repositories / deb_shairplay.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix a memory leak in raop
[deb_shairplay.git] / src / lib / raop.c
1 /**
2 * Copyright (C) 2011-2012 Juho Vähä-Herttua
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 */
14
15 #include <stdlib.h>
16 #include <stdio.h>
17 #include <string.h>
18 #include <assert.h>
19
20 #include "raop.h"
21 #include "raop_rtp.h"
22 #include "rsakey.h"
23 #include "digest.h"
24 #include "httpd.h"
25 #include "sdp.h"
26
27 #include "global.h"
28 #include "utils.h"
29 #include "netutils.h"
30 #include "logger.h"
31
32 /* Actually 345 bytes for 2048-bit key */
33 #define MAX_SIGNATURE_LEN 512
34
35 /* Let's just decide on some length */
36 #define MAX_PASSWORD_LEN 64
37
38 /* MD5 as hex fits here */
39 #define MAX_NONCE_LEN 32
40
41 struct raop_s {
42 /* Callbacks for audio */
43 raop_callbacks_t callbacks;
44
45 /* Logger instance */
46 logger_t logger;
47
48 /* HTTP daemon and RSA key */
49 httpd_t *httpd;
50 rsakey_t *rsakey;
51
52 /* Hardware address information */
53 unsigned char hwaddr[MAX_HWADDR_LEN];
54 int hwaddrlen;
55
56 /* Password information */
57 char password[MAX_PASSWORD_LEN+1];
58 };
59
60 struct raop_conn_s {
61 raop_t *raop;
62 raop_rtp_t *raop_rtp;
63
64 unsigned char *local;
65 int locallen;
66
67 unsigned char *remote;
68 int remotelen;
69
70 char nonce[MAX_NONCE_LEN+1];
71 };
72 typedef struct raop_conn_s raop_conn_t;
73
74 static void *
75 conn_init(void *opaque, unsigned char *local, int locallen, unsigned char *remote, int remotelen)
76 {
77 raop_conn_t *conn;
78
79 conn = calloc(1, sizeof(raop_conn_t));
80 if (!conn) {
81 return NULL;
82 }
83 conn->raop = opaque;
84 conn->raop_rtp = NULL;
85
86 if (locallen == 4) {
87 logger_log(&conn->raop->logger, LOGGER_INFO,
88 "Local: %d.%d.%d.%d\n",
89 local[0], local[1], local[2], local[3]);
90 } else if (locallen == 16) {
91 logger_log(&conn->raop->logger, LOGGER_INFO,
92 "Local: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
93 local[0], local[1], local[2], local[3], local[4], local[5], local[6], local[7],
94 local[8], local[9], local[10], local[11], local[12], local[13], local[14], local[15]);
95 }
96 if (remotelen == 4) {
97 logger_log(&conn->raop->logger, LOGGER_INFO,
98 "Remote: %d.%d.%d.%d\n",
99 remote[0], remote[1], remote[2], remote[3]);
100 } else if (remotelen == 16) {
101 logger_log(&conn->raop->logger, LOGGER_INFO,
102 "Remote: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
103 remote[0], remote[1], remote[2], remote[3], remote[4], remote[5], remote[6], remote[7],
104 remote[8], remote[9], remote[10], remote[11], remote[12], remote[13], remote[14], remote[15]);
105 }
106
107 conn->local = malloc(locallen);
108 assert(conn->local);
109 memcpy(conn->local, local, locallen);
110
111 conn->remote = malloc(remotelen);
112 assert(conn->remote);
113 memcpy(conn->remote, remote, remotelen);
114
115 conn->locallen = locallen;
116 conn->remotelen = remotelen;
117
118 digest_generate_nonce(conn->nonce, sizeof(conn->nonce));
119 return conn;
120 }
121
122 static void
123 conn_request(void *ptr, http_request_t *request, http_response_t **response)
124 {
125 raop_conn_t *conn = ptr;
126 raop_t *raop = conn->raop;
127
128 http_response_t *res;
129 const char *method;
130 const char *cseq;
131 const char *challenge;
132 int require_auth = 0;
133
134 method = http_request_get_method(request);
