[rtmpdump] r366 - in trunk: Makefile librtmp/Makefile librtmp/hashswf.c librtmp/rtmp.c librtmp/rtmp_sys.h
hyc
subversion at mplayerhq.hu
Wed Mar 17 10:54:39 CET 2010
Author: hyc
Date: Wed Mar 17 10:54:38 2010
New Revision: 366
Log:
Remainder of gnutls support
Modified:
trunk/Makefile
trunk/librtmp/Makefile
trunk/librtmp/hashswf.c
trunk/librtmp/rtmp.c
trunk/librtmp/rtmp_sys.h
Modified: trunk/Makefile
==============================================================================
--- trunk/Makefile Wed Mar 17 09:15:50 2010 (r365)
+++ trunk/Makefile Wed Mar 17 10:54:38 2010 (r366)
@@ -6,6 +6,7 @@ OPT=-O2
CFLAGS=-Wall $(XCFLAGS) $(INC) $(DEF) $(OPT)
LDFLAGS=-Wall $(XLDFLAGS)
LIBS=-lssl -lcrypto -lz
+#LIBS=-lgnutls -lz
THREADLIB=-lpthread
LIBRTMP=librtmp/librtmp.a
SLIBS=$(THREADLIB) $(LIBS)
Modified: trunk/librtmp/Makefile
==============================================================================
--- trunk/librtmp/Makefile Wed Mar 17 09:15:50 2010 (r365)
+++ trunk/librtmp/Makefile Wed Mar 17 10:54:38 2010 (r366)
@@ -1,7 +1,7 @@
CC=$(CROSS_COMPILE)gcc
LD=$(CROSS_COMPILE)ld
-DEF=-DRTMPDUMP_VERSION=\"v2.2a\"
+DEF=-DRTMPDUMP_VERSION=\"v2.2a\" # -DUSE_GNUTLS
OPT=-O2
CFLAGS=-Wall $(XCFLAGS) $(INC) $(DEF) $(OPT)
@@ -14,7 +14,7 @@ librtmp.a: rtmp.o log.o amf.o hashswf.o
$(AR) rs $@ $?
log.o: log.c log.h Makefile
-rtmp.o: rtmp.c rtmp.h handshake.h dh.h log.h amf.h Makefile
+rtmp.o: rtmp.c rtmp.h rtmp_sys.h handshake.h dh.h log.h amf.h Makefile
amf.o: amf.c amf.h bytes.h log.h Makefile
-hashswf.o: hashswf.c http.h rtmp.h
+hashswf.o: hashswf.c http.h rtmp.h rtmp_sys.h
parseurl.o: parseurl.c
Modified: trunk/librtmp/hashswf.c
==============================================================================
--- trunk/librtmp/hashswf.c Wed Mar 17 09:15:50 2010 (r365)
+++ trunk/librtmp/hashswf.c Wed Mar 17 10:54:38 2010 (r366)
@@ -28,22 +28,40 @@
#include "log.h"
#include "http.h"
+#ifdef USE_GNUTLS
+#include <gnutls/gnutls.h>
+#include <gcrypt.h>
+#ifndef SHA256_DIGEST_LENGTH
+#define SHA256_DIGEST_LENGTH 32
+#endif
+#define HMAC_CTX gcry_md_hd_t
+#define HMAC_setup(ctx, key, len) gcry_md_open(&ctx, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC); gcry_md_setkey(ctx, key, len)
+#define HMAC_crunch(ctx, buf, len) gcry_md_write(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; memcpy(dig, gcry_md_read(ctx, 0), dlen)
+#define HMAC_close(ctx) gcry_md_close(ctx)
+#else
#include <openssl/ssl.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
+#include <openssl/rc4.h>
+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len)
+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
+#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx)
+#endif
#include <zlib.h>
struct info
{
- HMAC_CTX *ctx;
z_stream *zs;
+ HMAC_CTX ctx;
int first;
int zlib;
int size;
};
-extern void RTMP_SSL_Init();
-extern SSL_CTX *RTMP_ssl_ctx;
+extern void RTMP_TLS_Init();
+extern TLS_CTX RTMP_TLS_ctx;
#define CHUNK 16384
@@ -63,7 +81,7 @@ swfcrunch(void *ptr, size_t size, size_t
