<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Mar 7, 2019 at 3:18 AM Thomas Guillem <<a href="mailto:thomas@gllm.fr">thomas@gllm.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u><div><div>The classical use case is:<br></div><div><br></div><div>- Users enter an url (without password)<br></div><div>- VLC access module try to open it without any credential<br></div><div>- In case of success: nothing to do<<br></div><div>- If it fail: VLC ask users for credentials and try to re-open the url<br></div></div></blockquote><div><br></div><div>Thanks, For now, I am going to remove the passphrase - will put in another patch.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div></div><div><br></div><div>On Wed, Mar 6, 2019, at 23:25, Aaron Boxer wrote:<br></div><blockquote type="cite" id="gmail-m_-6244836933110933844fastmail-quoted"><div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><div><br></div><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail_quote"><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail_attr" dir="ltr">On Wed, Mar 6, 2019 at 12:11 PM Thomas Guillem <<a href="mailto:thomas@gllm.fr" target="_blank">thomas@gllm.fr</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail-m_-6244836933110933844fastmail-quoted-gmail_quote"><div><u></u><br></div><div><div><br></div><div>On Wed, Mar 6, 2019, at 17:59, Aaron Boxer wrote:<br></div><blockquote id="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted" type="cite"><div dir="ltr"><div dir="ltr"><br></div><div><br></div><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail_quote"><div dir="ltr" class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail_attr">On Wed, Mar 6, 2019 at 10:39 AM Thomas Guillem <<a href="mailto:thomas@gllm.fr" target="_blank">thomas@gllm.fr</a>> wrote:<br></div><blockquote class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><u></u><br></div><div><div><br></div><div>On Wed, Mar 6, 2019, at 16:34, Aaron Boxer wrote:<br></div><blockquote type="cite" id="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail-m_-6640572044447479052fastmail-quoted"><div dir="ltr"><div>Thank you, Tristan. So, I see that vlc_credential API is a way of extracting the user credentials from the URL.<br></div><div>But, there would still be the issue of credentials being displayed in window, logs etc, as mentioned by Remi ?<br></div></div></blockquote><div><br></div><div>Hello,<br></div><div>This API handle credential from URL yes, but it's not its main purpose. This API handle interaction with the user (from a dialog generally) to ask for a password. This API will also save the password in VLC internal memory keystore and/or in the OS one (kwallet and co) if the user want to.<br></div></div></blockquote><div><br></div><div>Thanks. SRT stream doesn't require a user name + password. It only has a passphrase. So, how would the credentials work in this case ?<br></div></div></div></blockquote><div><br></div><div>No, but this can be fixed.<br></div><div><br></div><div>in vlc_keystore.h/keystore.c:<br></div><div><br></div><div>- vlc_credential_init(vlc_credential *p_credential, const vlc_url_t *p_url);<br></div><div>+ vlc_credential_init(vlc_credential *p_credential, const vlc_url_t *p_url, bool ask_user);<br></div><div><br></div><div>in vlc_dialog.h/dialog.c<br></div><div>Fix vlc_dialog_wait_login_va() to work with a NULL ppsz_username<br></div><div><br></div><div>in qt gui:<br></div><div>handle the NULL username to display only one text dialog.<br></div></div></blockquote><div><br></div><div><br></div><div>Thanks. But, I still don't see how the credentials can help.<br></div><div><br></div><div>Here is the workflow:<br></div><div><br></div><div>1. user opens Media -> Open Network Stream<br></div><div>2. user enters URL<br></div><div>3. user enters passphrase, which is stored in credentials<br></div><div>4. ....<br></div><div>5. static int Open(vlc_object_t *p_this) method called in srt.c<br></div><div><br></div><div>So, after step 5, how would I get the passphrase stored for this url ?