package/gortsplib
1
0
Fork 0
mirror of https://github.com/aler9/gortsplib synced 2025-10-04 23:02:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

use crypto/rand instead of math/rand to avoid port conflicts and security issues

Browse Source
This commit is contained in:
aler9
2021-09-23 19:37:26 +02:00
parent 5ef9076357
commit 0454e5407f
5 changed files with 41 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
clientconnudpl.go
View File

@@ -1,7 +1,7 @@
package gortsplib package gortsplib
import ( import (
"math/rand" "crypto/rand"
"net" "net"
"strconv" "strconv"
"sync" "sync"
@@ -18,6 +18,16 @@ const (
clientConnUDPKernelReadBufferSize = 0x80000 clientConnUDPKernelReadBufferSize = 0x80000
) )
func randUint32() uint32 {
var b [4]byte
rand.Read(b[:])
return uint32(b[0]<<24) | uint32(b[1]<<16) | uint32(b[2]<<8) | uint32(b[3])
}
func randIntn(n int) int {
return int(randUint32() & (uint32(n) - 1))
}
type clientConnUDPListener struct { type clientConnUDPListener struct {
cc *ClientConn cc *ClientConn
pc *net.UDPConn pc *net.UDPConn
@@ -40,7 +50,7 @@ func newClientConnUDPListenerPair(cc *ClientConn) (*clientConnUDPListener, *clie
// choose two consecutive ports in range 65535-10000 // choose two consecutive ports in range 65535-10000
// rtp must be even and rtcp odd // rtp must be even and rtcp odd
for { for {
rtpPort := (rand.Intn((65535-10000)/2) * 2) + 10000 rtpPort := (randIntn((65535-10000)/2) * 2) + 10000
rtpListener, err := newClientConnUDPListener(cc, false, ":"+strconv.FormatInt(int64(rtpPort), 10)) rtpListener, err := newClientConnUDPListener(cc, false, ":"+strconv.FormatInt(int64(rtpPort), 10))
if err != nil { if err != nil {
continue continue

10
pkg/rtcpreceiver/rtcpreceiver.go
View File

@@ -2,7 +2,7 @@
package rtcpreceiver package rtcpreceiver
import ( import (
"math/rand" "crypto/rand"
"sync" "sync"
"time" "time"
@@ -11,6 +11,12 @@ import (
"github.com/aler9/gortsplib/pkg/base" "github.com/aler9/gortsplib/pkg/base"
) )
func randUint32() uint32 {
var b [4]byte
rand.Read(b[:])
return uint32(b[0]<<24) | uint32(b[1]<<16) | uint32(b[2]<<8) | uint32(b[3])
}
// RTCPReceiver is a utility to generate RTCP receiver reports. // RTCPReceiver is a utility to generate RTCP receiver reports.
type RTCPReceiver struct { type RTCPReceiver struct {
receiverSSRC uint32 receiverSSRC uint32
@@ -39,7 +45,7 @@ func New(receiverSSRC *uint32, clockRate int) *RTCPReceiver {
return &RTCPReceiver{ return &RTCPReceiver{
receiverSSRC: func() uint32 { receiverSSRC: func() uint32 {
if receiverSSRC == nil { if receiverSSRC == nil {
return rand.Uint32() return randUint32()
} }
return *receiverSSRC return *receiverSSRC
}(), }(),

14
pkg/rtpaac/encoder.go
View File

@@ -1,8 +1,8 @@
package rtpaac package rtpaac
import ( import (
"crypto/rand"
"encoding/binary" "encoding/binary"
"math/rand"
"time" "time"
"github.com/pion/rtp" "github.com/pion/rtp"
@@ -13,6 +13,12 @@ const (
rtpPayloadMaxSize = 1460 // 1500 (mtu) - 20 (ip header) - 8 (udp header) - 12 (rtp header) rtpPayloadMaxSize = 1460 // 1500 (mtu) - 20 (ip header) - 8 (udp header) - 12 (rtp header)
) )
func randUint32() uint32 {
var b [4]byte
rand.Read(b[:])
return uint32(b[0]<<24) | uint32(b[1]<<16) | uint32(b[2]<<8) | uint32(b[3])
}
// Encoder is a RTP/AAC encoder. // Encoder is a RTP/AAC encoder.
type Encoder struct { type Encoder struct {
payloadType uint8 payloadType uint8
@@ -35,19 +41,19 @@ func NewEncoder(payloadType uint8,
if sequenceNumber != nil { if sequenceNumber != nil {
return *sequenceNumber return *sequenceNumber
} }
return uint16(rand.Uint32()) return uint16(randUint32())
}(), }(),
ssrc: func() uint32 { ssrc: func() uint32 {
if ssrc != nil { if ssrc != nil {
return *ssrc return *ssrc
} }
return rand.Uint32() return randUint32()
}(), }(),
initialTs: func() uint32 { initialTs: func() uint32 {
if initialTs != nil { if initialTs != nil {
return *initialTs return *initialTs
} }
return rand.Uint32() return randUint32()
}(), }(),
} }
} }

14
pkg/rtph264/encoder.go
View File

@@ -1,8 +1,8 @@
package rtph264 package rtph264
import ( import (
"crypto/rand"
"encoding/binary" "encoding/binary"
"math/rand"
"time" "time"
"github.com/pion/rtp" "github.com/pion/rtp"
@@ -14,6 +14,12 @@ const (
rtpClockRate = 90000 // h264 always uses 90khz rtpClockRate = 90000 // h264 always uses 90khz
) )
func randUint32() uint32 {
var b [4]byte
rand.Read(b[:])
return uint32(b[0]<<24) | uint32(b[1]<<16) | uint32(b[2]<<8) | uint32(b[3])
}
// Encoder is a RTP/H264 encoder. // Encoder is a RTP/H264 encoder.
type Encoder struct { type Encoder struct {
payloadType uint8 payloadType uint8
@@ -33,19 +39,19 @@ func NewEncoder(payloadType uint8,
if sequenceNumber != nil { if sequenceNumber != nil {
return *sequenceNumber return *sequenceNumber
} }
return uint16(rand.Uint32()) return uint16(randUint32())
}(), }(),
ssrc: func() uint32 { ssrc: func() uint32 {
if ssrc != nil { if ssrc != nil {
return *ssrc return *ssrc
} }
return rand.Uint32() return randUint32()
}(), }(),
initialTs: func() uint32 { initialTs: func() uint32 {
if initialTs != nil { if initialTs != nil {
return *initialTs return *initialTs
} }
return rand.Uint32() return randUint32()
}(), }(),
} }
} }

2
server.go
View File

@@ -32,7 +32,7 @@ func extractPort(address string) (int, error) {
func newSessionSecretID(sessions map[string]*ServerSession) (string, error) { func newSessionSecretID(sessions map[string]*ServerSession) (string, error) {
for { for {
b := make([]byte, 4) b := make([]byte, 4)
_, err := rand.Read(b) _, err := rand.Read(b[:])
if err != nil { if err != nil {
return "", err return "", err
} }