<div dir="ltr"><div class="gmail_quote"><br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u><div><div><br></div><div>On Wed, Mar 6, 2019, at 16:34, Aaron Boxer wrote:<br></div><blockquote type="cite" id="gmail-m_-6640572044447479052fastmail-quoted"><div dir="ltr"><div>Thank you, Tristan. So, I see that vlc_credential API is a way of extracting the user credentials from the URL.<br></div><div>But, there would still be the issue of credentials being displayed in window, logs etc, as mentioned by Remi ?<br></div></div></blockquote><div><br></div><div>Hello,<br></div><div>This API handle credential from URL yes, but it's not its main purpose. This API handle interaction with the user (from a dialog generally) to ask for a password. This API will also save the password in VLC internal memory keystore and/or in the OS one (kwallet and co) if the user want to.<br></div></div></blockquote><div><br></div><div><br></div><div>I see, thank you! So, the point Remi raised about having a password in the url - is this a problem for http streams ? <br></div><div>That the password is displayed publicly ?<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div></div><div><br></div><blockquote type="cite" id="gmail-m_-6640572044447479052fastmail-quoted"><div><br></div><div class="gmail-m_-6640572044447479052fastmail-quoted-gmail_quote"><div class="gmail-m_-6640572044447479052fastmail-quoted-gmail_attr" dir="ltr">On Wed, Mar 6, 2019 at 10:20 AM Tristan Matthews <<a href="mailto:tmatth@videolan.org" target="_blank">tmatth@videolan.org</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail-m_-6640572044447479052fastmail-quoted-gmail_quote"><div>On Wed, Mar 6, 2019 at 10:04 AM Aaron Boxer <<a href="mailto:boxerab@gmail.com" target="_blank">boxerab@gmail.com</a>> wrote:<br></div><div> ><br></div><div> > Thanks, Remi. Is there another better way of getting a user-configured passphrase to the srt module ?<br></div><div> <br></div><div> I think you want the vlc_credential API, see e.g.,<br></div><div> <a rel="noreferrer" href="https://git.videolan.org/?p=vlc.git;a=blob;f=modules/access/http.c;h=56d75687e27f10a6c1ef33cd32178dcc857e4136;hb=HEAD#l304" target="_blank">https://git.videolan.org/?p=vlc.git;a=blob;f=modules/access/http.c;h=56d75687e27f10a6c1ef33cd32178dcc857e4136;hb=HEAD#l304</a><br></div><div> <br></div><div> Best,<br></div><div> -t<br></div><div> <br></div><div> > On Wed, Mar 6, 2019 at 5:57 AM Rémi Denis-Courmont <<a href="mailto:remi@remlab.net" target="_blank">remi@remlab.net</a>> wrote:<br></div><div> >><br></div><div> >> Hi,<br></div><div> >><br></div><div> >> Passing passwords in URLs is well-documented as a terrible idea. In VLC's case, the passphrase will show up in the OSD title, window title, logs, etc...<br></div><div> >><br></div><div> >> Le 5 mars 2019 23:42:14 GMT+02:00, Aaron Boxer <<a href="mailto:boxerab@gmail.com" target="_blank">boxerab@gmail.com</a>> a écrit :<br></div><div> >>><br></div><div> >>> Parse pass phrase and latency from url for incoming srt stream<br></div><div> >>><br></div><div> >>><br></div><div> >>> diff --git a/modules/access/srt.c b/modules/access/srt.c<br></div><div> >>> index d8d8cbe659..55c0efc201 100644<br></div><div> >>> --- a/modules/access/srt.c<br></div><div> >>> +++ b/modules/access/srt.c<br></div><div> >>> @@ -37,6 +37,9 @@<br></div><div> >>><br></div><div> >>> #include <srt/srt.h><br></div><div> >>><br></div><div> >>> +const char* SRT_PARAM_PASSPHRASE = "passphrase";<br></div><div> >>> +const char* SRT_PARAM_LATENCY = "latency";<br></div><div> >>> +<br></div><div> >>> /* libsrt defines default packet size as 1316 internally<br></div><div> >>> * so srt module takes same value. */<br></div><div> >>> #define SRT_DEFAULT_CHUNK_SIZE 1316<br></div><div> >>> @@ -70,6 +73,85 @@ typedef struct<br></div><div> >>> int i_chunks; /* Number of chunks to allocate in the next read */<br></div><div> >>> } stream_sys_t;<br></div><div> >>><br></div><div> >>> +<br></div><div> >>> +<br></div><div> >>> +struct parsed_param {<br></div><div> >>> + char *key;<br></div><div> >>> + char *val;<br></div><div> >>> +};<br></div><div> >>> +<br></div><div> >>> +static inline char *<br></div><div> >>> +find(char *str, char find)<br></div><div> >>> +{<br></div><div> >>> + str = strchr(str, find);<br></div><div> >>> + if (NULL == str) {<br></div><div> >>> + return NULL;<br></div><div> >>> + }<br></div><div> >>> + return str + 1;<br></div><div> >>> +}<br></div><div> >>> +<br></div><div> >>> +static inline char *<br></div><div> >>> +find_query(char *str)<br></div><div> >>> +{<br></div><div> >>> + return find(str, '?');<br></div><div> >>> +}<br></div><div> >>> +<br></div><div> >>> +/**<br></div><div> >>> + * Parse a query string into an array of key/value structs.