forked from hummypkg/webif
Add test for matching key for DLNA; fallback to direct; fail if no key matches
This commit is contained in:
parent
a1cf871a84
commit
6f45884f94
@ -94,6 +94,13 @@ proc ::decrypt::dequeue {q ts} {
|
|||||||
::auto::startclock
|
::auto::startclock
|
||||||
log " DECRYPT: $rfile" 0
|
log " DECRYPT: $rfile" 0
|
||||||
|
|
||||||
|
if {$mode eq "dlna"} {
|
||||||
|
if {[$ts getkey $mode] eq ""} {
|
||||||
|
::auto::log "system key doesn't match, trying direct"
|
||||||
|
set mode direct
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if {$mode eq "dlna"} {
|
if {$mode eq "dlna"} {
|
||||||
log " DLNA: $url" 0
|
log " DLNA: $url" 0
|
||||||
if {[catch {exec wget -O "$tmp/$bfile" $url} msg opts]} {
|
if {[catch {exec wget -O "$tmp/$bfile" $url} msg opts]} {
|
||||||
@ -104,24 +111,12 @@ proc ::decrypt::dequeue {q ts} {
|
|||||||
if {$helper} { system dlnahelper -release }
|
if {$helper} { system dlnahelper -release }
|
||||||
} else {
|
} else {
|
||||||
log " Direct decryption" 0
|
log " Direct decryption" 0
|
||||||
set keys {}
|
|
||||||
if {![catch {set fd [open "/mod/boot/cryptokey"]}]} {
|
set key [$ts getkey $mode]
|
||||||
set bytes [$fd read 16]
|
if {$key eq ""} {
|
||||||
$fd close
|
return {"FAILED" "No matching key for decryption"}
|
||||||
binary scan $bytes H* key
|
|
||||||
if {[string length $key] == 32} {
|
|
||||||
lappend keys $key
|
|
||||||
}
|
|
||||||
}
|
|
||||||
lappend keys [string range [system nugget cryptokey -key] 0 31]
|
|
||||||
lappend keys [system encryptionkey]
|
|
||||||
foreach key $keys {
|
|
||||||
::auto::log "Testing key ($key)" 2
|
|
||||||
if {[catch {
|
|
||||||
set ret [exec /mod/bin/stripts -q/ $key $rfile]
|
|
||||||
}]} continue
|
|
||||||
if {$ret eq "1"} break
|
|
||||||
}
|
}
|
||||||
|
|
||||||
::auto::log "Using key ($key)" 2
|
::auto::log "Using key ($key)" 2
|
||||||
if {[catch {exec /mod/bin/stripts -@ $key $rfile "$tmp/[\
|
if {[catch {exec /mod/bin/stripts -@ $key $rfile "$tmp/[\
|
||||||
file rootname $bfile]" } msg opts]} {
|
file rootname $bfile]" } msg opts]} {
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
if {![exists -command class]} { package require oo }
|
if {![exists -command class]} { package require oo }
|
||||||
if {![exists -command pack]} { package require pack }
|
if {![exists -command pack]} { package require pack }
|
||||||
if {![exists -command xconv]} { package require xconv }
|
if {![exists -command xconv]} { package require xconv }
|
||||||
|
if {![exists -command binary]} { package require binary }
|
||||||
|
|
||||||
source /mod/webif/lib/setup
|
source /mod/webif/lib/setup
|
||||||
require system.class tvdb.class classdump
|
require system.class tvdb.class classdump
|
||||||
|
|
||||||
@ -838,3 +840,56 @@ proc {ts genrelist} {} {
|
|||||||
return $glist
|
return $glist
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# return the key that will decrypt the file in the mode, or nothing
|
||||||
|
ts method getkey {mode} {
|
||||||
|
# mode: dlna (active key), direct
|
||||||
|
|
||||||
|
set rfile [file rootname $file]
|
||||||
|
|
||||||
|
set keys {}
|
||||||
|
# the active key
|
||||||
|
set key [string range [system nugget cryptokey -key] 0 31]
|
||||||
|
if {$key ne ""} {
|
||||||
|
lappend keys $key
|
||||||
|
}
|
||||||
|
if { $mode ne "dlna" } {
|
||||||
|
# also try other keys, such as this - same as active?
|
||||||
|
try {
|
||||||
|
set fd [open "/mod/boot/cryptokey"]
|
||||||
|
set bytes [$fd read 16]
|
||||||
|
binary scan $bytes H* key
|
||||||
|
if {[string length $key] == 32} {
|
||||||
|
ladd keys $key
|
||||||
|
}
|
||||||
|
} finally {
|
||||||
|
catch {$fd close}
|
||||||
|
}
|
||||||
|
|
||||||
|
# the native key
|
||||||
|
if {![catch {set key [system encryptionkey]}]} {
|
||||||
|
ladd keys $key
|
||||||
|
}
|
||||||
|
|
||||||
|
# support a file listing other keys in hex, one-per-line
|
||||||
|
# eg, for recordings imported from a broken box
|
||||||
|
try {
|
||||||
|
set fd [open "/mod/etc/keys" r]
|
||||||
|
foreach key [split [$fd read -nonewline] "\n"] {
|
||||||
|
ladd keys $key
|
||||||
|
}
|
||||||
|
} finally {
|
||||||
|
catch {$fd close}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach key $keys {
|
||||||
|
if {[catch {
|
||||||
|
set ret [exec /mod/bin/stripts -q/ $key $rfile]
|
||||||
|
}]} continue
|
||||||
|
if {$ret eq "1"} {
|
||||||
|
return $key
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user