modify:dtls handshakes supported

modify:dtls and stun and srtp packet judgment handle

Author: xengine-qyt

XEngine_Source/XEngine_ModuleConfigure/ModuleConfig_Define.h

@@ -90,9 +90,9 @@ typedef struct tag_XEngine_ServiceConfig
 		}st_PullRtsp;
 		struct  
 		{
-			XCHAR tszPrivateKey[MAX_PATH];
-			XCHAR tszPublicKey[MAX_PATH];
-			XCHAR tszRequestKey[MAX_PATH];
+			XCHAR tszCertStr[MAX_PATH];
+			XCHAR tszKeyStr[MAX_PATH];
+			XCHAR tszCsrStr[MAX_PATH];
 			bool bEnable;
 		}st_PullWebRtc;
 	}st_XPull;

XEngine_Source/XEngine_ModuleConfigure/ModuleConfigure_Json/ModuleConfigure_Json.cpp

@@ -155,9 +155,9 @@ bool CModuleConfigure_Json::ModuleConfigure_Json_File(LPCXSTR lpszConfigFile, XE
 	pSt_ServerConfig->st_XPull.st_PullHls.nTime = st_PullHls["nTime"].asInt();
 	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullHls.tszHLSPath, st_PullHls["tszHLSPath"].asCString());
 
-	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszPrivateKey, st_PullWebRtc["RSAPrivateKey"].asCString());
-	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszPublicKey, st_PullWebRtc["RSAPublicKey"].asCString());
-	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszRequestKey, st_PullWebRtc["RSARequestKey"].asCString());
+	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszCertStr, st_PullWebRtc["tszCertStr"].asCString());
+	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszKeyStr, st_PullWebRtc["tszKeyStr"].asCString());
+	_tcsxcpy(pSt_ServerConfig->st_XPull.st_PullWebRtc.tszCsrStr, st_PullWebRtc["tszCsrStr"].asCString());
 	//日志配置
 	if (st_JsonRoot["XLog"].empty() || (3 != st_JsonRoot["XLog"].size()))
 	{

XEngine_Source/XEngine_ServiceApp/XEngine_StreamMediaApp/StreamMedia_PullStream/PullStream_ClientWebRtc.cpp

