repositories / deb_shairplay.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add metadata checking of SET_PARAMETERS to RAOP handler
[deb_shairplay.git] / src / lib / raop.c
1 /**
2 * Copyright (C) 2011-2012 Juho Vähä-Herttua
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 */
14
15 #include <stdlib.h>
16 #include <stdio.h>
17 #include <string.h>
18 #include <assert.h>
19
20 #include "raop.h"
21 #include "raop_rtp.h"
22 #include "rsakey.h"
23 #include "digest.h"
24 #include "httpd.h"
25 #include "sdp.h"
26
27 #include "global.h"
28 #include "utils.h"
29 #include "netutils.h"
30 #include "logger.h"
31 #include "compat.h"
32
33 /* Actually 345 bytes for 2048-bit key */
34 #define MAX_SIGNATURE_LEN 512
35
36 /* Let's just decide on some length */
37 #define MAX_PASSWORD_LEN 64
38
39 /* MD5 as hex fits here */
40 #define MAX_NONCE_LEN 32
41
42 struct raop_s {
43 /* Callbacks for audio */
44 raop_callbacks_t callbacks;
45
46 /* Logger instance */
47 logger_t logger;
48
49 /* HTTP daemon and RSA key */
50 httpd_t *httpd;
51 rsakey_t *rsakey;
52
53 /* Hardware address information */
54 unsigned char hwaddr[MAX_HWADDR_LEN];
55 int hwaddrlen;
56
57 /* Password information */
58 char password[MAX_PASSWORD_LEN+1];
59 };
60
61 struct raop_conn_s {
62 raop_t *raop;
63 raop_rtp_t *raop_rtp;
64
65 unsigned char *local;
66 int locallen;
67
68 unsigned char *remote;
69 int remotelen;
70
71 char nonce[MAX_NONCE_LEN+1];
72 };
73 typedef struct raop_conn_s raop_conn_t;
74
75 static void *
76 conn_init(void *opaque, unsigned char *local, int locallen, unsigned char *remote, int remotelen)
77 {
78 raop_conn_t *conn;
79
80 conn = calloc(1, sizeof(raop_conn_t));
81 if (!conn) {
82 return NULL;
83 }
84 conn->raop = opaque;
85 conn->raop_rtp = NULL;
86
87 if (locallen == 4) {
88 logger_log(&conn->raop->logger, LOGGER_INFO,
89 "Local: %d.%d.%d.%d",
90 local[0], local[1], local[2], local[3]);
91 } else if (locallen == 16) {
92 logger_log(&conn->raop->logger, LOGGER_INFO,
93 "Local: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x",
94 local[0], local[1], local[2], local[3], local[4], local[5], local[6], local[7],
95 local[8], local[9], local[10], local[11], local[12], local[13], local[14], local[15]);
96 }
97 if (remotelen == 4) {
98 logger_log(&conn->raop->logger, LOGGER_INFO,
99 "Remote: %d.%d.%d.%d",
100 remote[0], remote[1], remote[2], remote[3]);
101 } else if (remotelen == 16) {
102 logger_log(&conn->raop->logger, LOGGER_INFO,
103 "Remote: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x",
104 remote[0], remote[1], remote[2], remote[3], remote[4], remote[5], remote[6], remote[7],
105 remote[8], remote[9], remote[10], remote[11], remote[12], remote[13], remote[14], remote[15]);
106 }
107
108 conn->local = malloc(locallen);
109 assert(conn->local);
110 memcpy(conn->local, local, locallen);
111
112 conn->remote = malloc(remotelen);
113 assert(conn->remote);
114 memcpy(conn->remote, remote, remotelen);
115
116 conn->locallen = locallen;
117 conn->remotelen = remotelen;
118
119 digest_generate_nonce(conn->nonce, sizeof(conn->nonce));
120 return conn;
121 }
122
123 static void
124 conn_request(void *ptr, http_request_t *request, http_response_t **response)
125 {
126 raop_conn_t *conn = ptr;
127 raop_t *raop = conn->raop;
128
129 http_response_t *res;
130 const char *method;
131 const char *cseq;
132 const char *challenge;
133 int require_auth = 0;
134
135 method = http_request_get_method(request);
136 cseq = http_request_get_header(request, "CSeq");
137 if (!method || !cseq) {