<br></div><div> >>> + *<br></div><div> >>> + * The query string should be a null terminated string of parameters separated by<br></div><div> >>> + * a delimiter. Each parameter are checked for the equal sign character. If it<br></div><div> >>> + * appears in the parameter, it will be used as a null terminator and the part<br></div><div> >>> + * that comes after it will be the value of the parameter.<br></div><div> >>> + *<br></div><div> >>> + *<br></div><div> >>> + * param: query: the query string to parse. The string will be modified.<br></div><div> >>> + * param: delimiter: the character that separates the key/value pairs from each other.<br></div><div> >>> + * param: params: an array of parsed_param structs to hold the result.<br></div><div> >>> + * param: max_params: maximum number of parameters to parse.<br></div><div> >>> + *<br></div><div> >>> + * Return: the number of parsed items. -1 if there was an error.<br></div><div> >>> + */<br></div><div> >>> +static int<br></div><div> >>> +srt_url_parse_query(char *query, char delimiter, struct parsed_param *params, int max_params)<br></div><div> >>> +{<br></div><div> >>> + int i = 0;<br></div><div> >>> +<br></div><div> >>> + if (!query || *query == '\0')<br></div><div> >>> + {<br></div><div> >>> + return -1;<br></div><div> >>> + }<br></div><div> >>> + if (!params || max_params == 0)<br></div><div> >>> + {<br></div><div> >>> + return 0;<br></div><div> >>> + }<br></div><div> >>> +<br></div><div> >>> + params[i++].key = query;<br></div><div> >>> + while (i < max_params && NULL != (query = strchr(query, delimiter)))<br></div><div> >>> + {<br></div><div> >>> + *query = '\0';<br></div><div> >>> + params[i].key = ++query;<br></div><div> >>> + params[i].val = NULL;<br></div><div> >>> +<br></div><div> >>> + /* Go back and split previous param if one exists */<br></div><div> >>> + if (i > 0)<br></div><div> >>> + {<br></div><div> >>> + if ((params[i - 1].val = strchr(params[i - 1].key, '=')) != NULL)<br></div><div> >>> + {<br></div><div> >>> + *(params[i - 1].val)++ = '\0';<br></div><div> >>> + }<br></div><div> >>> + }<br></div><div> >>> + i++;<br></div><div> >>> + }<br></div><div> >>> + /* Go back and split last param */<br></div><div> >>> + if ((params[i - 1].val = strchr(params[i - 1].key, '=')) != NULL)<br></div><div> >>> + {<br></div><div> >>> + *(params[i - 1].val)++ = '\0';<br></div><div> >>> + }<br></div><div> >>> + return i;<br></div><div> >>> +}<br></div><div> >>> +<br></div><div> >>> +<br></div><div> >>> static void srt_wait_interrupted(void *p_data)<br></div><div> >>> {<br></div><div> >>> stream_t *p_stream = p_data;<br></div><div> >>> @@ -115,9 +197,11 @@ static int Control(stream_t *p_stream, int i_query, va_list args)<br></div><div> >>><br></div><div> >>> static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div> >>> {<br></div><div> >>> - int i_latency;<br></div><div> >>> + int i_latency=-1;<br></div><div> >>> int stat;<br></div><div> >>> char *psz_passphrase = NULL;<br></div><div> >>> + bool parsed_passphrase = false;<br></div><div> >>> + char *url = NULL;<br></div><div> >>><br></div><div> >>> struct addrinfo hints = {<br></div><div> >>> .ai_socktype = SOCK_DGRAM,<br></div><div> >>> @@ -153,6 +237,38 @@ static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div> >>> goto out;<br></div><div> >>> }<br></div><div> >>><br></div><div> >>> + /* Parse URL parameters */<br></div><div> >>> + if (p_stream->psz_url && strlen(p_stream->psz_url) < 512)<br></div><div> >>> + {<br></div><div> >>> + char* query = NULL;<br></div><div> >>> + struct parsed_param params[32];<br></div><div> >>> + int num_params = 0;<br></div><div> >>> + int i=0;<br></div><div> >>> + size_t url_size = strlen(p_stream->psz_url)+1;<br></div><div> >>> +<br></div><div> >>> + url = malloc(url_size);<br></div><div> >>> + url[url_size-1] = 