From b15ee26a488ae82c35d9aeb61c3e0301a17bbc83 Mon Sep 17 00:00:00 2001
From: winlin <winlin@vip.126.com>
Date: Wed, 13 Aug 2014 18:09:35 +0800
Subject: [PATCH] fix the ssl dh key size assert error, key size maybe 127, not
 always 128. 0.9.195

---
 trunk/src/core/srs_core.hpp               |  2 +-
 trunk/src/rtmp/srs_protocol_handshake.cpp | 43 +++++++++++++++--------
 2 files changed, 30 insertions(+), 15 deletions(-)

diff --git a/trunk/src/core/srs_core.hpp b/trunk/src/core/srs_core.hpp
index 05404d394..5012eda0f 100644
--- a/trunk/src/core/srs_core.hpp
+++ b/trunk/src/core/srs_core.hpp
@@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 // current release version
 #define VERSION_MAJOR "0"
 #define VERSION_MINOR "9"
-#define VERSION_REVISION "194"
+#define VERSION_REVISION "195"
 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION
 // server info.
 #define RTMP_SIG_SRS_KEY "SRS"
diff --git a/trunk/src/rtmp/srs_protocol_handshake.cpp b/trunk/src/rtmp/srs_protocol_handshake.cpp
index 5e727109d..67b1cb0f7 100644
--- a/trunk/src/rtmp/srs_protocol_handshake.cpp
+++ b/trunk/src/rtmp/srs_protocol_handshake.cpp
@@ -198,9 +198,9 @@ namespace _srs_internal
         }
         
         // copy public key to bytes.
-        // TODO: FIXME: please finger it out.
+        // sometimes, the key_size is 127, seems ok.
         int32_t key_size = BN_num_bytes(pdh->pub_key);
-        srs_assert(key_size == size);
+        srs_assert(key_size > 0);
         
         if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) {
             //("Unable to copy key"); return ret;
@@ -211,6 +211,31 @@ namespace _srs_internal
         return ret;
     }
     /**
+    * use exists DH to create and copy the 128bytes shared key.
+    * the peer public key used to generate the shared key.
+    */
+    int __openssl_copy_shared_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* shared_key)
+    {
+        int ret = ERROR_SUCCESS;
+        
+        BIGNUM* ppk = NULL;
+        if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
+            ret = ERROR_OpenSslGetPeerPublicKey;
+            return ret;
+        }
+        
+        // if failed, donot return, do cleanup.
+        if (DH_compute_key((unsigned char*)shared_key, ppk, pdh) < 0) {
+            ret = ERROR_OpenSslComputeSharedKey;
+        }
+        
+        if (ppk) {
+            BN_free(ppk);
+        }
+        
+        return ret;
+    }
+    /**
     * create DH and copy the 128bytes public key,
     * generate and copy the shared key.
     */
@@ -223,21 +248,11 @@ namespace _srs_internal
             return ret;
         }
         
-        BIGNUM* ppk = NULL;
-        if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
-            ret = ERROR_OpenSslGetPeerPublicKey;
+        // generate and copy the shared key
+        if ((ret = __openssl_copy_shared_key(pdh, peer_pub_key, ppk_size, shared_key)) != ERROR_SUCCESS) {
             return ret;
         }
         
-        // if failed, donot return, do cleanup.
-        if (DH_compute_key((unsigned char*)shared_key, ppk, pdh) < 0) {
-            ret = ERROR_OpenSslComputeSharedKey;
-        }
-        
-        if (ppk) {
-            BN_free(ppk);
-        }
-        
         return ret;
     }
     void __openssl_free(DH* pdh)