fix #148, simplify the RTMP handshake key generation. 0.9.191.
正在显示
3 个修改的文件
包含
36 行增加
和
72 行删除
@@ -208,6 +208,7 @@ Supported operating systems and hardware: | @@ -208,6 +208,7 @@ Supported operating systems and hardware: | ||
208 | * 2013-10-17, Created.<br/> | 208 | * 2013-10-17, Created.<br/> |
209 | 209 | ||
210 | ## History | 210 | ## History |
211 | +* v1.0, 2014-08-06, fix [#148](https://github.com/winlinvip/simple-rtmp-server/issues/148), simplify the RTMP handshake key generation. 0.9.191. | ||
211 | * v1.0, 2014-08-06, fix [#147](https://github.com/winlinvip/simple-rtmp-server/issues/147), support identify the srs edge. 0.9.190. | 212 | * v1.0, 2014-08-06, fix [#147](https://github.com/winlinvip/simple-rtmp-server/issues/147), support identify the srs edge. 0.9.190. |
212 | * <strong>v1.0, 2014-08-03, [1.0 mainline7(0.9.189)](https://github.com/winlinvip/simple-rtmp-server/releases/tag/1.0.mainline7) released. 57432 lines.</strong> | 213 | * <strong>v1.0, 2014-08-03, [1.0 mainline7(0.9.189)](https://github.com/winlinvip/simple-rtmp-server/releases/tag/1.0.mainline7) released. 57432 lines.</strong> |
213 | * v1.0, 2014-08-03, fix [#79](https://github.com/winlinvip/simple-rtmp-server/issues/79), fix the reload remove edge assert bug. 0.9.189. | 214 | * v1.0, 2014-08-03, fix [#79](https://github.com/winlinvip/simple-rtmp-server/issues/79), fix the reload remove edge assert bug. 0.9.189. |
@@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | @@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | ||
31 | // current release version | 31 | // current release version |
32 | #define VERSION_MAJOR "0" | 32 | #define VERSION_MAJOR "0" |
33 | #define VERSION_MINOR "9" | 33 | #define VERSION_MINOR "9" |
34 | -#define VERSION_REVISION "190" | 34 | +#define VERSION_REVISION "191" |
35 | #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION | 35 | #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION |
36 | // server info. | 36 | // server info. |
37 | #define RTMP_SIG_SRS_KEY "SRS" | 37 | #define RTMP_SIG_SRS_KEY "SRS" |
@@ -97,18 +97,9 @@ namespace _srs_internal | @@ -97,18 +97,9 @@ namespace _srs_internal | ||
97 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ | 97 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ |
98 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ | 98 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ |
99 | "FFFFFFFFFFFFFFFF" | 99 | "FFFFFFFFFFFFFFFF" |
100 | - int __openssl_generate_key( | ||
101 | - u_int8_t* _private_key, u_int8_t* _public_key, int32_t& size, | ||
102 | - DH*& pdh, int32_t& bits_count, u_int8_t*& shared_key, int32_t& shared_key_length, BIGNUM*& peer_public_key | ||
103 | - ){ | 100 | + int __openssl_initialize_dh(DH* pdh, int32_t bits_count){ |
104 | int ret = ERROR_SUCCESS; | 101 | int ret = ERROR_SUCCESS; |
105 | 102 | ||
106 | - //1. Create the DH | ||
107 | - if ((pdh = DH_new()) == NULL) { | ||
108 | - ret = ERROR_OpenSslCreateDH; | ||
109 | - return ret; | ||
110 | - } | ||
111 | - | ||
112 | //2. Create his internal p and g | 103 | //2. Create his internal p and g |
113 | if ((pdh->p = BN_new()) == NULL) { | 104 | if ((pdh->p = BN_new()) == NULL) { |
114 | ret = ERROR_OpenSslCreateP; | 105 | ret = ERROR_OpenSslCreateP; |