*p = 'F';
i->zlib = 1;
}
- HMAC_Update(i->ctx, (unsigned char *)p, 8);
+ HMAC_crunch(i->ctx, (unsigned char *)p, 8);
p += 8;
len -= 8;
i->size = 8;
@@ -81,14 +99,14 @@ swfcrunch(void *ptr, size_t size, size_t
inflate(i->zs, Z_NO_FLUSH);
len = CHUNK - i->zs->avail_out;
i->size += len;
- HMAC_Update(i->ctx, out, len);
+ HMAC_crunch(i->ctx, out, len);
}
while (i->zs->avail_out == 0);
}
else
{
i->size += len;
- HMAC_Update(i->ctx, (unsigned char *)p, len);
+ HMAC_crunch(i->ctx, (unsigned char *)p, len);
}
return size * nmemb;
}
@@ -123,8 +141,8 @@ HTTP_get(struct HTTP_ctx *http, const ch
{
ssl = 1;
port = 443;
- if (!RTMP_ssl_ctx)
- RTMP_SSL_Init();
+ if (!RTMP_TLS_ctx)
+ RTMP_TLS_Init();
}
p1 = strchr(url + 4, ':');
@@ -172,11 +190,11 @@ HTTP_get(struct HTTP_ctx *http, const ch
}
if (ssl)
{
- sb.sb_ssl = SSL_new(RTMP_ssl_ctx);
- SSL_set_fd(sb.sb_ssl, sb.sb_socket);
- if (SSL_connect(sb.sb_ssl) < 0)
+ TLS_client(RTMP_TLS_ctx, sb.sb_ssl);
+ TLS_setfd(sb.sb_ssl, sb.sb_socket);
+ if ((i = TLS_connect(sb.sb_ssl)) < 0)
{
- Log(LOGERROR, "%s, SSL_Connect failed", __FUNCTION__);
+ Log(LOGERROR, "%s, TLS_Connect failed", __FUNCTION__);
ret = HTTPRES_LOST_CONNECTION;
goto leave;
}
@@ -416,7 +434,6 @@ RTMP_HashSWF(const char *url, unsigned i
struct HTTP_ctx http = { 0 };
HTTPResult httpres;
z_stream zs = { 0 };
- HMAC_CTX ctx;
date[0] = '\0';
home = getenv(ENV_HOME);
@@ -519,11 +536,8 @@ RTMP_HashSWF(const char *url, unsigned i
}
in.first = 1;
- HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, "Genuine Adobe Flash Player 001", 30, EVP_sha256(),
- NULL);
+ HMAC_setup(in.ctx, "Genuine Adobe Flash Player 001", 30);
inflateInit(&zs);
- in.ctx = &ctx;
in.zs = &zs;
http.date = date;
@@ -577,7 +591,7 @@ RTMP_HashSWF(const char *url, unsigned i
if (!in.first)
{
- HMAC_Final(&ctx, (unsigned char *)hash, &hlen);
+ HMAC_finish(in.ctx, hash, hlen);
*size = in.size;
fprintf(f, "date: %s\n", date);
@@ -588,7 +602,7 @@ RTMP_HashSWF(const char *url, unsigned i
fprintf(f, "\n");
}
}
- HMAC_CTX_cleanup(&ctx);
+ HMAC_close(in.ctx);
out:
free(path);
if (f)
Modified: trunk/librtmp/rtmp.c
==============================================================================
--- trunk/librtmp/rtmp.c Wed Mar 17 09:15:50 2010 (r365)
+++ trunk/librtmp/rtmp.c Wed Mar 17 10:54:38 2010 (r366)
@@ -42,7 +42,7 @@
#define RTMP_SIG_SIZE 1536
#define RTMP_LARGE_HEADER_SIZE 12
-SSL_CTX *RTMP_ssl_ctx;
+TLS_CTX RTMP_TLS_ctx;
static const int packetSize[] = { 12, 8, 4, 1 };
bool RTMP_ctrlC;
@@ -181,17 +181,22 @@ RTMPPacket_Dump(RTMPPacket *p)
}
void
-RTMP_SSL_Init()
+RTMP_TLS_Init()
{
#ifdef USE_GNUTLS
gnutls_global_init();
+ RTMP_TLS_ctx = malloc(sizeof(struct tls_ctx));
+ gnutls_certificate_allocate_credentials(&RTMP_TLS_ctx->cred);
+ gnutls_priority_init(&RTMP_TLS_ctx->prios, "NORMAL", NULL);
+ gnutls_certificate_set_x509_trust_file(RTMP_TLS_ctx->cred,
+ "ca.pem", GNUTLS_X509_FMT_PEM);
#else
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_digests();
- RTMP_ssl_ctx = SSL_CTX_new(SSLv23_method());
