repositories / deb_shairplay.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix bugs in the digest handling.
[deb_shairplay.git] / src / lib / raop.c
1 /**
2 * Copyright (C) 2011-2012 Juho Vähä-Herttua
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 */
14
15 #include <stdlib.h>
16 #include <stdio.h>
17 #include <string.h>
18 #include <assert.h>
19
20 #include "raop.h"
21 #include "raop_rtp.h"
22 #include "rsakey.h"
23 #include "digest.h"
24 #include "httpd.h"
25 #include "sdp.h"
26
27 #include "global.h"
28 #include "utils.h"
29 #include "netutils.h"
30 #include "logger.h"
31
32 /* Actually 345 bytes for 2048-bit key */
33 #define MAX_SIGNATURE_LEN 512
34
35 /* Let's just decide on some length */
36 #define MAX_PASSWORD_LEN 64
37
38 /* MD5 as hex fits here */
39 #define MAX_NONCE_LEN 32
40
41 struct raop_s {
42 /* Callbacks for audio */
43 raop_callbacks_t callbacks;
44
45 /* Logger instance */
46 logger_t logger;
47
48 /* HTTP daemon and RSA key */
49 httpd_t *httpd;
50 rsakey_t *rsakey;
51
52 /* Hardware address information */
53 unsigned char hwaddr[MAX_HWADDR_LEN];
54 int hwaddrlen;
55
56 /* Password information */
57 char password[MAX_PASSWORD_LEN+1];
58 };
59
60 struct raop_conn_s {
61 raop_t *raop;
62 raop_rtp_t *raop_rtp;
63
64 unsigned char *local;
65 int locallen;
66
67 unsigned char *remote;
68 int remotelen;
69
70 char nonce[MAX_NONCE_LEN+1];
71 };
72 typedef struct raop_conn_s raop_conn_t;
73
74 static void *
75 conn_init(void *opaque, unsigned char *local, int locallen, unsigned char *remote, int remotelen)
76 {
77 raop_conn_t *conn;
78
79 conn = calloc(1, sizeof(raop_conn_t));
80 if (!conn) {
81 return NULL;
82 }
83 conn->raop = opaque;
84 conn->raop_rtp = NULL;
85
86 if (locallen == 4) {
87 logger_log(&conn->raop->logger, LOGGER_INFO,
88 "Local: %d.%d.%d.%d\n",
89 local[0], local[1], local[2], local[3]);
90 } else if (locallen == 16) {
91 logger_log(&conn->raop->logger, LOGGER_INFO,
92 "Local: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
93 local[0], local[1], local[2], local[3], local[4], local[5], local[6], local[7],
94 local[8], local[9], local[10], local[11], local[12], local[13], local[14], local[15]);
95 }
96 if (remotelen == 4) {
97 logger_log(&conn->raop->logger, LOGGER_INFO,
98 "Remote: %d.%d.%d.%d\n",
99 remote[0], remote[1], remote[2], remote[3]);
100 } else if (remotelen == 16) {
101 logger_log(&conn->raop->logger, LOGGER_INFO,
102 "Remote: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
103 remote[0], remote[1], remote[2], remote[3], remote[4], remote[5], remote[6], remote[7],
104 remote[8], remote[9], remote[10], remote[11], remote[12], remote[13], remote[14], remote[15]);
105 }
106
107 conn->local = malloc(locallen);
108 assert(conn->local);
109 memcpy(conn->local, local, locallen);
110
111 conn->remote = malloc(remotelen);
112 assert(conn->remote);
113 memcpy(conn->remote, remote, remotelen);
114
115 conn->locallen = locallen;
116 conn->remotelen = remotelen;
117
118 digest_generate_nonce(conn->nonce, sizeof(conn->nonce));
119 return conn;
120 }
121
122 static void
123 conn_request(void *ptr, http_request_t *request, http_response_t **response)
124 {
125 raop_conn_t *conn = ptr;
126 raop_t *raop = conn->raop;
127
128 http_response_t *res;
129 const char *method;
130 const char *cseq;
131 const char *challenge;
132 int require_auth = 0;
133