<br></div><div><br></div><div><br></div><div> <br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail-m_-6244836933110933844fastmail-quoted-gmail_quote"><div><div><br></div><div><br></div><blockquote id="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted" type="cite"><div dir="ltr"><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail_quote"><div> <br></div><blockquote class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div><br></div><div><br></div><blockquote type="cite" id="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail-m_-6640572044447479052fastmail-quoted"><div><br></div><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail-m_-6640572044447479052fastmail-quoted-gmail_quote"><div class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail-m_-6640572044447479052fastmail-quoted-gmail_attr" dir="ltr">On Wed, Mar 6, 2019 at 10:20 AM Tristan Matthews <<a href="mailto:tmatth@videolan.org" target="_blank">tmatth@videolan.org</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail-m_-6244836933110933844fastmail-quoted-gmail-m_-2635054255211955571fastmail-quoted-gmail-m_-6640572044447479052fastmail-quoted-gmail_quote"><div>On Wed, Mar 6, 2019 at 10:04 AM Aaron Boxer <<a href="mailto:boxerab@gmail.com" target="_blank">boxerab@gmail.com</a>> wrote:<br></div><div>><br></div><div>> Thanks, Remi. Is there another better way of getting a user-configured passphrase to the srt module ?<br></div><div><br></div><div>I think you want the vlc_credential API, see e.g.,<br></div><div><a rel="noreferrer" href="https://git.videolan.org/?p=vlc.git;a=blob;f=modules/access/http.c;h=56d75687e27f10a6c1ef33cd32178dcc857e4136;hb=HEAD#l304" target="_blank">https://git.videolan.org/?p=vlc.git;a=blob;f=modules/access/http.c;h=56d75687e27f10a6c1ef33cd32178dcc857e4136;hb=HEAD#l304</a><br></div><div><br></div><div>Best,<br></div><div>-t<br></div><div><br></div><div>> On Wed, Mar 6, 2019 at 5:57 AM Rémi Denis-Courmont <<a href="mailto:remi@remlab.net" target="_blank">remi@remlab.net</a>> wrote:<br></div><div>>><br></div><div>>> Hi,<br></div><div>>><br></div><div>>> Passing passwords in URLs is well-documented as a terrible idea. In VLC's case, the passphrase will show up in the OSD title, window title, logs, etc...<br></div><div>>><br></div><div>>> Le 5 mars 2019 23:42:14 GMT+02:00, Aaron Boxer <<a href="mailto:boxerab@gmail.com" target="_blank">boxerab@gmail.com</a>> a écrit :<br></div><div>>>><br></div><div>>>> Parse pass phrase and latency from url for incoming srt stream<br></div><div>>>><br></div><div>>>><br></div><div>>>> diff --git a/modules/access/srt.c b/modules/access/srt.c<br></div><div>>>> index d8d8cbe659..55c0efc201 100644<br></div><div>>>> --- a/modules/access/srt.c<br></div><div>>>> +++ b/modules/access/srt.c<br></div><div>>>> @@ -37,6 +37,9 @@<br></div><div>>>><br></div><div>>>> #include <srt/srt.h><br></div><div>>>><br></div><div>>>> +const char* SRT_PARAM_PASSPHRASE = "passphrase";<br></div><div>>>> +const char* SRT_PARAM_LATENCY = "latency";<br></div><div>>>> +<br></div><div>>>> /* libsrt defines default packet size as 1316 internally<br></div><div>>>> * so srt module takes same value. */<br></div><div>>>> #define SRT_DEFAULT_CHUNK_SIZE 1316<br></div><div>>>> @@ -70,6 +73,85 @@ typedef struct<br></div><div>>>> int i_chunks; /* Number of chunks to allocate in the next read */<br></div><div>>>> } stream_sys_t;<br></div><div>>>><br></div><div>>>> +<br></div><div>>>> +<br></div><div>>>> +struct parsed_param {<br></div><div>>>> + char *key;<br></div><div>>>> + char *val;<br></div><div>>>> +};<br></div><div>>>> +<br></div><div>>>> +static inline char *<br></div><div>>>> +find(char *str, char find)<br></div><div>>>> +{<br></div><div>>>> + str = strchr(str, find);<br></div><div>>>> + if (NULL == str) {<br></div><div>>>> + return NULL;<br></div><div>>>> + }<br></div><div>>>> + return str + 1;<br></div><div>>>> +}<br></div><div>>>> +<br></div><div>>>> +static inline char *<br></div><div>>>> +find_query(char *str)<br></div><div>>>> +{<br></div><div>>>> + return find(str, '?');<br></div><div>>>> +}<br></div><div>>>> +<br></div><div>>>> +/**<br></div><div>>>> + * Parse a query string into an array of key/value structs.<br></div><div>>>> + *<br></div><div>>>> + * The query string should be a null terminated string of parameters separated by<br></div><div>>>> + * a delimiter. Each parameter are checked for the equal sign character. If it<br></div><div>>>> + * appears in the parameter, it will be used as a null terminator and the part<br></div><div>>>> + * that comes after it will be the value of the parameter.