@@ -119,7 +110,7 @@ namespace _srs_internal | @@ -119,7 +110,7 @@ namespace _srs_internal | ||
119 | return ret; | 110 | return ret; |
120 | } | 111 | } |
121 | 112 | ||
122 | - //3. initialize p, g and key length | 113 | + //3. initialize p and g |
123 | if (BN_hex2bn(&pdh->p, RFC2409_PRIME_1024) == 0) { | 114 | if (BN_hex2bn(&pdh->p, RFC2409_PRIME_1024) == 0) { |
124 | ret = ERROR_OpenSslParseP1024; | 115 | ret = ERROR_OpenSslParseP1024; |
125 | return ret; | 116 | return ret; |
@@ -138,50 +129,23 @@ namespace _srs_internal | @@ -138,50 +129,23 @@ namespace _srs_internal | ||
138 | return ret; | 129 | return ret; |
139 | } | 130 | } |
140 | 131 | ||
141 | - // CreateSharedKey | ||
142 | - if (pdh == NULL) { | ||
143 | - ret = ERROR_OpenSslGenerateDHKeys; | ||
144 | - return ret; | ||
145 | - } | ||
146 | - | ||
147 | - if (shared_key_length != 0 || shared_key != NULL) { | ||
148 | - ret = ERROR_OpenSslShareKeyComputed; | ||
149 | - return ret; | ||
150 | - } | ||
151 | - | ||
152 | - shared_key_length = DH_size(pdh); | ||
153 | - if (shared_key_length <= 0 || shared_key_length > 1024) { | ||
154 | - ret = ERROR_OpenSslGetSharedKeySize; | ||
155 | - return ret; | ||
156 | - } | ||
157 | - shared_key = new u_int8_t[shared_key_length]; | ||
158 | - memset(shared_key, 0, shared_key_length); | ||
159 | - | ||
160 | - peer_public_key = BN_bin2bn(_private_key, size, 0); | ||
161 | - if (peer_public_key == NULL) { | ||
162 | - ret = ERROR_OpenSslGetPeerPublicKey; | ||
163 | return ret; | 132 | return ret; |
164 | } | 133 | } |
134 | + int __openssl_copy_key(DH* pdh, char* public_key, int32_t size) | ||
135 | + { | ||
136 | + int ret = ERROR_SUCCESS; | ||
165 | 137 | ||
166 | - if (DH_compute_key(shared_key, peer_public_key, pdh) == -1) { | ||
167 | - ret = ERROR_OpenSslComputeSharedKey; | ||
168 | - return ret; | ||
169 | - } | 138 | + int32_t bits_count = 1024; |
170 | 139 | ||
171 | - // CopyPublicKey | ||
172 | - if (pdh == NULL) { | ||
173 | - ret = ERROR_OpenSslComputeSharedKey; | 140 | + // 2. generate the g, p, private/public key. |
141 | + if ((ret = __openssl_initialize_dh(pdh, bits_count)) != ERROR_SUCCESS) { | ||
174 | return ret; | 142 | return ret; |
175 | } | 143 | } |
176 | 144 | ||
177 | - int32_t keySize = BN_num_bytes(pdh->pub_key); | ||
178 | - if ((keySize <= 0) || (size <= 0) || (keySize > size)) { | ||
179 | - //("CopyPublicKey failed due to either invalid DH state or invalid call"); return ret; | ||
180 | - ret = ERROR_OpenSslInvalidDHState; | ||
181 | - return ret; | ||
182 | - } | 145 | + // copy public key to bytes. |
146 | + srs_assert(BN_num_bytes(pdh->pub_key) == size); | ||
183 | 147 | ||
184 | - if (BN_bn2bin(pdh->pub_key, _public_key) != keySize) { | 148 | + if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) { |
185 | //("Unable to copy key"); return ret; | 149 | //("Unable to copy key"); return ret; |
186 | ret = ERROR_OpenSslCopyKey; | 150 | ret = ERROR_OpenSslCopyKey; |
187 | return ret; | 151 | return ret; |
@@ -189,22 +153,8 @@ namespace _srs_internal | @@ -189,22 +153,8 @@ namespace _srs_internal | ||
189 | 153 | ||
190 | return ret; | 154 | return ret; |
191 | } | 155 | } |
192 | - int openssl_generate_key(char* _private_key, char* _public_key, int32_t size) | 156 | + void __openssl_free(DH* pdh) |
193 | { | 157 | { |
194 | - int ret = ERROR_SUCCESS; | ||
