+++ /dev/null
-From 41b027b68f59913d166c3c91b8fdd2b40088822f Mon Sep 17 00:00:00 2001
-From: johan pascal <johan.pascal@belledonne-communications.com>
-Date: Fri, 3 Mar 2023 11:28:25 +0100
-Subject: [PATCH] remove TLS client certificate callback
-
----
- src/transports/tls_channel.c | 57 +++++++++++++++---------------------
- 1 file changed, 23 insertions(+), 34 deletions(-)
-
-diff --git a/src/transports/tls_channel.c b/src/transports/tls_channel.c
-index 65811a61..9c64b8af 100644
---- a/src/transports/tls_channel.c
-+++ b/src/transports/tls_channel.c
-@@ -475,37 +475,6 @@ BELLE_SIP_INSTANCIATE_CUSTOM_VPTR_BEGIN(
- }
- BELLE_SIP_INSTANCIATE_CUSTOM_VPTR_END
-
--static int belle_sip_client_certificate_request_callback(void *data, bctbx_ssl_context_t *ssl_ctx, const bctbx_list_t *names) {
-- belle_sip_tls_channel_t *channel = (belle_sip_tls_channel_t *)data;
--
-- /* ask certificate */
-- BELLE_SIP_INVOKE_LISTENERS_ARG1_ARG2( channel->base.base.full_listeners
-- ,belle_sip_channel_listener_t
-- ,on_auth_requested
-- ,&channel->base.base
-- ,(names==NULL)?NULL:(char *)names->data); // forward only the first name of the list, this functionnality is not used for now anyway
--
-- /* if we got one, set it in the ssl handshake context */
-- if (channel->client_cert_chain && channel->client_cert_key) {
-- int err;
-- char tmp[512]={0};
--
-- bctbx_x509_certificate_get_info_string(tmp,sizeof(tmp)-1,"",channel->client_cert_chain->cert);
-- belle_sip_message("Channel [%p] found client certificate:\n%s",channel,tmp);
--
-- if ((err=bctbx_ssl_set_hs_own_cert(channel->sslctx,channel->client_cert_chain->cert,channel->client_cert_key->key))) {
-- bctbx_strerror(err,tmp,sizeof(tmp)-1);
-- belle_sip_error("Channel [%p] cannot set retrieved ssl own certificate [%s]",channel,tmp);
-- return -1; /* we were not able to set the client certificate, something is going wrong, this will abort the handshake*/
-- }
-- return 0;
-- }
--
-- belle_sip_warning("Channel [%p] cannot get client certificate to answer server request", channel);
--
-- return 0; /* we couldn't find any certificate, just keep on going, server may decide to abort the handshake */
--}
--
- static int tls_handle_postcheck(belle_sip_tls_channel_t* channel){
- if (channel->crypto_config && channel->crypto_config->postcheck_cb){
- const bctbx_x509_certificate_t *cert = bctbx_ssl_get_peer_certificate(channel->sslctx);
-@@ -883,6 +852,29 @@ static int belle_sip_tls_channel_init_bc
- if (crypto_config->ssl_config == NULL) {
- bctbx_ssl_config_defaults(obj->sslcfg, BCTBX_SSL_IS_CLIENT, BCTBX_SSL_TRANSPORT_STREAM);
- bctbx_ssl_config_set_authmode(obj->sslcfg, BCTBX_SSL_VERIFY_REQUIRED);
-+ /* set up client certificate */
-+ /* if we do not have one, request it */
-+ if (!(obj->client_cert_chain && obj->client_cert_key)) {
-+ BELLE_SIP_INVOKE_LISTENERS_ARG1_ARG2(obj->base.base.full_listeners, belle_sip_channel_listener_t,
-+ on_auth_requested, &obj->base.base, NULL);
-+ }
-+ /* now if we do have one set it in the ssl config */
-+ if (obj->client_cert_chain && obj->client_cert_key) {
-+ char tmp[512] = {0};
-+
-+ bctbx_x509_certificate_get_info_string(tmp, sizeof(tmp) - 1, "", obj->client_cert_chain->cert);
-+ belle_sip_message("Channel [%p] found client certificate:\n%s", obj, tmp);
-+
-+ int ret =
-+ bctbx_ssl_config_set_own_cert(obj->sslcfg, obj->client_cert_chain->cert, obj->client_cert_key->key);
-+ if (ret < 0) {
-+ belle_sip_error(
-+ "Unable to set own certificate in config for SSL context at TLS channel creation ret [-0x%x]",
-+ -ret);
-+ belle_sip_object_unref(obj);
-+ return -1;
-+ }
-+ }
- } else { /* an SSL config is provided, use it*/
- int ret = bctbx_ssl_config_set_crypto_library_config(obj->sslcfg, crypto_config->ssl_config);
- if (ret<0) {
-@@ -900,7 +892,6 @@ static int belle_sip_tls_channel_init_bc