135 cseq = http_request_get_header(request, "CSeq");
136 if (!method || !cseq) {
137 return;
138 }
139
140 res = http_response_init("RTSP/1.0", 200, "OK");
141 if (strlen(raop->password)) {
142 const char *authorization;
143
144 authorization = http_request_get_header(request, "Authorization");
145 if (authorization) {
146 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Our nonce: %s\n", conn->nonce);
147 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Authorization: %s\n", authorization);
148 }
149 if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, http_request_get_url(request), authorization)) {
150 char *authstr;
151 int authstrlen;
152
153 /* Allocate the authenticate string */
154 authstrlen = sizeof("Digest realm=\"AppleTV\", nonce=\"\"") + sizeof(conn->nonce) + 1;
155 authstr = malloc(authstrlen);
156
157 /* Concatenate the authenticate string */
158 memset(authstr, 0, authstrlen);
159 strcat(authstr, "Digest realm=\"AppleTV\", nonce=\"");
160 strcat(authstr, conn->nonce);
161 strcat(authstr, "\"");
162
163 /* Construct a new response */
164 require_auth = 1;
165 http_response_destroy(res);
166 res = http_response_init("RTSP/1.0", 401, "Unauthorized");
167 http_response_add_header(res, "WWW-Authenticate", authstr);
168 free(authstr);
169 } else {
170 logger_log(&conn->raop->logger, LOGGER_DEBUG, "AUTHENTICATION SUCCESS!\n");
171 }
172 }
173
174 http_response_add_header(res, "CSeq", cseq);
175 http_response_add_header(res, "Apple-Jack-Status", "connected; type=analog");
176
177 challenge = http_request_get_header(request, "Apple-Challenge");
178 if (!require_auth && challenge) {
179 char signature[MAX_SIGNATURE_LEN];
180
181 memset(signature, 0, sizeof(signature));
182 rsakey_sign(raop->rsakey, signature, sizeof(signature), challenge,
183 conn->local, conn->locallen, raop->hwaddr, raop->hwaddrlen);
184 http_response_add_header(res, "Apple-Response", signature);
185
186 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got challenge: %s\n", challenge);
187 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got response: %s\n", signature);
188 }
189
190 if (require_auth) {
191 /* Do nothing in case of authentication request */
192 } else if (!strcmp(method, "OPTIONS")) {
193 http_response_add_header(res, "Public", "ANNOUNCE, SETUP, RECORD, PAUSE, FLUSH, TEARDOWN, OPTIONS, GET_PARAMETER, SET_PARAMETER");
194 } else if (!strcmp(method, "ANNOUNCE")) {
195 const char *data;
196 int datalen;
197
198 unsigned char aeskey[16];
199 unsigned char aesiv[16];
200 int aeskeylen, aesivlen;
201
202 data = http_request_get_data(request, &datalen);
203 if (data) {
204 sdp_t *sdp;
205 const char *remotestr, *fmtpstr, *aeskeystr, *aesivstr;
206
207 sdp = sdp_init(data, datalen);
208 remotestr = sdp_get_connection(sdp);
209 fmtpstr = sdp_get_fmtp(sdp);
210 aeskeystr = sdp_get_rsaaeskey(sdp);
211 aesivstr = sdp_get_aesiv(sdp);
212
213 logger_log(&conn->raop->logger, LOGGER_DEBUG, "connection: %s\n", remotestr);
214 logger_log(&conn->raop->logger, LOGGER_DEBUG, "fmtp: %s\n", fmtpstr);
215 logger_log(&conn->raop->logger, LOGGER_DEBUG, "rsaaeskey: %s\n", aeskeystr);
216 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesiv: %s\n", aesivstr);
217
218 aeskeylen = rsakey_decrypt(raop->rsakey, aeskey, sizeof(aeskey), aeskeystr);
219 aesivlen = rsakey_parseiv(raop->rsakey, aesiv, sizeof(aesiv), aesivstr);
