[raop] Fix crash when keys of incorrect length are used for legacy pairing

Happens if the user has paied with Airplay 2, and afterwards activates Airplay 1
for the same device, since the keys in device->auth_keys will then be incorrect
length.

Closes #1703
This commit is contained in:
ejurgensen 2023-12-28 13:54:52 +01:00
parent 3fe4c9f289
commit c28d108b96
2 changed files with 21 additions and 7 deletions

View File

@ -2748,7 +2748,7 @@ payload_make_pair_verify1(struct evrtsp_request *req, struct airplay_session *rs
rs->pair_verify_ctx = pair_verify_new(rs->pair_type, device->auth_key, NULL, NULL, device_id_hex); rs->pair_verify_ctx = pair_verify_new(rs->pair_type, device->auth_key, NULL, NULL, device_id_hex);
if (!rs->pair_verify_ctx) if (!rs->pair_verify_ctx)
{ {
DPRINTF(E_LOG, L_AIRPLAY, "Out of memory for verification verify context\n"); DPRINTF(E_LOG, L_AIRPLAY, "Couldn't create verification verify context (invalid auth key?)\n");
return -1; return -1;
} }

View File

@ -3966,7 +3966,15 @@ raop_pair_verify(struct raop_session *rs)
if (!device) if (!device)
goto error; goto error;
CHECK_NULL(L_RAOP, rs->pair_verify_ctx = pair_verify_new(PAIR_CLIENT_FRUIT, device->auth_key, NULL, NULL, NULL)); rs->pair_verify_ctx = pair_verify_new(PAIR_CLIENT_FRUIT, device->auth_key, NULL, NULL, NULL);
if (!rs->pair_verify_ctx)
{
DPRINTF(E_LOG, L_RAOP, "Verification authorization key invalid, resetting\n");
free(device->auth_key);
device->auth_key = NULL;
goto error;
}
ret = raop_pair_request_send(4, rs, raop_cb_pair_verify_step1); ret = raop_pair_request_send(4, rs, raop_cb_pair_verify_step1);
if (ret < 0) if (ret < 0)
@ -4450,11 +4458,17 @@ raop_device_start_generic(struct output_device *device, int callback_id, bool on
return -1; return -1;
if (device->auth_key) if (device->auth_key)
ret = raop_pair_verify(rs); {
else if (device->requires_auth) ret = raop_pair_verify(rs);
ret = raop_send_req_pin_start(rs, raop_cb_pin_start, "device_start"); }
else
ret = raop_send_req_options(rs, raop_cb_startup_options, "device_start"); if (!device->auth_key) // If no auth keys or if raop_pair_verify() cleared the key
{
if (device->requires_auth)
ret = raop_send_req_pin_start(rs, raop_cb_pin_start, "device_start");
else
ret = raop_send_req_options(rs, raop_cb_startup_options, "device_start");
}
if (ret < 0) if (ret < 0)
{ {