Commit graph

605 commits

Author SHA1 Message Date
Wim Taymans
25547176be auth: add support for default token
The default token is used when the user is not authenticated and can be used to
give minimal permissions.
2013-07-18 12:27:33 +02:00
Wim Taymans
1a307c707d auth: use defines when possible 2013-07-18 12:27:33 +02:00
Wim Taymans
3dc34af5aa address-pool: improve docs 2013-07-18 12:27:33 +02:00
Wim Taymans
472010666c permissions: add the role to the copy 2013-07-18 12:27:33 +02:00
Olivier Crête
db74d5c559 permissions: Also copy the roles 2013-07-17 19:35:33 -04:00
Olivier Crête
91a32754e3 permissions: Make it build 2013-07-17 19:32:09 -04:00
Wim Taymans
81745b43b4 docs: small fixes 2013-07-16 12:36:56 +02:00
Wim Taymans
041b1b79a1 docs: improve docs 2013-07-16 12:32:51 +02:00
Wim Taymans
d3d7df5a1e address-pool: cleanups
Remove redundant method, improve docs.
2013-07-16 12:32:00 +02:00
Wim Taymans
0a8f5c8892 docs: improve docs 2013-07-15 17:31:35 +02:00
Wim Taymans
fbe0cefae1 permissions: implement _remove_role 2013-07-15 17:12:57 +02:00
Wim Taymans
5e297ea093 permissions: update docs 2013-07-15 17:12:43 +02:00
Wim Taymans
f18f2619e1 auth: add default authorizations
When no auth module is specified, use our table of defaults to look up the
default value of the check instead of always allowing everything. This was
we can disallow client settings by default.
2013-07-15 16:47:07 +02:00
Wim Taymans
7064b9fda7 thread-pool: add more docs 2013-07-15 15:25:00 +02:00
Wim Taymans
0ce4d4d5c7 thread-pool: fix race in thread reuse
If we try to reuse a thread right after we made it stop, we end up using a
stopped thread. Catch this case and only reuse threads that are not stopping.
2013-07-15 14:50:38 +02:00
Wim Taymans
3fe1096fd1 server: add small debug 2013-07-15 14:50:26 +02:00
Wim Taymans
38d91a2bf8 client: support pushed context in handle_request
If we already have a pushed state, reuse it and add our own things. This makes
it easier to write tests.
2013-07-15 11:57:49 +02:00
Wim Taymans
7db2f9f3cf auth: don't auth on methods
Don't authorize on methods anymore but on the resources that we
try to access, this is more flexible.
Move the authorization checks to where they are needed and let the
check return the response on error.
2013-07-15 11:56:06 +02:00
Wim Taymans
692cbc1364 mount-points: add some debug 2013-07-15 11:51:34 +02:00
Wim Taymans
9fe107a96a auth: let the auth module check client_settings
Let the auth module decide if client settings are allowed for the
current client.
2013-07-12 17:07:53 +02:00
Wim Taymans
c4db302559 token: add method to check boolean permission 2013-07-12 17:06:37 +02:00
Wim Taymans
b8c5aa3a6b token: simplify token constructor
Use variable arguments to make easier API.
2013-07-12 16:36:05 +02:00
Wim Taymans
67d0fbc048 media-factory: add convenience API for factory 2013-07-12 16:17:57 +02:00
Wim Taymans
facc91a942 permissions: simplify API a little
Avoid passing GstStructure in the add_role method, use varargs instead
to construct the structure behind the scenes. We can then also use the
structure name as the role and simplify some more logic.
2013-07-12 16:17:15 +02:00
Wim Taymans
a6a8293595 auth: fix typo 2013-07-12 16:01:14 +02:00
Wim Taymans
5cf75e64af auth: handle unauthorized response
Move handling of the unauthorized response to the auth module, it can add
the appropriate headers to request authorization for the required method
much better than the client.
2013-07-12 15:19:29 +02:00
Wim Taymans
7532de687a client: allow for sending any message, not only requests
Change the _send_request() method to _send_message() so that we
can both send requests and replies.
2013-07-12 15:13:48 +02:00
Wim Taymans
9a09d98e6d docs: fix docs 2013-07-12 14:10:13 +02:00
Wim Taymans
4b2e6d88b3 auth: move TLS handling to auth module
Remove the TLS settings on the server and move it to the auth module because
that is where security related bits go.