134 method = http_request_get_method(request);
135 cseq = http_request_get_header(request, "CSeq");
136 if (!method || !cseq) {
137 return;
138 }
139
140 res = http_response_init("RTSP/1.0", 200, "OK");
141 if (strlen(raop->password)) {
142 const char *authorization;
143
144 authorization = http_request_get_header(request, "Authorization");
145 if (authorization) {
146 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Our nonce: %s\n", conn->nonce);
147 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Authorization: %s\n", authorization);
148 }
149 if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, http_request_get_url(request), authorization)) {
150 char *authstr;
151 int authstrlen;
152
153 /* Allocate the authenticate string */
154 authstrlen = sizeof("Digest realm=\"AppleTV\", nonce=\"\"") + sizeof(conn->nonce) + 1;
155 authstr = malloc(authstrlen);
156
157 /* Concatenate the authenticate string */
158 memset(authstr, 0, authstrlen);
159 strcat(authstr, "Digest realm=\"AppleTV\", nonce=\"");
160 strcat(authstr, conn->nonce);
161 strcat(authstr, "\"");
162
163 /* Construct a new response */
164 require_auth = 1;
165 http_response_destroy(res);
166 res = http_response_init("RTSP/1.0", 401, "Unauthorized");
167 http_response_add_header(res, "WWW-Authenticate", authstr);
168 free(authstr);
169 } else {
170 logger_log(&conn->raop->logger, LOGGER_DEBUG, "AUTHENTICATION SUCCESS!\n");
171 }
172 }
173
174 http_response_add_header(res, "CSeq", cseq);
175 http_response_add_header(res, "Apple-Jack-Status", "connected; type=analog");
176
177 challenge = http_request_get_header(request, "Apple-Challenge");
178 if (challenge) {
179 char signature[MAX_SIGNATURE_LEN];
180
181 memset(signature, 0, sizeof(signature));
182 rsakey_sign(raop->rsakey, signature, sizeof(signature), challenge,
183 conn->local, conn->locallen, raop->hwaddr, raop->hwaddrlen);
184 http_response_add_header(res, "Apple-Response", signature);
185
186 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got challenge: %s\n", challenge);
187 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got response: %s\n", signature);
188 }
189
190 if (require_auth) {
191 /* Do nothing in case of authentication request */
192 } else if (!strcmp(method, "OPTIONS")) {
193 http_response_add_header(res, "Public", "ANNOUNCE, SETUP, RECORD, PAUSE, FLUSH, TEARDOWN, OPTIONS, GET_PARAMETER, SET_PARAMETER");
194 } else if (!strcmp(method, "ANNOUNCE")) {
195 const char *data;
196 int datalen;
197
198 unsigned char aeskey[16];
199 unsigned char aesiv[16];
200 int aeskeylen, aesivlen;
201
202 data = http_request_get_data(request, &datalen);
203 if (data) {
204 sdp_t *sdp;
205 const char *remotestr, *fmtpstr, *aeskeystr, *aesivstr;
206
207 sdp = sdp_init(data, datalen);
208 remotestr = sdp_get_connection(sdp);
209 fmtpstr = sdp_get_fmtp(sdp);
210 aeskeystr = sdp_get_rsaaeskey(sdp);
211 aesivstr = sdp_get_aesiv(sdp);
212
213 logger_log(&conn->raop->logger, LOGGER_DEBUG, "connection: %s\n", remotestr);
214 logger_log(&conn->raop->logger, LOGGER_DEBUG, "fmtp: %s\n", fmtpstr);
215 logger_log(&conn->raop->logger, LOGGER_DEBUG, "rsaaeskey: %s\n", aeskeystr);
216 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesiv: %s\n", aesivstr);
217
218 aeskeylen = rsakey_decrypt(raop->rsakey, aeskey, sizeof(aeskey), aeskeystr);
219 aesivlen = rsakey_parseiv(raop->rsakey, aesiv, sizeof(aesiv), aesivstr);