195 | - | ||
196 | - // Initialize | ||
197 | - DH* pdh = NULL; | ||
198 | - int32_t bits_count = 1024; | ||
199 | - u_int8_t* shared_key = NULL; | ||
200 | - int32_t shared_key_length = 0; | ||
201 | - BIGNUM* peer_public_key = NULL; | ||
202 | - | ||
203 | - ret = __openssl_generate_key( | ||
204 | - (u_int8_t*)_private_key, (u_int8_t*)_public_key, size, | ||
205 | - pdh, bits_count, shared_key, shared_key_length, peer_public_key | ||
206 | - ); | ||
207 | - | ||
208 | if (pdh != NULL) { | 158 | if (pdh != NULL) { |
209 | if (pdh->p != NULL) { | 159 | if (pdh->p != NULL) { |
210 | BN_free(pdh->p); | 160 | BN_free(pdh->p); |
@@ -217,17 +167,26 @@ namespace _srs_internal | @@ -217,17 +167,26 @@ namespace _srs_internal | ||
217 | DH_free(pdh); | 167 | DH_free(pdh); |
218 | pdh = NULL; | 168 | pdh = NULL; |
219 | } | 169 | } |
220 | - | ||
221 | - if (shared_key != NULL) { | ||
222 | - delete[] shared_key; | ||
223 | - shared_key = NULL; | ||
224 | } | 170 | } |
171 | + int openssl_generate_key(char* public_key, int32_t size) | ||
172 | + { | ||
173 | + int ret = ERROR_SUCCESS; | ||
225 | 174 | ||
226 | - if (peer_public_key != NULL) { | ||
227 | - BN_free(peer_public_key); | ||
228 | - peer_public_key = NULL; | 175 | + // Initialize |
176 | + DH* pdh = NULL; | ||
177 | + | ||
178 | + //1. Create the DH | ||
179 | + if ((pdh = DH_new()) == NULL) { | ||
180 | + ret = ERROR_OpenSslCreateDH; | ||
181 | + return ret; | ||
229 | } | 182 | } |
230 | 183 | ||
184 | + // generate and copy key. | ||
185 | + ret = __openssl_copy_key(pdh, public_key, size); | ||
186 | + | ||
187 | + // cleanup | ||
188 | + __openssl_free(pdh); | ||
189 | + | ||
231 | return ret; | 190 | return ret; |
232 | } | 191 | } |
233 | 192 | ||
@@ -867,7 +826,9 @@ namespace _srs_internal | @@ -867,7 +826,9 @@ namespace _srs_internal | ||
867 | srs_key_block_init(&block0.key); | 826 | srs_key_block_init(&block0.key); |
868 | srs_digest_block_init(&block1.digest); | 827 | srs_digest_block_init(&block1.digest); |
869 | 828 | ||
870 | - if ((ret = openssl_generate_key(c1->block0.key.key, block0.key.key, 128)) != ERROR_SUCCESS) { | 829 | + // directly generate the public key. |
830 | + // @see: https://github.com/winlinvip/simple-rtmp-server/issues/148 | ||
831 | + if ((ret = openssl_generate_key(block0.key.key, 128)) != ERROR_SUCCESS) { | ||
871 | srs_error("calc s1 key failed. ret=%d", ret); | 832 | srs_error("calc s1 key failed. ret=%d", ret); |
872 | return ret; | 833 | return ret; |
873 | } | 834 | } |
@@ -875,7 +836,9 @@ namespace _srs_internal | @@ -875,7 +836,9 @@ namespace _srs_internal | ||
875 | srs_digest_block_init(&block0.digest); | 836 | srs_digest_block_init(&block0.digest); |
876 | srs_key_block_init(&block1.key); | 837 | srs_key_block_init(&block1.key); |
877 | 838 | ||
878 | - if ((ret = openssl_generate_key(c1->block1.key.key, block1.key.key, 128)) != ERROR_SUCCESS) { | 839 | + // directly generate the public key. |
840 | + // @see: https://github.com/winlinvip/simple-rtmp-server/issues/148 | ||
841 | + if ((ret = openssl_generate_key(block1.key.key, 128)) != ERROR_SUCCESS) { | ||
879 | srs_error("calc s1 key failed. ret=%d", ret); | 842 | srs_error("calc s1 key failed. ret=%d", ret); |
880 | return ret; | 843 | return ret; |
881 | } | 844 | } |
-
请 注册 或 登录 后发表评论