2013-07-12 12:41:52 +02:00
Wim Taymans
a1e96c2269 client: add state push/pop 2013-07-12 12:38:54 +02:00
Wim Taymans
e1628a0515 client: add connection to state 2013-07-12 12:37:25 +02:00
Wim Taymans
f6674d5c10 mount-points: fix debug 2013-07-11 20:45:11 +02:00
Wim Taymans
7f8fdbc453 thread-pool: we don't require a state 2013-07-11 17:28:04 +02:00
Wim Taymans
c2d4b79b69 server: let context ref the server
So that we don't risk losing the server object early anc crash.
2013-07-11 17:18:58 +02:00
Wim Taymans
0b3644a21b docs: improve docs 2013-07-11 16:57:14 +02:00
Wim Taymans
8b4c9570fa session-pool: make vmethod to create a session
Make a vmethod to create a sessions so that subclasses can create
custom session objects
2013-07-11 16:28:09 +02:00
Wim Taymans
d357fc55af docs: more updates 2013-07-11 12:24:33 +02:00
Wim Taymans
ccceb1de11 docs: update docs 2013-07-11 12:18:26 +02:00
Wim Taymans
6f5a82aed3 thread-pool: fix vmethod invocation 2013-07-10 20:48:47 +02:00
Wim Taymans
8cec0f8a46 thread-pool: store thread type in thread 2013-07-10 20:48:18 +02:00
Wim Taymans
4e9c4d8bb7 client: pass thread from pool to media _prepare
Get a thread from the configured threadpool and pass it to the prepare method of
the media.
2013-07-10 17:09:27 +02:00
Wim Taymans
d1e4baab6c media: Accept a thread in _prepare
Remove out own threadpool handling and use the provided thread and
maincontext for the bus messages and the state changes.
2013-07-10 17:08:14 +02:00
Wim Taymans
01b921e8a6 server: configure client thread pool 2013-07-10 17:07:13 +02:00
Wim Taymans
00997d956f client: add method to configure thread pool 2013-07-10 17:06:36 +02:00
Wim Taymans
27917f4ef3 server: use thread pool
Use the thread pool instead of doing our own thing.
2013-07-10 17:02:58 +02:00
Wim Taymans
25269c7b1a thread-pool: add object to manage threads
Add an object to manage the client and media threads.
2013-07-10 16:47:43 +02:00
Wim Taymans
1a0c7051aa auth: debug authorization check 2013-07-10 15:28:35 +02:00
Wim Taymans
c4c9c873b8 media: start media pipeline in context
Start the media pipeline in the provided context (or our default one
when NULL). This makes sure that we run the bus thread in this context and that
all media threads are children of this context.
2013-07-09 20:44:51 +02:00
Wim Taymans
ca28a46600 factory: pass permissions to media by default 2013-07-09 16:38:39 +02:00
Wim Taymans
d7dec33328 auth: simplify auth checks
Remove client from methods, it's now in the state
Perform the check specified by the string, use the information from the
thread local context.
2013-07-09 16:04:35 +02:00
Wim Taymans
c9d6455ad3 client: add state to current thread
Add the client to the ClientState object.
Place the ClientState on the current thread.
2013-07-09 16:01:29 +02:00
Wim Taymans
0499a1ec7d media: make it possible to set permissions
Make it possible to set permissions on media and media factory objects
2013-07-09 14:33:43 +02:00
Wim Taymans
8f008807ad permissions: add permissions object
Add a mini object to store permissions based on a role.
2013-07-09 14:31:15 +02:00
Wim Taymans
a63f4a2a4c auth: add auth checks
Add an enum with auth checks and implement the checks in the auth object.
Perform the checks from the client.
2013-07-08 16:29:01 +02:00
Wim Taymans
fb7c9b8122 auth: use the token after authentication
After we authenticated a user, keep the Token around in the state.
2013-07-08 11:10:20 +02:00
Wim Taymans
12583e819c media: add optional context for bus messages
Add an optional mainloop to _prepare that will handle the bus messages instead
of always using the shared mainloop.