220 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aeskeylen: %d\n", aeskeylen);
221 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesivlen: %d\n", aesivlen);
222
223 if (conn->raop_rtp) {
224 /* This should never happen */
225 raop_rtp_destroy(conn->raop_rtp);
226 conn->raop_rtp = NULL;
227 }
228 conn->raop_rtp = raop_rtp_init(&raop->logger, &raop->callbacks, remotestr, fmtpstr, aeskey, aesiv);
229 sdp_destroy(sdp);
230 }
231 } else if (!strcmp(method, "SETUP")) {
232 unsigned short remote_cport=0, remote_tport=0;
233 unsigned short cport=0, tport=0, dport=0;
234 const char *transport;
235 char buffer[1024];
236 int use_udp;
237
238 transport = http_request_get_header(request, "Transport");
239 assert(transport);
240
241 logger_log(&conn->raop->logger, LOGGER_INFO, "Transport: %s\n", transport);
242 use_udp = strncmp(transport, "RTP/AVP/TCP", 11);
243 if (use_udp) {
244 char *original, *current, *tmpstr;
245
246 current = original = strdup(transport);
247 if (original) {
248 while ((tmpstr = utils_strsep(&current, ";")) != NULL) {
249 unsigned short value;
250 int ret;
251
252 ret = sscanf(tmpstr, "control_port=%hu", &value);
253 if (ret == 1) {
254 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote control port: %hu\n", value);
255 remote_cport = value;
256 }
257 ret = sscanf(tmpstr, "timing_port=%hu", &value);
258 if (ret == 1) {
259 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote timing port: %hu\n", value);
260 remote_tport = value;
261 }
262 }
263 }
264 free(original);
265 }
266 raop_rtp_start(conn->raop_rtp, use_udp, remote_cport, remote_tport, &cport, &tport, &dport);
267
268 memset(buffer, 0, sizeof(buffer));
269 if (use_udp) {
270 snprintf(buffer, sizeof(buffer)-1,
271 "RTP/AVP/UDP;unicast;mode=record;timing_port=%hu;events;control_port=%hu;server_port=%hu",
272 tport, cport, dport);
273 } else {
274 snprintf(buffer, sizeof(buffer)-1,
275 "RTP/AVP/TCP;unicast;interleaved=0-1;mode=record;server_port=%u",
276 dport);
277 }
278 logger_log(&conn->raop->logger, LOGGER_INFO, "Responding with %s\n", buffer);
279 http_response_add_header(res, "Transport", buffer);
280 http_response_add_header(res, "Session", "DEADBEEF");
281 } else if (!strcmp(method, "SET_PARAMETER")) {
282 const char *data;
283 int datalen;
284 char *datastr;
285
286 data = http_request_get_data(request, &datalen);
287 datastr = calloc(1, datalen+1);
288 if (data && datastr && conn->raop_rtp) {
289 memcpy(datastr, data, datalen);
290 if (!strncmp(datastr, "volume: ", 8)) {
291 float vol = 0.0;
292 sscanf(data+8, "%f", &vol);
293 raop_rtp_set_volume(conn->raop_rtp, vol);
294 }
295 }
296 } else if (!strcmp(method, "FLUSH")) {
297 const char *rtpinfo;
298 int next_seq = -1;
299
300 rtpinfo = http_request_get_header(request, "RTP-Info");
301 if (rtpinfo) {
302 logger_log(&conn->raop->logger, LOGGER_INFO, "Flush with RTP-Info: %s\n", rtpinfo);
303 if (!strncmp(rtpinfo, "seq=", 4)) {
304 next_seq = strtol(rtpinfo+4, NULL, 10);
305 }
306 }
307 if (conn->raop_rtp) {
308 raop_rtp_flush(conn->raop_rtp, next_seq);
309 }
310 } else if (!strcmp(method, "TEARDOWN")) {
311 http_response_add_header(res, "Connection", "close");
312 if (conn->raop_rtp) {
313 /* Destroy our RTP session */
314 raop_rtp_stop(conn->raop_rtp);
315 raop_rtp_destroy(conn->raop_rtp);
316 conn->raop_rtp = NULL;
317 }
318 }
319 http_response_finish(res, NULL, 0);