138 return;
139 }
140
141 res = http_response_init("RTSP/1.0", 200, "OK");
142 if (strlen(raop->password)) {
143 const char *authorization;
144
145 authorization = http_request_get_header(request, "Authorization");
146 if (authorization) {
147 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Our nonce: %s", conn->nonce);
148 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Authorization: %s", authorization);
149 }
150 if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, http_request_get_url(request), authorization)) {
151 char *authstr;
152 int authstrlen;
153
154 /* Allocate the authenticate string */
155 authstrlen = sizeof("Digest realm=\"AppleTV\", nonce=\"\"") + sizeof(conn->nonce) + 1;
156 authstr = malloc(authstrlen);
157
158 /* Concatenate the authenticate string */
159 memset(authstr, 0, authstrlen);
160 strcat(authstr, "Digest realm=\"AppleTV\", nonce=\"");
161 strcat(authstr, conn->nonce);
162 strcat(authstr, "\"");
163
164 /* Construct a new response */
165 require_auth = 1;
166 http_response_destroy(res);
167 res = http_response_init("RTSP/1.0", 401, "Unauthorized");
168 http_response_add_header(res, "WWW-Authenticate", authstr);
169 free(authstr);
170 } else {
171 logger_log(&conn->raop->logger, LOGGER_DEBUG, "AUTHENTICATION SUCCESS!");
172 }
173 }
174
175 http_response_add_header(res, "CSeq", cseq);
176 http_response_add_header(res, "Apple-Jack-Status", "connected; type=analog");
177
178 challenge = http_request_get_header(request, "Apple-Challenge");
179 if (!require_auth && challenge) {
180 char signature[MAX_SIGNATURE_LEN];
181
182 memset(signature, 0, sizeof(signature));
183 rsakey_sign(raop->rsakey, signature, sizeof(signature), challenge,
184 conn->local, conn->locallen, raop->hwaddr, raop->hwaddrlen);
185 http_response_add_header(res, "Apple-Response", signature);
186
187 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got challenge: %s", challenge);
188 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got response: %s", signature);
189 }
190
191 if (require_auth) {
192 /* Do nothing in case of authentication request */
193 } else if (!strcmp(method, "OPTIONS")) {
194 http_response_add_header(res, "Public", "ANNOUNCE, SETUP, RECORD, PAUSE, FLUSH, TEARDOWN, OPTIONS, GET_PARAMETER, SET_PARAMETER");
195 } else if (!strcmp(method, "ANNOUNCE")) {
196 const char *data;
197 int datalen;
198
199 unsigned char aeskey[16];
200 unsigned char aesiv[16];
201 int aeskeylen, aesivlen;
202
203 data = http_request_get_data(request, &datalen);
204 if (data) {
205 sdp_t *sdp;
206 const char *remotestr, *fmtpstr, *aeskeystr, *aesivstr;
207
208 sdp = sdp_init(data, datalen);
209 remotestr = sdp_get_connection(sdp);
210 fmtpstr = sdp_get_fmtp(sdp);
211 aeskeystr = sdp_get_rsaaeskey(sdp);
212 aesivstr = sdp_get_aesiv(sdp);
213
214 logger_log(&conn->raop->logger, LOGGER_DEBUG, "connection: %s", remotestr);
215 logger_log(&conn->raop->logger, LOGGER_DEBUG, "fmtp: %s", fmtpstr);
216 logger_log(&conn->raop->logger, LOGGER_DEBUG, "rsaaeskey: %s", aeskeystr);
217 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesiv: %s", aesivstr);
218
219 aeskeylen = rsakey_decrypt(raop->rsakey, aeskey, sizeof(aeskey), aeskeystr);
220 aesivlen = rsakey_parseiv(raop->rsakey, aesiv, sizeof(aesiv), aesivstr);
221 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aeskeylen: %d", aeskeylen);
222 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesivlen: %d", aesivlen);
223
224 if (conn->raop_rtp) {
225 /* This should never happen */
226 raop_rtp_destroy(conn->raop_rtp);
