胡斌 / srs

转到一个项目
Toggle navigation Toggle navigation pinning
winlin
841f0f88 1 parent 152d3539

change to 0.9.19, verify the s1/s2/c2, refine the handshake.

内嵌 并排对比
正在显示 8 个修改的文件 包含 349 行增加118 行删除
@@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 // current release version 31 // current release version
32 #define VERSION_MAJOR "0" 32 #define VERSION_MAJOR "0"
33 #define VERSION_MINOR "9" 33 #define VERSION_MINOR "9"
34 -#define VERSION_REVISION "18" 34 +#define VERSION_REVISION "19"
35 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION 35 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION
36 // server info. 36 // server info.
37 #define RTMP_SIG_SRS_KEY "srs" 37 #define RTMP_SIG_SRS_KEY "srs"
@@ -34,7 +34,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -34,7 +34,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
34 * auto free the instance in the current scope. 34 * auto free the instance in the current scope.
35 */ 35 */
36 #define SrsAutoFree(className, instance, is_array) \ 36 #define SrsAutoFree(className, instance, is_array) \
37 - __SrsAutoFree<className> _auto_free_##instance(&instance, is_array) 37 + __SrsAutoFree<className> _auto_free_##instance((className**)&instance, is_array)
38 38
39 template<class T> 39 template<class T>
40 class __SrsAutoFree 40 class __SrsAutoFree
@@ -24,28 +24,16 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -24,28 +24,16 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24 #include <srs_protocol_handshake.hpp> 24 #include <srs_protocol_handshake.hpp>
25 25
26 #include <time.h> 26 #include <time.h>
27 -#include <stdlib.h>  
28 27
29 #include <srs_core_autofree.hpp> 28 #include <srs_core_autofree.hpp>
30 #include <srs_kernel_error.hpp> 29 #include <srs_kernel_error.hpp>
31 #include <srs_kernel_log.hpp> 30 #include <srs_kernel_log.hpp>
32 #include <srs_protocol_io.hpp> 31 #include <srs_protocol_io.hpp>
  32 +#include <srs_protocol_utility.hpp>
  33 +#include <srs_protocol_rtmp.hpp>
33 34
34 using namespace srs; 35 using namespace srs;
35 36
36 -void srs_random_generate(char* bytes, int size)  
37 -{  
38 - static char cdata[] = {  
39 - 0x73, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x2d, 0x72, 0x74, 0x6d, 0x70, 0x2d, 0x73, 0x65,  
40 - 0x72, 0x76, 0x65, 0x72, 0x2d, 0x77, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x2d, 0x77, 0x69,  
41 - 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x40, 0x31, 0x32, 0x36,  
42 - 0x2e, 0x63, 0x6f, 0x6d  
43 - };  
44 - for (int i = 0; i < size; i++) {  
45 - bytes[i] = cdata[rand() % (sizeof(cdata) - 1)];  
46 - }  
47 -}  
48 -  
49 #ifdef SRS_SSL 37 #ifdef SRS_SSL
50 38
51 // 68bytes FMS key which is used to sign the sever packet. 39 // 68bytes FMS key which is used to sign the sever packet.
@@ -569,6 +557,12 @@ void c2s2::dump(char* _c2s2) @@ -569,6 +557,12 @@ void c2s2::dump(char* _c2s2)
569 memcpy(_c2s2 + 1504, digest, 32); 557 memcpy(_c2s2 + 1504, digest, 32);
570 } 558 }
571 559
  560 +void c2s2::parse(char* _c2s2)
  561 +{
  562 + memcpy(random, _c2s2, 1504);
  563 + memcpy(digest, _c2s2 + 1504, 32);
  564 +}
  565 +
572 int c2s2::c2_create(c1s1* s1) 566 int c2s2::c2_create(c1s1* s1)
573 { 567 {
574 int ret = ERROR_SUCCESS; 568 int ret = ERROR_SUCCESS;
@@ -592,6 +586,30 @@ int c2s2::c2_create(c1s1* s1) @@ -592,6 +586,30 @@ int c2s2::c2_create(c1s1* s1)
592 return ret; 586 return ret;
593 } 587 }
594 588
  589 +int c2s2::c2_validate(c1s1* s1, bool& is_valid)
  590 +{
  591 + is_valid = false;
  592 + int ret = ERROR_SUCCESS;
  593 +
  594 + char temp_key[OpensslHashSize];
  595 + if ((ret = openssl_HMACsha256(s1->get_digest(), 32, SrsGenuineFPKey, 62, temp_key)) != ERROR_SUCCESS) {
  596 + srs_error("create c2 temp key failed. ret=%d", ret);
  597 + return ret;
  598 + }
  599 + srs_verbose("generate c2 temp key success.");
  600 +
  601 + char _digest[OpensslHashSize];
  602 + if ((ret = openssl_HMACsha256(random, 1504, temp_key, 32, _digest)) != ERROR_SUCCESS) {
  603 + srs_error("create c2 digest failed. ret=%d", ret);
  604 + return ret;
  605 + }
  606 + srs_verbose("generate c2 digest success.");
  607 +
  608 + is_valid = srs_bytes_equals(digest, _digest, 32);