@@ -10,42 +10,83 @@
 //    Purpose:     WEBRTC拉流服务
 //    History:
 *********************************************************************/
-bool PullStream_ClientProtocol_Handle(LPCXSTR lpszClientAddr, LPCXSTR lpszMsgBuffer, int nMsgLen)
+int PullStream_ClientProtocol_Dtls(LPCXSTR lpszMSGBuffer, int nMSGLen)
 {
-	int nAttrCount = 0;
-	RFCCOMPONENTS_NATATTR** ppSt_ListAttr;
-	RFCCOMPONENTS_NATSTUN st_NatClient = {};
-
-	if (!NatProtocol_StunNat_Parse(lpszMsgBuffer, nMsgLen, &st_NatClient, &ppSt_ListAttr, &nAttrCount))
+	// DTLS有可能以多种不同的记录层类型开头，这里检查它是否是handshake(0x16)
+	return nMSGLen >= 13 && lpszMSGBuffer[0] == 0x16;
+}
+int PullStream_ClientProtocol_Stun(LPCXSTR lpszMSGBuffer, int nMSGLen)
+{
+	// STUN消息的类型字段（前两位为00）以及魔术cookie字段
+	return nMSGLen >= 20 && (lpszMSGBuffer[0] & 0xC0) == 0x00 && lpszMSGBuffer[4] == 0x21 && lpszMSGBuffer[5] == 0x12 && lpszMSGBuffer[6] == 0xA4 && lpszMSGBuffer[7] == 0x42;
+}
+bool PullStream_ClientProtocol_Handle(LPCXSTR lpszClientAddr, XSOCKET hSocket, LPCXSTR lpszMsgBuffer, int nMsgLen)
+{
+	if (PullStream_ClientProtocol_Dtls(lpszMsgBuffer, nMsgLen))
 	{
-		XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("STUN客户端:%s,请求的STUN协议不正确,解析失败,错误:%lX"), lpszClientAddr, NatProtocol_GetLastError());
-		return false;
+		int nSDLen = 2048;
+		XCHAR tszSDBuffer[2048] = {};
+		XBYTE tszSDKey[128] = {};
+		XBYTE tszRVKey[128] = {};
+
+		if (OPenSsl_Server_AcceptMemoryEx(xhRTCSsl, hSocket, lpszClientAddr, tszSDBuffer, &nSDLen, lpszMsgBuffer, nMsgLen))
+		{
+			OPenSsl_Server_GetKeyEx(xhRTCSsl, lpszClientAddr, tszSDKey, tszRVKey);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("RTC客户端:%s,请求的DTLS握手协议处理成功"), lpszClientAddr);
+		}
+		else
+		{
+			int nPort = 0;
+			XCHAR tszIPPort[128] = {};
+			_tcsxcpy(tszIPPort, lpszClientAddr);
+			BaseLib_OperatorIPAddr_SegAddr(tszIPPort, &nPort);
+			NetCore_UDPSelect_Send(xhRTCSocket, tszSDBuffer, nSDLen, tszIPPort, nPort);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("RTC客户端:%s,请求的DTLS握手协议,还需要进一步处理,响应大小:%d"), lpszClientAddr, nSDLen);
+		}
 	}
-	XCHAR tszUserStr[128] = {};
-	for (int i = 0; i < nAttrCount; i++)
+	else if (PullStream_ClientProtocol_Stun(lpszMsgBuffer, nMsgLen))
 	{
-		if (RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_USERNAME == ppSt_ListAttr[i]->wAttr)
+		int nAttrCount = 0;
+		RFCCOMPONENTS_NATATTR** ppSt_ListAttr;
+		RFCCOMPONENTS_NATSTUN st_NatClient = {};
+
+		if (!NatProtocol_StunNat_Parse(lpszMsgBuffer, nMsgLen, &st_NatClient, &ppSt_ListAttr, &nAttrCount))
 		{
-			memcpy(tszUserStr, ppSt_ListAttr[i]->tszMsgBuffer, ppSt_ListAttr[i]->wLen);
+			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("STUN客户端:%s,请求的STUN协议不正确,解析失败,错误:%lX"), lpszClientAddr, NatProtocol_GetLastError());
+			return false;
 		}
-	}
-	int nTMPLen = 0;
-	int nMSGLen = 0;
-	int nIPPort = 0;
-	XCHAR tszTMPBuffer[1024] = {};
-	XCHAR tszMSGBuffer[1024] = {};
-	XCHAR tszIPAddr[128] = {};
+		XCHAR tszUserStr[128] = {};
+		for (int i = 0; i < nAttrCount; i++)
+		{
+			if (RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_USERNAME == ppSt_ListAttr[i]->wAttr)
+			{
+				memcpy(tszUserStr, ppSt_ListAttr[i]->tszMsgBuffer, ppSt_ListAttr[i]->wLen);
+			}
+		}
+		int nTMPLen = 0;
+		int nMSGLen = 0;
+		int nIPPort = 0;
+		XCHAR tszTMPBuffer[1024] = {};
+		XCHAR tszMSGBuffer[1024] = {};
+		XCHAR tszIPAddr[128] = {};
 
-	_tcsxcpy(tszIPAddr, lpszClientAddr);
+		_tcsxcpy(tszIPAddr, lpszClientAddr);
 
-	BaseLib_OperatorIPAddr_SegAddr(tszIPAddr, &nIPPort);
+		BaseLib_OperatorIPAddr_SegAddr(tszIPAddr, &nIPPort);
 
-	NatProtocol_StunNat_BuildAttr(tszTMPBuffer, &nTMPLen, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_USERNAME, tszUserStr, _tcsxlen(tszUserStr));
-	NatProtocol_StunNat_BuildMapAddress(tszTMPBuffer + nTMPLen, &nTMPLen, tszIPAddr, nIPPort, true);
-	//NatProtocol_StunNat_BuildMSGIntegrity(tszMSGBuffer, &nMSGLen, tszTMPBuffer, nTMPLen, );
-	NatProtocol_StunNat_Packet(tszMSGBuffer, &nMSGLen, (LPCXSTR)st_NatClient.byTokenStr, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_CLASS_FLAGS, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_MAPPED_ADDRESS);
+		NatProtocol_StunNat_BuildAttr(tszTMPBuffer, &nTMPLen, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_USERNAME, tszUserStr, _tcsxlen(tszUserStr));
+		NatProtocol_StunNat_BuildMapAddress(tszTMPBuffer + nTMPLen, &nTMPLen, tszIPAddr, nIPPort, true);
+		//NatProtocol_StunNat_BuildMSGIntegrity(tszMSGBuffer, &nMSGLen, tszTMPBuffer, nTMPLen, );
+		NatProtocol_StunNat_Packet(tszMSGBuffer, &nMSGLen, (LPCXSTR)st_NatClient.byTokenStr, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_CLASS_FLAGS, RFCCOMPONENTS_NATCLIENT_PROTOCOL_STUN_ATTR_MAPPED_ADDRESS);
 