<br></div><div>>>> + *<br></div><div>>>> + *<br></div><div>>>> + * param: query: the query string to parse. The string will be modified.<br></div><div>>>> + * param: delimiter: the character that separates the key/value pairs from each other.<br></div><div>>>> + * param: params: an array of parsed_param structs to hold the result.<br></div><div>>>> + * param: max_params: maximum number of parameters to parse.<br></div><div>>>> + *<br></div><div>>>> + * Return: the number of parsed items. -1 if there was an error.<br></div><div>>>> + */<br></div><div>>>> +static int<br></div><div>>>> +srt_url_parse_query(char *query, char delimiter, struct parsed_param *params, int max_params)<br></div><div>>>> +{<br></div><div>>>> + int i = 0;<br></div><div>>>> +<br></div><div>>>> + if (!query || *query == '\0')<br></div><div>>>> + {<br></div><div>>>> + return -1;<br></div><div>>>> + }<br></div><div>>>> + if (!params || max_params == 0)<br></div><div>>>> + {<br></div><div>>>> + return 0;<br></div><div>>>> + }<br></div><div>>>> +<br></div><div>>>> + params[i++].key = query;<br></div><div>>>> + while (i < max_params && NULL != (query = strchr(query, delimiter)))<br></div><div>>>> + {<br></div><div>>>> + *query = '\0';<br></div><div>>>> + params[i].key = ++query;<br></div><div>>>> + params[i].val = NULL;<br></div><div>>>> +<br></div><div>>>> + /* Go back and split previous param if one exists */<br></div><div>>>> + if (i > 0)<br></div><div>>>> + {<br></div><div>>>> + if ((params[i - 1].val = strchr(params[i - 1].key, '=')) != NULL)<br></div><div>>>> + {<br></div><div>>>> + *(params[i - 1].val)++ = '\0';<br></div><div>>>> + }<br></div><div>>>> + }<br></div><div>>>> + i++;<br></div><div>>>> + }<br></div><div>>>> + /* Go back and split last param */<br></div><div>>>> + if ((params[i - 1].val = strchr(params[i - 1].key, '=')) != NULL)<br></div><div>>>> + {<br></div><div>>>> + *(params[i - 1].val)++ = '\0';<br></div><div>>>> + }<br></div><div>>>> + return i;<br></div><div>>>> +}<br></div><div>>>> +<br></div><div>>>> +<br></div><div>>>> static void srt_wait_interrupted(void *p_data)<br></div><div>>>> {<br></div><div>>>> stream_t *p_stream = p_data;<br></div><div>>>> @@ -115,9 +197,11 @@ static int Control(stream_t *p_stream, int i_query, va_list args)<br></div><div>>>><br></div><div>>>> static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div>>>> {<br></div><div>>>> - int i_latency;<br></div><div>>>> + int i_latency=-1;<br></div><div>>>> int stat;<br></div><div>>>> char *psz_passphrase = NULL;<br></div><div>>>> + bool parsed_passphrase = false;<br></div><div>>>> + char *url = NULL;<br></div><div>>>><br></div><div>>>> struct addrinfo hints = {<br></div><div>>>> .ai_socktype = SOCK_DGRAM,<br></div><div>>>> @@ -153,6 +237,38 @@ static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div>>>> goto out;<br></div><div>>>> }<br></div><div>>>><br></div><div>>>> + /* Parse URL parameters */<br></div><div>>>> + if (p_stream->psz_url && strlen(p_stream->psz_url) < 512)<br></div><div>>>> + {<br></div><div>>>> + char* query = NULL;<br></div><div>>>> + struct parsed_param params[32];<br></div><div>>>> + int num_params = 0;<br></div><div>>>> + int i=0;<br></div><div>>>> + size_t url_size = strlen(p_stream->psz_url)+1;<br></div><div>>>> +<br></div><div>>>> + url = malloc(url_size);<br></div><div>>>> + url[url_size-1] = 0;<br></div><div>>>> + strcpy(url, p_stream->psz_url);<br></div><div>>>> + query = find_query(url);<br></div><div>>>> + if (query)<br></div><div>>>> + {<br></div><div>>>> + num_params = srt_url_parse_query(query,'&', params, sizeof(params)/sizeof(struct parsed_param) );<br></div><div>>>> + if (num_params > 0) {<br></div><div>>>> + for (i = 0; i < num_params; ++i)<br></div><div>>>> + {<br></div><div>>>> + if (strcmp(params[i].key, SRT_PARAM_PASSPHRASE) == 0)<br></div><div>>>> + {<br></div><div>>>> + psz_passphrase = params[i].val;<br></div><div>>>> + parsed_passphrase = true;<br></div><div>>>> + }<br></div><div>>>> + else if (strcmp(params[i].key, SRT_PARAM_LATENCY) == 0)<br></div><div>>>> + i_latency = atoi(params[i].val);<br></div><div>>>> + }<br></div><div>>>> + }<br></div><div>>>> + }<br></div><div>>>> + }<br></div><div>>>> +<br></div><div>>>> +<br></div><div>>>> /* Make SRT non-blocking */<br></div><div>>>> srt_setsockopt( p_sys->sock, 0, SRTO_SNDSYN,<br></div><div>>>> &(bool) { false }, sizeof( bool ) );<br></div><div>>>> @@ -168,11 +284,13 @@ static bool srt_schedule_reconnect(stream_t *p_stream)<br></div><div>>>> &(int) { 0 }, sizeof( int ) );<br></div><div>>>><br></div><div>>>> /* Set latency */<br></div><div>>>> - i_latency = var_InheritInteger( p_stream, "latency" );<br></div><div>>>> + if (i_latency == -1)<br></div><div>>>> + i_latency = var_InheritInteger( p_stream, SRT_PARAM_LATENCY );<br></div><div>>>> srt_setsockopt( p_sys->sock, 0, SRTO_TSBPDDELAY,<br></div><div>>>> &i_latency, sizeof( int ) );<br></div><div>>>><br></div><div>>>> - psz_passphrase = var_InheritString( p_stream, "passphrase" );<br></div><div>>>> + if (!psz_passphrase)<br></div><div>>>> + psz_passphrase = var_InheritString( p_stream, SRT_PARAM_PASSPHRASE );<br></div><div>>>> if ( psz_passphrase != NULL && psz_passphrase[0] != '\0')<br></div><div>>>> {<br></div><div>>>> int i_key_length = var_InheritInteger( p_stream, "key-length" );<br></div><div>>>> @@ -211,7 +329,11 @@ out:<br></div><div>>>> }<br></div><div>>>><br></div><div>>>> freeaddrinfo( res );<br></div><div>>>> - free( psz_passphrase );<br></div><div>>>> + if (!parsed_passphrase)<br></div><div>>>> + {<br></div><div>>>> + free( psz_passphrase );<br></div><div>>>> + }<br></div><div>>>> + free(url);<br></div><div>>>><br></div><div>>>> return !failed;<br></div><div>>>> }<br></div><div>>>> @@ -422,8 +544,8 @@ vlc_module_begin ()<br></div><div>>>> N_("SRT chunk size (bytes)"), NULL, true )<br></div><div>>>> add_integer( "poll-timeout", SRT_DEFAULT_POLL_TIMEOUT,<br></div><div>>>> N_("Return poll wait after timeout milliseconds (-1 = infinite)"), NULL, true )<br></div><div>>>> - add_integer( "latency", SRT_DEFAULT_LATENCY, N_("SRT latency (ms)"), NULL, true )<br></div><div>>>> - add_password("passphrase", "", N_("Password for stream encryption"), NULL)<br></div><div>>>> + add_integer( SRT_PARAM_LATENCY, SRT_DEFAULT_LATENCY, N_("SRT latency (ms)"), NULL, true )<br></div><div>>>> + add_password(SRT_PARAM_PASSPHRASE, "", N_("Password for stream encryption"), NULL)<br></div><div>>>> add_integer( "key-length", SRT_DEFAULT_KEY_LENGTH,<br></div><div>>>> SRT_KEY_LENGTH_TEXT, SRT_KEY_LENGTH_TEXT, false )<br></div><div>>>> change_integer_list( srt_key_lengths, srt_key_length_names )<br></div><div>>>><br></div><div>>><br></div><div>>> --<br></div><div>>> Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.<br></div><div>><br></div><div>> _______________________________________________<br></div><div>> vlc-devel mailing list<br></div><div>> To unsubscribe or modify your subscription options:<br></div><div>> <a rel="noreferrer" href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a rel="noreferrer" href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote><div><br></div></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a href="https://mailman.videolan.org/listinfo/vlc-devel" rel="noreferrer" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote></div></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote><div><br></div></div><div>_______________________________________________<br></div><div> vlc-devel mailing list<br></div><div> To unsubscribe or modify your subscription options:<br></div><div> <a rel="noreferrer" href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote></div></div></div><div>_______________________________________________<br></div><div>vlc-devel mailing list<br></div><div>To unsubscribe or modify your subscription options:<br></div><div><a href="https://mailman.videolan.org/listinfo/vlc-devel" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a><br></div></blockquote><div><br></div></div>_______________________________________________<br>
vlc-devel mailing list<br>
To unsubscribe or modify your subscription options:<br>
<a href="https://mailman.videolan.org/listinfo/vlc-devel" rel="noreferrer" target="_blank">https://mailman.videolan.org/listinfo/vlc-devel</a></blockquote></div></div>