  609 +
  610 + return ret;
  611 +}
  612 +
595 int c2s2::s2_create(c1s1* c1) 613 int c2s2::s2_create(c1s1* c1)
596 { 614 {
597 int ret = ERROR_SUCCESS; 615 int ret = ERROR_SUCCESS;
@@ -615,6 +633,30 @@ int c2s2::s2_create(c1s1* c1) @@ -615,6 +633,30 @@ int c2s2::s2_create(c1s1* c1)
615 return ret; 633 return ret;
616 } 634 }
617 635
  636 +int c2s2::s2_validate(c1s1* c1, bool& is_valid)
  637 +{
  638 + is_valid = false;
  639 + int ret = ERROR_SUCCESS;
  640 +
  641 + char temp_key[OpensslHashSize];
  642 + if ((ret = openssl_HMACsha256(c1->get_digest(), 32, SrsGenuineFMSKey, 68, temp_key)) != ERROR_SUCCESS) {
  643 + srs_error("create s2 temp key failed. ret=%d", ret);
  644 + return ret;
  645 + }
  646 + srs_verbose("generate s2 temp key success.");
  647 +
  648 + char _digest[OpensslHashSize];
  649 + if ((ret = openssl_HMACsha256(random, 1504, temp_key, 32, _digest)) != ERROR_SUCCESS) {
  650 + srs_error("create s2 digest failed. ret=%d", ret);
  651 + return ret;
  652 + }
  653 + srs_verbose("generate s2 digest success.");
  654 +
  655 + is_valid = srs_bytes_equals(digest, _digest, 32);
  656 +
  657 + return ret;
  658 +}
  659 +
618 c1s1::c1s1() 660 c1s1::c1s1()
619 { 661 {
620 schema = srs_schema_invalid; 662 schema = srs_schema_invalid;
@@ -738,6 +780,7 @@ int c1s1::c1_parse(char* _c1s1, srs_schema_type _schema) @@ -738,6 +780,7 @@ int c1s1::c1_parse(char* _c1s1, srs_schema_type _schema)
738 780
739 int c1s1::c1_validate_digest(bool& is_valid) 781 int c1s1::c1_validate_digest(bool& is_valid)
740 { 782 {
  783 + is_valid = false;
741 int ret = ERROR_SUCCESS; 784 int ret = ERROR_SUCCESS;
742 785
743 char* c1_digest = NULL; 786 char* c1_digest = NULL;
@@ -761,6 +804,7 @@ int c1s1::c1_validate_digest(bool& is_valid) @@ -761,6 +804,7 @@ int c1s1::c1_validate_digest(bool& is_valid)
761 804
762 int c1s1::s1_validate_digest(bool& is_valid) 805 int c1s1::s1_validate_digest(bool& is_valid)
763 { 806 {
  807 + is_valid = false;
764 int ret = ERROR_SUCCESS; 808 int ret = ERROR_SUCCESS;
765 809
766 char* s1_digest = NULL; 810 char* s1_digest = NULL;
@@ -918,125 +962,85 @@ SrsSimpleHandshake::~SrsSimpleHandshake() @@ -918,125 +962,85 @@ SrsSimpleHandshake::~SrsSimpleHandshake()
918 { 962 {
919 } 963 }
920 964
921 -int SrsSimpleHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, SrsComplexHandshake* complex_hs) 965 +int SrsSimpleHandshake::handshake_with_client(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io)
922 { 966 {
923 int ret = ERROR_SUCCESS; 967 int ret = ERROR_SUCCESS;
924 968
925 ssize_t nsize; 969 ssize_t nsize;
926 970
927 - char* c0c1 = new char[1537];  
928 - SrsAutoFree(char, c0c1, true);  
929 - if ((ret = skt->read_fully(c0c1, 1537, &nsize)) != ERROR_SUCCESS) {  
930 - srs_warn("read c0c1 failed. ret=%d", ret); 971 + if ((ret = hs_bytes->read_c0c1(io)) != ERROR_SUCCESS) {
931 return ret; 972 return ret;
932 } 973 }
933 - srs_verbose("read c0c1 success.");  
934 974
935 // plain text required. 975 // plain text required.
936 - if (c0c1[0] != 0x03) { 976 + if (hs_bytes->c0c1[0] != 0x03) {
937 ret = ERROR_RTMP_PLAIN_REQUIRED; 977 ret = ERROR_RTMP_PLAIN_REQUIRED;
938 srs_warn("only support rtmp plain text. ret=%d", ret); 978 srs_warn("only support rtmp plain text. ret=%d", ret);
939 return ret; 979 return ret;
940 } 980 }
941 srs_verbose("check c0 success, required plain text."); 981 srs_verbose("check c0 success, required plain text.");
942 982
943 - // try complex handshake  
944 - if (complex_hs) {  
945 - ret = complex_hs->handshake_with_client(skt, c0c1 + 1);  
946 - if (ret == ERROR_SUCCESS) {  
947 - srs_trace("complex handshake success.");  
948 - return ret;  
949 - }  
950 - if (ret != ERROR_RTMP_TRY_SIMPLE_HS) {  
951 - srs_error("complex handshake failed. ret=%d", ret);  
952 - return ret;  
953 - }  
954 - srs_info("rollback complex to simple handshake. ret=%d", ret); 983 + if ((ret = hs_bytes->create_s0s1s2()) != ERROR_SUCCESS) {
  984 + return ret;
955 } 985 }
956 986
957 - char* s0s1s2 = new char[3073];  
958 - srs_random_generate(s0s1s2, 3073);  
959 - SrsAutoFree(char, s0s1s2, true);  
960 // plain text required. 987 // plain text required.
