml b/net-libs/libsrtp/metadata.xml
new file mode 100644
index 00000000000..f4ee7e9f96f
--- /dev/null
+++ b/net-libs/libsrtp/metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>chromium</herd>
+ <maintainer>
+ <email>chainsaw@gentoo.org</email>
+ <name>Tony Vroon</name>
+ </maintainer>
+ <use>
+ <flag name="aesicm">Use AES ICM cryptographic algorithm</flag>
+ <flag name="console">
+ Use /dev/console instead of stdout for error messages
+ </flag>
+ <flag name="openssl">Use OpenSSL crypto primitives</flag>
+ <flag name="syslog">Use syslog for error messages</flag>
+ </use>
+ <upstream>
+ <remote-id type="github">cisco/libsrtp</remote-id>
+ </upstream>
+</pkgmetadata>