auth: let the auth module check client_settings

Let the auth module decide if client settings are allowed for the
current client.
This commit is contained in:
Wim Taymans 2013-07-12 17:07:53 +02:00
parent c4db302559
commit 9fe107a96a
6 changed files with 34 additions and 150 deletions

View file

@ -439,6 +439,14 @@ no_construct:
}
}
static gboolean
check_client_settings (GstRTSPAuth * auth, GstRTSPClientState * state,
const gchar * check)
{
return gst_rtsp_token_is_allowed (state->token,
GST_RTSP_TRANSPORT_PERM_CLIENT_SETTINGS);
}
static gboolean
default_check (GstRTSPAuth * auth, GstRTSPClientState * state,
const gchar * check)
@ -452,6 +460,8 @@ default_check (GstRTSPAuth * auth, GstRTSPClientState * state,
res = check_url (auth, state, check);
} else if (g_str_has_prefix (check, "auth.check.media.factory.")) {
res = check_factory (auth, state, check);
} else if (g_str_equal (check, GST_RTSP_AUTH_CHECK_TRANSPORT_CLIENT_SETTINGS)) {
res = check_client_settings (auth, state, check);
}
return res;
}

View file

@ -105,15 +105,25 @@ gchar * gst_rtsp_auth_make_basic (const gchar * user, const g
/**
* GST_RTSP_AUTH_CHECK_MEDIA_FACTORY_ACCESS:
*
* Check if access is allowed to a factory
* Check if access is allowed to a factory.
* When access is not allowed an 404 Not Found is sent in the response.
*/
#define GST_RTSP_AUTH_CHECK_MEDIA_FACTORY_ACCESS "auth.check.media.factory.access"
/**
* GST_RTSP_AUTH_CHECK_MEDIA_FACTORY_CONSTRUCT:
*
* Check if media can be constructed from a media factory
* The response is sent on error.
*/
#define GST_RTSP_AUTH_CHECK_MEDIA_FACTORY_CONSTRUCT "auth.check.media.factory.construct"
/**
* GST_RTSP_AUTH_CHECK_TRANSPORT_CLIENT_SETTINGS:
*
* Check if the client can specify TTL, destination and
* port pair in multicast. No response is sent when the check returns
* %FALSE.
*/
#define GST_RTSP_AUTH_CHECK_TRANSPORT_CLIENT_SETTINGS "auth.check.transport.client-settings"
/* tokens */
@ -139,6 +149,13 @@ gchar * gst_rtsp_auth_make_basic (const gchar * user, const g
* return a 404 Not Found error when trying to access the media.
*/
#define GST_RTSP_MEDIA_FACTORY_PERM_CONSTRUCT "media.factory.construct"
/**
* GST_RTSP_MEDIA_FACTORY_PERM_CLIENT_SETTINGS:
*
* G_TYPE_BOOLEAN, %TRUE if the client can specify TTL, destination and
* port pair in multicast.
*/
#define GST_RTSP_TRANSPORT_PERM_CLIENT_SETTINGS "transport.client-settings"
G_END_DECLS