961 - s0s1s2[0] = 0x03;  
962 - if ((ret = skt->write(s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) { 988 + hs_bytes->s0s1s2[0] = 0x03;
  989 + if ((ret = io->write(hs_bytes->s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) {
963 srs_warn("simple handshake send s0s1s2 failed. ret=%d", ret); 990 srs_warn("simple handshake send s0s1s2 failed. ret=%d", ret);
964 return ret; 991 return ret;
965 } 992 }
966 srs_verbose("simple handshake send s0s1s2 success."); 993 srs_verbose("simple handshake send s0s1s2 success.");
967 994
968 - char* c2 = new char[1536];  
969 - SrsAutoFree(char, c2, true);  
970 - if ((ret = skt->read_fully(c2, 1536, &nsize)) != ERROR_SUCCESS) {  
971 - srs_warn("simple handshake read c2 failed. ret=%d", ret); 995 + if ((ret = hs_bytes->read_c2(io)) != ERROR_SUCCESS) {
972 return ret; 996 return ret;
973 } 997 }
974 - srs_verbose("simple handshake read c2 success.");  
975 998
976 - srs_trace("simple handshake success."); 999 + srs_trace("simple handshake with client success.");
977 1000
978 return ret; 1001 return ret;
979 } 1002 }
980 1003
981 -int SrsSimpleHandshake::handshake_with_server(ISrsProtocolReaderWriter* skt, SrsComplexHandshake* complex_hs) 1004 +int SrsSimpleHandshake::handshake_with_server(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io)
982 { 1005 {
983 int ret = ERROR_SUCCESS; 1006 int ret = ERROR_SUCCESS;
984 1007
985 - // try complex handshake  
986 - if (complex_hs) {  
987 - ret = complex_hs->handshake_with_server(skt);  
988 - if (ret == ERROR_SUCCESS) {  
989 - srs_trace("complex handshake success.");  
990 - return ret;  
991 - }  
992 - if (ret != ERROR_RTMP_TRY_SIMPLE_HS) {  
993 - srs_error("complex handshake failed. ret=%d", ret);  
994 - return ret;  
995 - }  
996 - srs_info("rollback complex to simple handshake. ret=%d", ret);  
997 - }  
998 -  
999 - // simple handshake  
1000 ssize_t nsize; 1008 ssize_t nsize;
1001 1009
1002 - char* c0c1 = new char[1537];  
1003 - SrsAutoFree(char, c0c1, true);  
1004 -  
1005 - srs_random_generate(c0c1, 1537); 1010 + // simple handshake
  1011 + if ((ret = hs_bytes->create_c0c1()) != ERROR_SUCCESS) {
  1012 + return ret;
  1013 + }
1006 // plain text required. 1014 // plain text required.
1007 - c0c1[0] = 0x03; 1015 + hs_bytes->c0c1[0] = 0x03;
1008 1016
1009 - if ((ret = skt->write(c0c1, 1537, &nsize)) != ERROR_SUCCESS) { 1017 + if ((ret = io->write(hs_bytes->c0c1, 1537, &nsize)) != ERROR_SUCCESS) {
1010 srs_warn("write c0c1 failed. ret=%d", ret); 1018 srs_warn("write c0c1 failed. ret=%d", ret);
1011 return ret; 1019 return ret;
1012 } 1020 }
1013 srs_verbose("write c0c1 success."); 1021 srs_verbose("write c0c1 success.");
1014 1022
1015 - char* s0s1s2 = new char[3073];  
1016 - SrsAutoFree(char, s0s1s2, true);  
1017 - if ((ret = skt->read_fully(s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) {  
1018 - srs_warn("simple handshake recv s0s1s2 failed. ret=%d", ret); 1023 + if ((ret = hs_bytes->read_s0s1s2(io)) != ERROR_SUCCESS) {
1019 return ret; 1024 return ret;
1020 } 1025 }
1021 - srs_verbose("simple handshake recv s0s1s2 success.");  
1022 1026
1023 // plain text required. 1027 // plain text required.
