Commit graph

538 commits

Author SHA1 Message Date
Wim Taymans
7db2f9f3cf auth: don't auth on methods
Don't authorize on methods anymore but on the resources that we
try to access, this is more flexible.
Move the authorization checks to where they are needed and let the
check return the response on error.
2013-07-15 11:56:06 +02:00
Wim Taymans
692cbc1364 mount-points: add some debug 2013-07-15 11:51:34 +02:00
Wim Taymans
9fe107a96a auth: let the auth module check client_settings
Let the auth module decide if client settings are allowed for the
current client.
2013-07-12 17:07:53 +02:00
Wim Taymans
c4db302559 token: add method to check boolean permission 2013-07-12 17:06:37 +02:00
Wim Taymans
b8c5aa3a6b token: simplify token constructor
Use variable arguments to make easier API.
2013-07-12 16:36:05 +02:00
Wim Taymans
67d0fbc048 media-factory: add convenience API for factory 2013-07-12 16:17:57 +02:00
Wim Taymans
facc91a942 permissions: simplify API a little
Avoid passing GstStructure in the add_role method, use varargs instead
to construct the structure behind the scenes. We can then also use the
structure name as the role and simplify some more logic.
2013-07-12 16:17:15 +02:00
Wim Taymans
a6a8293595 auth: fix typo 2013-07-12 16:01:14 +02:00
Wim Taymans
5cf75e64af auth: handle unauthorized response
Move handling of the unauthorized response to the auth module, it can add
the appropriate headers to request authorization for the required method
much better than the client.
2013-07-12 15:19:29 +02:00
Wim Taymans
7532de687a client: allow for sending any message, not only requests
Change the _send_request() method to _send_message() so that we
can both send requests and replies.
2013-07-12 15:13:48 +02:00
Wim Taymans
9a09d98e6d docs: fix docs 2013-07-12 14:10:13 +02:00
Wim Taymans
4b2e6d88b3 auth: move TLS handling to auth module
Remove the TLS settings on the server and move it to the auth module because
that is where security related bits go.
2013-07-12 12:41:52 +02:00
Wim Taymans
a1e96c2269 client: add state push/pop 2013-07-12 12:38:54 +02:00
Wim Taymans
e1628a0515 client: add connection to state 2013-07-12 12:37:25 +02:00
Wim Taymans
f6674d5c10 mount-points: fix debug 2013-07-11 20:45:11 +02:00
Wim Taymans
7f8fdbc453 thread-pool: we don't require a state 2013-07-11 17:28:04 +02:00
Wim Taymans
c2d4b79b69 server: let context ref the server
So that we don't risk losing the server object early anc crash.
2013-07-11 17:18:58 +02:00
Wim Taymans
0b3644a21b docs: improve docs 2013-07-11 16:57:14 +02:00
Wim Taymans
8b4c9570fa session-pool: make vmethod to create a session
Make a vmethod to create a sessions so that subclasses can create
custom session objects
2013-07-11 16:28:09 +02:00
Wim Taymans
d357fc55af docs: more updates 2013-07-11 12:24:33 +02:00
Wim Taymans
ccceb1de11 docs: update docs 2013-07-11 12:18:26 +02:00
Wim Taymans
6f5a82aed3 thread-pool: fix vmethod invocation 2013-07-10 20:48:47 +02:00
Wim Taymans
8cec0f8a46 thread-pool: store thread type in thread 2013-07-10 20:48:18 +02:00
Wim Taymans
4e9c4d8bb7 client: pass thread from pool to media _prepare
Get a thread from the configured threadpool and pass it to the prepare method of
the media.
2013-07-10 17:09:27 +02:00
Wim Taymans
d1e4baab6c media: Accept a thread in _prepare
Remove out own threadpool handling and use the provided thread and
maincontext for the bus messages and the state changes.
2013-07-10 17:08:14 +02:00
Wim Taymans
01b921e8a6 server: configure client thread pool 2013-07-10 17:07:13 +02:00
Wim Taymans
00997d956f client: add method to configure thread pool 2013-07-10 17:06:36 +02:00
Wim Taymans
27917f4ef3 server: use thread pool
Use the thread pool instead of doing our own thing.
2013-07-10 17:02:58 +02:00
Wim Taymans
25269c7b1a thread-pool: add object to manage threads
Add an object to manage the client and media threads.
2013-07-10 16:47:43 +02:00
Wim Taymans
1a0c7051aa auth: debug authorization check 2013-07-10 15:28:35 +02:00
Wim Taymans
c4c9c873b8 media: start media pipeline in context
Start the media pipeline in the provided context (or our default one
when NULL). This makes sure that we run the bus thread in this context and that
all media threads are children of this context.
2013-07-09 20:44:51 +02:00
Wim Taymans
ca28a46600 factory: pass permissions to media by default 2013-07-09 16:38:39 +02:00
Wim Taymans
d7dec33328 auth: simplify auth checks
Remove client from methods, it's now in the state
Perform the check specified by the string, use the information from the
thread local context.
2013-07-09 16:04:35 +02:00
Wim Taymans
c9d6455ad3 client: add state to current thread
Add the client to the ClientState object.
Place the ClientState on the current thread.
2013-07-09 16:01:29 +02:00
Wim Taymans
0499a1ec7d media: make it possible to set permissions
Make it possible to set permissions on media and media factory objects
2013-07-09 14:33:43 +02:00
Wim Taymans
8f008807ad permissions: add permissions object
Add a mini object to store permissions based on a role.
2013-07-09 14:31:15 +02:00
Wim Taymans
a63f4a2a4c auth: add auth checks
Add an enum with auth checks and implement the checks in the auth object.
Perform the checks from the client.
2013-07-08 16:29:01 +02:00
Wim Taymans
fb7c9b8122 auth: use the token after authentication
After we authenticated a user, keep the Token around in the state.
2013-07-08 11:10:20 +02:00
Wim Taymans
12583e819c media: add optional context for bus messages
Add an optional mainloop to _prepare that will handle the bus messages instead
of always using the shared mainloop.
2013-07-08 11:10:20 +02:00
Wim Taymans
48ff096a25 token: add authorization token
Add a simply miniobject that contains the authorizations. The object contains a
GstStructure that hold all authorization fields. When a user is authenticated,
the auth module will create a Token for the user. The token is then used to
check what operations the user is allowed to do and various other configuration
values.
2013-07-05 20:53:19 +02:00
Wim Taymans
19cffc7999 auth: remove auth from media and factory
Remove the auth object from media and factory. We want to have the RTSPClient
authenticate and authorize resources, there is no need to place another auth
manager on the media/factory.
2013-07-05 20:53:19 +02:00
Wim Taymans
78bc979690 auth: add support for multiple basic auth tokens
Make it possible to add multiple basic authorisation tokens to one authorization
object. Associate with each token an authorization group that will define what
capabilities are allowed.
2013-07-04 14:33:59 +02:00
Wim Taymans
a1e5bde58d client: error out on non-aggregate control
We require aggregate control (for now) for PLAY, PAUSE and TEARDOWN.
2013-07-03 16:15:04 +02:00
Wim Taymans
9182263532 client: rework setup request a little
Cache the media in DESCRIBE based on the longest matching path with the uri
that we can find in the mount points.