220 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aeskeylen: %d\n", aeskeylen);
221 logger_log(&conn->raop->logger, LOGGER_DEBUG, "aesivlen: %d\n", aesivlen);
222
223 if (conn->raop_rtp) {
224 /* This should never happen */
225 raop_rtp_destroy(conn->raop_rtp);
226 conn->raop_rtp = NULL;
227 }
228 conn->raop_rtp = raop_rtp_init(&raop->logger, &raop->callbacks, remotestr, fmtpstr, aeskey, aesiv);
229 sdp_destroy(sdp);
230 }
231 } else if (!strcmp(method, "SETUP")) {
232 unsigned short remote_cport=0, remote_tport=0;
233 unsigned short cport=0, tport=0, dport=0;
234 const char *transport;
235 char buffer[1024];
236 int use_udp;
237
238 transport = http_request_get_header(request, "Transport");
239 assert(transport);
240
241 logger_log(&conn->raop->logger, LOGGER_INFO, "Transport: %s\n", transport);
242 use_udp = strncmp(transport, "RTP/AVP/TCP", 11);
243 if (use_udp) {
244 char *original, *current, *tmpstr;
245
246 current = original = strdup(transport);
247 if (original) {
248 while ((tmpstr = utils_strsep(&current, ";")) != NULL) {
249 unsigned short value;
250 int ret;
251
252 ret = sscanf(tmpstr, "control_port=%hu", &value);
253 if (ret == 1) {
254 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote control port: %hu\n", value);
255 remote_cport = value;
256 }
257 ret = sscanf(tmpstr, "timing_port=%hu", &value);
258 if (ret == 1) {
259 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Found remote timing port: %hu\n", value);
260 remote_tport = value;
261 }
262 }
263 }
264 free(original);
265 }
266 raop_rtp_start(conn->raop_rtp, use_udp, remote_cport, remote_tport, &cport, &tport, &dport);
267
268 memset(buffer, 0, sizeof(buffer));
269 if (use_udp) {
270 snprintf(buffer, sizeof(buffer)-1,
271 "RTP/AVP/UDP;unicast;mode=record;timing_port=%hu;events;control_port=%hu;server_port=%hu",
272 tport, cport, dport);
273 } else {
274 snprintf(buffer, sizeof(buffer)-1,
275 "RTP/AVP/TCP;unicast;interleaved=0-1;mode=record;server_port=%u",
276 dport);
277 }
278 logger_log(&conn->raop->logger, LOGGER_INFO, "Responding with %s\n", buffer);
279 http_response_add_header(res, "Transport", buffer);
280 http_response_add_header(res, "Session", "DEADBEEF");
281 } else if (!strcmp(method, "SET_PARAMETER")) {
282 const char *data;
283 int datalen;
284 char *datastr;
285
286 data = http_request_get_data(request, &datalen);
287 datastr = calloc(1, datalen+1);
288 if (data && datastr && conn->raop_rtp) {
289 memcpy(datastr, data, datalen);
290 if (!strncmp(datastr, "volume: ", 8)) {
291 float vol = 0.0;
292 sscanf(datastr+8, "%f", &vol);
293 raop_rtp_set_volume(conn->raop_rtp, vol);
294 }
295 }
296 free(datastr);
297 } else if (!strcmp(method, "FLUSH")) {
298 const char *rtpinfo;
299 int next_seq = -1;
300
301 rtpinfo = http_request_get_header(request, "RTP-Info");
302 if (rtpinfo) {
303 logger_log(&conn->raop->logger, LOGGER_INFO, "Flush with RTP-Info: %s\n", rtpinfo);
304 if (!strncmp(rtpinfo, "seq=", 4)) {
305 next_seq = strtol(rtpinfo+4, NULL, 10);
306 }
307 }
308 if (conn->raop_rtp) {
309 raop_rtp_flush(conn->raop_rtp, next_seq);
310 }
311 } else if (!strcmp(method, "TEARDOWN")) {
312 http_response_add_header(res, "Connection", "close");
313 if (conn->raop_rtp) {
314 /* Destroy our RTP session */
315 raop_rtp_stop(conn->raop_rtp);
316 raop_rtp_destroy(conn->raop_rtp);
317 conn->raop_rtp = NULL;
318 }
319 }