1024 - if (s0s1s2[0] != 0x03) { 1028 + if (hs_bytes->s0s1s2[0] != 0x03) {
1025 ret = ERROR_RTMP_HANDSHAKE; 1029 ret = ERROR_RTMP_HANDSHAKE;
1026 srs_warn("handshake failed, plain text required. ret=%d", ret); 1030 srs_warn("handshake failed, plain text required. ret=%d", ret);
1027 return ret; 1031 return ret;
1028 } 1032 }
1029 1033
1030 - char* c2 = new char[1536];  
1031 - SrsAutoFree(char, c2, true);  
1032 - srs_random_generate(c2, 1536);  
1033 - if ((ret = skt->write(c2, 1536, &nsize)) != ERROR_SUCCESS) { 1034 + if ((ret = hs_bytes->create_c2()) != ERROR_SUCCESS) {
  1035 + return ret;
  1036 + }
  1037 + if ((ret = io->write(hs_bytes->c2, 1536, &nsize)) != ERROR_SUCCESS) {
1034 srs_warn("simple handshake write c2 failed. ret=%d", ret); 1038 srs_warn("simple handshake write c2 failed. ret=%d", ret);
1035 return ret; 1039 return ret;
1036 } 1040 }
1037 srs_verbose("simple handshake write c2 success."); 1041 srs_verbose("simple handshake write c2 success.");
1038 1042
1039 - srs_trace("simple handshake success."); 1043 + srs_trace("simple handshake with server success.");
1040 1044
1041 return ret; 1045 return ret;
1042 } 1046 }
@@ -1050,36 +1054,33 @@ SrsComplexHandshake::~SrsComplexHandshake() @@ -1050,36 +1054,33 @@ SrsComplexHandshake::~SrsComplexHandshake()
1050 } 1054 }
1051 1055
1052 #ifndef SRS_SSL 1056 #ifndef SRS_SSL
1053 -int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* /*skt*/, char* /*_c1*/) 1057 +int SrsComplexHandshake::handshake_with_client(SrsHandshakeBytes* /*hs_bytes*/, ISrsProtocolReaderWriter* /*io*/)
1054 { 1058 {
1055 srs_trace("directly use simple handshake for ssl disabled."); 1059 srs_trace("directly use simple handshake for ssl disabled.");
1056 return ERROR_RTMP_TRY_SIMPLE_HS; 1060 return ERROR_RTMP_TRY_SIMPLE_HS;
1057 } 1061 }
1058 #else 1062 #else
1059 -int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, char* _c1) 1063 +int SrsComplexHandshake::handshake_with_client(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io)
1060 { 1064 {
1061 int ret = ERROR_SUCCESS; 1065 int ret = ERROR_SUCCESS;
1062 1066
1063 ssize_t nsize; 1067 ssize_t nsize;
1064 1068
1065 - static bool _random_initialized = false;  
1066 - if (!_random_initialized) {  
1067 - srand(0);  
1068 - _random_initialized = true;  
1069 - srs_trace("srand initialized the random."); 1069 + if ((ret = hs_bytes->read_c0c1(io)) != ERROR_SUCCESS) {
  1070 + return ret;
1070 } 1071 }
1071 1072
1072 // decode c1 1073 // decode c1
1073 c1s1 c1; 1074 c1s1 c1;
1074 // try schema0. 1075 // try schema0.
1075 - if ((ret = c1.c1_parse(_c1, srs_schema0)) != ERROR_SUCCESS) { 1076 + if ((ret = c1.c1_parse(hs_bytes->c0c1 + 1, srs_schema0)) != ERROR_SUCCESS) {
1076 srs_error("parse c1 schema%d error. ret=%d", srs_schema0, ret); 1077 srs_error("parse c1 schema%d error. ret=%d", srs_schema0, ret);
1077 return ret; 1078 return ret;
1078 } 1079 }
1079 // try schema1 1080 // try schema1
1080 bool is_valid = false; 1081 bool is_valid = false;
1081 if ((ret = c1.c1_validate_digest(is_valid)) != ERROR_SUCCESS || !is_valid) { 1082 if ((ret = c1.c1_validate_digest(is_valid)) != ERROR_SUCCESS || !is_valid) {
1082 - if ((ret = c1.c1_parse(_c1, srs_schema1)) != ERROR_SUCCESS) { 1083 + if ((ret = c1.c1_parse(hs_bytes->c0c1 + 1, srs_schema1)) != ERROR_SUCCESS) {
1083 srs_error("parse c1 schema%d error. ret=%d", srs_schema1, ret); 1084 srs_error("parse c1 schema%d error. ret=%d", srs_schema1, ret);
1084 return ret; 1085 return ret;
1085 } 1086 }
@@ -1102,10 +1103,10 @@ int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, ch @@ -1102,10 +1103,10 @@ int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, ch
1102 // verify s1 1103 // verify s1
1103 if ((ret = s1.s1_validate_digest(is_valid)) != ERROR_SUCCESS || !is_valid) { 1104 if ((ret = s1.s1_validate_digest(is_valid)) != ERROR_SUCCESS || !is_valid) {
1104 ret = ERROR_RTMP_TRY_SIMPLE_HS; 1105 ret = ERROR_RTMP_TRY_SIMPLE_HS;
1105 - srs_info("valid s1 failed, try simple handshake. ret=%d", ret); 1106 + srs_info("verify s1 failed, try simple handshake. ret=%d", ret);
1106 return ret; 1107 return ret;
1107 } 1108 }
1108 - srs_verbose("verify s1 from c1 success."); 1109 + srs_verbose("verify s1 success.");
1109 1110
1110 c2s2 s2; 1111 c2s2 s2;
1111 if ((ret = s2.s2_create(&c1)) != ERROR_SUCCESS) { 1112 if ((ret = s2.s2_create(&c1)) != ERROR_SUCCESS) {
@@ -1113,40 +1114,56 @@ int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, ch @@ -1113,40 +1114,56 @@ int SrsComplexHandshake::handshake_with_client(ISrsProtocolReaderWriter* skt, ch
1113 return ret; 1114 return ret;
1114 } 1115 }
1115 srs_verbose("create s2 from c1 success."); 1116 srs_verbose("create s2 from c1 success.");
  1117 + // verify s2
  1118 + if ((ret = s2.s2_validate(&c1, is_valid)) != ERROR_SUCCESS || !is_valid) {
  1119 + ret = ERROR_RTMP_TRY_SIMPLE_HS;
  1120 + srs_info("verify s2 failed, try simple handshake. ret=%d", ret);
  1121 + return ret;
  1122 + }
  1123 + srs_verbose("verify s2 success.");
1116 1124
1117 // sendout s0s1s2 1125 // sendout s0s1s2
1118 - char* s0s1s2 = new char[3073];  
1119 - SrsAutoFree(char, s0s1s2, true); 1126 + if ((ret = hs_bytes->create_s0s1s2()) != ERROR_SUCCESS) {
  1127 + return ret;
  1128 + }
1120 // plain text required. 1129 // plain text required.