Rework the setup request a little to get the media from the session or from
the longest matching path, this way we can derive the control string as
everything after the path instead of hardcoding it.

Find the stream based on the control string and only open a session when all
this can be done.
2013-07-03 15:55:38 +02:00
Wim Taymans
3999bd4e4e media: add method to find a stream by control url 2013-07-03 15:14:39 +02:00
Wim Taymans
d4e8d800c9 stream: add method to check control url of stream 2013-07-03 15:13:45 +02:00
Wim Taymans
5a833f503e session: use path matching for session media
Use a path string instead of a uri to lookup session media in the sessions. Also
use path matching to find the largest possible path that matches.
2013-07-03 12:37:48 +02:00
Wim Taymans
8f79daef5e mount-points: remove useless vmethod
Making lookups in the mount points should not be done with a URL, if there is a
mapping to be done from URL to mount points, we'll need to do it somewhere
else.
2013-07-03 11:10:27 +02:00
Wim Taymans
df08a2dd9e mount-points: improve mount point searching
Use a GSequence to keep track of the mount points.
Match a URL to the longest matching registered mount point. This should be the
URL to perform aggreagate control and the remainder is the stream specific
control part.
Add some unit tests for this.
2013-07-03 10:45:51 +02:00
Sebastian Dröge
a22889ac08 rtsp-server: Allow building of static library 2013-07-03 10:40:48 +02:00