320 http_response_finish(res, NULL, 0);
321
322 logger_log(&conn->raop->logger, LOGGER_DEBUG, "Got request %s with URL %s\n", method, http_request_get_url(request));
323 *response = res;
324 }
325
326 static void
327 conn_destroy(void *ptr)
328 {
329 raop_conn_t *conn = ptr;
330
331 if (conn->raop_rtp) {
332 /* This is done in case TEARDOWN was not called */
333 raop_rtp_destroy(conn->raop_rtp);
334 }
335 free(conn->local);
336 free(conn->remote);
337 free(conn);
338 }
339
340 raop_t *
341 raop_init(raop_callbacks_t *callbacks, const char *pemkey)
342 {
343 raop_t *raop;
344 httpd_t *httpd;
345 rsakey_t *rsakey;
346 httpd_callbacks_t httpd_cbs;
347
348 assert(callbacks);
349 assert(pemkey);
350
351 /* Initialize the network */
352 if (netutils_init() < 0) {
353 return NULL;
354 }
355
356 /* Validate the callbacks structure */
357 if (!callbacks->audio_init || !callbacks->audio_set_volume ||
358 !callbacks->audio_process || !callbacks->audio_flush ||
359 !callbacks->audio_destroy) {
360 return NULL;
361 }
362
363 /* Allocate the raop_t structure */
364 raop = calloc(1, sizeof(raop_t));
365 if (!raop) {
366 return NULL;
367 }
368
369 /* Initialize the logger */
370 logger_init(&raop->logger);
371
372 /* Set HTTP callbacks to our handlers */
373 memset(&httpd_cbs, 0, sizeof(httpd_cbs));
374 httpd_cbs.opaque = raop;
375 httpd_cbs.conn_init = &conn_init;
376 httpd_cbs.conn_request = &conn_request;
377 httpd_cbs.conn_destroy = &conn_destroy;
378
379 /* Initialize the http daemon */
380 httpd = httpd_init(&raop->logger, &httpd_cbs, 10, 1);
381 if (!httpd) {
382 free(raop);
383 return NULL;
384 }
385
386 /* Copy callbacks structure */
387 memcpy(&raop->callbacks, callbacks, sizeof(raop_callbacks_t));
388
389 /* Initialize RSA key handler */
390 rsakey = rsakey_init_pem(pemkey);
391 if (!rsakey) {
392 free(httpd);
393 free(raop);
394 return NULL;
395 }
396
397 raop->httpd = httpd;
398 raop->rsakey = rsakey;
399
400 return raop;
401 }
402
403 raop_t *
404 raop_init_from_keyfile(raop_callbacks_t *callbacks, const char *keyfile)
405 {
406 raop_t *raop;
407 char *pemstr;
408
409 if (utils_read_file(&pemstr, keyfile) < 0) {
410 return NULL;
411 }
412 raop = raop_init(callbacks, pemstr);
413 free(pemstr);
414 return raop;
415 }
416
417 void
418 raop_destroy(raop_t *raop)
419 {
420 if (raop) {
421 raop_stop(raop);
422
423 httpd_destroy(raop->httpd);
424 rsakey_destroy(raop->rsakey);
425 free(raop);
426
427 /* Cleanup the network */
428 netutils_cleanup();
429 }
430 }
431
432 int
433 raop_start(raop_t *raop, unsigned short *port, const char *hwaddr, int hwaddrlen, const char *password)
434 {
435 assert(raop);
436 assert(port);
437 assert(hwaddr);
438
439 /* Validate hardware address */
440 if (hwaddrlen > MAX_HWADDR_LEN) {
441 return -1;
442 }
443
444 memset(raop->password, 0, sizeof(raop->password));
445 if (password) {
446 /* Validate password */
447 if (strlen(password) > MAX_PASSWORD_LEN) {
448 return -1;
449 }
450
451 /* Copy password to the raop structure */
452 strncpy(raop->password, password, MAX_PASSWORD_LEN);
453 }
454
455 /* Copy hwaddr to the raop structure */
456 memcpy(raop->hwaddr, hwaddr, hwaddrlen);
457 raop->hwaddrlen = hwaddrlen;
458
459 return httpd_start(raop->httpd, port);
460 }
461
462 void
463 raop_stop(raop_t *raop)
464 {
465 assert(raop);
466
467 httpd_stop(raop->httpd);
468 }
469
shairplay Piment Noir Debian package repository