diff options
author | Craig Andrews <candrews@gentoo.org> | 2018-10-25 09:37:51 -0400 |
---|---|---|
committer | Craig Andrews <candrews@gentoo.org> | 2018-10-25 09:37:51 -0400 |
commit | cdd0e4da50f82b1badca13b52feb19e4b80b9468 (patch) | |
tree | 000de5e394aa3dcac879129e44de01a69178467c /media-video/rtmpdump/files | |
parent | dev-util/rustfmt: bump to v0.9.0 (diff) | |
download | gentoo-cdd0e4da50f82b1badca13b52feb19e4b80b9468.tar.gz gentoo-cdd0e4da50f82b1badca13b52feb19e4b80b9468.tar.bz2 gentoo-cdd0e4da50f82b1badca13b52feb19e4b80b9468.zip |
media-video/rtmpdump: OpenSSL 1.1 fix, swf verification type 2
Closes: https://bugs.gentoo.org/669574
Signed-off-by: Craig Andrews <candrews@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
Diffstat (limited to 'media-video/rtmpdump/files')
3 files changed, 283 insertions, 0 deletions
diff --git a/media-video/rtmpdump/files/rtmpdump-openssl-1.1.patch b/media-video/rtmpdump/files/rtmpdump-openssl-1.1.patch new file mode 100644 index 000000000000..6ed388bbc098 --- /dev/null +++ b/media-video/rtmpdump/files/rtmpdump-openssl-1.1.patch @@ -0,0 +1,249 @@ +https://github.com/xbmc/inputstream.rtmp/blob/dc9353823f9cfd2943f97b586230fe387cc55dc6/depends/common/librtmp/0003-openssl-1.1.patch +--- a/librtmp/dh.h ++++ b/librtmp/dh.h +@@ -253,20 +253,44 @@ + if (!dh) + goto failed; + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + MP_new(dh->g); + + if (!dh->g) + goto failed; ++#else ++ BIGNUM *g = NULL; ++ MP_new(g); ++ if (!g) ++ goto failed; ++ ++ DH_set0_pqg(dh, NULL, g, NULL); ++#endif + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + MP_gethex(dh->p, P1024, res); /* prime P1024, see dhgroups.h */ ++#else ++ BIGNUM* p = NULL; ++ DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL); ++ MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */ ++#endif + if (!res) + { + goto failed; + } + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + MP_set_w(dh->g, 2); /* base 2 */ ++#else ++ MP_set_w(g, 2); /* base 2 */ ++ DH_set0_pqg(dh, NULL, g, NULL); ++#endif + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + dh->length = nKeyBits; ++#else ++ DH_set_length(dh, nKeyBits); ++#endif + return dh; + + failed: +@@ -293,12 +317,24 @@ + MP_gethex(q1, Q1024, res); + assert(res); + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + res = isValidPublicKey(dh->pub_key, dh->p, q1); ++#else ++ BIGNUM const* pub_key = NULL; ++ BIGNUM const* p = NULL; ++ DH_get0_key(dh, &pub_key, NULL); ++ DH_get0_pqg(dh, &p, NULL, NULL); ++ res = isValidPublicKey((BIGNUM*)pub_key, (BIGNUM*)p, q1); ++#endif + if (!res) + { ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + MP_free(dh->pub_key); + MP_free(dh->priv_key); + dh->pub_key = dh->priv_key = 0; ++#else ++ DH_free(dh); ++#endif + } + + MP_free(q1); +@@ -314,15 +350,29 @@ + DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen) + { + int len; ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + if (!dh || !dh->pub_key) ++#else ++ BIGNUM const* pub_key = NULL; ++ DH_get0_key(dh, &pub_key, NULL); ++ if (!dh || !pub_key) ++#endif + return 0; + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + len = MP_bytes(dh->pub_key); ++#else ++ len = MP_bytes(pub_key); ++#endif + if (len <= 0 || len > (int) nPubkeyLen) + return 0; + + memset(pubkey, 0, nPubkeyLen); ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len); ++#else ++ MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len); ++#endif + return 1; + } + +@@ -364,7 +414,13 @@ + MP_gethex(q1, Q1024, len); + assert(len); + ++#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L + if (isValidPublicKey(pubkeyBn, dh->p, q1)) ++#else ++ BIGNUM const* p = NULL; ++ DH_get0_pqg(dh, &p, NULL, NULL); ++ if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1)) ++#endif + res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh); + else + res = -1; +--- a/librtmp/handshake.h ++++ b/librtmp/handshake.h +@@ -31,9 +31,9 @@ + #define SHA256_DIGEST_LENGTH 32 + #endif + #define HMAC_CTX sha2_context +-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0) +-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len) +-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig) ++#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0) ++#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len) ++#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig) + + typedef arc4_context * RC4_handle; + #define RC4_alloc(h) *h = malloc(sizeof(arc4_context)) +@@ -50,9 +50,9 @@ + #endif + #undef HMAC_CTX + #define HMAC_CTX struct hmac_sha256_ctx +-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key) +-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf) +-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig) ++#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key) ++#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf) ++#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig) + #define HMAC_close(ctx) + + typedef struct arcfour_ctx* RC4_handle; +@@ -64,14 +64,23 @@ + + #else /* USE_OPENSSL */ + #include <openssl/sha.h> ++#include <openssl/ossl_typ.h> + #include <openssl/hmac.h> + #include <openssl/rc4.h> + #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH) + #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256 + #endif +-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0) +-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, buf, len) +-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0) ++#else ++#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0) ++#endif ++#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, buf, len) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx) ++#else ++#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx) ++#endif + + typedef RC4_KEY * RC4_handle; + #define RC4_alloc(h) *h = malloc(sizeof(RC4_KEY)) +@@ -117,7 +126,7 @@ + { + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int digestLen = 0; +- HMAC_CTX ctx; ++ HMAC_CTX* ctx = NULL; + + RC4_alloc(rc4keyIn); + RC4_alloc(rc4keyOut); +@@ -266,7 +275,7 @@ + size_t keylen, uint8_t *digest) + { + unsigned int digestLen; +- HMAC_CTX ctx; ++ HMAC_CTX* ctx = NULL; + + HMAC_setup(ctx, key, keylen); + HMAC_crunch(ctx, message, messageLen); +--- a/librtmp/hashswf.c ++++ b/librtmp/hashswf.c +@@ -37,9 +37,9 @@ + #define SHA256_DIGEST_LENGTH 32 + #endif + #define HMAC_CTX sha2_context +-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0) +-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len) +-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig) ++#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0) ++#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len) ++#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig) + #define HMAC_close(ctx) + #elif defined(USE_GNUTLS) + #include <nettle/hmac.h> +@@ -48,19 +48,27 @@ + #endif + #undef HMAC_CTX + #define HMAC_CTX struct hmac_sha256_ctx +-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key) +-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf) +-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig) ++#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key) ++#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf) ++#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig) + #define HMAC_close(ctx) + #else /* USE_OPENSSL */ + #include <openssl/ssl.h> + #include <openssl/sha.h> + #include <openssl/hmac.h> + #include <openssl/rc4.h> +-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0) +-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len) +-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen); +-#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0) ++#else ++#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0) ++#endif ++#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, (unsigned char *)buf, len) ++#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, (unsigned char *)dig, &dlen); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define HMAC_close(ctx) HMAC_CTX_cleanup(ctx) ++#else ++#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx) ++#endif + #endif + + extern void RTMP_TLS_Init(); +@@ -289,7 +297,7 @@ + struct info + { + z_stream *zs; +- HMAC_CTX ctx; ++ HMAC_CTX *ctx; + int first; + int zlib; + int size; diff --git a/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2.patch b/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2.patch new file mode 100644 index 000000000000..0e9c8302e8c6 --- /dev/null +++ b/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2.patch @@ -0,0 +1,13 @@ +diff --git a/librtmp/rtmp.c b/librtmp/rtmp.c +index 5311a8a..79fefae 100644 +--- a/librtmp/rtmp.c ++++ b/librtmp/rtmp.c +@@ -2854,7 +2854,7 @@ HandleCtrl(RTMP *r, const RTMPPacket *packet) + if (nType == 0x1A) + { + RTMP_Log(RTMP_LOGDEBUG, "%s, SWFVerification ping received: ", __FUNCTION__); +- if (packet->m_nBodySize > 2 && packet->m_body[2] > 0x01) ++ if (packet->m_nBodySize > 2 && packet->m_body[2] > 0x02) + { + RTMP_Log(RTMP_LOGERROR, + "%s: SWFVerification Type %d request not supported! Patches welcome...", diff --git a/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2_part_2.patch b/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2_part_2.patch new file mode 100644 index 000000000000..55d02692464c --- /dev/null +++ b/media-video/rtmpdump/files/rtmpdump-swf_vertification_type_2_part_2.patch @@ -0,0 +1,21 @@ +diff --git a/librtmp/rtmp.c b/librtmp/rtmp.c +index df2cb27..b72dc64 100644 +--- a/librtmp/rtmp.c ++++ b/librtmp/rtmp.c +@@ -2857,14 +2857,14 @@ HandleCtrl(RTMP *r, const RTMPPacket *packet) + if (packet->m_nBodySize > 2 && packet->m_body[2] > 0x01) + { + RTMP_Log(RTMP_LOGERROR, +- "%s: SWFVerification Type %d request not supported! Patches welcome...", ++ "%s: SWFVerification Type %d request not supported, attempting to use SWFVerification Type 1! Patches welcome...", + __FUNCTION__, packet->m_body[2]); + } + #ifdef CRYPTO + /*RTMP_LogHex(packet.m_body, packet.m_nBodySize); */ + + /* respond with HMAC SHA256 of decompressed SWF, key is the 30byte player key, also the last 30 bytes of the server handshake are applied */ +- else if (r->Link.SWFSize) ++ if (r->Link.SWFSize) + { + RTMP_SendCtrl(r, 0x1B, 0, 0); + }
\ No newline at end of file |