- bctbx_ssl_config_set_ca_chain(obj->sslcfg, obj->root_ca);
- }
- bctbx_ssl_config_set_callback_verify(obj->sslcfg, belle_sip_ssl_verify, crypto_config);
-- bctbx_ssl_config_set_callback_cli_cert(obj->sslcfg, belle_sip_client_certificate_request_callback, obj);
-
- bctbx_ssl_context_setup(obj->sslctx, obj->sslcfg);
- bctbx_ssl_set_hostname(obj->sslctx, super->base.peer_cname ? super->base.peer_cname : super->base.peer_name);
-# TODO: tunnel? (BR: pkgconfig(tunnel) or TunnelConfig.cmake)
+# TODO: tunnel >= 0.7.0? (BR: pkgconfig(tunnel) or TunnelConfig.cmake)
#
# Conditional build:
%bcond_without dnssd # MDNS/DNSSD support
Summary: SIP (RFC3261) object-oriented implementation in C
Summary(pl.UTF-8): Implementacja SIP (RFC3261) w C
Name: belle-sip
-Version: 5.2.51
+Version: 5.3.29
Release: 1
License: GPL v3+
Group: Libraries
#Source0Download: https://gitlab.linphone.org/BC/public/belle-sip/-/tags
Source0: https://gitlab.linphone.org/BC/public/belle-sip/-/archive/%{version}/%{name}-%{version}.tar.bz2
-# Source0-md5: b4bcdbcb0e641cef2e1e5ecec889c9b5
+# Source0-md5: 6282d86a629f9d5aede25534bd9bcf87
Patch0: antlr_jar.patch
Patch1: %{name}-pc.patch
-Patch2: %{name}-mbedtlsv3.patch
-URL: http://www.linphone.org/technical-corner/belle-sip
+URL: https://www.linphone.org/
%{?with_tests:BuildRequires: CUnit >= 2.0}
%{?with_dnssd:BuildRequires: avahi-compat-libdns_sd-devel}
-BuildRequires: bctoolbox-devel >= 0.5.0
-BuildRequires: cmake >= 3.1
+BuildRequires: bctoolbox-devel >= 5.3.0
+BuildRequires: belr-devel >= 5.3.0
+BuildRequires: cmake >= 3.22
BuildRequires: java-antlr3 >= 3.2
BuildRequires: jre
BuildRequires: libantlr3c-devel >= 3.4
BuildRequires: pkgconfig
BuildRequires: rpmbuild(macros) >= 1.605
BuildRequires: zlib-devel >= 1.2.3
-Requires: bctoolbox >= 0.5.0
+Requires: bctoolbox >= 5.3.0
+Requires: belr >= 5.3.0
Requires: libantlr3c >= 3.4
Requires: zlib >= 1.2.3
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
Summary(pl.UTF-8): Pliki nagłówkowe biblioteki %{name}
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
-Requires: bctoolbox-devel >= 0.5.0
+Requires: bctoolbox-devel >= 5.3.0
+Requires: belr-devel >= 5.3.0
Requires: libantlr3c-devel >= 3.4
%description devel
%setup -q
%patch0 -p1
%patch1 -p1
-%patch2 -p1
%build
-install -d builddir
-cd builddir
-%cmake .. \
+%if %{with static_libs}
+%cmake -B builddir-static \
+ -DBUILD_SHARED_LIBS=OFF \
+ %{?with_dnssd:-DENABLE_MDNS=ON} \
+ -DENABLE_UNIT_TESTS=OFF
+
+%{__make} -C builddir-static
+%endif
+
+%cmake -B builddir \
%{?with_dnssd:-DENABLE_MDNS=ON} \
%{!?with_static_libs:-DENABLE_STATIC=OFF} \
- %{!?with_tests:-DENABLE_TESTS=OFF}
+ %{!?with_tests:-DENABLE_UNIT_TESTS=OFF}
-%{__make}
+%{__make} -C builddir
-%{?with_tests:%{__make} test}
+%if %{with tests}
+%{__make} -C builddir test
+%endif
%install
rm -rf $RPM_BUILD_ROOT
-%{__make} -C builddir install \
+%if %{with static_libs}
+%{__make} -C builddir-static install \
DESTDIR=$RPM_BUILD_ROOT
+%endif
-# disable completeness check incompatible with split packaging
-%{__sed} -i -e '/^foreach(target .*IMPORT_CHECK_TARGETS/,/^endforeach/d; /^unset(_IMPORT_CHECK_TARGETS)/d' $RPM_BUILD_ROOT%{_libdir}/cmake/BelleSIP/BelleSIPTargets.cmake
+%{__make} -C builddir install \
+ DESTDIR=$RPM_BUILD_ROOT
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
%doc AUTHORS.md CHANGELOG.md README.md
-%attr(755,root,root) %{_libdir}/libbellesip.so.1
+%attr(755,root,root) %{_libdir}/libbelle-sip.so.1
%{_datadir}/belr/grammars/sdp_grammar
%files devel
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/libbellesip.so
+%attr(755,root,root) %{_libdir}/libbelle-sip.so
%{_includedir}/belle-sip
%{_pkgconfigdir}/belle-sip.pc
%{_libdir}/cmake/BelleSIP
%if %{with static_libs}
%files static
%defattr(644,root,root,755)
-%{_libdir}/libbellesip.a
+%{_libdir}/libbelle-sip.a
%endif