227 conn->raop_rtp = NULL;
228 }
229 conn->raop_rtp = raop_rtp_init(&raop->logger, &raop->callbacks, remotestr, fmtpstr, aeskey, aesiv);
230 sdp_destroy(sdp);
231 }
232 } else if (!strcmp(method, "SETUP")) {
233 unsigned short remote_cport=0, remote_tport=0;
234 unsigned short cport=0, tport=0, dport=0;
235 const char *transport;
236 char buffer[1024];
237 int use_udp;
238
239 transport = http_request_get_header(request, "Transport");
240 assert(transport);
241
242 logger_log(&conn->raop->logger, LOGGER_INFO, "Transport: %s", transport);
243 use_udp = strncmp(transport, "RTP/AVP/TCP", 11);
244 if (use_udp) {
245 char *original, *current, *tmpstr;
246
247 current = original = strdup(transport);
248 if (original) {
249 while ((tmpstr = utils_strsep(&current, ";")) != NULL) {
250 unsigned short value;
251 int ret;
252
253 ret = sscanf(tmpstr, "control_port=%hu", &value);
254 if (ret == 1) {
255 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote control port: %hu", value);
256 remote_cport = value;
257 }
258 ret = sscanf(tmpstr, "timing_port=%hu", &value);
259 if (ret == 1) {
260 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote timing port: %hu", value);
261 remote_tport = value;
262 }
263 }
264 }
265 free(original);
266 }
267 raop_rtp_start(conn->raop_rtp, use_udp, remote_cport, remote_tport, &cport, &tport, &dport);
268
269 memset(buffer, 0, sizeof(buffer));
270 if (use_udp) {
271 snprintf(buffer, sizeof(buffer)-1,
272 "RTP/AVP/UDP;unicast;mode=record;timing_port=%hu;events;control_port=%hu;server_port=%hu",
273 tport, cport, dport);
274 } else {
275 snprintf(buffer, sizeof(buffer)-1,
276 "RTP/AVP/TCP;unicast;interleaved=0-1;mode=record;server_port=%u",
277 dport);
278 }
279 logger_log(&conn->raop->logger, LOGGER_INFO, "Responding with %s", buffer);
280 http_response_add_header(res, "Transport", buffer);
281 http_response_add_header(res, "Session", "DEADBEEF");
282 } else if (!strcmp(method, "SET_PARAMETER")) {
283 const char *content_type;
284 const char *data;
285 int datalen;
286
287 content_type = http_request_get_header(request, "Content-Type");
288 data = http_request_get_data(request, &datalen);
289 if (!strcmp(content_type, "text/parameters")) {
290 char *datastr;
291 datastr = calloc(1, datalen+1);
292 if (data && datastr && conn->raop_rtp) {
293 memcpy(datastr, data, datalen);
294 if (!strncmp(datastr, "volume: ", 8)) {
295 float vol = 0.0;
296 sscanf(datastr+8, "%f", &vol);
297 raop_rtp_set_volume(conn->raop_rtp, vol);
298 }
299 }
300 free(datastr);
301 } else if (!strcmp(content_type, "image/jpeg")) {
302 logger_log(&conn->raop->logger, LOGGER_INFO, "UNHANDLED: Got image data of %d bytes", datalen);
303 } else if (!strcmp(content_type, "application/x-dmap-tagged")) {
304 logger_log(&conn->raop->logger, LOGGER_INFO, "UNHANDLED: Got metadata of %d bytes", datalen);
305 }
306 } else if (!strcmp(method, "FLUSH")) {
307 const char *rtpinfo;
308 int next_seq = -1;
309
310 rtpinfo = http_request_get_header(request, "RTP-Info");
311 if (rtpinfo) {
312 logger_log(&conn->raop->logger, LOGGER_INFO, "Flush with RTP-Info: %s", rtpinfo);
313 if (!strncmp(rtpinfo, "seq=", 4)) {
314 next_seq = strtol(rtpinfo+4, NULL, 10);
315 }
316 }
317 if (conn->raop_rtp) {
318 raop_rtp_flush(conn->raop_rtp, next_seq);
319 }
320 } else if (!strcmp(method, "TEARDOWN")) {
321 http_response_add_header(res, "Connection", "close");
322 if (conn->raop_rtp) {
323 /* Destroy our RTP session */
324 raop_rtp_stop(conn->raop_rtp);
325 raop_rtp_destroy(conn->raop_rtp);
326 conn->raop_rtp = NULL;
