forked from hummypkg/webif
Add test for matching key for DLNA; fallback to direct; fail if no key matches
This commit is contained in:
parent
a1cf871a84
commit
6f45884f94
@ -94,6 +94,13 @@ proc ::decrypt::dequeue {q ts} {
|
||||
::auto::startclock
|
||||
log " DECRYPT: $rfile" 0
|
||||
|
||||
if {$mode eq "dlna"} {
|
||||
if {[$ts getkey $mode] eq ""} {
|
||||
::auto::log "system key doesn't match, trying direct"
|
||||
set mode direct
|
||||
}
|
||||
}
|
||||
|
||||
if {$mode eq "dlna"} {
|
||||
log " DLNA: $url" 0
|
||||
if {[catch {exec wget -O "$tmp/$bfile" $url} msg opts]} {
|
||||
@ -104,24 +111,12 @@ proc ::decrypt::dequeue {q ts} {
|
||||
if {$helper} { system dlnahelper -release }
|
||||
} else {
|
||||
log " Direct decryption" 0
|
||||
set keys {}
|
||||
if {![catch {set fd [open "/mod/boot/cryptokey"]}]} {
|
||||
set bytes [$fd read 16]
|
||||
$fd close
|
||||
binary scan $bytes H* key
|
||||
if {[string length $key] == 32} {
|
||||
lappend keys $key
|
||||
}
|
||||
}
|
||||
lappend keys [string range [system nugget cryptokey -key] 0 31]
|
||||
lappend keys [system encryptionkey]
|
||||
foreach key $keys {
|
||||
::auto::log "Testing key ($key)" 2
|
||||
if {[catch {
|
||||
set ret [exec /mod/bin/stripts -q/ $key $rfile]
|
||||
}]} continue
|
||||
if {$ret eq "1"} break
|
||||
|
||||
set key [$ts getkey $mode]
|
||||
if {$key eq ""} {
|
||||
return {"FAILED" "No matching key for decryption"}
|
||||
}
|
||||
|
||||
::auto::log "Using key ($key)" 2
|
||||
if {[catch {exec /mod/bin/stripts -@ $key $rfile "$tmp/[\
|
||||
file rootname $bfile]" } msg opts]} {
|
||||
|
@ -2,6 +2,8 @@
|
||||
if {![exists -command class]} { package require oo }
|
||||
if {![exists -command pack]} { package require pack }
|
||||
if {![exists -command xconv]} { package require xconv }
|
||||
if {![exists -command binary]} { package require binary }
|
||||
|
||||
source /mod/webif/lib/setup
|
||||
require system.class tvdb.class classdump
|
||||
|
||||
@ -838,3 +840,56 @@ proc {ts genrelist} {} {
|
||||
return $glist
|
||||
}
|
||||
|
||||
# return the key that will decrypt the file in the mode, or nothing
|
||||
ts method getkey {mode} {
|
||||
# mode: dlna (active key), direct
|
||||
|
||||
set rfile [file rootname $file]
|
||||
|
||||
set keys {}
|
||||
# the active key
|
||||
set key [string range [system nugget cryptokey -key] 0 31]
|
||||
if {$key ne ""} {
|
||||
lappend keys $key
|
||||
}
|
||||
if { $mode ne "dlna" } {
|
||||
# also try other keys, such as this - same as active?
|
||||
try {
|
||||
set fd [open "/mod/boot/cryptokey"]
|
||||
set bytes [$fd read 16]
|
||||
binary scan $bytes H* key
|
||||
if {[string length $key] == 32} {
|
||||
ladd keys $key
|
||||
}
|
||||
} finally {
|
||||
catch {$fd close}
|
||||
}
|
||||
|
||||
# the native key
|
||||
if {![catch {set key [system encryptionkey]}]} {
|
||||
ladd keys $key
|
||||
}
|
||||
|
||||
# support a file listing other keys in hex, one-per-line
|
||||
# eg, for recordings imported from a broken box
|
||||
try {
|
||||
set fd [open "/mod/etc/keys" r]
|
||||
foreach key [split [$fd read -nonewline] "\n"] {
|
||||
ladd keys $key
|
||||
}
|
||||
} finally {
|
||||
catch {$fd close}
|
||||
}
|
||||
}
|
||||
|
||||
foreach key $keys {
|
||||
if {[catch {
|
||||
set ret [exec /mod/bin/stripts -q/ $key $rfile]
|
||||
}]} continue
|
||||
if {$ret eq "1"} {
|
||||
return $key
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user