- SSL_CTX_set_options(RTMP_ssl_ctx, SSL_OP_ALL);
- SSL_CTX_set_default_verify_paths(RTMP_ssl_ctx);
+ RTMP_TLS_ctx = SSL_CTX_new(SSLv23_method());
+ SSL_CTX_set_options(RTMP_TLS_ctx, SSL_OP_ALL);
+ SSL_CTX_set_default_verify_paths(RTMP_TLS_ctx);
#endif
}
@@ -200,8 +205,8 @@ RTMP_Init(RTMP *r)
{
int i;
- if (!RTMP_ssl_ctx)
- RTMP_SSL_Init();
+ if (!RTMP_TLS_ctx)
+ RTMP_TLS_Init();
for (i = 0; i < RTMP_CHANNELS; i++)
{
@@ -466,11 +471,11 @@ RTMP_Connect1(RTMP *r, RTMPPacket *cp)
{
if (r->Link.protocol & RTMP_FEATURE_SSL)
{
- r->m_sb.sb_ssl = SSL_new(RTMP_ssl_ctx);
- SSL_set_fd(r->m_sb.sb_ssl, r->m_sb.sb_socket);
- if (SSL_connect(r->m_sb.sb_ssl) < 0)
+ TLS_client(RTMP_TLS_ctx, r->m_sb.sb_ssl);
+ TLS_setfd(r->m_sb.sb_ssl, r->m_sb.sb_socket);
+ if (TLS_connect(r->m_sb.sb_ssl) < 0)
{
- Log(LOGERROR, "%s, SSL_Connect failed", __FUNCTION__);
+ Log(LOGERROR, "%s, TLS_Connect failed", __FUNCTION__);
RTMP_Close(r);
return false;
}
@@ -2836,7 +2841,7 @@ RTMPSockBuf_Fill(RTMPSockBuf *sb)
nBytes = sizeof(sb->sb_buf) - sb->sb_size - (sb->sb_start - sb->sb_buf);
if (sb->sb_ssl)
{
- nBytes = SSL_read(sb->sb_ssl, sb->sb_start + sb->sb_size, nBytes);
+ nBytes = TLS_read(sb->sb_ssl, sb->sb_start + sb->sb_size, nBytes);
}
else
{
@@ -2877,7 +2882,7 @@ RTMPSockBuf_Send(RTMPSockBuf *sb, const
if (sb->sb_ssl)
{
- rc = SSL_write(sb->sb_ssl, buf, len);
+ rc = TLS_write(sb->sb_ssl, buf, len);
}
else
{
@@ -2891,8 +2896,8 @@ RTMPSockBuf_Close(RTMPSockBuf *sb)
{
if (sb->sb_ssl)
{
- SSL_shutdown(sb->sb_ssl);
- SSL_free(sb->sb_ssl);
+ TLS_shutdown(sb->sb_ssl);
+ TLS_close(sb->sb_ssl);
sb->sb_ssl = NULL;
}
return closesocket(sb->sb_socket);
Modified: trunk/librtmp/rtmp_sys.h
==============================================================================
--- trunk/librtmp/rtmp_sys.h Wed Mar 17 09:15:50 2010 (r365)
+++ trunk/librtmp/rtmp_sys.h Wed Mar 17 10:54:38 2010 (r366)
@@ -48,4 +48,29 @@
#include "rtmp.h"
+#ifdef USE_GNUTLS
+#include <gnutls/gnutls.h>
+typedef struct tls_ctx {
+ gnutls_certificate_credentials_t cred;
+ gnutls_priority_t prios;
+} tls_ctx;
+#define TLS_CTX tls_ctx *
+#define TLS_client(ctx,s) gnutls_init((gnutls_session_t *)(&s), GNUTLS_CLIENT); gnutls_priority_set(s, ctx->prios); gnutls_credentials_set(s, GNUTLS_CRD_CERTIFICATE, ctx->cred)
+#define TLS_setfd(s,fd) gnutls_transport_set_ptr(s, (gnutls_transport_ptr_t)(long)fd)
+#define TLS_connect(s) gnutls_handshake(s)
+#define TLS_read(s,b,l) gnutls_record_recv(s,b,l)
+#define TLS_write(s,b,l) gnutls_record_send(s,b,l)
+#define TLS_shutdown(s) gnutls_bye(s, GNUTLS_SHUT_RDWR)
+#define TLS_close(s) gnutls_deinit(s)
+#else
+#define TLS_CTX SSL_CTX *
+#define TLS_client(ctx,s) s = SSL_new(ctx)
+#define TLS_setfd(s,fd) SSL_set_fd(s,fd)
+#define TLS_connect(s) SSL_connect(s)
+#define TLS_read(s,b,l) SSL_read(s,b,l)
+#define TLS_write(s,b,l) SSL_write(s,b,l)
+#define TLS_shutdown(s) SSL_shutdown(s)
+#define TLS_close(s) SSL_free(s)
+
+#endif
#endif
More information about the rtmpdump
mailing list