1121 - s0s1s2[0] = 0x03;  
1122 - s1.dump(s0s1s2 + 1);  
1123 - s2.dump(s0s1s2 + 1537);  
1124 - if ((ret = skt->write(s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) { 1130 + hs_bytes->s0s1s2[0] = 0x03;
  1131 + s1.dump(hs_bytes->s0s1s2 + 1);
  1132 + s2.dump(hs_bytes->s0s1s2 + 1537);
  1133 + if ((ret = io->write(hs_bytes->s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) {
1125 srs_warn("complex handshake send s0s1s2 failed. ret=%d", ret); 1134 srs_warn("complex handshake send s0s1s2 failed. ret=%d", ret);
1126 return ret; 1135 return ret;
1127 } 1136 }
1128 srs_verbose("complex handshake send s0s1s2 success."); 1137 srs_verbose("complex handshake send s0s1s2 success.");
1129 1138
1130 // recv c2 1139 // recv c2
1131 - char* c2 = new char[1536];  
1132 - SrsAutoFree(char, c2, true);  
1133 - if ((ret = skt->read_fully(c2, 1536, &nsize)) != ERROR_SUCCESS) {  
1134 - srs_warn("complex handshake read c2 failed. ret=%d", ret); 1140 + if ((ret = hs_bytes->read_c2(io)) != ERROR_SUCCESS) {
1135 return ret; 1141 return ret;
1136 } 1142 }
  1143 + c2s2 c2;
  1144 + c2.parse(hs_bytes->c2);
1137 srs_verbose("complex handshake read c2 success."); 1145 srs_verbose("complex handshake read c2 success.");
  1146 + // verify c2
  1147 + if ((ret = c2.c2_validate(&s1, is_valid)) != ERROR_SUCCESS || !is_valid) {
  1148 + ret = ERROR_RTMP_HANDSHAKE;
  1149 + srs_trace("verify c2 failed. ret=%d", ret);
  1150 + return ret;
  1151 + }
  1152 + srs_verbose("verify c2 success.");
  1153 +
  1154 + srs_trace("comple handshake with client success");
1138 1155
1139 return ret; 1156 return ret;
1140 } 1157 }
1141 #endif 1158 #endif
1142 1159
1143 #ifndef SRS_SSL 1160 #ifndef SRS_SSL
1144 -int SrsComplexHandshake::handshake_with_server(ISrsProtocolReaderWriter* /*skt*/) 1161 +int SrsComplexHandshake::handshake_with_server(SrsHandshakeBytes* /*hs_bytes*/, ISrsProtocolReaderWriter* /*io*/)
1145 { 1162 {
1146 return ERROR_RTMP_TRY_SIMPLE_HS; 1163 return ERROR_RTMP_TRY_SIMPLE_HS;
1147 } 1164 }
1148 #else 1165 #else
1149 -int SrsComplexHandshake::handshake_with_server(ISrsProtocolReaderWriter* /*skt*/) 1166 +int SrsComplexHandshake::handshake_with_server(SrsHandshakeBytes* /*hs_bytes*/, ISrsProtocolReaderWriter* /*io*/)
1150 { 1167 {
1151 int ret = ERROR_SUCCESS; 1168 int ret = ERROR_SUCCESS;
1152 1169
@@ -32,6 +32,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -32,6 +32,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 32
33 class ISrsProtocolReaderWriter; 33 class ISrsProtocolReaderWriter;
34 class SrsComplexHandshake; 34 class SrsComplexHandshake;
  35 +class SrsHandshakeBytes;
35 36
36 /** 37 /**
37 * try complex handshake, if failed, fallback to simple handshake. 38 * try complex handshake, if failed, fallback to simple handshake.
@@ -44,12 +45,9 @@ public: @@ -44,12 +45,9 @@ public:
44 public: 45 public:
45 /** 46 /**
46 * simple handshake. 47 * simple handshake.
47 - * @param complex_hs, try complex handshake first,  
48 - * if NULL, use simple handshake.  
49 - * if failed, rollback to simple handshake.  
50 */ 48 */
51 - virtual int handshake_with_client(ISrsProtocolReaderWriter* io, SrsComplexHandshake* complex_hs);  
52 - virtual int handshake_with_server(ISrsProtocolReaderWriter* io, SrsComplexHandshake* complex_hs); 49 + virtual int handshake_with_client(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io);
  50 + virtual int handshake_with_server(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io);
53 }; 51 };
54 52
55 /** 53 /**
@@ -65,15 +63,13 @@ public: @@ -65,15 +63,13 @@ public:
65 public: 63 public:
66 /** 64 /**
67 * complex hanshake. 65 * complex hanshake.
68 - * @_c1, size of c1 must be 1536.  
69 - * @remark, user must free the c1.  