2013-07-08 11:10:20 +02:00
Wim Taymans
48ff096a25 token: add authorization token
Add a simply miniobject that contains the authorizations. The object contains a
GstStructure that hold all authorization fields. When a user is authenticated,
the auth module will create a Token for the user. The token is then used to
check what operations the user is allowed to do and various other configuration
values.
2013-07-05 20:53:19 +02:00
Wim Taymans
19cffc7999 auth: remove auth from media and factory
Remove the auth object from media and factory. We want to have the RTSPClient
authenticate and authorize resources, there is no need to place another auth
manager on the media/factory.
2013-07-05 20:53:19 +02:00
Wim Taymans
78bc979690 auth: add support for multiple basic auth tokens
Make it possible to add multiple basic authorisation tokens to one authorization
object. Associate with each token an authorization group that will define what
capabilities are allowed.
2013-07-04 14:33:59 +02:00
Wim Taymans
a1e5bde58d client: error out on non-aggregate control
We require aggregate control (for now) for PLAY, PAUSE and TEARDOWN.
2013-07-03 16:15:04 +02:00
Wim Taymans
9182263532 client: rework setup request a little
Cache the media in DESCRIBE based on the longest matching path with the uri
that we can find in the mount points.

Rework the setup request a little to get the media from the session or from
the longest matching path, this way we can derive the control string as
everything after the path instead of hardcoding it.

Find the stream based on the control string and only open a session when all
this can be done.
2013-07-03 15:55:38 +02:00
Wim Taymans
3999bd4e4e media: add method to find a stream by control url 2013-07-03 15:14:39 +02:00
Wim Taymans
d4e8d800c9 stream: add method to check control url of stream 2013-07-03 15:13:45 +02:00
Wim Taymans
5a833f503e session: use path matching for session media
Use a path string instead of a uri to lookup session media in the sessions. Also
use path matching to find the largest possible path that matches.
2013-07-03 12:37:48 +02:00
Wim Taymans
8f79daef5e mount-points: remove useless vmethod
Making lookups in the mount points should not be done with a URL, if there is a
mapping to be done from URL to mount points, we'll need to do it somewhere
else.
2013-07-03 11:10:27 +02:00
Wim Taymans
df08a2dd9e mount-points: improve mount point searching
Use a GSequence to keep track of the mount points.
Match a URL to the longest matching registered mount point. This should be the
URL to perform aggreagate control and the remainder is the stream specific
control part.
Add some unit tests for this.
2013-07-03 10:45:51 +02:00
Sebastian Dröge
a22889ac08 rtsp-server: Allow building of static library 2013-07-03 10:40:48 +02:00
Wim Taymans
714e84d891 sdp: get control string from stream
Use the control string as configured in the stream.
2013-07-02 15:54:43 +02:00
Wim Taymans
2ffb0f69d2 stream: add methods and property to set control string 2013-07-02 14:50:30 +02:00
Wim Taymans
0248775c74 client: cleanups
Rename variables for clarity
Keep media in state when we can
2013-07-02 11:58:02 +02:00
Wim Taymans
a7fe63298c stream: add more support for IPv6
Rename _get_address to _get_multicast_address in GstRTSPStream to
make it clear that this function only deals with multicast.
Make it possible to have both an IPv4 and IPv6 multicast address on
a stream. Give the client an IPv4 or IPv6 address depending on the
address it used to connect to the server.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702002
2013-07-01 16:46:39 +02:00
Wim Taymans
13016309b1 client: fix comment 2013-07-01 15:18:43 +02:00
Wim Taymans
82812988a6 stream: handle failed port allocation
Allow for ipv4 or ipv6 socket allocations to fail. Only report failure if we
can't allocate any family at all. Also keep track of what port families we
allocated.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=703175
2013-07-01 14:47:33 +02:00
Wim Taymans
284a0a5cd1 stream: improve docs 2013-07-01 12:20:50 +02:00
Wim Taymans
5b6cbb4ede stream-transport: remove old if 0 block 2013-07-01 12:04:45 +02:00
Wim Taymans
ffd4b1aaf1 client: add method to filter managed sessions
Add a method to filter the sessions managed by this client connection.

See https://bugzilla.gnome.org/show_bug.cgi?id=703016
2013-06-26 17:19:11 +02:00
Wim Taymans
27a786aa4a client: remove _get_uri() method
Remove the get_uri() method on the client. A client has no uri, the uri
property is an internal property to manage the last cached media for
the client.