320
321 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got request %s with URL %s\n", method, http_request_get_url(request));
322 *response = res;
323 }
324
325 static void
326 conn_destroy(void *ptr)
327 {
328 raop_conn_t *conn = ptr;
329
330 if (conn->raop_rtp) {
331 /* This is done in case TEARDOWN was not called */
332 raop_rtp_destroy(conn->raop_rtp);
333 }
334 free(conn->local);
335 free(conn->remote);
336 free(conn);
337 }
338
339 raop_t *
340 raop_init(raop_callbacks_t *callbacks, const char *pemkey)
341 {
342 raop_t *raop;
343 httpd_t *httpd;
344 rsakey_t *rsakey;
345 httpd_callbacks_t httpd_cbs;
346
347 assert(callbacks);
348 assert(pemkey);
349
350 /* Initialize the network */
351 if (netutils_init() < 0) {
352 return NULL;
353 }
354
355 /* Validate the callbacks structure */
356 if (!callbacks->audio_init || !callbacks->audio_set_volume ||
357 !callbacks->audio_process || !callbacks->audio_flush ||
358 !callbacks->audio_destroy) {
359 return NULL;
360 }
361
362 /* Allocate the raop_t structure */
363 raop = calloc(1, sizeof(raop_t));
364 if (!raop) {
365 return NULL;
366 }
367
368 /* Initialize the logger */
369 logger_init(&raop->logger);
370
371 /* Set HTTP callbacks to our handlers */
372 memset(&httpd_cbs, 0, sizeof(httpd_cbs));
373 httpd_cbs.opaque = raop;
374 httpd_cbs.conn_init = &conn_init;
375 httpd_cbs.conn_request = &conn_request;
376 httpd_cbs.conn_destroy = &conn_destroy;
377
378 /* Initialize the http daemon */
379 httpd = httpd_init(&raop->logger, &httpd_cbs, 10, 1);
380 if (!httpd) {
381 free(raop);
382 return NULL;
383 }
384
385 /* Copy callbacks structure */
386 memcpy(&raop->callbacks, callbacks, sizeof(raop_callbacks_t));
387
388 /* Initialize RSA key handler */
389 rsakey = rsakey_init_pem(pemkey);
390 if (!rsakey) {
391 free(httpd);
392 free(raop);
393 return NULL;
394 }
395
396 raop->httpd = httpd;
397 raop->rsakey = rsakey;
398
399 return raop;
400 }
401
402 raop_t *
403 raop_init_from_keyfile(raop_callbacks_t *callbacks, const char *keyfile)
404 {
405 raop_t *raop;
406 char *pemstr;
407
408 if (utils_read_file(&pemstr, keyfile) < 0) {
409 return NULL;
410 }
411 raop = raop_init(callbacks, pemstr);
412 free(pemstr);
413 return raop;
414 }
415
416 void
417 raop_destroy(raop_t *raop)
418 {
419 if (raop) {
420 raop_stop(raop);
421
422 httpd_destroy(raop->httpd);
423 rsakey_destroy(raop->rsakey);
424 free(raop);
425
426 /* Cleanup the network */
427 netutils_cleanup();
428 }
429 }
430
431 int
432 raop_start(raop_t *raop, unsigned short *port, const char *hwaddr, int hwaddrlen, const char *password)
433 {
434 assert(raop);
435 assert(port);
436 assert(hwaddr);
437
438 /* Validate hardware address */
439 if (hwaddrlen > MAX_HWADDR_LEN) {
440 return -1;
441 }
442
443 memset(raop->password, 0, sizeof(raop->password));
444 if (password) {
445 /* Validate password */
446 if (strlen(password) > MAX_PASSWORD_LEN) {
447 return -1;
448 }
449
450 /* Copy password to the raop structure */
451 strncpy(raop->password, password, MAX_PASSWORD_LEN);
452 }
453
454 /* Copy hwaddr to the raop structure */
455 memcpy(raop->hwaddr, hwaddr, hwaddrlen);
456 raop->hwaddrlen = hwaddrlen;
457
458 return httpd_start(raop->httpd, port);
459 }
460
461 void
462 raop_stop(raop_t *raop)
463 {
464 assert(raop);
465
466 httpd_stop(raop->httpd);
467 }
468
shairplay Piment Noir Debian package repository