70 * @return user must: 66 * @return user must:
71 * continue connect app if success, 67 * continue connect app if success,
72 * try simple handshake if error is ERROR_RTMP_TRY_SIMPLE_HS, 68 * try simple handshake if error is ERROR_RTMP_TRY_SIMPLE_HS,
73 * otherwise, disconnect 69 * otherwise, disconnect
74 */ 70 */
75 - virtual int handshake_with_client(ISrsProtocolReaderWriter* io, char* _c1);  
76 - virtual int handshake_with_server(ISrsProtocolReaderWriter* io); 71 + virtual int handshake_with_client(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io);
  72 + virtual int handshake_with_server(SrsHandshakeBytes* hs_bytes, ISrsProtocolReaderWriter* io);
77 }; 73 };
78 74
79 namespace srs 75 namespace srs
@@ -241,6 +237,10 @@ namespace srs @@ -241,6 +237,10 @@ namespace srs
241 * copy to bytes. 237 * copy to bytes.
242 */ 238 */
243 virtual void dump(char* _c2s2); 239 virtual void dump(char* _c2s2);
  240 + /**
  241 + * parse the c2s2
  242 + */
  243 + virtual void parse(char* _c2s2);
244 244
245 /** 245 /**
246 * create c2. 246 * create c2.
@@ -253,6 +253,11 @@ namespace srs @@ -253,6 +253,11 @@ namespace srs
253 virtual int c2_create(c1s1* s1); 253 virtual int c2_create(c1s1* s1);
254 254
255 /** 255 /**
  256 + * validate the c2 from client.
  257 + */
  258 + virtual int c2_validate(c1s1* s1, bool& is_valid);
  259 +
  260 + /**
256 * create s2. 261 * create s2.
257 * random fill c2s2 1536 bytes 262 * random fill c2s2 1536 bytes
258 * 263 *
@@ -261,6 +266,11 @@ namespace srs @@ -261,6 +266,11 @@ namespace srs
261 * s2-digest-data = HMACsha256(s2-random-data, temp-key, 32) 266 * s2-digest-data = HMACsha256(s2-random-data, temp-key, 32)
262 */ 267 */
263 virtual int s2_create(c1s1* c1); 268 virtual int s2_create(c1s1* c1);
  269 +
  270 + /**
  271 + * validate the s2 from server.
  272 + */
  273 + virtual int s2_validate(c1s1* c1, bool& is_valid);
264 }; 274 };
265 275
266 /** 276 /**
@@ -187,15 +187,131 @@ string srs_client_type_string(SrsClientType type) @@ -187,15 +187,131 @@ string srs_client_type_string(SrsClientType type)
187 return "Unknown"; 187 return "Unknown";
188 } 188 }
189 189
  190 +SrsHandshakeBytes::SrsHandshakeBytes()
  191 +{
  192 + c0c1 = s0s1s2 = c2 = NULL;
  193 +}
  194 +
  195 +SrsHandshakeBytes::~SrsHandshakeBytes()
  196 +{
  197 + srs_freepa(c0c1);
  198 + srs_freepa(s0s1s2);
  199 + srs_freepa(c2);
  200 +}
  201 +
  202 +int SrsHandshakeBytes::read_c0c1(ISrsProtocolReaderWriter* io)
  203 +{
  204 + int ret = ERROR_SUCCESS;
  205 +
  206 + if (c0c1) {
  207 + return ret;
  208 + }
  209 +
  210 + ssize_t nsize;
  211 +
  212 + c0c1 = new char[1537];
  213 + if ((ret = io->read_fully(c0c1, 1537, &nsize)) != ERROR_SUCCESS) {
  214 + srs_warn("read c0c1 failed. ret=%d", ret);
  215 + return ret;
  216 + }
  217 + srs_verbose("read c0c1 success.");
  218 +
  219 + return ret;
  220 +}
  221 +
  222 +int SrsHandshakeBytes::read_s0s1s2(ISrsProtocolReaderWriter* io)
  223 +{
  224 + int ret = ERROR_SUCCESS;
  225 +
  226 + if (s0s1s2) {
  227 + return ret;
  228 + }
  229 +
  230 + ssize_t nsize;
  231 +
  232 + c0c1 = new char[3073];
  233 + if ((ret = io->read_fully(s0s1s2, 3073, &nsize)) != ERROR_SUCCESS) {
  234 + srs_warn("read s0s1s2 failed. ret=%d", ret);
  235 + return ret;
  236 + }
  237 + srs_verbose("read s0s1s2 success.");
  238 +
  239 + return ret;
  240 +}
  241 +
  242 +int SrsHandshakeBytes::read_c2(ISrsProtocolReaderWriter* io)
  243 +{
  244 + int ret = ERROR_SUCCESS;
  245 +
  246 + if (c2) {
  247 + return ret;
  248 + }
  249 +
  250 + ssize_t nsize;
  251 +
  252 + c2 = new char[1536];
  253 + if ((ret = io->read_fully(c2, 1536, &nsize)) != ERROR_SUCCESS) {
  254 + srs_warn("read c2 failed. ret=%d", ret);
  255 + return ret;
  256 + }
  257 + srs_verbose("read c2 success.");
  258 +
  259 + return ret;
  260 +}
  261 +
  262 +int SrsHandshakeBytes::create_c0c1()
  263 +{
  264 + int ret = ERROR_SUCCESS;
  265 +
  266 + if (c0c1) {
  267 + return ret;
  268 + }
  269 +
  270 + c0c1 = new char[1537];
  271 + srs_random_generate(c0c1, 1537);
  272 +
  273 + return ret;
  274 +}
  275 +
  276 +int SrsHandshakeBytes::create_s0s1s2()
  277 +{
  278 + int ret = ERROR_SUCCESS;
  279 +
  280 + if (s0s1s2) {
  281 + return ret;
  282 + }
  283 +
  284 + s0s1s2 = new char[3073];
  285 + srs_random_generate(s0s1s2, 3073);
  286 +
  287 + return ret;
  288 +}
  289 +
  290 +int SrsHandshakeBytes::create_c2()
  291 +{
  292 + int ret = ERROR_SUCCESS;
  293 +
  294 + if (c2) {
  295 + return ret;
  296 + }
  297 +
  298 + c2 = new char[1536];
  299 + srs_random_generate(c2, 1536);
  300 +
  301 + return ret;
  302 +}
  303 +
190 SrsRtmpClient::SrsRtmpClient(ISrsProtocolReaderWriter* skt) 304 SrsRtmpClient::SrsRtmpClient(ISrsProtocolReaderWriter* skt)
191 { 305 {
192 io = skt; 306 io = skt;
193 protocol = new SrsProtocol(skt); 307 protocol = new SrsProtocol(skt);
  308 + hs_bytes = new SrsHandshakeBytes();
194 } 309 }
195 310
196 SrsRtmpClient::~SrsRtmpClient() 311 SrsRtmpClient::~SrsRtmpClient()
197 { 312 {
198 srs_freep(protocol); 313 srs_freep(protocol);
  314 + srs_freep(hs_bytes);
199 } 315 }
200 316
201 void SrsRtmpClient::set_recv_timeout(int64_t timeout_us) 317 void SrsRtmpClient::set_recv_timeout(int64_t timeout_us)
@@ -242,12 +358,21 @@ int SrsRtmpClient::handshake() @@ -242,12 +358,21 @@ int SrsRtmpClient::handshake()
242 { 358 {
243 int ret = ERROR_SUCCESS; 359 int ret = ERROR_SUCCESS;
244 360
  361 + srs_assert(hs_bytes);
  362 +
245 SrsComplexHandshake complex_hs; 363 SrsComplexHandshake complex_hs;
246 - SrsSimpleHandshake simple_hs;  
247 - if ((ret = simple_hs.handshake_with_server(io, &complex_hs)) != ERROR_SUCCESS) { 364 + if ((ret = complex_hs.handshake_with_server(hs_bytes, io)) != ERROR_SUCCESS) {
  365 + if (ret == ERROR_RTMP_TRY_SIMPLE_HS) {
  366 + SrsSimpleHandshake simple_hs;
  367 + if ((ret = simple_hs.handshake_with_server(hs_bytes, io)) != ERROR_SUCCESS) {
  368 + return ret;
  369 + }
  370 + }
248 return ret; 371 return ret;
249 } 372 }
250 373
  374 + srs_freep(hs_bytes);
  375 +
251 return ret; 376 return ret;
252 } 377 }
253 378
@@ -255,18 +380,32 @@ int SrsRtmpClient::simple_handshake() @@ -255,18 +380,32 @@ int SrsRtmpClient::simple_handshake()
255 { 380 {
256 int ret = ERROR_SUCCESS; 381 int ret = ERROR_SUCCESS;
257 382
  383 + srs_assert(hs_bytes);
  384 +
258 SrsSimpleHandshake simple_hs; 385 SrsSimpleHandshake simple_hs;
259 - if ((ret = simple_hs.handshake_with_server(io, NULL)) != ERROR_SUCCESS) { 386 + if ((ret = simple_hs.handshake_with_server(hs_bytes, io)) != ERROR_SUCCESS) {
260 return ret; 387 return ret;
261 } 388 }
262 389
  390 + srs_freep(hs_bytes);
  391 +
263 return ret; 392 return ret;
264 } 393 }
265 394
266 int SrsRtmpClient::complex_handshake() 395 int SrsRtmpClient::complex_handshake()
267 { 396 {
268 - // TODO: FIXME: only use complex handshake.  
269 - return handshake(); 397 + int ret = ERROR_SUCCESS;
  398 +
  399 + srs_assert(hs_bytes);
  400 +
  401 + SrsComplexHandshake complex_hs;
  402 + if ((ret = complex_hs.handshake_with_server(hs_bytes, io)) != ERROR_SUCCESS) {
  403 + return ret;
  404 + }
  405 +
  406 + srs_freep(hs_bytes);
  407 +
  408 + return ret;
270 } 409 }
271 410
272 int SrsRtmpClient::connect_app(string app, string tc_url) 411 int SrsRtmpClient::connect_app(string app, string tc_url)
@@ -537,11 +676,13 @@ SrsRtmpServer::SrsRtmpServer(ISrsProtocolReaderWriter* skt) @@ -537,11 +676,13 @@ SrsRtmpServer::SrsRtmpServer(ISrsProtocolReaderWriter* skt)
537 { 676 {
538 io = skt; 677 io = skt;
539 protocol = new SrsProtocol(skt); 678 protocol = new SrsProtocol(skt);
  679 + hs_bytes = new SrsHandshakeBytes();
540 } 680 }
541 681
542 SrsRtmpServer::~SrsRtmpServer() 682 SrsRtmpServer::~SrsRtmpServer()
543 { 683 {
544 srs_freep(protocol); 684 srs_freep(protocol);
  685 + srs_freep(hs_bytes);
545 } 686 }
546 687
547 SrsProtocol* SrsRtmpServer::get_protocol() 688 SrsProtocol* SrsRtmpServer::get_protocol()
@@ -603,12 +744,21 @@ int SrsRtmpServer::handshake() @@ -603,12 +744,21 @@ int SrsRtmpServer::handshake()
603 { 744 {
604 int ret = ERROR_SUCCESS; 745 int ret = ERROR_SUCCESS;
605 746
  747 + srs_assert(hs_bytes);
  748 +
606 SrsComplexHandshake complex_hs; 749 SrsComplexHandshake complex_hs;
607 - SrsSimpleHandshake simple_hs;  
608 - if ((ret = simple_hs.handshake_with_client(io, &complex_hs)) != ERROR_SUCCESS) { 750 + if ((ret = complex_hs.handshake_with_client(hs_bytes, io)) != ERROR_SUCCESS) {
  751 + if (ret == ERROR_RTMP_TRY_SIMPLE_HS) {
  752 + SrsSimpleHandshake simple_hs;
  753 + if ((ret = simple_hs.handshake_with_client(hs_bytes, io)) != ERROR_SUCCESS) {
  754 + return ret;
  755 + }
  756 + }
609 return ret; 757 return ret;
610 } 758 }
611 759
  760 + srs_freep(hs_bytes);
  761 +
612 return ret; 762 return ret;
613 } 763 }
614 764
@@ -109,10 +109,37 @@ enum SrsClientType @@ -109,10 +109,37 @@ enum SrsClientType
109 std::string srs_client_type_string(SrsClientType type); 109 std::string srs_client_type_string(SrsClientType type);
110 110
111 /** 111 /**
  112 +* store the handshake bytes,
  113 +* for smart switch between complex and simple handshake.
  114 +*/
  115 +class SrsHandshakeBytes
  116 +{
  117 +public:
  118 + // [1+1536]
  119 + char* c0c1;
  120 + // [1+1536+1536]
  121 + char* s0s1s2;
  122 + // [1536]
  123 + char* c2;
  124 +public:
  125 + SrsHandshakeBytes();
  126 + virtual ~SrsHandshakeBytes();
  127 +public:
  128 + virtual int read_c0c1(ISrsProtocolReaderWriter* io);
  129 + virtual int read_s0s1s2(ISrsProtocolReaderWriter* io);
  130 + virtual int read_c2(ISrsProtocolReaderWriter* io);
  131 + virtual int create_c0c1();
  132 + virtual int create_s0s1s2();
  133 + virtual int create_c2();
  134 +};
  135 +
  136 +/**
112 * implements the client role protocol. 137 * implements the client role protocol.
113 */ 138 */
114 class SrsRtmpClient 139 class SrsRtmpClient
115 { 140 {
  141 +private:
  142 + SrsHandshakeBytes* hs_bytes;
116 protected: 143 protected:
117 SrsProtocol* protocol; 144 SrsProtocol* protocol;
118 ISrsProtocolReaderWriter* io; 145 ISrsProtocolReaderWriter* io;
@@ -155,6 +182,7 @@ public: @@ -155,6 +182,7 @@ public:
155 class SrsRtmpServer 182 class SrsRtmpServer
156 { 183 {
157 private: 184 private:
  185 + SrsHandshakeBytes* hs_bytes;
158 SrsProtocol* protocol; 186 SrsProtocol* protocol;
159 ISrsProtocolReaderWriter* io; 187 ISrsProtocolReaderWriter* io;
160 public: 188 public:
@@ -23,6 +23,10 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -23,6 +23,10 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23 23
24 #include <srs_protocol_utility.hpp> 24 #include <srs_protocol_utility.hpp>
25 25
  26 +#include <stdlib.h>
  27 +
  28 +#include <srs_kernel_log.hpp>
  29 +
26 void srs_vhost_resolve(std::string& vhost, std::string& app) 30 void srs_vhost_resolve(std::string& vhost, std::string& app)
27 { 31 {
28 app = srs_replace(app, "...", "?"); 32 app = srs_replace(app, "...", "?");
@@ -46,3 +50,23 @@ void srs_vhost_resolve(std::string& vhost, std::string& app) @@ -46,3 +50,23 @@ void srs_vhost_resolve(std::string& vhost, std::string& app)
46 } 50 }
47 } 51 }
48 } 52 }
  53 +
  54 +void srs_random_generate(char* bytes, int size)
  55 +{
  56 + static bool _random_initialized = false;
  57 + if (!_random_initialized) {
  58 + srand(0);
  59 + _random_initialized = true;
  60 + srs_trace("srand initialized the random.");
  61 + }
  62 +
  63 + static char cdata[] = {
  64 + 0x73, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x2d, 0x72, 0x74, 0x6d, 0x70, 0x2d, 0x73, 0x65,
  65 + 0x72, 0x76, 0x65, 0x72, 0x2d, 0x77, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x2d, 0x77, 0x69,
  66 + 0x6e, 0x74, 0x65, 0x72, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x40, 0x31, 0x32, 0x36,
  67 + 0x2e, 0x63, 0x6f, 0x6d
  68 + };
  69 + for (int i = 0; i < size; i++) {
  70 + bytes[i] = cdata[rand() % (sizeof(cdata) - 1)];
  71 + }
  72 +}
@@ -40,4 +40,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -40,4 +40,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 // app...vhost...request_vhost 40 // app...vhost...request_vhost
41 extern void srs_vhost_resolve(std::string& vhost, std::string& app); 41 extern void srs_vhost_resolve(std::string& vhost, std::string& app);
42 42
  43 +extern void srs_random_generate(char* bytes, int size);
  44 +
43 #endif 45 #endif