2013-06-26 16:32:06 +02:00
Wim Taymans
13ab4905e4 media-factory: fix typo 2013-06-26 16:31:39 +02:00
Ognyan Tonchev
cd4120ef26 rtsp-media: Do not leak the query in default_query_stop
Fixes https://bugzilla.gnome.org/show_bug.cgi?id=703120
2013-06-26 15:42:01 +02:00
Wim Taymans
81c3843ad1 media: don't unlock when conversion fails
Don't unlock the state lock when conversion fails because it was not locked.
2013-06-25 15:46:41 +02:00
Youness Alaoui
0b94f50eab Add query_position and query_stop vmethods to rtsp-media 2013-06-25 15:23:36 +02:00
Youness Alaoui
842f5ad9c4 Fix typo in property install for rtsp-media's time-provider 2013-06-25 15:12:36 +02:00
Wim Taymans
55214d0d52 client: clean some variables
Clean some variables and add some guards to _send_request()
2013-06-25 15:09:13 +02:00
Youness Alaoui
d2dab47085 Add gst_rtsp_client_send_request API
This makes it possible to send arbitrary messages to a client, such as
SET_PARAMETER or GET_PARAMETER
2013-06-25 14:58:17 +02:00
Wim Taymans
aab1198516 media: add _get_element() method
Add method to get the element used when creating the media.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=703008
2013-06-24 23:56:57 +02:00
Wim Taymans
6d69a4ae80 media: fix docs 2013-06-24 23:51:38 +02:00
Aleix Conchillo Flaque
aeaadf0e5e stream: allow access to the rtp session
https://bugzilla.gnome.org/show_bug.cgi?id=703004
2013-06-24 23:42:58 +02:00
Alexander Schrab
c3f8673174 dscp qos support in gst-rtsp-stream
Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702645
2013-06-24 14:51:44 +02:00
Wim Taymans
fa1d3354c0 client: also watch newly created session
When we newly created a session, start watching it immediately instead of
on the next request.
2013-06-20 12:20:21 +02:00
Wim Taymans
949f11c643 client: emit new-session when new session is created
Only emit new-session when we created a new session for a client, not when a
client picked up a previous session.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=701587
2013-06-20 12:16:07 +02:00
Alexander Schrab
a5490e323b client: handle asterisk as path in requests
Fixes https://bugzilla.gnome.org/show_bug.cgi?id=701266
2013-06-20 11:17:29 +02:00
Wim Taymans
23ec78faea media: handle segment query format mismatch
It's possible that the segment query returns with a different format than what
we asked for, handle this case also.
2013-06-20 11:14:31 +02:00
David Svensson Fors
52eb796bec media: use segment stop in collect_media_stats
Use segment stop instead of duration as range end point.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=701185
2013-06-20 10:17:32 +02:00
Ognyan Tonchev
d9e245e62e rtsp-media: Do not leak the element in take_pipeline
Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702470
2013-06-17 17:18:40 +02:00
Ognyan Tonchev
7e9df0e112 rtsp-client: Make configure_client_transport virtual
This patch makes configure_client_transport virtual. The functionality is
needed to handle some weird clients sending multicast transport settings as url
options.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702173
2013-06-17 16:18:37 +02:00
Ognyan Tonchev
b5f8ff8232 rtsp-client: Make param_set and param_get virtual
Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702072
2013-06-17 16:11:40 +02:00
David Svensson Fors
6151072a2e media: convert_range replaces get_range_times
get_range_times worked for handling UTC ranges for seeks, but we also
need to convert back from NPT to the requested unit in
get_range_string. convert_range is now used for both.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702084
2013-06-14 16:11:34 +02:00
Wim Taymans
3dbe0e17d4 sdp: cleanup sdp info
We don't need to pass the proto, we can more easily check a boolean.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=702063
2013-06-14 16:06:46 +02:00
Alexander Schrab
f9f994e33d use 0.0.0.0 or :: for c= line instead of server address 2013-06-14 15:58:52 +02:00
Alexander Schrab
275e2d52a4 use local address, not remote, in SDP
See https://bugzilla.gnome.org/show_bug.cgi?id=702063
2013-06-14 15:52:14 +02:00