-	BaseLib_OperatorMemory_Free((XPPPMEM)&ppSt_ListAttr, nAttrCount);
+		BaseLib_OperatorMemory_Free((XPPPMEM)&ppSt_ListAttr, nAttrCount);
+	}
+	else 
+	{
+		
+	}
+
+	
 	return true;
 }
 bool PullStream_ClientWebRtc_Handle(RFCCOMPONENTS_HTTP_REQPARAM* pSt_HTTPParam, LPCXSTR lpszClientAddr, LPCXSTR lpszMsgBuffer, int nMsgLen)
@@ -137,7 +178,7 @@ bool PullStream_ClientWebRtc_Handle(RFCCOMPONENTS_HTTP_REQPARAM* pSt_HTTPParam,
 	XBYTE tszDigestStr[MAX_PATH] = {};
 	XCHAR tszDigestHex[MAX_PATH] = {};
 	int nPos = _xstprintf(tszDigestHex, _X("sha-256 "));
-	OPenSsl_Api_Digest(st_ServiceConfig.st_XPull.st_PullWebRtc.tszRequestKey, tszDigestStr, &nDLen, true, XENGINE_OPENSSL_API_DIGEST_SHA256);
+	OPenSsl_Api_Digest(st_ServiceConfig.st_XPull.st_PullWebRtc.tszCsrStr, tszDigestStr, &nDLen, true, XENGINE_OPENSSL_API_DIGEST_SHA256);
 	for (int i = 0; i < nDLen; i++)
 	{
 		int nRet = _xstprintf(tszDigestHex + nPos, _X("%02X"), tszDigestStr[i]);

XEngine_Source/XEngine_ServiceApp/XEngine_StreamMediaApp/StreamMedia_PullStream/PullStream_ClientWebRtc.h

@@ -10,5 +10,5 @@
 //    Purpose:     WEBRTC拉流服务
 //    History:
 *********************************************************************/
-bool PullStream_ClientProtocol_Handle(LPCXSTR lpszClientAddr, LPCXSTR lpszMsgBuffer, int nMsgLen);
+bool PullStream_ClientProtocol_Handle(LPCXSTR lpszClientAddr, XSOCKET hSocket, LPCXSTR lpszMsgBuffer, int nMsgLen);
 bool PullStream_ClientWebRtc_Handle(RFCCOMPONENTS_HTTP_REQPARAM* pSt_HTTPParam, LPCXSTR lpszClientAddr, LPCXSTR lpszMsgBuffer, int nMsgLen);

XEngine_Source/XEngine_ServiceApp/XEngine_StreamMediaApp/XEngine_Network.cpp

@@ -161,7 +161,7 @@ void CALLBACK Network_Callback_AudioRTCPRecv(LPCXSTR lpszClientAddr, XSOCKET hSo
 //WEBRTC
 void CALLBACK Network_Callback_RTCRecv(LPCXSTR lpszClientAddr, XSOCKET hSocket, LPCXSTR lpszRecvMsg, int nMsgLen, XPVOID lParam)
 {
-	PullStream_ClientProtocol_Handle(lpszClientAddr, lpszRecvMsg, nMsgLen);
+	PullStream_ClientProtocol_Handle(lpszClientAddr, hSocket, lpszRecvMsg, nMsgLen);
 	XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_DEBUG, _X("STUN客户端：%s，发送数据大小:%d 给服务器"), lpszClientAddr, nMsgLen);
 }
 //////////////////////////////////////////////////////////////////////////网络IO关闭操作

XEngine_Source/XEngine_ServiceApp/XEngine_StreamMediaApp/XEngine_StreamMediaApp.cpp

@@ -503,7 +503,7 @@ int main(int argc, char** argv)
 
 	if (st_ServiceConfig.st_XPull.st_PullWebRtc.bEnable)
 	{
-		xhRTCSsl = OPenSsl_Server_InitEx(st_ServiceConfig.st_XPull.st_PullWebRtc.tszPublicKey, NULL, st_ServiceConfig.st_XPull.st_PullWebRtc.tszPublicKey, false, false, XENGINE_OPENSSL_PROTOCOL_DTL_SERVER);
+		xhRTCSsl = OPenSsl_Server_InitEx(st_ServiceConfig.st_XPull.st_PullWebRtc.tszCertStr, NULL, st_ServiceConfig.st_XPull.st_PullWebRtc.tszKeyStr, false, false, XENGINE_OPENSSL_PROTOCOL_DTL_SERVER);
 		if (NULL == xhRTCSsl)
 		{
 			XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("启动服务中,启动WEBRTC-DTLS安全网络,错误：%lX"), OPenSsl_GetLastError());