View file

@ -62,7 +62,6 @@ struct _GstRTSPClientPrivate
guint close_seq;
gchar *server_ip;
gboolean is_ipv6;
gboolean use_client_settings;
GstRTSPClientSendFunc send_func; /* protected by send_lock */
gpointer send_data; /* protected by send_lock */
@ -87,14 +86,12 @@ static GHashTable *tunnels; /* protected by tunnels_lock */
#define DEFAULT_SESSION_POOL NULL
#define DEFAULT_MOUNT_POINTS NULL
#define DEFAULT_USE_CLIENT_SETTINGS FALSE
enum
{
PROP_0,
PROP_SESSION_POOL,
PROP_MOUNT_POINTS,
PROP_USE_CLIENT_SETTINGS,
PROP_LAST
};
@ -168,12 +165,6 @@ gst_rtsp_client_class_init (GstRTSPClientClass * klass)
GST_TYPE_RTSP_MOUNT_POINTS,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
g_object_class_install_property (gobject_class, PROP_USE_CLIENT_SETTINGS,
g_param_spec_boolean ("use-client-settings", "Use Client Settings",
"Use client settings for ttl and destination in multicast",
DEFAULT_USE_CLIENT_SETTINGS,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
gst_rtsp_client_signals[SIGNAL_CLOSED] =
g_signal_new ("closed", G_TYPE_FROM_CLASS (klass), G_SIGNAL_RUN_LAST,
G_STRUCT_OFFSET (GstRTSPClientClass, closed), NULL, NULL,
@ -248,7 +239,6 @@ gst_rtsp_client_init (GstRTSPClient * client)
g_mutex_init (&priv->lock);
g_mutex_init (&priv->send_lock);
priv->use_client_settings = DEFAULT_USE_CLIENT_SETTINGS;
priv->close_seq = 0;
}
@ -379,10 +369,6 @@ gst_rtsp_client_get_property (GObject * object, guint propid,
case PROP_MOUNT_POINTS:
g_value_take_object (value, gst_rtsp_client_get_mount_points (client));
break;
case PROP_USE_CLIENT_SETTINGS:
g_value_set_boolean (value,
gst_rtsp_client_get_use_client_settings (client));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, propid, pspec);
}
@ -401,10 +387,6 @@ gst_rtsp_client_set_property (GObject * object, guint propid,
case PROP_MOUNT_POINTS:
gst_rtsp_client_set_mount_points (client, g_value_get_object (value));
break;
case PROP_USE_CLIENT_SETTINGS:
gst_rtsp_client_set_use_client_settings (client,
g_value_get_boolean (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, propid, pspec);
}
@ -1251,7 +1233,12 @@ default_configure_client_transport (GstRTSPClient * client,
/* we have a valid transport now, set the destination of the client. */
if (ct->lower_transport == GST_RTSP_LOWER_TRANS_UDP_MCAST) {
if (ct->destination && priv->use_client_settings) {
gboolean use_client_settings;
use_client_settings =
gst_rtsp_auth_check (GST_RTSP_AUTH_CHECK_TRANSPORT_CLIENT_SETTINGS);
if (ct->destination && use_client_settings) {
GstRTSPAddress *addr;
addr = gst_rtsp_stream_reserve_address (state->stream, ct->destination,
@ -2188,54 +2175,6 @@ gst_rtsp_client_get_mount_points (GstRTSPClient * client)
return result;
}
/**
* gst_rtsp_client_set_use_client_settings:
* @client: a #GstRTSPClient
* @use_client_settings: whether to use client settings for multicast
*
* Use client transport settings (destination and ttl) for multicast.
* When @use_client_settings is %FALSE, the server settings will be
* used.
*/
void
gst_rtsp_client_set_use_client_settings (GstRTSPClient * client,
gboolean use_client_settings)
{
GstRTSPClientPrivate *priv;
g_return_if_fail (GST_IS_RTSP_CLIENT (client));
priv = client->priv;
g_mutex_lock (&priv->lock);
priv->use_client_settings = use_client_settings;
g_mutex_unlock (&priv->lock);
}
/**
* gst_rtsp_client_get_use_client_settings:
* @client: a #GstRTSPClient
*
* Check if client transport settings (destination and ttl) for multicast
* will be used.
*/
gboolean
gst_rtsp_client_get_use_client_settings (GstRTSPClient * client)
{
GstRTSPClientPrivate *priv;
gboolean res;
g_return_val_if_fail (GST_IS_RTSP_CLIENT (client), FALSE);
priv = client->priv;
g_mutex_lock (&priv->lock);
res = priv->use_client_settings;
g_mutex_unlock (&priv->lock);
return res;
}
/**
* gst_rtsp_client_set_auth:
* @client: a #GstRTSPClient

View file

@ -171,10 +171,6 @@ GstRTSPAuth * gst_rtsp_client_get_auth (GstRTSPClient *client);
void gst_rtsp_client_set_thread_pool (GstRTSPClient *client, GstRTSPThreadPool *pool);
GstRTSPThreadPool * gst_rtsp_client_get_thread_pool (GstRTSPClient *client);
void gst_rtsp_client_set_use_client_settings (GstRTSPClient * client,
gboolean use_client_settings);
gboolean gst_rtsp_client_get_use_client_settings (GstRTSPClient * client);
gboolean gst_rtsp_client_set_connection (GstRTSPClient *client, GstRTSPConnection *conn);
GstRTSPConnection * gst_rtsp_client_get_connection (GstRTSPClient *client);