0;<br></div><div> >>> + strcpy(url, p_stream->psz_url);<br></div><div> >>> + query = find_query(url);<br></div><div> >>> + if (query)<br></div><div> >>> + {<br></div><div> >>> + num_params = srt_url_parse_query(query,'&', params, sizeof(params)/sizeof(struct parsed_param) );<br></div><div> >>> + if (num_params > 0) {<br></div><div> >>> + for (i = 0; i < num_params; ++i)<br></div><div> >>> + {<br></div><div> >>> + if (strcmp(params[i].key, SRT_PARAM_PASSPHRASE) == 0)<br></div><div> >>> + {<br></div><div> >>> + psz_passphrase = params[i].val;<br></div><div> >>> + parsed_passphrase = true;<br></div><div> >>> + }<br></div><div> >>> + else if (strcmp(params[i].key, SRT_PARAM_LATENCY) == 0)<br></div><div> >>> + i_latency = atoi(params[i].val);<br></div><div> >>> + }<br></div><div> >>> + }<br></div><div> >>> + }<br></div><div> >>> + }<br></div><div> >>> +<br></div><div> >>> +<br></div><div> >>> /* Make SRT non-blocking */<br></div><div> >>> srt_setsockopt( p_sys->sock, 0, SRTO_SNDSYN,<br></div><div> >>> &(bool) { false }, sizeof( bool ) );<br></div><div> >>> @@ -168,11 +284,13 @@ static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div> >>> &(int) { 0 }, sizeof( int ) );<br></div><div> >>><br></div><div> >>> /* Set latency */<br></div><div> >>> - i_latency = var_InheritInteger( p_stream, "latency" );<br></div><div> >>> + if (i_latency == -1)<br></div><div> >>> + i_latency = var_InheritInteger( p_stream, SRT_PARAM_LATENCY );<br></div><div> >>> srt_setsockopt( p_sys->sock, 0, SRTO_TSBPDDELAY,<br></div><div> >>> &i_latency, sizeof( int ) );<br></div><div> >>><br></div><div> >>> - psz_passphrase = var_InheritString( p_stream, "passphrase" );<br></div><div> >>> + if (!psz_passphrase)<br></div><div> >>> + psz_passphrase = var_InheritString( p_stream, SRT_PARAM_PASSPHRASE );<br></div><div> >>> if ( psz_passphrase != NULL && psz_passphrase[0] != '\0')<br></div><div> >>> {<br></div><div> >>> int i_key_length = var_InheritInteger( p_stream, "key-length" );<br></div><div> >>> @@ -211,7 +329,11 @@ out:<br></div><div> >>> }<br></div><div> >>><br></div><div> >>> freeaddrinfo( res );<br></div><div> >>> - free( psz_passphrase );<br></div><div> >>> + if (!parsed_passphrase)<br></div><div> >>> + {<br></div><div> >>> + free( psz_passphrase );<br></div><div> >>> + }<br></div><div> >>> + free(url);<br></div><div> >>><br></div><div> >>> return !failed;<br></div><div> >>> }<br></div><div> >>> @@ -422,8 +544,8 @@ vlc_module_begin ()<br></div><div> >>> N_("SRT chunk size (bytes)"), NULL, true )<br></div><div> >>> add_integer( "poll-timeout", SRT_DEFAULT_POLL_TIMEOUT,<br></div><div> >>> N_("Return poll wait after timeout milliseconds (-1 = infinite)"), NULL, true )<br></div><div> >>> - add_integer( "latency", SRT_DEFAULT_LATENCY, N_("SRT latency (ms)"), NULL, true )<br></div><div> >>> - add_password("passphrase", "", N_("Password for stream encryption"), NULL)<br></div><div> >>> + add_integer( SRT_PARAM_LATENCY, SRT_DEFAULT_LATENCY, N_("SRT latency (ms)"), NULL, true )<br></div><div> >>> + add_password(SRT_PARAM_PASSPHRASE, "", N_("Password for stream encryption"), NULL)<br></div><div> >>> add_integer( "key-length", SRT_DEFAULT_KEY_LENGTH,<br></div><div> >>> SRT_KEY_LENGTH_TEXT, SRT_KEY_LENGTH_TEXT, false )<br></div><div> >>> change_integer_list( srt_key_lengths, srt_key_length_names )<br></div><div> >>><br></div><div> >><br></div><div> >> --<br></div><div> >> Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.<br></div><div> ><br></div><div> > _______________________________________________<br></div><div> > vlc-devel mailing list<br></div><div> > To unsubscribe or modify your subscription options:<br></div><div> > <a rel="noreferrer" href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div><div> _______________________________________________<br></div><div> vlc-devel mailing list<br></div><div> To unsubscribe or modify your subscription options:<br></div><div> <a rel="noreferrer" href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote><div><br></div></div>_______________________________________________<br>
vlc-devel mailing list<br>
To unsubscribe or modify your subscription options:<br>
<a href="https://mailman.videolan.org/listinfo/vlc-devel" rel="noreferrer" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a></blockquote></div></div>