Fix SRTP compile issues for windows

Related to CVE-2014-3513

This fix was developed by the OpenSSL Team

Reviewed-by: Tim Hudson <tjh@openssl.org>

4 files changed, 14 insertions, 5 deletions

diff --git a/ssl/srtp.h b/ssl/srtp.h
index c0cf33ef28..24f23309d7 100644
--- a/ssl/srtp.h
+++ b/ssl/srtp.h
@@ -130,6 +130,8 @@ extern "C" {
 #define SRTP_NULL_SHA1_80      0x0005
 #define SRTP_NULL_SHA1_32      0x0006
 
+#ifndef OPENSSL_NO_SRTP
+
 int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
 int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
 SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
@@ -137,6 +139,8 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
 STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
 SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
 
+#endif
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index bcd00ba943..f0c2df0267 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -1145,6 +1145,7 @@ sub read_options
 		"dll" => \$shlib,
 		"shared" => 0,
 		"no-sctp" => 0,
+		"no-srtp" => 0,
 		"no-gmp" => 0,
 		"no-rfc3779" => 0,
 		"no-montasm" => 0,
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 79d4de8962..1eaa7b8acd 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -117,6 +117,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
 			 "SSL_INTERN",
 			 # SCTP
 		 	 "SCTP",
+			 # SRTP
+			 "SRTP",
 			 # Unit testing
 		 	 "UNIT_TEST");
 
@@ -138,7 +140,7 @@ my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
 my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
 my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
 my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; 
-my $no_nextprotoneg; my $no_sctp;
+my $no_nextprotoneg; my $no_sctp; my $no_srtp;
 my $no_unit_test;
 
 my $fips;
@@ -238,6 +240,7 @@ foreach (@ARGV, split(/ /, $options))
 	elsif (/^no-jpake$/)	{ $no_jpake=1; }
 	elsif (/^no-srp$/)	{ $no_srp=1; }
 	elsif (/^no-sctp$/)	{ $no_sctp=1; }
+	elsif (/^no-srtp$/)	{ $no_srtp=1; }
 	elsif (/^no-unit-test$/){ $no_unit_test=1; }
 	}
 
@@ -1209,6 +1212,7 @@ sub is_valid
 			if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
 			if ($keyword eq "SRP" && $no_srp) { return 0; }
 			if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+			if ($keyword eq "SRTP" && $no_srtp) { return 0; }
 			if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
 			if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
 
diff --git a/util/ssleay.num b/util/ssleay.num
index 1c05a3c4cb..dd21e95779 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -310,14 +310,14 @@ TLSv1_2_method                          350	EXIST::FUNCTION:
 SSL_SESSION_get_id_len                  351	NOEXIST::FUNCTION:
 kssl_ctx_get0_client_princ              352	EXIST::FUNCTION:KRB5
 SSL_export_keying_material              353	EXIST::FUNCTION:TLSEXT
-SSL_set_tlsext_use_srtp                 354	EXIST::FUNCTION:
+SSL_set_tlsext_use_srtp                 354	EXIST::FUNCTION:SRTP
 SSL_CTX_set_next_protos_advertised_cb   355	EXIST:!VMS:FUNCTION:NEXTPROTONEG
 SSL_CTX_set_next_protos_adv_cb          355	EXIST:VMS:FUNCTION:NEXTPROTONEG
 SSL_get0_next_proto_negotiated          356	EXIST::FUNCTION:NEXTPROTONEG
-SSL_get_selected_srtp_profile           357	EXIST::FUNCTION:
-SSL_CTX_set_tlsext_use_srtp             358	EXIST::FUNCTION:
+SSL_get_selected_srtp_profile           357	EXIST::FUNCTION:SRTP
+SSL_CTX_set_tlsext_use_srtp             358	EXIST::FUNCTION:SRTP
 SSL_select_next_proto                   359	EXIST::FUNCTION:NEXTPROTONEG
-SSL_get_srtp_profiles                   360	EXIST::FUNCTION:
+SSL_get_srtp_profiles                   360	EXIST::FUNCTION:SRTP
 SSL_CTX_set_next_proto_select_cb        361	EXIST:!VMS:FUNCTION:NEXTPROTONEG
 SSL_CTX_set_next_proto_sel_cb           361	EXIST:VMS:FUNCTION:NEXTPROTONEG
 SSL_SESSION_get_compress_id             362	EXIST::FUNCTION: