胡斌 / srs

转到一个项目
Toggle navigation Toggle navigation pinning
winlin
b15ee26a 1 parent 67ab0fb5

fix the ssl dh key size assert error, key size maybe 127, not always 128. 0.9.195

内嵌 并排对比
正在显示 2 个修改的文件 包含 26 行增加11 行删除
@@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 // current release version 31 // current release version
32 #define VERSION_MAJOR "0" 32 #define VERSION_MAJOR "0"
33 #define VERSION_MINOR "9" 33 #define VERSION_MINOR "9"
34 -#define VERSION_REVISION "194" 34 +#define VERSION_REVISION "195"
35 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION 35 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION
36 // server info. 36 // server info.
37 #define RTMP_SIG_SRS_KEY "SRS" 37 #define RTMP_SIG_SRS_KEY "SRS"
@@ -198,9 +198,9 @@ namespace _srs_internal @@ -198,9 +198,9 @@ namespace _srs_internal
198 } 198 }
199 199
200 // copy public key to bytes. 200 // copy public key to bytes.
201 - // TODO: FIXME: please finger it out. 201 + // sometimes, the key_size is 127, seems ok.
202 int32_t key_size = BN_num_bytes(pdh->pub_key); 202 int32_t key_size = BN_num_bytes(pdh->pub_key);
203 - srs_assert(key_size == size); 203 + srs_assert(key_size > 0);
204 204
205 if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) { 205 if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) {
206 //("Unable to copy key"); return ret; 206 //("Unable to copy key"); return ret;
@@ -211,18 +211,13 @@ namespace _srs_internal @@ -211,18 +211,13 @@ namespace _srs_internal
211 return ret; 211 return ret;
212 } 212 }
213 /** 213 /**
214 - * create DH and copy the 128bytes public key,  
215 - * generate and copy the shared key. 214 + * use exists DH to create and copy the 128bytes shared key.
  215 + * the peer public key used to generate the shared key.
216 */ 216 */
217 - int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* public_key, char* shared_key) 217 + int __openssl_copy_shared_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* shared_key)
218 { 218 {
219 int ret = ERROR_SUCCESS; 219 int ret = ERROR_SUCCESS;
220 220
221 - // create DH and copy the 128bytes public key  
222 - if ((ret = __openssl_copy_key(pdh, public_key, ppk_size)) != ERROR_SUCCESS) {  
223 - return ret;  
224 - }  
225 -  
226 BIGNUM* ppk = NULL; 221 BIGNUM* ppk = NULL;
227 if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) { 222 if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
228 ret = ERROR_OpenSslGetPeerPublicKey; 223 ret = ERROR_OpenSslGetPeerPublicKey;
@@ -240,6 +235,26 @@ namespace _srs_internal @@ -240,6 +235,26 @@ namespace _srs_internal
240 235
241 return ret; 236 return ret;
242 } 237 }
  238 + /**
  239 + * create DH and copy the 128bytes public key,
  240 + * generate and copy the shared key.
  241 + */
  242 + int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* public_key, char* shared_key)
  243 + {
  244 + int ret = ERROR_SUCCESS;
  245 +
  246 + // create DH and copy the 128bytes public key
  247 + if ((ret = __openssl_copy_key(pdh, public_key, ppk_size)) != ERROR_SUCCESS) {
  248 + return ret;
  249 + }
  250 +
  251 + // generate and copy the shared key
  252 + if ((ret = __openssl_copy_shared_key(pdh, peer_pub_key, ppk_size, shared_key)) != ERROR_SUCCESS) {
  253 + return ret;
  254 + }
  255 +
  256 + return ret;
  257 + }
243 void __openssl_free(DH* pdh) 258 void __openssl_free(DH* pdh)
244 { 259 {
245 if (pdh != NULL) { 260 if (pdh != NULL) {