View file

@ -73,7 +73,6 @@ struct _GstRTSPServerPrivate
gchar *address;
gchar *service;
gint backlog;
gboolean use_client_settings;
GSocket *socket;
@ -98,7 +97,6 @@ struct _GstRTSPServerPrivate
/* #define DEFAULT_ADDRESS "::0" */
#define DEFAULT_SERVICE "8554"
#define DEFAULT_BACKLOG 5
#define DEFAULT_USE_CLIENT_SETTINGS FALSE
/* Define to use the SO_LINGER option so that the server sockets can be resused
* sooner. Disabled for now because it is not very well implemented by various
@ -115,7 +113,6 @@ enum
PROP_SESSION_POOL,
PROP_MOUNT_POINTS,
PROP_USE_CLIENT_SETTINGS,
PROP_LAST
};
@ -224,17 +221,6 @@ gst_rtsp_server_class_init (GstRTSPServerClass * klass)
"The mount points to use for client session",
GST_TYPE_RTSP_MOUNT_POINTS,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
/**
* GstRTSPServer::use-client-settings:
*
* Use client transport settings (destination, port pair and ttl for
* multicast. FALSE means that the server settings will be used.
*/
g_object_class_install_property (gobject_class, PROP_USE_CLIENT_SETTINGS,
g_param_spec_boolean ("use-client-settings", "Use Client Settings",
"Use client settings for ttl, destination and port pair in multicast",
DEFAULT_USE_CLIENT_SETTINGS,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
gst_rtsp_server_signals[SIGNAL_CLIENT_CONNECTED] =
g_signal_new ("client-connected", G_TYPE_FROM_CLASS (gobject_class),
@ -262,7 +248,6 @@ gst_rtsp_server_init (GstRTSPServer * server)
priv->session_pool = gst_rtsp_session_pool_new ();
priv->mount_points = gst_rtsp_mount_points_new ();
priv->thread_pool = gst_rtsp_thread_pool_new ();
priv->use_client_settings = DEFAULT_USE_CLIENT_SETTINGS;
}
static void
@ -726,55 +711,6 @@ gst_rtsp_server_get_thread_pool (GstRTSPServer * server)
return result;
}
/**
* gst_rtsp_server_set_use_client_settings:
* @server: a #GstRTSPServer
* @use_client_settings: whether to use client settings for multicast
*
* Use client transport settings (destination, port pair and ttl) for
* multicast.
* When @use_client_settings is %FALSE, the server settings will be
* used.
*/
void
gst_rtsp_server_set_use_client_settings (GstRTSPServer * server,
gboolean use_client_settings)
{
GstRTSPServerPrivate *priv;
g_return_if_fail (GST_IS_RTSP_SERVER (server));
priv = server->priv;
GST_RTSP_SERVER_LOCK (server);
priv->use_client_settings = use_client_settings;
GST_RTSP_SERVER_UNLOCK (server);
}
/**
* gst_rtsp_server_get_use_client_settings:
* @server: a #GstRTSPServer
*
* Check if client transport settings (destination, port pair and ttl) for
* multicast will be used.
*/
gboolean
gst_rtsp_server_get_use_client_settings (GstRTSPServer * server)
{
GstRTSPServerPrivate *priv;
gboolean res;
g_return_val_if_fail (GST_IS_RTSP_SERVER (server), FALSE);
priv = server->priv;
GST_RTSP_SERVER_LOCK (server);
res = priv->use_client_settings;
GST_RTSP_SERVER_UNLOCK (server);
return res;
}
static void
gst_rtsp_server_get_property (GObject * object, guint propid,
GValue * value, GParamSpec * pspec)
@ -800,10 +736,6 @@ gst_rtsp_server_get_property (GObject * object, guint propid,
case PROP_MOUNT_POINTS:
g_value_take_object (value, gst_rtsp_server_get_mount_points (server));
break;
case PROP_USE_CLIENT_SETTINGS:
g_value_set_boolean (value,
gst_rtsp_server_get_use_client_settings (server));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, propid, pspec);
}
@ -831,10 +763,6 @@ gst_rtsp_server_set_property (GObject * object, guint propid,
case PROP_MOUNT_POINTS:
gst_rtsp_server_set_mount_points (server, g_value_get_object (value));
break;
case PROP_USE_CLIENT_SETTINGS:
gst_rtsp_server_set_use_client_settings (server,
g_value_get_boolean (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, propid, pspec);
}
@ -1114,8 +1042,6 @@ default_create_client (GstRTSPServer * server)
gst_rtsp_client_set_auth (client, priv->auth);
/* set threadpool */
gst_rtsp_client_set_thread_pool (client, priv->thread_pool);
/* check if client transport settings for multicast are allowed */
gst_rtsp_client_set_use_client_settings (client, priv->use_client_settings);
GST_RTSP_SERVER_UNLOCK (server);
return client;

View file

@ -100,10 +100,6 @@ GstRTSPAuth * gst_rtsp_server_get_auth (GstRTSPServer *serve
void gst_rtsp_server_set_thread_pool (GstRTSPServer *server, GstRTSPThreadPool *pool);
GstRTSPThreadPool * gst_rtsp_server_get_thread_pool (GstRTSPServer *server);
void gst_rtsp_server_set_use_client_settings (GstRTSPServer *server,
gboolean use_client_settings);
gboolean gst_rtsp_server_get_use_client_settings (GstRTSPServer *server);
gboolean gst_rtsp_server_transfer_connection (GstRTSPServer * server, GSocket *socket,
const gchar * ip, gint port,
const gchar *initial_buffer);