327 }
328 }
329 http_response_finish(res, NULL, 0);
330
331 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got request %s with URL %s", method, http_request_get_url(request));
332 *response = res;
333 }
334
335 static void
336 conn_destroy(void *ptr)
337 {
338 raop_conn_t *conn = ptr;
339
340 if (conn->raop_rtp) {
341 /* This is done in case TEARDOWN was not called */
342 raop_rtp_destroy(conn->raop_rtp);
343 }
344 free(conn->local);
345 free(conn->remote);
346 free(conn);
347 }
348
349 raop_t *
350 raop_init(raop_callbacks_t *callbacks, const char *pemkey)
351 {
352 raop_t *raop;
353 httpd_t *httpd;
354 rsakey_t *rsakey;
355 httpd_callbacks_t httpd_cbs;
356
357 assert(callbacks);
358 assert(pemkey);
359
360 /* Initialize the network */
361 if (netutils_init() < 0) {
362 return NULL;
363 }
364
365 /* Validate the callbacks structure */
366 if (!callbacks->audio_init || !callbacks->audio_set_volume ||
367 !callbacks->audio_process || !callbacks->audio_flush ||
368 !callbacks->audio_destroy) {
369 return NULL;
370 }
371
372 /* Allocate the raop_t structure */
373 raop = calloc(1, sizeof(raop_t));
374 if (!raop) {
375 return NULL;
376 }
377
378 /* Initialize the logger */
379 logger_init(&raop->logger);
380
381 /* Set HTTP callbacks to our handlers */
382 memset(&httpd_cbs, 0, sizeof(httpd_cbs));
383 httpd_cbs.opaque = raop;
384 httpd_cbs.conn_init = &conn_init;
385 httpd_cbs.conn_request = &conn_request;
386 httpd_cbs.conn_destroy = &conn_destroy;
387
388 /* Initialize the http daemon */
389 httpd = httpd_init(&raop->logger, &httpd_cbs, 10, 1);
390 if (!httpd) {
391 free(raop);
392 return NULL;
393 }
394
395 /* Copy callbacks structure */
396 memcpy(&raop->callbacks, callbacks, sizeof(raop_callbacks_t));
397
398 /* Initialize RSA key handler */
399 rsakey = rsakey_init_pem(pemkey);
400 if (!rsakey) {
401 free(httpd);
402 free(raop);
403 return NULL;
404 }
405
406 raop->httpd = httpd;
407 raop->rsakey = rsakey;
408
409 return raop;
410 }
411
412 raop_t *
413 raop_init_from_keyfile(raop_callbacks_t *callbacks, const char *keyfile)
414 {
415 raop_t *raop;
416 char *pemstr;
417
418 if (utils_read_file(&pemstr, keyfile) < 0) {
419 return NULL;
420 }
421 raop = raop_init(callbacks, pemstr);
422 free(pemstr);
423 return raop;
424 }
425
426 void
427 raop_destroy(raop_t *raop)
428 {
429 if (raop) {
430 raop_stop(raop);
431
432 httpd_destroy(raop->httpd);
433 rsakey_destroy(raop->rsakey);
434 free(raop);
435
436 /* Cleanup the network */
437 netutils_cleanup();
438 }
439 }
440
441 int
442 raop_is_running(raop_t *raop)
443 {
444 assert(raop);
445
446 return httpd_is_running(raop->httpd);
447 }
448
449 int
450 raop_start(raop_t *raop, unsigned short *port, const char *hwaddr, int hwaddrlen, const char *password)
451 {
452 assert(raop);
453 assert(port);
454 assert(hwaddr);
455
456 /* Validate hardware address */
457 if (hwaddrlen > MAX_HWADDR_LEN) {
458 return -1;
459 }
460
461 memset(raop->password, 0, sizeof(raop->password));
462 if (password) {
463 /* Validate password */
464 if (strlen(password) > MAX_PASSWORD_LEN) {
465 return -1;
466 }
467
468 /* Copy password to the raop structure */
469 strncpy(raop->password, password, MAX_PASSWORD_LEN);
470 }
471
472 /* Copy hwaddr to the raop structure */
473 memcpy(raop->hwaddr, hwaddr, hwaddrlen);
474 raop->hwaddrlen = hwaddrlen;
475
476 return httpd_start(raop->httpd, port);
477 }
478
479 void
480 raop_stop(raop_t *raop)
481 {
482 assert(raop);
483
484 httpd_stop(raop->httpd);
485 }
486
shairplay Piment Noir Debian package repository